Google Invisible reCaptcha不会阻止垃圾邮件提交

时间:2018-06-08 06:40:51

标签: php jquery ajax recaptcha invisible

我已经在网站上实施了Google reCaptcha,用于简报订阅表单,并且它不会阻止垃圾邮件。我每天最多吸引20个垃圾邮件用户! 我做得不对吗?请看一下代码:

HTML

<form method="post" action="databasepage.php" id="formid" >
<div id="g-recaptcha-answer"></div>
<input name="email" placeholder="Email..." type="email" required>
<button class="g-recaptcha" data-sitekey="my_key" data-callback='onReturnCallback'>Submit</button>
</form>

的jQuery

<script>
var onReturnCallback = function(response) {
document.getElementById('g-recaptcha-answer').innerHTML = ''; 
var url='proxy.php?url=' + 'https://www.google.com/recaptcha/api/siteverify';  
$.ajax({ 'url' : url, 
dataType: 'json',
data: { response: response },
success: function( data ) {
var res = data.success.toString();
if (res ==  'true') { 
document.getElementById('g-recaptcha-answer').innerHTML = 'Please wait for a redirect.';
document.getElementById("formid").submit();
} 
else {
document.getElementById('g-recaptcha-answer').innerHTML = 'Verification incorrect.';
grecaptcha.reset();
}
} 
}); 
}; 
</script>

proxy.php

<?php

if (!isset($_SERVER['HTTP_X_REQUESTED_WITH'])) {
    header('HTTP/1.0 403 Forbidden');
    die('You are not allowed to access this file.');     
}

header('Content-type: application/json');
$url=$_GET['url'];
$response=$_GET['response'];
$secret = "secret_key"; 
$params = array('secret'=> $secret, 'response'=> $response);
$json=file_get_contents( $url . '?secret=' . $secret . '&response=' . $response);
echo $json; 

?>

我已经通过隐身模式对此进行了测试,当我必须验证图片时,我得到了一步,如果我没有登录Gmail等,则在reCaptcha管理区域我没有错误,但我仍然在我的数据库中收到垃圾邮件!!!

我的做法有什么问题?

0 个答案:

没有答案