I'm trying to implement google captcha v2 on a website that gets a lot of spam mail. The captcha is showing and working, but the form can be submitted without pressing the captcha. I had a look for similar questions but couldn't find any that would help me.
It is google's captcha V2
Form:
<form action="mailer.php" method="post" onsubmit="return FrontPage_Form1_Validator(this)" language="JavaScript" name="FrontPage_Form1" enctype="multipart/form-data">
<input type="text" class="col-md-13 col-xs-12 name" name='name' placeholder='Name *'/>
<input type="text" class="col-md-13 col-xs-12 Email" name='Email' placeholder='Email *'/>
<input type="text" class="col-md-12 col-xs-12 Subject" name='Subject' placeholder='Subject'/>
<textarea type="text" class="col-md-12 col-xs-12 Message" name='Message' placeholder='Message *'></textarea>
<br>
<div class="captcha_wrapper col-md-12" style="margin-bottom: 10px;">
<div class="g-recaptcha" data-sitekey="6Ld-ryQUAAAAAJSKzJubdxYjigpiTfhk11e1P7o9">
</div>
</div>
mailer.php:
if ($_SERVER['REQUEST_METHOD'] == "POST") {
foreach ($_POST as $key => $value) {
$msg .= ucfirst ($key) ." : ". $value . "\n";
}
}
else {
foreach ($_GET as $key => $value) {
$msg .= ucfirst ($key) ." : ". $value . "\n";
}
}
//captcha section
$response = $_POST["g-recaptcha-response"];
$url = 'https://www.google.com/recaptcha/api/siteverify';
$data = array(
'secret' => '6Ld-ryQUAAAAALpIkTPN82doQhCFmiWrC14_UbYk',
'response' => $_POST['g-recaptcha-response'];
);
$options = array(
'http' => array (
'method' => 'POST',
'content' => http_build_query($data)
)
);
$context = stream_context_create($options);
$verify = file_get_contents($url, false, $context);
$captcha_success=json_decode($verify);
//end of captcha section
mail($to, $subject, $msg, $headers);
if ($forward == 1) {
header ("Location:$location");
}
else {
include("index.html");
header( 'Location: ' ) ;
}
`
Thank you. Any help is appreciated
I feel like I need to put the captcha code inside in if(isset())
Print the $captcha_success values in order to check what's inside $captcha_success and understand how to manage the response. Then you can redirect the navigation properly.
var_dump($captcha_success); // to dump the values to web page error_log(print_r($captcha_success, true),0); // to dump to the php apache error_log
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.