PHP表单+ Google reCAPTCHA [英] PHP form + Google reCAPTCHA
问题描述
我经历了简单的步骤:
-
注册我的网站以获得钥匙
-
在表单末尾添加了这段代码:
< div class =g-recaptchadata-sitekey =#MYKEY#>< / div>
<
< script src ='https: //www.google.com/recaptcha/api.js'></script>
此时,recaptcha正在显示正好。但是服务器端部分有点令人困惑。
这是我更新后的联系人表单,其中包含了recaptcha:
< form method =postaction =contact-post.php>
< label>您的名称(必填):< / label>
< input name =nametype =textplaceholder =在此输入您的名字>
< label>电子邮件地址(必填):< / label>
< input name =emailtype =emailplaceholder =在此输入您的电子邮件地址>
< label>您的讯息(必填):< / label>
< textarea name =messageplaceholder =在这里写下你的信息>< / textarea>
< div style =margin-top:20px; class =g-recaptchadata-sitekey =#MYKEY#>< / div>
< input id =submitname =submittype =submitvalue =Submit Form>
< / form>
以下是我当前的POST页面(我不确定要在recaptcha代码中添加的位置):
<?php
$ name = $ _POST ['name'];
$ email = $ _POST ['email'];
$ message = $ _POST ['message'];
$ human = $ _POST ['human'];
$ from ='From:我的网站';
$ to ='myemail@gmail.com';
$ subject ='申请表';
$ body =名称:$ name \\\
电子邮件:$ email \\\
Message:\\\
$ message;
if($ _POST ['submit']){
if($ email!=''){
if($ human =='4'){
if(mail($ to,$ subject,$ body,$ from)){
echo'< p>您已成功将您的信息提交给PS4RS。我们邮件列表的订阅者将开始定期收到更新。< / p>';
} else {
echo'< p>出错了,请返回并重试!< / p>< p>< input type =buttonvalue =返回 onclick =history.back(-1)class =goback/>< / p>';
} else if($ _POST ['submit']&& $ human!='4'){
echo'< p>您回答了反垃圾邮件问题< / p>< / p>< p>< input type =buttonvalue =返回onclick =history.back(-1)class =goback/>< / p>' ;您需要填写所有必填字段!!< / p>< p>< input type =buttonvalue =回去onclick =history.back(-1)class =goback/>< / p>';
}
}
?>
欢迎任何帮助。我觉得这可能是一个很普通的人,试图将它实现到他们当前的工作形式。
链接:
https://developers.google.com/recaptcha/docs/verify
用几句话说,你应该向
提出请求 https://www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS
其中YOUR_SECRET是您在ReCAPTCHA网站上收到的密钥,可以通过 $ _ SERVER 数组接收USER_IP_ADDRESS,RESPONSE_CAME_FROM_YOUR_FORM是与您的表单一起发送的字符串。它存储在 $ _ POST ['g-recaptcha-response'] 。
您可以通过 file_get_contents($ url) like
$ data = file_get_contents(https: //www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS);
在 $ data 中,您将收到JSON对象包含您正在查找的 success 字段。如果成功是假的,那么它不是人,你应该 exit()。我建议你在程序开始时检查它。
更新:
解码JSON对象如下所示:
$ data = json_decode($ data); //如果(!$ data-> success)
exit();这会将JSON解码为对象
。
更新:
有时, file_get_contents($ url)将无法设置安全的https连接。相反,您可以使用 open_https_url($ url)
让您的代码看起来像:
<?php
$ your_secret =< secret_key_you_received_from_recaptcha_site>;
$ client_captcha_response = $ _POST ['g-recaptcha-response'];
$ user_ip = $ _SERVER ['REMOTE_ADDR'];
$ captcha_verify = open_https_url(https://www.google.com/recaptcha/api/siteverify?secret=$your_secret&response=$client_captcha_response&remoteip=$user_ip);
$ captcha_verify_decoded = json_decode($ captcha_verify);
if(!$ captcha_verify_decoded->成功)
die('DIRTY ROBOT');
$ name = $ _POST ['name'];
$ email = $ _POST ['email'];
$ message = $ _POST ['message'];
$ human = $ _POST ['human'];
$ from ='From:我的网站';
$ to ='myemail@gmail.com';
$ subject ='申请表';
$ body =名称:$ name \\\
电子邮件:$ email \\\
Message:\\\
$ message;
if($ _POST ['submit']){
if($ email!=''){
if($ human =='4'){
if(mail($ to,$ subject,$ body,$ from)){
echo'< p>您已成功将您的信息提交给PS4RS。我们邮件列表的订阅者将开始定期收到更新。< / p>';
} else {
echo'< p>出错了,请返回并重试!< / p>< p>< input type =buttonvalue =返回 onclick =history.back(-1)class =goback/>< / p>';
} else if($ _POST ['submit']&& $ human!='4'){
echo'< p>您回答了反垃圾邮件问题< / p>< / p>< p>< input type =buttonvalue =返回onclick =history.back(-1)class =goback/>< / p>' ;您需要填写所有必填字段!!< / p>< p>< input type =buttonvalue =回去onclick =history.back(-1)class =goback/>< / p>';
}
}
?>
It's kind of weird that Google's documentation for recaptcha is not as helpful as I thought it was going to be. I was asked to take a current existing form (which is getting spammed a few times a day) and update it with Google's new recaptcha. There are a lot of tutorials out there for the old captcha, but not so many for the new one. I basically just want a simple form to capture name, email, message, and then replace my current "anti-bot field" with the recaptcha (I used a field that basically asked you what 2+2 was and if you entered anything, but 4, it would not send). If the required fields are valid and the recaptcha is valid, then I want it to send me an email with the contents of the form fields.
