如何在同一页面中验证 hCaptcha，然后将答案重定向到 post/ajax.php？

Question

我使用其他人编写的脚本，但我根本不懂 javascript。 我想更改以下用例：如果您按下按钮，它将显示一个带有验证码的模式。 验证验证码后，页面将处理 ajax.php 的一些数据。 我有适用于先前验证码的代码，但我想通过 hCaptcha 来实现。

    function goShortlink(sid) {
        $('#goShortlink').modal({backdrop: 'static', keyboard: false});
        $('.captcha-holder').CBCaptcha({
            clickDelay: 500,
            invalidResetDelay: 2500,
            requestIconsDelay: 1500,
            loadingAnimationDelay: 1500,
            hoverDetection: true,
            enableLoadingAnimation: true,
            validationPath: 'system/libs/captcha/request.php'
        }).bind('success.CBCaptcha', function(e, id) {
            validateShortlink(sid);
        });
    }";

来自 system/libs/captcha/request.php 的验证路径是

<?php
session_start();
require('session.class.php');
require('captcha.class.php');

if((isset($_GET['hash']) && strlen($_GET['hash']) === 48) &&
    (isset($_GET['cid']) && is_numeric($_GET['cid'])) && !isAjaxRequest()) {
    CBCaptcha::getIconFromHash($_GET['hash'], $_GET['cid']);
    exit;
}

if(!empty($_POST) && isAjaxRequest()) {
    if(isset($_POST['rT']) && is_numeric($_POST['rT']) && isset($_POST['cID']) && is_numeric($_POST['cID'])) {
        switch((int)$_POST['rT']) {
            case 1:
                $captcha_theme = (isset($_POST['tM']) && ($_POST['tM'] === 'light' || $_POST['tM'] === 'dark')) ? $_POST['tM'] : 'light';

                header('Content-type: application/json');
                exit(CBCaptcha::getCaptchaData($captcha_theme, $_POST['cID']));
            case 2:
                if(CBCaptcha::setSelectedAnswer($_POST)) {
                    header('HTTP/1.0 200 OK');
                    exit;
                }
                break;
            default:
                break;
        }
    }
}

header('HTTP/1.1 400 Bad Request');
exit;

function isAjaxRequest() {
    return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}

?>

如何修改它以保持模态，直到验证 hCaptcha 然后继续验证？ 我也有其余的代码，但我不知道这对我们的问题是否不重要。 如果你需要它，请告诉我。

感谢您的好意和帮助！

Answer 1

我使用了数据回调，它奏效了。 在我解决验证码后，功能继续：

<div class="h-captcha" data-sitekey="XXXX-XXX-XXX-XXX" data-callback="correctCaptcha"></div>

所以我在我的页面上的 javascript 代码中添加了 var CorrectCaptcha 属性，现在是这样的：

<?php 
    if($proxy === false)
    {

        echo '<script src="static/js/simple.timer.js"></script><script async src="static/js/captcha.min.js"></script>';

        $script = "var waitMsg = \"".$lang['l_145']."\";
        var captchaMsg = \"".$lang['l_142']."\";
        
        
        var correctCaptcha = function validateShortlink(sid){
            
            $('#status').html('<div class=\"alert alert-info\" role=\"alert\"><i class=\"fa fa-cog fa-spin fa-fw\"></i> '+waitMsg+'</div>').fadeIn('fast');

            $.post('system/ajax2.php', { a: 'getShortlink', data: sid, token: '".$token."' },
            function(response) {
                if(response.status == '600') {
                    goShortlink(sid);
                    $('#status').html(response.message).fadeIn('slow');
                } else if(response.status == '500') {
                    $('#captchaBox').hide();
                    $('#status').html(response.message).fadeIn('slow');
                } else {
                    $('#status').html(response.message).fadeIn('slow');
                    window.setTimeout(function(){window.location.replace(response.shortlink);}, 500);
                }
            },'json');
        };

        function goShortlink(sid) {
            $('#goShortlink').modal({backdrop: 'static', keyboard: false});
            
        }";
        
        if(count($counters) > 0)
        {
            $script .= '$(document).ready(function(){';
            foreach($counters as $counter)
            {
                $script .= "$('#staticTime_".$counter."').hide(); $('#short_".$counter."').startTimer({onComplete: function(element){window.location.reload();}}); $('#short_".$counter." div').css('display','inline');";
            }
            $script .= '});';
        }

