为什么我的recaptcha注册被发送垃圾邮件？

Question

以下是表单的网址：http://www.mrhowtosay.com/register

我似乎正在从这个表单中获得大约20-30台机器生成的帐户。我不知道机器人是如何通过它的，因为我测试了很多次，看它是否会在没有输入正确的recaptcha的情况下通过，但它似乎在我尝试时正确拒绝帐户创建尝试空白或不正确的recaptcha。

所以我不知道如何阻止创建垃圾邮件帐户。也许我的公钥已被泄露？根据我在垃圾邮件创建的帐户中看到的模式，似乎有多个来源创建它们。

如果有必要，以下是表单发布到doregister.php页面的代码：

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> 
</head>
<body>Please wait...
<?
session_start();
include 'functions.php';
function check_email_address($email) {
// First, we check that there's one @ symbol, 
// and that the lengths are right.
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters 
// in one section or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if
(!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&
?'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
$local_array[$i])) {
  return false;
}
}
// Check if domain is IP. If not, 
// it should be valid domain name
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
    return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
  if
(!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|
?([A-Za-z0-9]+))$",
$domain_array[$i])) {
    return false;
  }
}
}
return true;
}


    //------------------------------------------------------------------------checkrecaptcha

require_once('recaptchalib.php');
$privatekey = "CENSORED";
$resp = recaptcha_check_answer ($privatekey,
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);

if (!$resp->is_valid) {
        $_SESSION['msg2'] = "The reCAPTCHA wasn't entered correctly. Please try it again";
        ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/register"> <?
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
     "(reCAPTCHA said: " . $resp->error . ")");
} 

else{
    // Your code here to handle a successful verification



    //----------------------------------------------------------------------------------------------

    //----------------------------------------uthenticating submied fields---------------------------
    //--------------------------------------------check passwords match--------------------------------------------------
    if ($_POST['password'] != $_POST['repeat'])  
    {
        $_SESSION['msg2'] = "passwords dont match";
        ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
    }
    else
    {
        $password = $_POST['password'];     
    }//--------------------------------------------check passwords match----END----------------------------------------------
    if ($_POST['email'])//-------------------------check email was submited--------------------------------------------------
    {   
        if(!check_email_address($_POST['email']))
        {
            $_SESSION['msg2'] = "(".$_POST['email'].") is not a valid email";
            ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
        }
        $email = $_POST['email'];
    }
    else
    {
        $_SESSION['msg2'] = "email is a required field";
        ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
    }//-------------------------check email was submited------END--------------------------------------------
    if ($_POST['name'])//-------------------------check name was submited--------------------------------------------------
    {
        $name = $_POST['name'];
    }
    else
    {
        $_SESSION['msg2'] = "name is a required field";
        ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
    }//-------------------------check name was submited----------END----------------------------------------
    //----------------------------------------uthenticating submited fields-------END--------------------


             //connecting to mysql server
        $DBConnect = mysqli_connect("localhost", "mrhowtos_user", "9Xhe9e949Xhe9e94!");
        mysqli_set_charset($DBConnect, "utf8");
        mb_internal_encoding("UTF-8");


        //error handling
        if (!$DBConnect)

        echo "<p>the database server is not available</P>";

        else
        {//------------------------------------------checking for existing user confilcts---------------------------
            if (mysqli_select_db($DBConnect, "mrhowtos_main"))
            {
                $checkqwry1 = "select name from users where name = '$name';";
                $checkqwry2 = "select email from users where email = '$email';";
                $array = mysqli_query($DBConnect, $checkqwry1);
                $Row = mysqli_fetch_row($array);
                if ($Row)
                {
                    $_SESSION['msg2'] = $Row[0]." is already in use by another user";
                    ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
                }

                $array = mysqli_query($DBConnect, $checkqwry2);
                $Row = mysqli_fetch_row($array);

                if ($Row)
                {
                    $_SESSION['msg2'] = "the email ".$Row[0]." is already in use by another user";
                    ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit();
                }
                else//------------------------------------------checking for existing user confilcts----END-----------------------
                {   
                    //-------------------------------aproved account credentials, insert in db and login-----------------------------------
                    $_SESSION['username'] = $name;
                    $_SESSION['rights'] = 1;
                    $_SESSION['msg2'] = "hi ".$name." you have successfully registered! and logged in!<br />Note that the \"Make Translations\" Option has now appeared in the Naviation so you can start adding translations!";
                    $ip = getRealIpAddr();
                    //--------------------------------------------insert user into db--------------------------------------------------------
                        $QueryResult = mysqli_query($DBConnect, "INSERT INTO `mrhowtos_main`.`users` (`ID` ,`name` ,`password` ,`email` ,`rights`, `IP address`)VALUES (NULL , '$name', '$password', '$email', '1', '$ip');")                       
                        Or die("<p>Unable to execute the query.<p>"
                        . "<p>Error code " . mysqli_errno($DBConnect)
                        . ": " . mysqli_error($DBConnect)) . "</p";
                    //--------------------------------------------insert user into db---END-----------------------------------------------------
                    if ($_SESSION['lastpage'])
                    {
                    ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/page<?echo $_SESSION['lastpage'];?>"> <?exit(); //auto return to last page
                    }
                    else
                    {
                    ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/login"> <?exit(); //auto return to login page
                    }
                }  //-------------------------------aproved account credentials, insert in db and login---END-------------------------------
            }
            else
            {   
                echo "database selected was not found";
            }
        }   

}
            ?><meta http-equiv="Refresh" content="0; url=http://www.mrhowtosay.com/insert"> 
            <a href="insert">insert</a>
            </body>
            </html>