WordPress 联系表单验证包括 Google reCaptcha 验证问题
WordPress Contact Form Validation Including Google reCaptcha Validation Issue
今天早上我一直忙于创建一个自定义 WordPress 联系页面模板,并向其中添加了新的 Google reCaptcha 以减少垃圾邮件发送者。我已经创建了一个 validation.php 文件,其中联系页面操作用于验证所有字段和 Google reCaptcha 是否正确。问题是它对我不起作用。我在 WordPress 文件系统中设置了应有的一切,并且 WordPress 导航到 validation.php 文件没问题,这让我相信我的验证代码不起作用。请看下面:
HTML 代码:
<div class="col-xs-12 col-sm-8 col-lg-9">
<script src='https://www.google.com/recaptcha/api.js'></script>
<div id="content" role="main">
<?php get_template_part('includes/loops/content', 'page'); ?>
<hr/>
<form action="validate-contact-form.php" id="contactForm" method="post">
<fieldset>
<legend>Contact Us</legend>
<div class="form-group">
<div class="col-md-12">
<input id="cf-name" name="contactName" type="text" placeholder="Please enter your full name here." class="form-control" required=""/>
</div>
</div>
<br /><br />
<div class="form-group">
<div class="col-md-12">
<input id="cf-email" name="email" type="text" placeholder="Please enter your e-mail address here." class="form-control" required="" />
</div>
</div>
<br /><br />
<div class="form-group">
<div class="col-xs-12">
<textarea class="form-control" id="comments" placeholder="Please enter your message here." name="comments" rows="20" class="form-control" required="" ></textarea>
</div>
</div><hr/>
<div class="form-group">
<div class="col-xs-12"><hr/>
<div class="g-recaptcha" data-sitekey="6Ld6cf4SAAAAABBYX2C3I5Ayx_xLwKSYm2ZUtxen" class="form-control" required=""></div>
</div>
</div>
<div class="form-group">
<div class="col-xs-12"><hr/>
<button type="submit" name="submit" value="Send" class="btn btn-primary">Send Message</button>
</div>
</div>
</fieldset>
</form>
</div><!-- /#content -->
</div>
Validation.php 代码:
<?php
if(isset($_POST['submit'])) {
if(trim($_POST['contactName']) === '') {
$nameError = 'Please enter your name.';
$hasError = true;
} else {
$name = trim($_POST['contactName']);
}
if(trim($_POST['email']) === '') {
$emailError = 'Please enter your email address.';
$hasError = true;
} else if (!preg_match("/^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$/i", trim($_POST['email']))) {
$emailError = 'You entered an invalid email address.';
$hasError = true;
} else {
$email = trim($_POST['email']);
}
if(trim($_POST['comments']) === '') {
$commentError = 'Please enter a message.';
$hasError = true;
} else {
if(function_exists('stripslashes')) {
$comments = stripslashes(trim($_POST['comments']));
} else {
$comments = trim($_POST['comments']);
}
}
if(isset($_POST['g-recaptcha-response'])&&$_POST['g-recaptcha-response']){
var_dump($_POST);
$secret = 'MY SITE KEY';
$ip = $_SERVER['REMOTE_ADDR'];
$captcha = $_POST['g-recaptcha-response'];
$rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip');
var_dump($rsp);
$array = json_decode($rsp, TRUE);
if($array['success']) {
}
}
if(!isset($hasError)) {
$emailTo = get_option('tz_email');
if (!isset($emailTo) || ($emailTo == '') ){
$emailTo = get_option('admin_email');
}
$subject = '[PHP Snippets] From '.$name;
$body = "Name: $name \n\nEmail: $email \n\nComments: $comments";
$headers = 'From: '.$name.' <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email;
wp_mail($emailTo, $subject, $body, $headers);
$emailSent = true;
echo "Done";
}
else {
echo "Spam";
}
}
}
?>
使用双引号:
$rsp = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip");
否则变量将不起作用。 PHP 将只在字符串中搜索变量并显示它们的值(如果它被双引号括起来)。您可以使用单引号,但是您必须像这样分隔变量和字符串:
$rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$captcha.'&remoteip='.$ip);
