如何解决Google v3 reCaptcha超时?

时间:2019-03-20 00:19:57

标签: php invisible-recaptcha recaptcha-v3

我们有一个PHP表单,其中有几个选项卡,并且reCaptcha上都有超时。一切都在一页上完成,如果表单在3分钟内完成,它就可以很好地工作。

解决方案的想法是将表单处理和reCaptcha移至辅助页面进行处理。

问题在于表单页面会轮询Google服务以获取reCaptcha,并将令牌值收集到隐藏字段中。

<input type="hidden" name="recaptcha_response" id="recaptchaResponse">

问题是如何在服务器端处理页面上请求此令牌?这是客户端表单页面上使用的代码。我需要以某种方式重新生成令牌值以应用为:

$ recaptcha_response

这是表单页面上的工作版本。无需确定从表单页面发布令牌的要求,这很容易,只是不确定如何重新生成令牌以在服务器端页面上使用。

if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['recaptcha_response'])) {

// Build POST request:
$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
$recaptcha_secret = RECAPTCHA_SECRET_KEY;
$recaptcha_response = $_POST['recaptcha_response'];
$remoteip = $_SERVER['REMOTE_ADDR'];

// Make and decode POST request:
$recaptcha = file_get_contents($recaptcha_url . '?secret=' . $recaptcha_secret . '&response=' . $recaptcha_response. '&remoteip='.$remoteip);
$recaptcha = json_decode($recaptcha);

// Take action based on the score returned:
if ($recaptcha->score >= 0.5) {

编辑添加: 将进行reCaptcha的初始化,直到Submit延迟计时问题,因为这似乎是一个选择:

https://developers.google.com/recaptcha/docs/v3

“ 2。在操作或页面加载时调用grecaptcha.execute”

4 个答案:

答案 0 :(得分:3)

我们最近也一直在碰到这个问题。我在GitHub上找到了该解决方案,对我们来说效果很好。

这样的好处是,仅当用户与页面进行交互(例如提交表单)时才要求令牌,而不必继续要求一个。

<script>
  grecaptcha.ready(function() {
      document.getElementById('contactform').addEventListener("submit", function(event) {

        event.preventDefault();

        grecaptcha.execute('mykey', {action: 'homepage'}).then(function(token) {
           document.getElementById("googletoken").value = token; 
           document.getElementById('contactform').submit();
        });        
      }, false);

  });
</script>

答案 1 :(得分:2)

<script type="text/javascript">
function grecaptcha_execute(){
    grecaptcha.execute('RECAPTCHA_SITE_KEY', {action: 'homepage'}).then(function(token) {
        document.getElementById('recaptchaResponse').value=token;
    });
}
grecaptcha.ready(function() {
    grecaptcha_execute();
});
</script>

<?php
if ($recaptcha->success) {
    echo '<p style="color: #0a860a;">CAPTCHA was completed successfully!</p>';
}else{
    $error_codes = 'error-codes';
    if (isset($Retorno->$error_codes) && in_array("timeout-or-duplicate", $Retorno->$error_codes)) {
        $captcha_msg = "The verification expired due to timeout, please try again.";
    ?>
    <script>grecaptcha_execute();</script>
    <?php
    } else {
        $captcha_msg = "Check to make sure your keys match the registered domain and are in the correct locations.<br> You may also want to doublecheck your code for typos or syntax errors.";
    }
    echo '<p style="color: #f80808;">reCAPTCHA error: ' . $captcha_msg . '</p>';
}
?>

答案 2 :(得分:1)

如果您不想太多更改代码,那么另一种方法是将reCaptcha JavaScript包装在一个命名函数中,设置一个间隔并轮询该函数,提示reCaptcha向每个表单元素添加一个新令牌。三分钟:

function getReCaptcha(){
    grecaptcha.ready(function() {
       ...
     });
 }

 getReCaptcha();  // This is the initial call
 setInterval(function(){getReCaptcha();}, 150000);

答案 3 :(得分:1)

加载reCaptcha API js和Jquery(如果使用jquery代码):

<script src="https://www.google.com/recaptcha/api.js?render=SITE_KEY"></script>
<script  src="https://code.jquery.com/jquery-3.4.1.min.js"></script>

reCaptcha呈现Javascript:

  <script type="text/javascript">
     $(document).ready(function(){
        setInterval(function(){
        grecaptcha.ready(function() {
            grecaptcha.execute('SITE_KEY', {action: 'home'}).then(function(token) {
                $('#recaptchaResponse').val(token);
            });
        });
        }, 3000); //you can set timeout for expired.
     });
     
  </script>

网站修改:

<?php 
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['submit'])) {
        if(isset($_POST['recaptcha_response']) && !empty($_POST['recaptcha_response'])){
            $recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
            $recaptcha_secret = 'SECRET_KEY';
            $recaptcha_response = $_POST['recaptcha_response'];
            $response = file_get_contents($recaptcha_url . '?secret=' . $recaptcha_secret . '&response=' . $recaptcha_response);
            $recaptcha = json_decode($response);
            if ($recaptcha->success == true && $recaptcha->score >= 0.5) {
                echo $response;
                echo '<br>Form Submitted Successfully';
            } else { 
                echo $response;
                echo '<br>reCaptcha varification failed';
            }
        }else {
            echo 'reCaptcha is empty';
        } 
    }
?>

HTML表单:

<form method="POST">
    <label class="label">Name</label>
    <input type="text" name="name" class="input" placeholder="Name" required>
    <button type="submit" name="submit" class="button is-link">Send Message</button>
    <input type="hidden" name="recaptcha_response" id="recaptchaResponse">
</form>
相关问题
最新问题