堆栈内存溢出
  简体   繁体   English

如何在服务器请求方法中验证 recaptcha 响应测试?

[英]How do I verify recaptcha response test in server request method?

 原文  2021-03-21 07:12:09       php/ recaptcha

问题描述

I have the code from below, once the form is sended I want to check in it if the user passed the recaptcha test.我有下面的代码,一旦发送表单,我想检查它是否用户通过了recaptcha 测试。 How do i do it?我该怎么做? Searched many things and i can't find a way that works for me..搜索了很多东西,我找不到适合我的方法..

<html>
  <head>
        <script type="text/javascript">
        
        var verifyCallback = function(response) {
           alert(response);
        };
    
          var onloadCallback = function() {
            grecaptcha.render('example3', {
              'sitekey' : '6LdlRIgaAAAAAJXOu3EsuGVnKVjmSaWfSbuwSHLI',
              'callback' : verifyCallback,
              'theme' : 'dark'
            });
          };
          
        </script>
  </head>

  <body>
      
      <?php
        if ($_SERVER['REQUEST_METHOD'] == 'POST')
        {
            // here I want to verify if the use user passed the recaptcha
            {
                some code
            }
        }
      ?>
 
    <form method="POST">
      <div id="example3"></div>
      <br>
      <input type="submit" value="Submit">
    </form>
    
    <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
        async defer>
    </script>
    
  </body>
</html>

1 个解决方案

解决方案1
 0 已采纳  2021-03-21 08:25:40

You should lookup the Server side validation docs for reCAPTCHA: https://developers.google.com/recaptcha/docs/verify您应该查找 reCAPTCHA 的服务器端验证文档: https://developers.google.com/recaptcha/docs/verify

You have to send an API request via PHP CURL, as stated in the docs:您必须通过 PHP CURL 发送 API 请求,如文档中所述:

URL: https://www.google.com/recaptcha/api/siteverify METHOD: POST

So something like this:所以是这样的:

function validate_captcha($secret, $response, $remoteip) {

    $captcha_url = "https://www.google.com/recaptcha/api/siteverify";
    $captcha_url .= "?secret=".$secret;
    $captcha_url .= "&response=".$response;
    $captcha_url .= "&remoteip=".$remoteip;
    
    $ch = curl_init($captcha_url);

    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    
    $data = curl_exec($ch);
    
    curl_close($ch);
     
    $response=json_decode($data,true);
    
    if ($response["success"]) {
        return true;
    }
    else {
        return false;
    }

}

And you call the function like this:你这样称呼 function :

$captcha_is_ok = validate_captcha(
  "......mySecret.....", 
  $_POST['g-recaptcha-response'],
  $_SERVER['REMOTE_ADDR']);

if ($captcha_is_ok) {
  ... do something cool ...
} else {
  ... don't do something cool ...
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何验证 Google Recaptcha V3 响应? - How to Verify Google Recaptcha V3 Response? 如何使用AJAX验证Google Recaptcha V3响应 - How to Verify Google Recaptcha V3 Response with AJAX 如何验证recaptcha? - How do I validate recaptcha? 如何测试 Laravel 的内置验证电子邮件通知? - How do I test Laravel's built in verify email notification? 如何验证发布请求是否来自我的网站? - How do I verify that a post request is from my website? 如何读取和验证我的 PHP 服务器上是否存在通过 HTTPS 传输的图像? - How do I read and verify if there are images that are on my PHP server but by HTTPS? 发出请求对象(AJAX)后如何从服务器获取响应 - How do i get the response back from server after issuing a request object(AJAX) 如何对来自客户端的请求做出尖锐的回应? - How do I make a guzzle response into a response to a request from a client? 我该如何验证这个值? - how do I verify this value? 如何以在线形式删除 g-recaptcha-response? - How can I remove g-recaptcha-response in online form?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM