我正在尝试制作“登录面板”,没有ReCaptcha,一切都可以正常工作。但是当我确认自己不是机器人并登录时,它表明存在错误的ReCaptcha。
<?php
require_once('includes/config.php');
if( $user->is_logged_in() ){ header('Location: index.php'); exit(); }
if(isset($_POST['submit'])){
if (!isset($_POST['username'])) $error[] = "No username.";
if (!isset($_POST['password'])) $error[] = "Type pass.";
if(!$captcha){
echo 'Check ReCaptcha';
exit;
}
$secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
$ip = $_SERVER['REMOTE_ADDR'];
$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip);
$responseKeys = json_decode($response,true);
if(intval($responseKeys["success"]) !== 1) {
echo 'Check ReCaptcha';
exit;
} else {
$username = $_POST['username'];
if ( $user->isValidUsername($username)){
if (!isset($_POST['password'])){
$error[] = 'Type pass';
}
$password = $_POST['password'];
if($user->login($username,$password)){
$_SESSION['username'] = $username;
header('Location: memberpage.php');
exit;
} else {
$error[] = 'Wrong pass.';
}
}else{
$error[] = 'Wrong pass.';
}
}
}
答案 0 :(得分:0)
您可以检查验证码是否为空,是否为验证码:
$secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
$captcha = $_POST['g-recaptcha-response'];
if($captcha == null) {
echo 'Check ReCaptcha';
exit;
}
$response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $secretKey . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']), true);
if ($response['success'] != true) {
echo 'captcha is wrong!';
exit;
}