Google ReCAPTCHA 作为表单中的必填字段
Google ReCAPTCHA as a Required field in a form
我有一个服务台 PHP,我希望将 ReCAPTCHA 字段设置为必填。这是我的 register.php 文件中的一行:
<?php
include("config.php");
if (ALLOW_REGISTER <> "yes"){
echo "<div class=\"alert alert-info\" style=\"width: 175px;\">Registration is Closed</div>";
include("includes/footer.php");
exit;
}
?>
<h1><?php echo TITLE; ?> ثبت نام</h1>
<table class="<?php echo $table_style_2;?>" style='width: auto;'>
<form action="register_action.php" method="post" class="form-horizontal">
<tr>
<td>نام:</td>
<td><input type="text" name="name" id="name"></td>
</tr>
<tr>
<td>نام کاربری:</td>
<td><input type="text" name="login" onblur="showResult(this.value)" required> <span id="txtHint"></span></td>
</tr>
<tr>
<td>ایمیل:</td>
<td><input type="text" id="email" name="email" placeholder="name@example.com"></td>
</tr>
<tr>
<td>پسورد:</td>
<td><input type="password" id="password" name="password" placeholder="at least 5 characters"></td>
</tr>
<tr>
<td>Human Verification<br></td>
<td><div name="captcha" id="captcha" required class="g-recaptcha" data-sitekey="6LfrTQcTAAAAAHEoysvy3bQQaOo1vm7GTbYb4YDg"></div></td>
</tr>
</table>
但是任何人都可以在不执行 ReCAPTCHA 的情况下注册!是否有助于使 ReCAPTCHA 成为必需的?顺便说一句,在我的网站上使用 recaptcha 之前,我使用 simple-php-captcha.php 作为验证码并在我的 config.php 中有 captcha for registration,即 yes
这是我的一些 register_action.php 文件:
<?php include("includes/session.php");?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>ثبت نام</title>
<?php
include("config.php");
include("includes/header.php");
include("includes/ez_sql_core.php");
include("includes/ez_sql_mysqli.php");
include("includes/functions.php");
//initilize db
$db = new ezSQL_mysqli(db_user,db_password,db_name,db_host);
if (ALLOW_REGISTER <> "yes"){
echo "<p>Registration is Closed</p>";
include("includes/footer.php");
exit;
}
if (CAPTCHA_REGISTER == "yes"){
$captchasession = $_SESSION['captcha']['code'];
$captcha = $db->escape(trim($_POST['g-recaptcha-response']));
if($captchasession <> $captcha) {
echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">Invalid Captcha Code.</div>";
include("includes/footer.php");
exit;
}
}
But anyone can register without doing the ReCAPTCHA! Any helps to make the ReCAPTCHA Required?
