我已将ReCaptcha添加到我的网站。无论用户是否选中“我不是机器人”,它始终会进行验证。 我在HTML文件上有我的Recaptcha,以调用单独的PHP文件。
我尝试过要求重新验证,并且表单仍在提交!
头:
<script src='https://www.google.com/recaptcha/api.js'></script>
表格:
<div class="g-recaptcha form-group" data-sitekey="PUB_KEY"></div>
外部PHP:
// Checks if form has been submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
function post_captcha($user_response) {
$fields_string = '';
$fields = array(
'secret' => 'SEC_KEY',
'response' => $user_response
);
foreach($fields as $key=>$value)
$fields_string .= $key . '=' . $value . '&';
$fields_string = rtrim($fields_string, '&');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
$result = curl_exec($ch);
curl_close($ch);
return json_decode($result, true);
}
// Call the function post_captcha
$res = post_captcha($_POST['g-recaptcha-response']);
if (!$res['success']) {
// What happens when the CAPTCHA wasn't checked
echo '<p>Please check the security CAPTCHA box.</p><br>';
}
} else
我希望在提交表单之前进行必要的重新验证。我收到了很多垃圾邮件,并希望它停止。