即使完成reCaptcha，提交按钮也会发送电子邮件 [英] Submit Button Sends Email even If reCaptcha has been done

问题描述

我正在将reCaptcha从Google添加到我的表单中。问题是，即使我已经按照谷歌的指示。我仍然可以按提交按钮，而不需要进行恢复。任何想法请heres相关的代码片段。

 < head> 
< meta http-equiv =Content-Typecontent =text / html; charset = UTF-8> 
< title>网页标题< /标题> 
< link rel =stylesheettype =text / csshref =view.cssmedia =all> 
< script type =text / javascriptsrc =view.js>< / script> 
< script src ='https：//www.google.com/recaptcha/api.js'>< / script> 
< / head> 
  

此网页形式的片段

 < div class =g-recaptchadata-sitekey =xxxxxxmyapikeyxxxxxxx_xxxxxxmyapikeyxxxxxxx>< / div> 
< li class =buttons> 
< input type =hiddenname =form_idvalue =1136056/> 
 
< input id =saveFormclass =button_texttype =submitname =submitvalue =Submit/> 
< / li> 
< / ul> 
 
< / form> 
  

据我所知，我已将代码放入网页的指定区域。一个在HTML模板上的结束标记之前，另一个在我想要reCAPTCHA小部件出现的地方结束的代码片段。

我已将提交按钮。有一部分关于我不明白的服务器端集成。

  [引用] 
当用户提交在您整合reCAPTCHA的表单中，您将
作为有效负载的一部分获取名为g-recaptcha-response的字符串。 
为了检查Google是否验证了该用户，
使用以下参数发送POST请求：
 
网址：https：//www.google.com/recaptcha/api / siteverify 
 secret（required）xxxxxmysecretkeyxxxxxxx 
 response（必需）'g-recaptcha-response'的值。 
 remoteip最终用户的IP地址。 
 [/ QUOTE] 
  

任何人都可以请点亮一下。
Thankyou

解决方案

因此，我们设置了表单并确保您的库已包含在内，在recaptcha未完成时单击，并显示工具提示以通知用户需要继续。然后在使用回调方法完成后启用它。

login.php

 < div class =formContainer> 
< script src ='https：//www.google.com/recaptcha/api.js'>< / script> 
< form action =loginHandler.phpmethod =postname =login_formid =loginFormclass =loginForm> 
< h2>登入< / h2> 
< p>< input type =textrequired placeholder =Emailname =email>< / p> 
< p>< input type =passwordrequired placeholder =Passwordname =passwordid =password>< / p> 
< div class =g-recaptchadata-callback =captcha_filled
 data-expired-callback =captcha_expired
 data-sitekey =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX> 
< / div> 
< div> 
 
< input id =submitLogintype =submitvalue =Login> 
< / p> 
< / div> 
< / form> 
< / div> 
 
< script> 
 //防止提交并显示工具提示，直到完成捕获。 
 var submit = false; 
 $（＃submitLogin）。prop（'disabled'，true）; 
 
函数captcha_filled（）{
 submit = true; 
 $（＃submitLogin）。prop（'disabled'，false）; 
 $（。show-tt）。tooltip（'destroy'）; 
} 
函数captcha_expired（）{
 submit = false; 
 $（＃submitLogin）。prop（'disabled'，true）; 
 showTooltip（）; 
} 
 function showTooltip（）{
 $（。show-tt）。tooltip（'show'）; 
} 
< / script> 
  

现在我们发布到loginHandler.php，或者表单提交的任何地方，然后我们会将您的然后通过google验证请求。

$ b loginHandler.php

  $ secret =XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; 
 
 if（isset（$ _ POST [g-recaptcha-response]））{
 
 $ url ='https://www.google.com/recaptcha/ api / siteverify？secret ='。 urlencode（$ secret）。 
'& response ='。 urlencode（$ _ POST ['g-recaptcha-response']）。 '& remoteip ='。进行urlencode（$ _ SERVER [ REMOTE_ADDR]）; 
 // ip地址是可选的
 $ result = json_decode（file_get_contents（$ url），true）; 
 
 if（$ result！= null&& $ result ['success'] === true）{
 
 //成功，处理登录/提交数据或无论
 
} else {
 //响应不好，处理错误
 header（'Location：login.php？error = 4'）; 
} 
} else {
 // captcha response is not set，handle error 
 header（'Location：login.php？error = 5'）; 
} 
  

Im in the process of adding the reCaptcha from google to my form. The problem is that even though I have followed the instructions from google. I can still press the Submit button without doing the recaptcha. Any Ideas please heres the relevant code snippets.

