所以,我试图在某个网站上实施谷歌全新的Invisible reCaptcha。
我正在完全按照这些步骤进行操作,但它不断给我遗漏 - 输入 - 响应错误。
HTML代码:
<form id="subscribe-form" class="form-inline" action="phpScripts/subscribe/subscribeHandler.php" method="post">
<div class="input-group">
<input type="email" name="email" class="form-control" size="50" placeholder="Email Address" required>
<div class="input-group-btn">
<button class="g-recaptcha btn btn-danger" data-sitekey="6LfoNhkUAAAAAEcQFx8vGHZKHXsZ_q0j2KDnmU9M" data-callback="submitForm">Subscribe</button>
</div>
</div>
</form>
PHP代码:
<?php
include 'databaseConnection.php';
if($_POST){
$secret = "MY SECRET KEY";
$captcha= $_POST['g-recaptcha-response'];
$ip = $_SERVER['REMOTE_ADDR'];
$url= file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip");
print_r($url);
$decodedResponse = json_decode($url, TRUE);
if($decodedResponse['success'] == 1){//code here}
所以,我认为我的$ captcha变量不能&#34;赶上&#34;没有来自g-recaptcha-response的POST。但是,为什么,这正是谷歌所说的,与旧的reCaptcha v2完全相同。
我还包括<script src='https://www.google.com/recaptcha/api.js'></script>
答案 0 :(得分:4)
我在几个小时内遇到了同样的问题,直到我终于理解了这个“隐形验证码”背后的逻辑!
你没有得到回应的原因只是因为有一个空的textarea元素,其id和名称为g-recaptcha-response
这个textarea只会在完成挑战后填充响应字符串(通常在通常的recaptcha中发生),但是对于“invisible-captcha”,你必须用你的“明确地调用grecaptcha.execute();
”提交“按钮,之后填充文本区域,并自动提交表单(假设您已将提交内容与callback
功能绑定)。
在我的情况下,我已经有php处理表单和recaptcha验证,所以我决定坚持旧的“复选框”版本(至少直到它得到改进),因为我意识到改变一切真的很烦人(表单提交逻辑,按钮动作和JavaScript代码)只是为了隐藏一个复选框!特别是这两种方法几乎相同!
答案 1 :(得分:1)
问题可能在于您可能将功能与按钮绑定。
尝试实施创建密钥时为您提供的代码:
<form id="subscribe-form" class="form-inline" action="phpScripts/subscribe/subscribeHandler.php" method="post">
<div class="input-group">
<input type="email" name="email" class="form-control" size="50" placeholder="Email Address" required>
<div class="g-recaptcha" data-sitekey="{keyhere}"></div>
<div class="input-group-btn">
<button class="btn btn-danger" data-sitekey=" data-callback="submitForm">Subscribe</button>
</div>
</div>
</form>
对于PHP逻辑验证:
if ( $_POST['g-recaptcha-response'] ) {
$secret = '{keyhere}';
$response = file_get_contents( "https://www.google.com/recaptcha/api/siteverify?secret=" . $secret . "&response=" . $_POST['g-recaptcha-response'] . "&remoteip=" . $_SERVER['REMOTE_ADDR'] );
$response = json_decode( $response );
if ( ! $response->success ) {
//return error
}
//code logic below
}
创建密钥时提供的div代码应正确生成所有HTML,以便在提交表单时能够通过PHP验证进行处理。
答案 2 :(得分:1)
这是一个解决方案。
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>reCaptcha</title>
<!--api link-->
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<!--call back function-->
<script>
function onSubmit(token) {
document.getElementById('reCaptchaForm').submit();
}
</script>
</head>
<body>
<div class="container">
<form id="reCaptchaForm" action="signup.php" method="POST">
<input type="text" placeholder="type anything">
<!--Invisible reCaptcha configuration-->
<button class="g-recaptcha" data-sitekey="<your site key>" data-callback='onSubmit'>Submit</button>
<br/>
</form>
</div>
</body>
</html>
<?php
//only run when form is submitted
if(isset($_POST['g-recaptcha-response'])) {
$secretKey = '<your secret key>';
$response = $_POST['g-recaptcha-response'];
$remoteIp = $_SERVER['REMOTE_ADDR'];
$reCaptchaValidationUrl = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$response&remoteip=$remoteIp");
$result = json_decode($reCaptchaValidationUrl, TRUE);
//get response along side with all results
print_r($result);
if($result['success'] == 1) {
//True - What happens when user is verified
$userMessage = '<div>Success: you\'ve made it :)</div>';
} else {
//False - What happens when user is not verified
$userMessage = '<div>Fail: please try again :(</div>';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>reCAPTCHA Response</title>
</head>
<body>
<?php
if(!empty($userMessage)) {
echo $userMessage;
}
?>
</body>
</html>
答案 3 :(得分:0)
在每次执行后使用grecaptcha.reset()来重置Recaptcha,并且一切都可以正常工作。请关注this link,以获取有关grecaptcha.reset()的更多信息。