缺失 - 输入 - 响应|隐形reCaptcha

时间:2017-03-16 14:54:53

标签: php html post recaptcha invisible

所以,我试图在某个网站上实施谷歌全新的Invisible reCaptcha。

我正在完全按照这些步骤进行操作,但它不断给我遗漏 - 输入 - 响应错误。

HTML代码:

<form id="subscribe-form" class="form-inline" action="phpScripts/subscribe/subscribeHandler.php" method="post">
    <div class="input-group">
        <input type="email" name="email" class="form-control" size="50" placeholder="Email Address" required>
        <div class="input-group-btn">
            <button class="g-recaptcha btn btn-danger" data-sitekey="6LfoNhkUAAAAAEcQFx8vGHZKHXsZ_q0j2KDnmU9M" data-callback="submitForm">Subscribe</button>
        </div>
    </div>
</form>

PHP代码:

<?php
include 'databaseConnection.php';
if($_POST){
            $secret = "MY SECRET KEY";
            $captcha= $_POST['g-recaptcha-response'];
            $ip = $_SERVER['REMOTE_ADDR'];
            $url= file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip");
            print_r($url);
            $decodedResponse = json_decode($url, TRUE);

            if($decodedResponse['success'] == 1){//code here}

所以,我认为我的$ captcha变量不能&#34;赶上&#34;没有来自g-recaptcha-response的POST。但是,为什么,这正是谷歌所说的,与旧的reCaptcha v2完全相同。

我还包括<script src='https://www.google.com/recaptcha/api.js'></script>

4 个答案:

答案 0 :(得分:4)

我在几个小时内遇到了同样的问题,直到我终于理解了这个“隐形验证码”背后的逻辑! 你没有得到回应的原因只是因为有一个空的textarea元素,其id和名称为g-recaptcha-response

这个textarea只会在完成挑战后填充响应字符串(通常在通常的recaptcha中发生),但是对于“invisible-captcha”,你必须用你的“明确地调用grecaptcha.execute();”提交“按钮,之后填充文本区域,并自动提交表单(假设您已将提交内容与callback功能绑定)。

在我的情况下,我已经有php处理表单和recaptcha验证,所以我决定坚持旧的“复选框”版本(至少直到它得到改进),因为我意识到改变一切真的很烦人(表单提交逻辑,按钮动作和JavaScript代码)只是为了隐藏一个复选框!特别是这两种方法几乎相同!

答案 1 :(得分:1)

问题可能在于您可能将功能与按钮绑定。

尝试实施创建密钥时为您提供的代码:

<form id="subscribe-form" class="form-inline" action="phpScripts/subscribe/subscribeHandler.php" method="post">
    <div class="input-group">
        <input type="email" name="email" class="form-control" size="50" placeholder="Email Address" required>
        <div class="g-recaptcha" data-sitekey="{keyhere}"></div>  
        <div class="input-group-btn">
            <button class="btn btn-danger" data-sitekey=" data-callback="submitForm">Subscribe</button>
        </div>
    </div>
</form>

对于PHP逻辑验证:

if ( $_POST['g-recaptcha-response'] ) {
$secret = '{keyhere}';
$response = file_get_contents( "https://www.google.com/recaptcha/api/siteverify?secret=" . $secret . "&response=" . $_POST['g-recaptcha-response'] . "&remoteip=" . $_SERVER['REMOTE_ADDR'] );
        $response = json_decode( $response );
        if ( ! $response->success ) {
            //return error
        }

        //code logic below
}

创建密钥时提供的div代码应正确生成所有HTML,以便在提交表单时能够通过PHP验证进行处理。

答案 2 :(得分:1)

这是一个解决方案。

  • 客户端
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>reCaptcha</title>

    <!--api link-->
    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
    <!--call back function-->
    <script>
        function onSubmit(token) {
            document.getElementById('reCaptchaForm').submit();
        }
    </script>
</head>
<body>
<div class="container">
    <form id="reCaptchaForm" action="signup.php" method="POST">
        <input type="text" placeholder="type anything">
        <!--Invisible reCaptcha configuration-->
        <button class="g-recaptcha" data-sitekey="<your site key>" data-callback='onSubmit'>Submit</button>
        <br/>
    </form>
</div>
</body>
</html>
  • 服务器端验证:创建 signup.php 文件
<?php
//only run when form is submitted
if(isset($_POST['g-recaptcha-response'])) {
    $secretKey = '<your secret key>';
    $response = $_POST['g-recaptcha-response'];     
    $remoteIp = $_SERVER['REMOTE_ADDR'];


    $reCaptchaValidationUrl = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$response&remoteip=$remoteIp");
    $result = json_decode($reCaptchaValidationUrl, TRUE);

    //get response along side with all results
    print_r($result);

    if($result['success'] == 1) {
        //True - What happens when user is verified
        $userMessage = '<div>Success: you\'ve made it :)</div>';
    } else {
        //False - What happens when user is not verified
        $userMessage = '<div>Fail: please try again :(</div>';
    }
}
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>reCAPTCHA Response</title>
    </head>
    <body>
        <?php
            if(!empty($userMessage)) {
                echo $userMessage;
            }
        ?>
    </body>
</html>

答案 3 :(得分:0)

在每次执行后使用grecaptcha.reset()来重置Recaptcha,并且一切都可以正常工作。请关注this link,以获取有关grecaptcha.reset()的更多信息。