如何使用phalcon / volt表单验证Google reCaptcha v2?

时间:2015-06-12 09:38:52

标签: php recaptcha phalcon volt

如何使用伏特和phalcon技术验证新的Google reCaptcha?

(只是想分享我的所作所为以使其发挥作用,请参阅下面的答案,希望它有所帮助......)

1 个答案:

答案 0 :(得分:3)

您需要什么

  • 验证者(本例中为RecaptchaValidator)
  • Form实施
  • Controller实施(此处不需要进行任何更改,但为了完整性......)
  • View实施
  • (可选)配置重新访问密钥和网址的条目(更好/更干净)
  • (可选)用于自动渲染的recaptcha元素(如果您更喜欢渲染方法)

验证器

验证器是其中最重要的部分,所有其他事情都相当直观...... 

use \Phalcon\Validation\Validator;
use \Phalcon\Validation\ValidatorInterface;
use \Phalcon\Validation\Message;

class RecaptchaValidator extends Validator implements ValidatorInterface
{
    public function validate(\Phalcon\Validation $validation, $attribute) 
    {
        if (!$this->isValid($validation)) {
            $message = $this->getOption('message');
            if ($message) { // Add the custom message defined in the "Form" class
                $validation->appendMessage(new Message($message, $attribute, 'Recaptcha'));
            }
            return false;
        }
        return true;
    }

    /********************************************
     *  isValid - Return Values
     *  =======================
     *  true .... Ok
     *  false ... Not Ok
     *  null .... Error
     */
    public function isValid($validation) 
    {
        try {
            $config = $validation->config->recaptcha; // not needed if you don't use a config
            $value =  $validation->getValue('g-recaptcha-response');
            $ip    =  $validation->request->getClientAddress();

            $url = $config->verifyUrl; // or 'https://www.google.com/recaptcha/api/siteverify'; without config
            $data = ['secret'   => $config->secretKey, // or your secret key directly without using the config
                     'response' => $value,
                     'remoteip' => $ip,
                    ];

            // Prepare POST request
            $options = [
                'http' => [
                    'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
                    'method'  => 'POST',
                    'content' => http_build_query($data),
                ],
            ];

            // Make POST request and evaluate the response
            $context  = stream_context_create($options);
            $result = file_get_contents($url, false, $context);
            return json_decode($result)->success;
        }
        catch (Exception $e) {
            return null;
        }
    }
}

表单(类)实现

class SignupForm extends Form
{
    public function initialize($entity = null, $options = null) 
    {
        // Name (just as an example of other form fields)
        $name = new Text('name');
        $name->setLabel('Username');
        $name->addValidators(array(
            new PresenceOf(array(
                'message' => 'Please enter your name'
            ))
        ));
        $this->add($name);

        // Google Recaptcha v2
        $recaptcha = new Check('recaptcha');
        $recaptcha->addValidator(new RecaptchaValidator([
            'message' => 'Please confirm that you are human'
        ]));
        $this->add($recaptcha);

        // Other form fields...
}

控制器实施

即使控制器与其他所有形式相同,为了完整起见,这里还有一个例子...... 

class SessionController extends \Phalcon\Mvc\Controller
{
    public function signupAction()
    {
        $form = new SignupForm();
        if ($this->request->isPost()) {
            if ($form->isValid($this->request->getPost()) != false) 
            {
                // Add user to database, do other checks, etc.
                // ...
            }
        }

        $this->view->form = $form;
    }
}

查看实施

对于视图,您可以将html放在那里或让它由引擎呈现。如果你想要它渲染(例如{{ form.render('recaptcha') }}),你还必须创建一个Recaptcha元素,而不是使用其中一个默认值(参见本答案中的最后一点)。

...

{{ form('class':'signupForm') }}
<fieldset>

    <div>{{ form.label('name') }}</div>
        {{ form.render('name') }}
        {{ form.messages('name') }}

    <!-- other elements here -->        
    <!-- ...                 -->

    <div class="g-recaptcha" data-sitekey="{{ this.config.recaptcha.publicKey }}"></div>
    {{ form.messages('recaptcha') }}

如果您不想使用公钥配置(下一节),只需将data-sitekey的值设置为您的个人(Google reCaptcha)公钥。

另外,不要忘记在某处(例如在html head部分中)包含脚本(<script src='https://www.google.com/recaptcha/api.js'></script>)。

(可选)配置

如果您想使用配置来存储重新接收密钥,请将以下内容添加到config/config.php ... 

// config/config.php

return new \Phalcon\Config([

    'application' => [
        'controllersDir' => __DIR__ . '/../../app/controllers/',
        'modelsDir'      => __DIR__ . '/../../app/models/',
        'formsDir'       => __DIR__ . '/../../app/forms/',
        'viewsDir'       => __DIR__ . '/../../app/views/',
        'pluginsDir'     => __DIR__ . '/../../app/plugins/',
        'libraryDir'     => __DIR__ . '/../../app/library/',
        'cacheDir'       => __DIR__ . '/../../app/cache/',
        'baseUri'        => '/',
    ],

    // other configs here
    // ...

    'recaptcha' => [
        'publicKey' => 'your public key',
        'secretKey' => 'your private key',
        'verifyUrl' => 'https://www.google.com/recaptcha/api/siteverify',
    ],
]);

为了能够在视图中访问配置,您可能还需要将$di->set('config', $config);添加到依赖注入器(通常在config/services.php内)。

(可选)Recaptcha Element

如果您希望为自己呈现回溯(而不是直接将div放在视图中),则需要单独的\Phalcon\Forms\Element\ ... 

class Recaptcha extends \Phalcon\Forms\Element
{
    public function render($attributes = null) {
        return '<div class="g-recaptcha" data-sitekey="'
            .$this->config->recaptcha->publicKey
            .'"></div>';
    }
}

您还必须相应地更改Form

// ...
$recaptcha = new Recaptcha('recaptcha');
$recaptcha->addValidator(new RecaptchaValidator([
    'message' => '...'
]));
// ...

最后还是你的View

{{ form.render('recaptcha') }}
相关问题
最新问题