I went through the simple steps:
registered my site to get the keys
added this snippet inside of my head tag:
<script src='https://www.google.com/recaptcha/api.js'></script>added this snippet at the end of my form:
<div class="g-recaptcha" data-sitekey="#MYKEY#"></div>
At this point, the recaptcha is showing up just fine. But the server-side part is a little confusing.
This is my updated contact form with the recaptcha showing:
<form method="post" action="contact-post.php">
<label>Your Name (required):</label>
<input name="name" type="text" placeholder="Enter your name here">
<label>Email Address (required):</label>
<input name="email" type="email" placeholder="Enter your email address here">
<label>Your Message (required):</label>
<textarea name="message" placeholder="Write your message here"></textarea>
<div style="margin-top:20px;" class="g-recaptcha" data-sitekey="#MYKEY#"></div>
<input id="submit" name="submit" type="submit" value="Submit Form">
</form>
And here is my current POST page (I'm unsure where to add in the recaptcha code):
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$human = $_POST['human'];
$from = 'From: My Website';
$to = 'myemail@gmail.com';
$subject = 'Request Form';
$body = "Name: $name \n E-Mail: $email \nMessage:\n$message";
if ($_POST['submit']) {
if ($email != '') {
if ($human == '4') {
if (mail ($to, $subject, $body, $from)) {
echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
} else {
echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
} else if ($_POST['submit'] && $human != '4') {
echo '<p>You answered the anti-spam question incorrectly!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
} else {
echo '<p>You need to fill in all required fields!!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
}
?>
Any help is welcome. I feel like this might be a pretty common people with people trying to implement it into their current working forms.
Check out this link: https://developers.google.com/recaptcha/docs/verify
In a few words, you should make request to
https://www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS
Where YOUR_SECRET is secret key you received on ReCAPTCHA site, USER_IP_ADDRESS can be received through $_SERVER array and RESPONSE_CAME_FROM_YOUR_FORM is a string sent with your form. It is stored in $_POST['g-recaptcha-response'].
You can do it via file_get_contents($url) like
$data = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS");
In $data you will receive JSON object containing success field, which you are looking for. If success is false, then it is not a human and you should exit(). I suggest you checking this in the beginning of your program.
Update:
Decoding of JSON object looks like:
$data = json_decode($data); // This will decode JSON to object
if(!$data->success)
exit();
Update:
Sometimes, file_get_contents($url) won't be able to set up secured https connection. Instead you can use open_https_url($url)
Make your code look like:
<?php
$your_secret = "<secret_key_you_received_from_recaptcha_site>";
$client_captcha_response = $_POST['g-recaptcha-response'];
$user_ip = $_SERVER['REMOTE_ADDR'];
$captcha_verify = open_https_url("https://www.google.com/recaptcha/api/siteverify?secret=$your_secret&response=$client_captcha_response&remoteip=$user_ip");
$captcha_verify_decoded = json_decode($captcha_verify);
if(!$captcha_verify_decoded->success)
die('DIRTY ROBOT');
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$human = $_POST['human'];
$from = 'From: My Website';
$to = 'myemail@gmail.com';
$subject = 'Request Form';
$body = "Name: $name \n E-Mail: $email \nMessage:\n$message";
if ($_POST['submit']) {
if ($email != '') {
if ($human == '4') {
if (mail ($to, $subject, $body, $from)) {
echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
} else {
echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
} else if ($_POST['submit'] && $human != '4') {
echo '<p>You answered the anti-spam question incorrectly!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
} else {
echo '<p>You need to fill in all required fields!!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
}
}
?>
这篇关于PHP表单+ Google reCAPTCHA的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
