验证reCaptcha V2：始终为false [英] Verify reCaptcha V2 : Always false

问题描述

我正在尝试将Google reCaptcha V2植入我的网站（由PHP& Wordpress开发）。

I'm trying to implant reCaptcha V2 of Google in my website (developed in PHP & Wordpress).

我正在尝试验证用户是否在提交前检查了此验证码。

I'm trying to verify if the user has checked this Captcha before the submit.

这是我的验证：

<?php

if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
  $privatekey = $secret;
  $captcha = $_POST['g-recaptcha-response'];
  $url = 'https://www.google.com/recaptcha/api/siteverify';
  $data = array(
      'secret' => $privatekey,
      'response' => $captcha,
      'remoteip' => $_SERVER['REMOTE_ADDR']
  );

  $curlConfig = array(
      CURLOPT_URL => $url,
      CURLOPT_POST => true,
      CURLOPT_RETURNTRANSFER => true,
      CURLOPT_POSTFIELDS => $data
  );

  $ch = curl_init();
  curl_setopt_array($ch, $curlConfig);
  $response = curl_exec($ch);
  curl_close($ch);
  $jsonResponse = json_decode($response);
  if ($jsonResponse->success == true) {
            $succMsg = 'Your contact request have submitted successfully.';
            echo "<script>alert(\"OK\")</script>";
  }
  else {
      $errMsg = 'Robot verification failed, please try again.';
            echo "<script>alert(\"KO ROBOT\")</script>";
    }
}
else{

  $errMsg = 'Please click on the reCAPTCHA box.';
    echo "<script>alert(\"KO CLICK ON BOX\")</script>";
}
?>

当我重新加载页面时，或者当我提交没有选中的验证码时，或者当我选中了验证码时，总是显示： KO ROBOT

When I reload the page, or when I submit without checked captcha, or when I checked captcha, it always displays:"KO ROBOT"

我也尝试过使用 file_get_contents 而不是curl，但是出现SSL错误警告。

I have tried also with "file_get_contents" instead of curl, but I had an SSL error Warning.

谢谢。

更新：

何时我这样做：

var_dump($jsonResponse);

我在我的页面上有此内容：

I have this on my page :

object（stdClass）＃4028（2）{[成功] => bool（false）
[错误代码] => array（1）{[0] =>字符串（20）无效输入秘密}
}

object(stdClass)#4028 (2) { ["success"]=> bool(false) ["error-codes"]=> array(1) { [0]=> string(20) "invalid-input-secret" } }

UPDATE 2：

现在，在验证了我的秘密密钥后，我有了这个：

Now i have this, after verification of my secret key :

object（stdClass）＃4028 （2）{[ success] => bool（false）
[ error-codes] => array（1）{[0] => string（20） time-or-duplicate}
}

object(stdClass)#4028 (2) { ["success"]=> bool(false) ["error-codes"]=> array(1) { [0]=> string(20) "timeout-or-duplicate" } }

推荐答案

尝试使用此密钥，只需替换密钥即可。

try with this one, just replace secret key.

<?php
$response   = isset($_POST["g-recaptcha-response"]) ? $_POST['g-recaptcha-response'] : null;
$privatekey = "YOUR PRIVATE KEY";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
    'secret' => $privatekey,
    'response' => $response,
    'remoteip' => $_SERVER['REMOTE_ADDR']
));

$resp = json_decode(curl_exec($ch));
curl_close($ch);

if ($resp->success) {

} else {

    //failed return mess
}
?>

这篇关于验证reCaptcha V2：始终为false的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！