这是我目前工作的代码。但我只需要点击重定向到下一页
<title></title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<form method="post" action="index.php">
<div class="g-recaptcha" data-sitekey="xxxxx"></div>
<input type="submit" />
</form>
</body>
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//form submitted
//check if other form details are correct
//verify captcha
$recaptcha_secret = "xxxxxxxxxg";
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$recaptcha_secret."&response=".$_POST['g-recaptcha-response']);
$response = json_decode($response, true);
if($response["success"] === true)
{
echo "Logged In Successfully";
}
else
{
echo "You are a robot";
}
}
?>
答案 0 :(得分:1)
仅针对实际点击发布不是机器人的答案,您需要创建一个带有隐藏令牌的表单,并检查重新签名和令牌是否有效,然后验证用户登录。
<title></title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<?php
if ( !isset($_POST['Submit']) ){
// Genarate token
$token = md5(uniqid(rand(),TRUE));
$_SESSION['token'] = $token;
$_SESSION['token_time'] = time();
}
?>
<form method="post" action="index.php">
<div class="g-recaptcha" data-sitekey="xxxxx"></div>
<input type="hidden" name="token" value="<?php echo $token;?>"/>
<input type="submit" />
</form>
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//form submitted
//check if other form details are correct
//verify captcha
$recaptcha_secret = "xxxxxxxxxg";
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$recaptcha_secret."&response=".$_POST['g-recaptcha-response']);
$response = json_decode($response, true);
if($response["success"] === true)
{
// Logged In Successfully
if ( $_POST['token'] != $_SESSION['token'] ){
// Didn't came from the site
header('Location: login.php');
} else {
header('Location: index.php');
}
}
else
{
// Not Logged In Successfully
header('Location: login.php');
}
}
答案 1 :(得分:0)
使用:
而不是回复&#34;成功登录&#34;async将$ url设置为您要重定向到的任何页面。