WordPress联系表格验证包括谷歌reCaptcha验证问题

时间:2015-07-15 17:19:48

标签: php jquery wordpress validation recaptcha

我今天早上一直忙于创建自定义WordPress联系页面模板,并为此添加了新的Google reCaptcha,以减少垃圾邮件发送者。我创建了一个validation.php文件,联系页面的操作可以验证所有字段和Google reCaptcha是否正确。问题是它不适合我。我有一切设置,因为它应该在WordPress文件系统中,WordPress导航到validation.php文件没有问题,这让我相信我的验证代码不起作用。请参阅以下内容:

HTML CODE:

<div class="col-xs-12 col-sm-8 col-lg-9">

                <script src='https://www.google.com/recaptcha/api.js'></script>

      <div id="content" role="main">
              <?php get_template_part('includes/loops/content', 'page'); ?>
        <hr/>

          <form action="validate-contact-form.php" id="contactForm" method="post">
            <fieldset>
            <legend>Contact Us</legend>
           <div class="form-group">
             <div class="col-md-12">
             <input id="cf-name" name="contactName" type="text" placeholder="Please enter your full name here." class="form-control" required=""/>
             </div>
           </div>
           <br /><br />
           <div class="form-group">
             <div class="col-md-12">
             <input id="cf-email" name="email" type="text" placeholder="Please enter your e-mail address here." class="form-control" required="" />
             </div>
           </div>
           <br /><br />
           <div class="form-group">
             <div class="col-xs-12">                   
             <textarea class="form-control" id="comments" placeholder="Please enter your message here." name="comments" rows="20" class="form-control" required="" ></textarea>
             </div>
           </div><hr/>
           <div class="form-group">
             <div class="col-xs-12"><hr/>
             <div class="g-recaptcha" data-sitekey="6Ld6cf4SAAAAABBYX2C3I5Ayx_xLwKSYm2ZUtxen" class="form-control" required=""></div>
             </div>
           </div>
           <div class="form-group">
             <div class="col-xs-12"><hr/>
             <button type="submit"  name="submit" value="Send" class="btn btn-primary">Send Message</button>
             </div>
           </div>
           </fieldset>
         </form>       

    </div><!-- /#content -->
  </div>

Validation.php代码:

    <?php
  if(isset($_POST['submit'])) {
      if(trim($_POST['contactName']) === '') {
        $nameError = 'Please enter your name.';
        $hasError = true;
      } else {
        $name = trim($_POST['contactName']);
      }

      if(trim($_POST['email']) === '')  {
        $emailError = 'Please enter your email address.';
        $hasError = true;
      } else if (!preg_match("/^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$/i", trim($_POST['email']))) {
        $emailError = 'You entered an invalid email address.';
        $hasError = true;
      } else {
        $email = trim($_POST['email']);
      }

    if(trim($_POST['comments']) === '') {
      $commentError = 'Please enter a message.';
      $hasError = true;
    } else {

      if(function_exists('stripslashes')) {
        $comments = stripslashes(trim($_POST['comments']));
      } else {
        $comments = trim($_POST['comments']);
      }   
    }

    if(isset($_POST['g-recaptcha-response'])&&$_POST['g-recaptcha-response']){
        var_dump($_POST);
        $secret = 'MY SITE KEY';
        $ip = $_SERVER['REMOTE_ADDR'];
        $captcha = $_POST['g-recaptcha-response'];
        $rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip');
        var_dump($rsp);
        $array = json_decode($rsp, TRUE);
    if($array['success']) {

    }

  }

    if(!isset($hasError)) {
      $emailTo = get_option('tz_email');
      if (!isset($emailTo) || ($emailTo == '') ){
        $emailTo = get_option('admin_email');
      }
      $subject = '[PHP Snippets] From '.$name;
      $body = "Name: $name \n\nEmail: $email \n\nComments: $comments";
      $headers = 'From: '.$name.' <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email;

      wp_mail($emailTo, $subject, $body, $headers);
      $emailSent = true;

      echo "Done";
    }
      else {
      echo "Spam";
    }
  } 

}
?>

1 个答案:

答案 0 :(得分:0)

使用双引号:

$rsp = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip");

这些变量不会起作用。 PHP只搜索字符串中的变量,如果它被双引号括起来,则显示它们的值。你可以使用单引号,但是你必须分离变量和字符串,如下所示:

  $rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$captcha.'&remoteip='.$ip);

性能方面,使用单引号总是更好,因此PHP不需要搜索完整字符串中的变量。