我想禁用尝试登录时出现的验证码。我尝试删除它但登录失败了。
以下是验证验证码响应并通过用户登录的verify.php
:
<?php
include("db.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$recaptcha=$_POST['g-recaptcha-response'];
if(!empty($recaptcha))
{
include("getCurlData.php");
$google_url="https://www.google.com/recaptcha/api/siteverify";
$secret='6Ld-ogsTAAAAAK0DpO4o4Ama4OPg3xS-Quamaqkq'; //secret key google captcha
$ip=$_SERVER['REMOTE_ADDR'];
$url=$google_url."?secret=".$secret."&response=".$recaptcha."&remoteip=".$ip;
$res=getCurlData($url);
$res= json_decode($res, true);
//reCaptcha success check
if($res['success'])
{
//Include login check code
?>
<META http-equiv="refresh" content="2;URL=http://domain.com/login.php?user=<?php echo("".$_GET['user']."");?>">
我该如何解决这个问题?
答案 0 :(得分:0)
它并不优雅,但以下内容应绕过验证码。
<?php
include("db.php");
session_start();
$enable_captcha=false;
$res['success']=false;
if( $_SERVER["REQUEST_METHOD"] == "POST" ) {
$recaptcha=$_POST['g-recaptcha-response'];
if( !empty( $recaptcha ) ) {
if( $enable_captcha ){
include("getCurlData.php");
$google_url="https://www.google.com/recaptcha/api/siteverify";
$secret='6Ld-ogsTAAAAAK0DpO4o4Ama4OPg3xS-Quamaqkq';
$ip=$_SERVER['REMOTE_ADDR'];
$url=$google_url."?secret=".$secret."&response=".$recaptcha."&remoteip=".$ip;
$res=getCurlData($url);
$res= json_decode($res, true);
}
if( $res['success'] or !$enable_captcha ){
/* Include login check code */
} else { /* do something else */ }
}
}
?>