Recaptcha V3并不总是返回分数和结果

时间:2019-02-16 14:23:09

标签: php recaptcha recaptcha-v3

我最近尝试在我们的一个网站表单上实现Recaptcha V3,但遇到一个错误,即它不允许某些用户提交该表单,并返回错误消息“您已被检测为机器人。 ..”中的代码。

我将所有提交的表单都打印到日志文件中,每次失败时,$ recaptcha->成功,$ recaptcha->操作和$ recaptcha->得分始终为空。

我发现它经常对用户有效并发送消息。

我自己测试了该表单,并且在大多数情况下都可以正常运行,但是我注意到,如果我多次尝试提交表单,它有时会失败并返回错误。当$ recaptcha->成功失败时,$ recaptcha-> ​​action和$ recaptcha-> ​​score始终为空。

我还注意到$ _POST ['recaptcha_response']在这些实例中似乎为空,即使它通过了第一个isset if语句。

//verify google captcha v3
if(isset($_POST['recaptcha_response'])){
    //build request
    $recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
    $recaptcha_secret = 'MY_SECRET_KEY';
    $recaptcha_response = $_POST['recaptcha_response'];

    //get verify response data
    $ch = curl_init();

    curl_setopt_array($ch, [
        CURLOPT_URL => 'https://www.google.com/recaptcha/api/siteverify',
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => [
            'secret' => $recaptcha_secret,
            'response' => $recaptcha_response
        ],
    CURLOPT_RETURNTRANSFER => true
    ]);

    $output = curl_exec($ch);
    curl_close($ch);

    $recaptcha = json_decode($output);


    // Take action based on the score returned:
    if ($recaptcha->success && $recaptcha->action == 'reportadvert' && $recaptcha->score > 0.1){            
        // Verified - success
        $save['captcha'] = "1";
    } else {
        // Not verified - show form error
        $errors['captcha'] = "You have been detected as a bot and blocked from sending this report for security reasons, please try again shortly or Contact us if you are still having issues.";
    }
} else {
     $errors['captcha'] = "You have been detected as a bot and blocked from sending this report for security reasons, please try again shortly or Contact us if you are still having issues.";
}

这是“我的表格”(删除了我的其他一些字段)。请注意,我的表单/页面包含在一个php脚本中,并且我将表单发布到相同的php脚本中:

<form method="post">
  <input type="hidden" name="recaptcha_response" id="recaptchaResponse">

  <button type="submit" name="SendEm">Report Advert</button>
  <input type="hidden" name="submitted" value="TRUE" />
</form>

我在页面顶部添加了Javascrit,发布此内容时我删除了我的站点密钥:

<script src="https://www.google.com/recaptcha/api.js?render=MY_SITE_RECAPTCHA_KEY"></script>

grecaptcha.ready(function() {
    grecaptcha.execute('MY_SITE_RECAPTCHA_KEY', {action: 'reportadvert'}).then(function(token) {
    var recaptchaResponse = document.getElementById('recaptchaResponse');
    recaptchaResponse.value = token;
   });
});

1 个答案:

答案 0 :(得分:0)

我会在siteverify响应中检查错误代码。如果有错误,您将不会得到 action score 参数作为响应。

Site Verify ResponseError code reference

相关问题
最新问题