Google reCAPTCHA V2 JavaScript我们检测到您的网站未在验证reCAPTCHA解决方案 [英] Google reCAPTCHA V2 JavaScript We detected that your site is not verifying reCAPTCHA solutions
问题描述
错误消息
我们检测到您的网站没有验证reCAPTCHA解决方案.这是在您的站点上正确使用reCAPTCHA所必需的.请访问我们的开发者网站以获取更多信息.
我创建了此reCaptcha代码,效果很好,但是我不知道如何验证它,我以为它正在使用该函数进行验证
grecaptcha.getResponse();,但事实并非如此.
显然,recaptcha在网站上运作良好,但我刚刚在Google管理员中看到了下一条消息:
Error Message
We detected that your site is not verifying reCAPTCHA solutions. This is required for the proper use of reCAPTCHA on your site. Please see our developer site for more information.
I created this reCaptcha code, it works well but I don not know how can I validate it, I thought it was validating with the function
grecaptcha.getResponse(); but it was not so.
Apparently The recaptcha worked well on the website but I just saw in Google admin the next message:
要求:
1.请勿在表单中使用action="file.php",仅在表单中使用javascript函数.
Requirements:
1.Do not use action="file.php" in the form, only a javascript function in the form.
<!DOCTYPE>
<html>
<head >
<title></title>
<script src='https://www.google.com/recaptcha/api.js'></script>
<script type="text/javascript">
function get_action() {
var v = grecaptcha.getResponse();
console.log("Resp" + v );
if (v == '') {
document.getElementById('captcha').innerHTML = "You can't leave Captcha Code empty";
return false;
}
else {
document.getElementById('captcha').innerHTML = "Captcha completed";
return true;
}
}
</script>
</head>
<body>
<form id="form1" onsubmit="return get_action();">
<div>
<div class="g-recaptcha" data-sitekey="6LdNIlAUAAAAADS_uVMUayu5Z8C0tw_jspdntbYl"></div>
</div>
<input type="submit" value="Button" />
<div id="captcha"></div>
</form>
</body>
</html>
请你帮我一下.我会很感激
提交时,我需要使用JavaScript函数onsubmit="return get_action();"而不是action="file.php"来验证我的身份?:
May you help me Please. I would appreciate it a lot
How can I validate it since I need to use a javascript function onsubmit="return get_action();" instead of action="file.php" *when I submit?:
推荐答案
grecaptcha.getResponse()函数将仅向您提供用户响应令牌,然后必须在Google reCAPTCHA服务器上通过HTTP POST调用进行验证.
The grecaptcha.getResponse() function will only provide you with the user response token, which then must be validated with HTTP POST call on google reCAPTCHA server.
您可以使用AJAX请求来验证令牌,但出于安全原因,这些验证应始终在服务器端进行-用户可能总是混入JavaScript并诱使他们相信reCAPTCHA已成功验证.
You could use AJAX request, to validate the token, but these validations should always be done on server side, for security reasons - JavaScript could've always been meddled with by user and tricked into believing that reCAPTCHA was successfully verified.
获取响应令牌后,您需要使用以下API使用reCAPTCHA对其进行验证,以确保该令牌有效.
After you get the response token, you need to verify it with reCAPTCHA using the following API to ensure the token is valid.
因此,您需要执行的操作是将reCAPTCHA机密(在reCAPTCHA管理页面中为您生成的第二个密钥)和用户响应令牌(从grecaptcha.getResponse()函数接收到的密钥)发送到reCAPTCHA API,如
So what you need to do is to send your reCAPTCHA secret (second key that was generated for you in reCAPTCHA admin page) and user response token (the one received from grecaptcha.getResponse() function) to reCAPTCHA API as described in reCAPTCHA docs.
在PHP 中,您可能会这样想:
In PHP, you'd do somethink like this:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
'secret' => YOUR_RECAPTCHA_SECRET,
'response' => USER_RESPONSE_TOKEN,
]));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
curl_close($ch);
$response = @json_decode($data);
if ($response && $response->success)
{
// validation succeeded, user input is correct
}
else
{
// response is invalid for some reason
// you can find more in $data->{"error-codes"}
}
这篇关于Google reCAPTCHA V2 JavaScript我们检测到您的网站未在验证reCAPTCHA解决方案的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
