需要实施recaptcha

时间:2017-01-02 09:55:44

标签: php recaptcha

有人可以帮我在这段代码上添加recaptcha吗?

这是我的php寄存器。

//if form has been submitted process it
if(isset($_POST['submit'])){

//very basic validation
if($_POST['username'] == ''){
    $error[] = 'Username is required.';
}else if(strlen($_POST['username']) < 6){
    $error[] = 'Username is too short. (6 Chars)';
}else if(strlen($_POST['username']) > 32){
    $error[] = 'Username is too long. (32 Chars)';
}else if(preg_match('/[^a-z0-9_]/', $_POST['username'])){
    $error[] = 'Only a-z, 0-1 and _ are allowed in username.';
} else {
    $stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
    $stmt->execute(array(':username' => $_POST['username']));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    if(!empty($row['username'])){
        $error[] = 'Username provided is already in use.';
    }

}

//email validation
 if($_POST['email'] == ''){
    $error[] = 'Email Address is required.';
}else if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
    $error[] = 'Please enter a valid Email Address';
} else {
    $stmt = $db->prepare('SELECT email FROM members WHERE email = :email');
    $stmt->execute(array(':email' => $_POST['email']));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    if(!empty($row['email'])){
        $error[] = 'Email Address provided is already in use.';
    }

}

 if($_POST['mobile'] == ''){
    $error[] = 'Mobile Number is required.';
}else if(!is_numeric($_POST['mobile'])){
    $error[] = 'Mobile Number should be numeric.';
}else if(strlen($_POST['mobile']) < 10){
    $error[] = 'Mobile Number is too short.';
}
else if(strlen($_POST['mobile']) > 10){
    $error[] = 'Mobile Number is too long.';
} else {
    $stmt = $db->prepare('SELECT mobile FROM members WHERE mobile = :mobile');
    $stmt->execute(array(':mobile' => $_POST['mobile']));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    if(!empty($row['mobile'])){
        $error[] = 'Mobile Number is already in use.';
    }
}   

if($_POST['password'] == ''){
    $error[] = 'Password is required.';
}else if(strlen($_POST['password']) < 6){
    $error[] = 'Password is too short. (6 Chars)';
}else if(strlen($_POST['passwordConfirm']) < 6){
    $error[] = 'Confirm password was too short. (6 Chars)';
}else if($_POST['password'] != $_POST['passwordConfirm']){
    $error[] = 'Passwords do not match.';
}

//if no errors have been created carry on
if(!isset($error)){

    //hash the password
    $hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);

    //create the activasion code
    $activation = md5(uniqid(rand(),true));


    $usrname = str_replace(' ', '', $_POST['username']);
    $usrname = preg_replace('/\s+/','',$_POST['username']);
    try {

        //insert into database with a prepared statement
        $stmt = $db->prepare('INSERT INTO members (username,password,email,mobile,active) VALUES (:username, :password, :email, :mobile, :active)');
        $stmt->execute(array(
            ':username' => strtolower($usrname),
            ':password' => $hashedpassword,
            ':email' => $_POST['email'],
            ':mobile' => $_POST['mobile'],
            ':active' => $activation
        ));

        header('Location: register.php?action=joined');
        exit;

    //else catch the exception and show the error.
    } catch(PDOException $e) {
        $error[] = $e->getMessage();
    }

}

}

1 个答案:

答案 0 :(得分:0)

这里是整合ReCaptcha 2.0的解释。我刚刚在我的网站上对它进行了测试,它确实有用。

  1. 请求here您需要在HTML和PHP代码中集成的密钥(公共和私有)
  2. 转到GitHub reCAPTCHA PHP并下载ZIP文件(或按照说明进行安装;我将其下载并上传到我的服务器上)

    3. HTML

    将其插入您的<head>标记以调用Google reCAPTCHA API 

    <script src="https://www.google.com/recaptcha/api.js" async defer></script>

    这就是你的表单出现的方式

    <form action="..." method="POST">
  _list of your inputs_

  <div class="g-recaptcha" data-sitekey="your_site_key(the_public_one)"></div>
  <input type="submit" value="Submit">
</form>

    PHP

    包含您在已下载的邮件中找到的文件autoload.php 

    <?php require('path_where_you_uploaded_the_folder/recaptcha/src/autoload.php'); ?>

    执行检查的最简单代码是:

    <?php
$siteKey = 'your_public_key'; //ex. 6OfGWERRRRt17YkojJGk2mEeM8fgEPKSpiPe
$secret = 'your_private_key';
$recaptcha = new \ReCaptcha\ReCaptcha($secret);
$resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']); //the values for: $gRecaptchaResponse, $remoteIp
if ($resp->isSuccess()) {
    echo 'GREAT!'; //insert here the code you'll want to process if the verification is ok or the value you want to return (if this code is inserted in a function)
} else {
    $errors = $resp->getErrorCodes();
    echo 'NOOPE..'; //print_r($errors): you'll see which is/are the error
}

?>

    表单将属性g-recaptcha-response传递给PHP脚本;如果您print_r($_POST['g-recaptcha-response']print_r($_POST),您会看到如果支票是肯定的(您还没有被标记为机器人),则g-recaptcha-response的值为长字母数字字符串。

相关问题
最新问题