        $packer = new JavaScriptPacker($script, 'Normal', true, false);
        $packed = $packer->pack();
        
        echo '<script>'.$packed.'</script>';
    }
?>

Ajax2.php 看起来像

                $sid = $db->EscapeString($_POST['data']);
            $linkData = $db->QueryFetchArray("SELECT * FROM `shortlinks_config` WHERE `id`='".$sid."' AND `status`='1' LIMIT 1");
            if(empty($linkData['shortlink']) || empty($linkData['password']))
            {
                $resultData = array('message' => '<div class="alert alert-danger" role="alert"><i class="fa fa-exclamation-triangle fa-fw"></i> '.$lang['l_482'].$_POST['data'].'</div>', 'status' => 500);
            }
            else

该代码适用于旧的验证码，并且没有将 validateShortlink 归因于 varcorrectCaptcha，但现在我遇到了另一个问题。 我认为通过这个属性，correctCaptcha = function validateShortlink(sid)，POST['data'] 没有数字的形式，所以我在 ajax2.php 中得到一个错误，即短链接不存在于进行比较时的数据库。 我在错误附近写了一个 echo 来查看 sid 的样子，我有类似的东西：

`P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiaHNxRWc0ZVdLUmNPTHZybGFxZ0p4djlsTlVLYktIQ2VOaUI3Mmw3VmZqa21kVDh5Q0Q5N2NoSHBHbjJ2dHdXRWU3YnU2OGtpZHB4eVpJYllzTFBDay9MMXVIZXFicVN1QTVUSWxmU2txcGU3ZnMxOUFVOGk1a0IvQ2JRUkU5ZDluL2FHZTF2amUxNnZpM085UE9PVGcwR1JyOWFsYXNMK2h2UitPWG5jcWFmVzhQNXlCU0sydm9TakhZNkVSbzJ1ZEh4TWIyQmN0bzFPZEVCdnViRjhjT3FYRVhMUXF1WTN1Z1EyVDdhR2xGK28xTkRHRGkzZVM5MXVBTmUxSVE4M1NSYkFpN253MnNVdFRzVDJyYWs0OUVGdXFHOHgzbjBhRENSMnpvZGRYSGFUUEtBLzNFTUpVVDBWU1NSRWtuVjBiY01oVktzSmF1R0pKcjlwSnJwaUl2N3NKSlJBVm9pOW5ZVGt6K3hKOTlOcHVKRG9SdDR1QmxKeW1ndWcvL0x2N3NDK2JMSnBzeENSM3U5Ly9wcnlwd3R5ZWlmZHRZNlM2UERmUG00eFNQTERwNGdnS2NUbGNqYjFkeU9ZTVFiaFEyWi8rakJkV2lZMG1QQ20yRnFRVVhoME9CdjJtNGdoRGplOUJYNm15ZUR4UFZYdEN6R214UVJOTTZrWDRlOGtZY3JqUlNzYk96OXNjaXBQL2REOHNCSzlTNjJLc2dTNkFpczM0ZnFqcXFTRHRKN0xGUjc4UlYycWlCcFQvK2JweC9hOEgwdjd6eXM5aHRYZ1lrdU5YQ0hQc0x4ZWRHek1YVWtPRTdVVjNhMzNTcVg4bFhnL0RxTFA3cFVrb3RLWU1qcjZ5OUp5cDdxME1UUWN5Zy9XN290WE5ucTlNNnRHcU4xRW9uWVAxQ1dmckZKTENyck1XVUdkb01LQy9mSmFuZE0rMzZManpuRzNGWmhpREFIM1U5clF