PHP-关于将reCAPTCHA与jQuery一起使用的问题 [英] PHP - Question about using reCAPTCHA with jQuery

问题描述

这里是一个教程，指示如何将jQuery表单验证与reCAPTCHA结合使用. http://snipplr.com/view/15563/jquery-validating -recaptcha-with-ajax/

Here is a tutorial that indicates how to combine jQuery Form Validation with reCAPTCHA. http://snipplr.com/view/15563/jquery-validating-recaptcha-with-ajax/

根据我的理解，以上教程实际上通过与服务器reCAPTCHA脚本通信的aJax进行了客户端验证.

Based on my understanding, the above tutorial in fact does a client side validation through aJax that communicates with the server reCAPTCHA script.

验证成功后，我使用从注释中借用的以下代码:

After the validation is successful, I use the following code borrowed from the comments:

$('#formID').validate({ 
submitHandler: function(form) { 
 if(validateCaptcha()){ // Submit form 
offerForm.ajaxSubmit(); } } });

提交表格，请参见原始代码的第21行:

to submit the form and please see line 21 of the original code:

$("form").attr("action", "http://action/to/the/form_handler.php");

我的问题是我是否必须在带有传递参数的form_handler.php中调用recaptcha_check_answer

My question is whether or not I MUST call recaptcha_check_answer inside form_handler.php with passed in parameters

challengeField = $("input#recaptcha_challenge_field").val();
responseField = $("input#recaptcha_response_field").val();

如果没有，那么一个人可以通过更改验证程序来轻松避免reCAPTCHA. 似乎我们总是必须同时进行客户机和服务器验证的同一想法.

If not, then a person can easily avoid the reCAPTCHA by changing the validation procedure. It seems that the same idea that we always have to both client+server validation.

如果我误会了，请纠正我的想法.

Please correct my idea if I misunderstand.

//提供有关我遇到的问题的详细信息///

// Give detail information for the issue I have ///

    <code>
    <form id="regFormBody" method="post" action="verify.php">
    ...
    </code>

      $("#regFormBody").validate({
          debug: true,
          errorPlacement: function (error, element) {
            error.insertAfter(element.parents('div.collection:first'));
          },

          rules: {
            loginemail: { required: true, email: true, rangelength: [4, 32] },
            password: { required: true, rangelength: [8, 30], passwordPattern: true },
            confirmpassword: { required: true, rangelength: [8, 30], equalTo: "#password" }
          }
          }
        });

这是我遇到的问题: 如果该表单通过了客户端验证，则它根本不会触发verify.php，并且在验证之后停止. 谢谢

Here is the problem I have: If the form passes the client side validation, then it doesn't NOT trigger the verify.php at all and stops after the validation. thank you

推荐答案

是的，这对我来说是正确的.是的，您肯定需要验证服务器上的验证码.我根本不喜欢验证验证码客户端的想法，并且我不认为您不想将reCaptchi API密钥发布到用户可以掌握其中任何一个的脚本中.我也希望相同验证码值的第二次验证(客户端校验之后的服务器端检查)仍然会被recaptcha的服务器拒绝

Yes, that sounds correct to me. Yes, you definitely need to validate the captcha on the server. I don't like the idea of validating the captcha client-side at all and I don't think you want to be posting your reCaptchi API keys in a script that user can get hold of either. Also I'd expect the second validation of the same captcha values (your server-side check after the client-side checke) would get rejected by recaptcha's servers anyway (confirmation of this from a comment on the original blog).

因此，我认为您需要将验证码发布到您的AJAX操作处理程序中，并且应该执行验证以及操作.您可以在提交验证之前验证用户是否已经输入了验证码，但是IMO根本不应该尝试在客户端进行验证.

So I think you need to post the captcha to your AJAX action handler and it should do the validation as well as your action. You could validate the user has entered something for the captcha before you submit it but IMO you shouldn't try and validate it client side at all.

这篇关于PHP-关于将reCAPTCHA与jQuery一起使用的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！