reCAPTCHA

reCAPTCHA

关注
发信
关注(28)粉丝(399)

php - PHP表单+ Google reCAPTCHA

奇怪的是,Google的关于Recaptcha的文档没有我想的那样有用。我被要求采用当前的现有表格(每天被发送几次垃圾邮件),并使用Google的新Recaptcha对其进行更新。对于旧的验证码,有很多教程,但是对于新的验证码则不多。我基本上只是想要一个简单的表单来捕获名称,电子邮件,消息,然后用Recaptcha替换我当前的“反机器人字段”(我使用的字段基本上询问您2 + 2是什么,以及您是否输入了任何内容,但是4,它不会发送)。如果必填字段有效且Recaptcha有效,那么我希望它向我发送一封包含表单字段内容的电子邮件。

我经历了简单的步骤:

  • 注册了我的网站以获取 key
  • 在我的head标签内添加了以下代码段:
    <script src='https://www.google.com/recaptcha/api.js'></script>
  • 在我的表单末尾添加了以下代码段:
    <div class="g-recaptcha" data-sitekey="#MYKEY#"></div>

    • 此时,recaptcha出现得很好。但是服务器端部分有些困惑。

    这是我更新后的联系表格,其中显示recaptcha:
    <form method="post" action="contact-post.php">
  <label>Your Name (required):</label>
    <input name="name" type="text" placeholder="Enter your name here">
  <label>Email Address (required):</label>
    <input name="email" type="email" placeholder="Enter your email address here">
  <label>Your Message (required):</label>
    <textarea name="message" placeholder="Write your message here"></textarea>
  <div style="margin-top:20px;" class="g-recaptcha" data-sitekey="#MYKEY#"></div>
  <input id="submit" name="submit" type="submit" value="Submit Form">
</form>

    这是我当前的POST页面(我不确定在Recaptcha代码中的添加位置):
    <?php
        $name = $_POST['name'];
        $email = $_POST['email'];
        $message = $_POST['message'];
        $human = $_POST['human'];
        $from = 'From: My Website';
        $to = '[email protected]';
        $subject = 'Request Form';

        $body = "Name: $name \n E-Mail: $email \nMessage:\n$message";

        if ($_POST['submit']) {
            if ($email != '') {
                if ($human == '4') {
                    if (mail ($to, $subject, $body, $from)) {
                        echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
                    } else {
                        echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
                    }
                } else if ($_POST['submit'] && $human != '4') {
                    echo '<p>You answered the anti-spam question incorrectly!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
                }
            } else {
                echo '<p>You need to fill in all required fields!!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
            }
        }
    ?>

    欢迎任何帮助。我觉得这可能是一个很普通的人,他们正在尝试将其实现到当前的工作形式中。

    最佳答案

    查看此链接:
    https://developers.google.com/recaptcha/docs/verify

    简而言之,您应该向

    https://www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS

    在YOUR_SECRET是您在ReCAPTCHA网站上收到的 key 的情况下,可以通过$_SERVER数组接收USER_IP_ADDRESS,而RESPONSE_CAME_FROM_YOUR_FORM是与表单一起发送的字符串。它存储在$_POST['g-recaptcha-response']中。

    你可以像这样通过file_get_contents($url)来做到这一点
    $data = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=YOUR_SECRET&response=RESPONSE_CAME_FROM_YOUR_FORM&remoteip=USER_IP_ADDRESS");

    $data中,您将收到包含JSONt_code字段的JSON对象。如果成功是错误的,那么它就不是人类,您应该success。我建议您在程序开始时检查一下。

    更新:

    JSON对象的解码如下所示:
    $data = json_decode($data); // This will decode JSON to object
if(!$data->success)
    exit();

    更新:

    有时,exit()将无法建立安全的https连接。相反,您可以使用file_get_contents($url)使您的代码看起来像:
    <?php
    $your_secret = "<secret_key_you_received_from_recaptcha_site>";
    $client_captcha_response = $_POST['g-recaptcha-response'];
    $user_ip = $_SERVER['REMOTE_ADDR'];

    $captcha_verify = open_https_url("https://www.google.com/recaptcha/api/siteverify?secret=$your_secret&response=$client_captcha_response&remoteip=$user_ip");
    $captcha_verify_decoded = json_decode($captcha_verify);
    if(!$captcha_verify_decoded->success)
      die('DIRTY ROBOT');

    $name = $_POST['name'];
    $email = $_POST['email'];
    $message = $_POST['message'];
    $human = $_POST['human'];
    $from = 'From: My Website';
    $to = '[email protected]';
    $subject = 'Request Form';

    $body = "Name: $name \n E-Mail: $email \nMessage:\n$message";

    if ($_POST['submit']) {
        if ($email != '') {
            if ($human == '4') {
                if (mail ($to, $subject, $body, $from)) {
                    echo '<p>You have successfully submitted your information to PS4RS. Subscribers to our mailing list will begin to periodically receive updates.</p>';
                } else {
                    echo '<p>Something went wrong, go back and try again!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
                }
            } else if ($_POST['submit'] && $human != '4') {
                echo '<p>You answered the anti-spam question incorrectly!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
            }
        } else {
            echo '<p>You need to fill in all required fields!!</p><p><input type="button" value="Go Back" onclick="history.back(-1)" class="goback" /></p>';
        }
    }
?>

    关于php - PHP表单+ Google reCAPTCHA,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/27681060/

    10-13 08:05
    Powered by LMLPHP ©2024 reCAPTCHA 0.030589