0RjNCeUdWNnUrcTBaTHdWV0FQSFZHcWdac3ZSTGxrY1V2RzRPNDg4RHpzVmVDQ3FxMFczOTNwR0hYeFpNWTBxWmFqTzlBZEpGd1EySG94akdOTWorWVZXRlJ6WUdhbS84VFFVZVBWejdZLzBuVmF5NHRwNzhJNXlYTmliUVBxM0d0MC9MV1BVS3ZCUnd5ZXlCbkF2R0Q3eDJEdmJ5djZVNGorTnpNakJaQnJhVjlSclEvd2pDaEEyS0dHSURYQk0zTTBhekMva3hIZDJacG95c2x1bFNKWUhyRC9iL1JVUFZkdVFJNXFtQ09mdUtWeHlUREVseDY4SVZuNTN3TG1GK3ZzcHg5dEhUbXUxQ2ZEcmwzcnd0RjhNOHlqV2NzUTdEc3JKd0MzYXlxZVJSMVRhcGJkSXN4bHZRcE9NWW1EQWtwMzhWMk9ZaWNHazQyZlBoSGtCYlcraXYrZUY5dXV2RWozcGkxaUlhb0tNVTNvNkRzaEJxbVlDSFFvbVNjSDQ5R1pRUmlWZHZSQy92N0V2ekN2ejBrcXBkZ3RsYm0yd3pUVXdiSGZEUEFFaFlONWhiN2F4aUpYdzN2WTBNcUk5L1ZVMENoZkZqVE1QWHRVQWNCd3p0Qkl4N25rQXdpaHdsYms3ZnlrVVgvSjRtMlYxdWNjTUQ4bFllT00zWXZCd0ZmU1hRckFkOVRoL1JVbXhNQnhEVElpZDVaYkFGSjBLRm93RXlWRnlFTUlJYUZyNHdKKy9ReTdDSjVEeVNiQlBxQWtiUEdSSCtUSDc0MFlxampma2IxRkx6eTBPMVBFMGkxaWRWd1p1bUtOSE1LajhGSi9pT3JTUFMrKzM5K0o1VzMxZ3A2dEcvM3NpM0M4WEt5WTIrV0pNdWJaZklDa2xhenIzREFQZm5ENFFSN2ovcEJvNkRqN2Q4YnIraTQzcTZyRDhnMzVPMVZseE5pOU9Hb0tRTHVQY3BtdG1Ib2ovZFUwa05Xb0hZUTNza3hreDZiY3BRWE1COUhMN2NuMXFNb0JyQUZtUUQzTnp3UWxVS2Z3cmNQSHRqZWxpZWJnWXU1MkwxOTFhWG5Id09nUUtIcU53b3REZmhjeVFlMW56STFPV1M3U1pQVVZCNS9NcUNzWC84cGhlQmdwenRFNW5LWXo1QnVsTEhtSk9MWnV2RG1Ya05WRkcwL0lXTGJzY1U1OEpXYUIzRXlsTFJud1ZhN1d0RFF0NlZuNzB4a1RxK254MEEzUkVZTjREa0Z1akVVd2ZrakZTQm0vamswN21LZlRqRlp3UkZON0Vkd0UwcXEyeDNmbDRRSGlqTUg4UDVnYXVSWDl1NTR2dlpWS08xWTRsQUlEK3dLSEw4d2ZLOGlXQzNUV0t3NWMvblpXUVVES1JwSjFQeUJnOWdEOVVFQk1PZTFVVGZCNUsvcXhEYkdvUmp4SjBoU1JsSnFhNkErYUdqWnBJSHJ1aS9vZUhkM0VCTkowd1NsNEVGc2NPaGQ4OHpVUXFjWmVYaENsZW9WM2FZbGZiYnpsY0x2dG0yVTMxaEZzV1lOTXFEdFlRVE5sVUwzblRxSlVNbmM5UUlCQTVidXg3ejUwQ2NRVUNTUHg1UE1Jc09QV3Y3MllQQWg1c2NGbllvcVZCNlRMeXh3VzRZamdFYkNSMWQrdnJRbE9hbjc3Nm1DeHVLRWhvZzA1cVY2OFJuTElnOStYa0pHR0JDcUkvQ1BSbWZremplckgwM3dYN1JZMWQ4SVdmL0Fqd0IrUVRvc09aZ3dBZ2g0MytjNlkyWVRyTWFnazJIMEJoMmMwV3lVSVozdmowSmZUY09wNG4iLCJleHAiOjE2MDMxODc2NjcsInNoYXJkX2lkIjoyMzU4MDExNjcsInBkIjowfQ.fDyx5hr2vXLScCpXO5G1nzE6yH-

我如何使用正确的验证码属性来发送正确的 sid，而不是整个最后一段？

谢谢你的好意和帮助！