How to verify Google reCAPTCHA v3 on the server side?
P粉904191507
2023-08-27 16:48:47
<p>I just set up the new Google Captcha with checkboxes and it works fine on the front end, but I don't know how to handle it on the server side using PHP. I tried using the old code below but the form is sent even though the verification code is invalid. </p>
<pre class="brush:php;toolbar:false;">require_once('recaptchalib.php');
$privatekey = "my key";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$errCapt='<p style="color:#D6012C ">The CAPTCHA Code was not entered correctly.</p>';}</pre>
<p><br /></p>
Private Key Security
While the answers here certainly work, they use
GET
requests, which exposes your private key (even withhttps
). On Google Developers, the specified method isPOST
.For more details: https://stackoverflow.com/a/323286/1680919
Verify via POST
Array syntax: I use the "new" array syntax (
[
and]
instead ofarray(..)). If your version of php doesn't support this yet, you will have to edit these 3 array definitions accordingly (see comments).
Return value: If the user is valid, this function returns
true
; if it is invalid, it returnsfalse
; if the user is valid, it returnsnull
If an error occurs. For example, you can use it simply by writingif (isValid()) { ... }
This is the solution
index.html
verification.php
http://codeforgeek.com/2014/12/google-recaptcha-tutorial /