就性能而言,使用单引号总是更好,因此 PHP 不需要在整个字符串中搜索变量。
今天早上我一直忙于创建一个自定义 WordPress 联系页面模板,并向其中添加了新的 Google reCaptcha 以减少垃圾邮件发送者。我已经创建了一个 validation.php 文件,其中联系页面操作用于验证所有字段和 Google reCaptcha 是否正确。问题是它对我不起作用。我在 WordPress 文件系统中设置了应有的一切,并且 WordPress 导航到 validation.php 文件没问题,这让我相信我的验证代码不起作用。请看下面:
HTML 代码:
<div class="col-xs-12 col-sm-8 col-lg-9">
<script src='https://www.google.com/recaptcha/api.js'></script>
<div id="content" role="main">
<?php get_template_part('includes/loops/content', 'page'); ?>
<hr/>
<form action="validate-contact-form.php" id="contactForm" method="post">
<fieldset>
<legend>Contact Us</legend>
<div class="form-group">
<div class="col-md-12">
<input id="cf-name" name="contactName" type="text" placeholder="Please enter your full name here." class="form-control" required=""/>
</div>
</div>
<br /><br />
<div class="form-group">
<div class="col-md-12">
<input id="cf-email" name="email" type="text" placeholder="Please enter your e-mail address here." class="form-control" required="" />
</div>
</div>
<br /><br />
<div class="form-group">
<div class="col-xs-12">
<textarea class="form-control" id="comments" placeholder="Please enter your message here." name="comments" rows="20" class="form-control" required="" ></textarea>
</div>
</div><hr/>
<div class="form-group">
<div class="col-xs-12"><hr/>
<div class="g-recaptcha" data-sitekey="6Ld6cf4SAAAAABBYX2C3I5Ayx_xLwKSYm2ZUtxen" class="form-control" required=""></div>
</div>
</div>
<div class="form-group">
<div class="col-xs-12"><hr/>
<button type="submit" name="submit" value="Send" class="btn btn-primary">Send Message</button>
</div>
</div>
</fieldset>
</form>
</div><!-- /#content -->
</div>
Validation.php 代码:
<?php
if(isset($_POST['submit'])) {
if(trim($_POST['contactName']) === '') {
$nameError = 'Please enter your name.';
$hasError = true;
} else {
$name = trim($_POST['contactName']);
}
if(trim($_POST['email']) === '') {
$emailError = 'Please enter your email address.';
$hasError = true;
} else if (!preg_match("/^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$/i", trim($_POST['email']))) {
$emailError = 'You entered an invalid email address.';
$hasError = true;
} else {
$email = trim($_POST['email']);
}
if(trim($_POST['comments']) === '') {
$commentError = 'Please enter a message.';
$hasError = true;
} else {
if(function_exists('stripslashes')) {
$comments = stripslashes(trim($_POST['comments']));
} else {
$comments = trim($_POST['comments']);
}
}
if(isset($_POST['g-recaptcha-response'])&&$_POST['g-recaptcha-response']){
var_dump($_POST);
$secret = 'MY SITE KEY';
$ip = $_SERVER['REMOTE_ADDR'];
$captcha = $_POST['g-recaptcha-response'];
$rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip');
var_dump($rsp);
$array = json_decode($rsp, TRUE);
if($array['success']) {
}
}
if(!isset($hasError)) {
$emailTo = get_option('tz_email');
if (!isset($emailTo) || ($emailTo == '') ){
$emailTo = get_option('admin_email');
}
$subject = '[PHP Snippets] From '.$name;
$body = "Name: $name \n\nEmail: $email \n\nComments: $comments";
$headers = 'From: '.$name.' <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email;
wp_mail($emailTo, $subject, $body, $headers);
$emailSent = true;
echo "Done";
}
else {
echo "Spam";
}
}
}
?>
使用双引号:
$rsp = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$captcha&remoteip=$ip");
否则变量将不起作用。 PHP 将只在字符串中搜索变量并显示它们的值(如果它被双引号括起来)。您可以使用单引号,但是您必须像这样分隔变量和字符串:
$rsp = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$captcha.'&remoteip='.$ip);
就性能而言,使用单引号总是更好,因此 PHP 不需要在整个字符串中搜索变量。