<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>webpage title</title>
<link rel="stylesheet" type="text/css" href="view.css" media="all">
<script type="text/javascript" src="view.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>

And the this snippet in the form part of the webpage

<div class="g-recaptcha" data-sitekey="xxxxxxmyapikeyxxxxxxx_xxxxxxmyapikeyxxxxxxx"></div>  
                    <li class="buttons">
                <input type="hidden" name="form_id" value="1136056" />

                <input id="saveForm" class="button_text" type="submit" name="submit" value="Submit" />
        </li>
            </ul>

        </form> 

As far as I'm aware I have placed the code in the specified areas of my webpage. One before the closing tag on your HTML template and the snippet at the end of the where I want the reCAPTCHA widget to appear.

I have put the recaptcha before the submit button. There is a part about the server side integration that I do not understand.

[QUOTE]
When your users submit the form where you integrated reCAPTCHA, you'll     
get as part of the payload a string with the name "g-recaptcha-response". 
In order to check whether Google has verified that user, 
send a POST request with these parameters:

URL: https://www.google.com/recaptcha/api/siteverify
secret (required)   xxxxxmysecretkeyxxxxxxx
response (required) The value of 'g-recaptcha-response'.
remoteip    The end user's ip address.
[/QUOTE]

Can anyone please shed some light on this please. Thankyou

解决方案

So we set up the form and make sure your library is included, I prevent the submit button from being clicked while the recaptcha has not been completed and show a tooltip to notify the user it is needed to continue. Then enable it when it has been complete using the callback methods.

login.php

<div class="formContainer">
    <script src='https://www.google.com/recaptcha/api.js'></script>
    <form action="loginHandler.php" method="post" name="login_form" id="loginForm" class="loginForm">  
        <h2>Login</h2>
        <p><input type="text" required placeholder="Email" name="email"></p>
        <p><input type="password" required placeholder="Password" name="password" id="password"></p>
        <div class="g-recaptcha" data-callback="captcha_filled"
                 data-expired-callback="captcha_expired" 
                 data-sitekey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX">
        </div>
        <div>
            <p class="show-tt" data-toggle="tooltip" title="Complete the reCAPTCHA to login." data-placement="bottom">
                <input id="submitLogin" type="submit" value="Login">
            </p>
        </div>
    </form>
</div>

<script>
    //prevent submit and show tooltip until captch is complete.
    var submit = false;
    $("#submitLogin").prop('disabled', true);

    function captcha_filled() {
        submit = true;
        $("#submitLogin").prop('disabled', false);
        $(".show-tt").tooltip('destroy');
    }
    function captcha_expired() {
        submit = false;
        $("#submitLogin").prop('disabled', true);
        showTooltip();
    }
    function showTooltip () {
        $(".show-tt").tooltip('show');
    }
</script>

Now we post to loginHandler.php, or wherever your form submits too and then there we will assign your secret key and then verify the request with google.

loginHandler.php

$secret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";

if (isset($_POST["g-recaptcha-response"])) {

    $url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secret) .
            '&response=' . urlencode($_POST['g-recaptcha-response']) . '&remoteip=' . urlencode($_SERVER['REMOTE_ADDR']);
    //ip address is optional
    $result = json_decode(file_get_contents($url), true);

    if ($result != null && $result['success'] === true) {

        //success, handle login/submit data or whatever

    } else {
        //response is bad, handle the error
        header('Location: login.php?error=4');
    }
} else {
    //captcha response is not set, handle error
    header('Location: login.php?error=5');
}

这篇关于即使完成reCaptcha，提交按钮也会发送电子邮件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！