reCAPTCHA 在服务器端验证,而不是在客户端验证。在POST时不需要,但应在
后验证
看看我的项目代码:
public static function verifyCaptcha() {
global $CFG;
if(!isset($_POST['g-recaptcha-response']) || !is_string($_POST['g-recaptcha-response']))
return false;
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch,CURLOPT_POST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_POSTFIELDS, "secret=" . urlencode($CFG['RECAPTCHA_PRIVATE']) . "&response=" . urlencode($_POST['g-recaptcha-response']));
$result = curl_exec($ch);
curl_close($ch);
if(!json_decode($result)->success)
return false;
return true;
}
对于您的脚本:
if (CAPTCHA_REGISTER == "yes"){
$privatekey = "??????";
$rcres = trim($_POST['g-recaptcha-response']);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch,CURLOPT_POST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_POSTFIELDS, "secret=" . urlencode($privatekey) . "&response=" . urlencode($rcres));
$result = curl_exec($ch);
curl_close($ch);
if(!json_decode($result)->success){
echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">Invalid Captcha Code.</div>";
include("includes/footer.php");
exit;
}
}
现在只需要设置$privatekey。
我有一个服务台 PHP,我希望将 ReCAPTCHA 字段设置为必填。这是我的 register.php 文件中的一行:
<?php
include("config.php");
if (ALLOW_REGISTER <> "yes"){
echo "<div class=\"alert alert-info\" style=\"width: 175px;\">Registration is Closed</div>";
include("includes/footer.php");
exit;
}
?>
<h1><?php echo TITLE; ?> ثبت نام</h1>
<table class="<?php echo $table_style_2;?>" style='width: auto;'>
<form action="register_action.php" method="post" class="form-horizontal">
<tr>
<td>نام:</td>
<td><input type="text" name="name" id="name"></td>
</tr>
<tr>
<td>نام کاربری:</td>
<td><input type="text" name="login" onblur="showResult(this.value)" required> <span id="txtHint"></span></td>
</tr>
<tr>
<td>ایمیل:</td>
<td><input type="text" id="email" name="email" placeholder="name@example.com"></td>
</tr>
<tr>
<td>پسورد:</td>
<td><input type="password" id="password" name="password" placeholder="at least 5 characters"></td>
</tr>
<tr>
<td>Human Verification<br></td>
<td><div name="captcha" id="captcha" required class="g-recaptcha" data-sitekey="6LfrTQcTAAAAAHEoysvy3bQQaOo1vm7GTbYb4YDg"></div></td>
</tr>
</table>
但是任何人都可以在不执行 ReCAPTCHA 的情况下注册!是否有助于使 ReCAPTCHA 成为必需的?顺便说一句,在我的网站上使用 recaptcha 之前,我使用 simple-php-captcha.php 作为验证码并在我的 config.php 中有 captcha for registration,即 yes
这是我的一些 register_action.php 文件:
<?php include("includes/session.php");?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>ثبت نام</title>
<?php
include("config.php");
include("includes/header.php");
include("includes/ez_sql_core.php");
include("includes/ez_sql_mysqli.php");
include("includes/functions.php");
//initilize db
$db = new ezSQL_mysqli(db_user,db_password,db_name,db_host);
if (ALLOW_REGISTER <> "yes"){
echo "<p>Registration is Closed</p>";
include("includes/footer.php");
exit;
}
if (CAPTCHA_REGISTER == "yes"){
$captchasession = $_SESSION['captcha']['code'];
$captcha = $db->escape(trim($_POST['g-recaptcha-response']));
if($captchasession <> $captcha) {
echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">Invalid Captcha Code.</div>";
include("includes/footer.php");
exit;
}
}
But anyone can register without doing the ReCAPTCHA! Any helps to make the ReCAPTCHA Required?
reCAPTCHA 在服务器端验证,而不是在客户端验证。在POST时不需要,但应在
后验证看看我的项目代码:
public static function verifyCaptcha() {
global $CFG;
if(!isset($_POST['g-recaptcha-response']) || !is_string($_POST['g-recaptcha-response']))
return false;
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch,CURLOPT_POST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_POSTFIELDS, "secret=" . urlencode($CFG['RECAPTCHA_PRIVATE']) . "&response=" . urlencode($_POST['g-recaptcha-response']));
$result = curl_exec($ch);
curl_close($ch);
if(!json_decode($result)->success)
return false;
return true;
}
对于您的脚本:
if (CAPTCHA_REGISTER == "yes"){
$privatekey = "??????";
$rcres = trim($_POST['g-recaptcha-response']);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch,CURLOPT_POST, 2);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_POSTFIELDS, "secret=" . urlencode($privatekey) . "&response=" . urlencode($rcres));
$result = curl_exec($ch);
curl_close($ch);
if(!json_decode($result)->success){
echo "<div class=\"alert alert-danger\" style=\"max-width: 350px;\">Invalid Captcha Code.</div>";
include("includes/footer.php");
exit;
}
}
现在只需要设置$privatekey。