Google reCAPTCHA 无法正常工作

【问题标题】:Google reCAPTCHA is not workingGoogle reCAPTCHA 无法正常工作
【发布时间】:2017-04-22 10:15:42
【问题描述】:

我将 Google Recaptcha 集成到我的网站。

但是,人们仍然可以在不完成验证码的情况下填写表格并发送邮件。 (所以他们不必解决任何他们可以直接解决的难题,这当然让我容易受到机器人的攻击)

所以,我基本上需要 PHP 代码来检查用户是否真的“勾选”或“完成”了 Recaptcha。这样他们就可以继续发送邮件了。

这是我的 PHP 表单代码:

 <!-- Start Contact Form -->

<div id="contact-form" class="contatct-form">
<div class="loader"></div>
<form method="post" action="mail.php">
<div class="row">
<div class="col-md-4">
<label for="name">Name<span class="required">*</span></label>
<span class="name-missing">Please enter your name</span>
<input id="name" name="name" type="text" value="" size="60">
</div>
<div class="col-md-4">
<label for="e-mail">Email<span class="required">*</span></label>
<span class="email-missing">Please enter a valid e-mail</span>
<input id="e-mail" name="email" type="text" value="" size="60">
</div>
<div class="col-md-4">
<label for="url">Website</label>
<input id="url" name="url" type="text" value="" size="80">
</div>
</div>
<div class="row">
<div class="col-md-12">
<label for="message">Add Your Comment</label>
<span class="message-missing">Say something!</span>
<textarea id="message" name="message" cols="45" rows="10"></textarea>
</br>
 <!--Google  reCAPTCHA-->
<?php
require_once('recaptchalib.php');
$publickey = "My Public Key"; // you got this from the signup page
echo recaptcha_get_html($publickey);
?>
<!--End Google  reCAPTCHA-->
<input type="submit" name="submit" class="button" id="submit_btn" value="Send Message" onclick="return valtest();">
</div>
</div>
</form>

这是我的 mail.php 代码:

<?php
require_once('recaptchalib.php');
$privatekey = "My private key";
$resp = recaptcha_check_answer ($privatekey,
                            $_SERVER["REMOTE_ADDR"],
                            $_POST["recaptcha_challenge_field"],
                            $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
  // What happens when the CAPTCHA was entered incorrectly
  die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
     "(reCAPTCHA said: " . $resp->error . ")");
} else {
  $sendto = "myemail@domain.com";
$name=$_REQUEST['name']; 
$usermail = $_REQUEST['email']; 
$url=$_REQUEST['url']; 
$content  = nl2br($_POST['message']); 
$subject  = "Web Enquiry"; 
$headers  = "From: " . strip_tags($name) . "\r\n"; 
$headers .= "Reply-To: ". strip_tags($usermail) . "\r\n"; 
$headers .= "MIME-Version: 1.0\r\n"; 
$headers .= "Content-Type: text/html;charset=utf-8 \r\n"; 
$msg  = "<html><body style='font-family:Arial,sans-serif;'>"; 
$msg .= "<h2 style='font-weight:bold;border-bottom:1px dotted #ccc;'>New    Enquiry</h2>\r\n"; 
$msg .= "<p><strong>Sent by:</strong> ".$usermail."</p>\r\n"; 
$msg .= "<p><strong>Client Name:</strong> ".$name."</p>\r\n";
$msg .= "<p><strong>Message:</strong> ".$content."</p>\r\n";
$msg .= "<p><strong>Contact:</strong> ".$url."</p>\r\n";
$msg .= "</body></html>";
mail($sendto, $subject, $msg, $headers);
echo "<script>window.location =\"index.php\";</script>";

这里是 recaptchalib.php 代码:

 <?php
 /**
 * This is a PHP library that handles calling reCAPTCHA.
 *    - Documentation and latest version
 *          https://developers.google.com/recaptcha/docs/php
 *    - Get a reCAPTCHA API Key
 *          https://www.google.com/recaptcha/admin/create
 *    - Discussion group
 *          http://groups.google.com/group/recaptcha
 *
 * @copyright Copyright (c) 2014, Google Inc.
 * @link      http://www.google.com/recaptcha
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
  *
  * The above copyright notice and this permission notice shall be included in
   * all copies or substantial portions of the Software.
    *
    * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
      * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
       * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
      * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
       * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
      * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       * THE SOFTWARE.
          */
          /**
          * A ReCaptchaResponse is returned from checkAnswer().
          */
           class ReCaptchaResponse
            {
            public $success;
             public $errorCodes;
              }
              class ReCaptcha
                {
                 private static $_signupUrl = "https://www.google.com/recaptcha/admin";
                  private static $_siteVerifyUrl =
                   "https://www.google.com/recaptcha/api/siteverify?";
                  private $_secret;
               private static $_version = "php_1.0";
              /**
 * Constructor.
 *
 * @param string $secret shared secret between site and ReCAPTCHA server.
 */
function ReCaptcha($secret)
{
    if ($secret == null || $secret == "") {
        die("To use reCAPTCHA you must get an API key from <a href='"
            . self::$_signupUrl . "'>" . self::$_signupUrl . "</a>");
    }
    $this->_secret=$secret;
}
/**
 * Encodes the given data into a query string format.
 *
 * @param array $data array of string elements to be encoded.
 *
 * @return string - encoded request.
 */
private function _encodeQS($data)
{
    $req = "";
    foreach ($data as $key => $value) {
        $req .= $key . '=' . urlencode(stripslashes($value)) . '&';
    }
    // Cut the last '&'
    $req=substr($req, 0, strlen($req)-1);
    return $req;
}
/**
 * Submits an HTTP GET to a reCAPTCHA server.
 *
 * @param string $path url path to recaptcha server.
 * @param array  $data array of parameters to be sent.
 *
 * @return array response
 */
 private function _submitHTTPGet($path, $data)
  {
    $req = $this->_encodeQS($data);
    $response = file_get_contents($path . $req);
    return $response;
  }
  /**
   * Calls the reCAPTCHA siteverify API to verify whether the user passes
   * CAPTCHA test.
   *
   * @param string $remoteIp   IP address of end user.
   * @param string $response   response string from recaptcha verification.
    *
    * @return ReCaptchaResponse
    */
     public function verifyResponse($remoteIp, $response)
     {
    // Discard empty solution submissions
    if ($response == null || strlen($response) == 0) {
        $recaptchaResponse = new ReCaptchaResponse();
        $recaptchaResponse->success = false;
        $recaptchaResponse->errorCodes = 'missing-input';
        return $recaptchaResponse;
    }
    $getResponse = $this->_submitHttpGet(
        self::$_siteVerifyUrl,
        array (
            'secret' => $this->_secret,
            'remoteip' => $remoteIp,
            'v' => self::$_version,
            'response' => $response
        )
    );
    $answers = json_decode($getResponse, true);
    $recaptchaResponse = new ReCaptchaResponse();
    if (trim($answers ['success']) == true) {
        $recaptchaResponse->success = true;
    } else {
        $recaptchaResponse->success = false;
        $recaptchaResponse->errorCodes = $answers [error-codes];
    }
    return $recaptchaResponse;
    }
 }
 ?>

当我替换时

      <!--Google  reCAPTCHA-->
      <?php
      require_once('recaptchalib.php');
      $publickey = "My Site Key"; // you got this from the signup page
      echo recaptcha_get_html($publickey);
       ?>
      <!--End Google  reCAPTCHA-->


             <!--Google  reCAPTCHA-->
             <div class="g-recaptcha" data-sitekey="My Site key"></div>
             <!--End Google  reCAPTCHA-->

它将显示小部件,但人们仍然可以填写表单并发送邮件而无需完成验证码。

【问题讨论】:

  • &lt;/br&gt; 不是结束标签
  • google 在 v2 中更改了一些代码功能,您也必须使用它们
  • 张贴截图你是如何得到输出的
  • 在我的contact-us.php 页面中没有显示Google reCAPTCHA 小部件。
  • 当我用
    替换以下代码时,它正在显示小部件,但人们仍然可以填写表格并在不完成验证码的情况下发送邮件。

标签: php forms captcha recaptcha


【解决方案1】:

这是我的联系页面:

<!doctype html>
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><html lang="en" class="no-js"> <![endif]-->
<html lang="en">
<head>
<!-- Basic -->
<title> </title>
<!-- Define Charset -->
<meta charset="utf-8">
<!-- Responsive etatag -->
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<!-- Page Description-->
<meta name="Description"">
<meta name="keywords"  ">
<META NAME="ROBOTS" CONTENT="INDEX, FOLLOW">
<meta name="author" content=" ">
<meta name="googlebot" content="noodp">
<link rel="canonical" href=" "/>
<!-- CSS Styles  -->
<?php
?>
<!-- CSS Styles END-->
<script type="text/javascript">
function valtest()
{
var name=document.getElementById('name').value;
var email=document.getElementById('e-mail').value;
var url=document.getElementById('url').value;
var message=document.getElementById('message').value;
if((name==null||name==""))
{
alert("Please Enter Name");
return false;
}
if((email==null||email==""))
{
alert("Please Enter email");
return false;
}
else
{
alert('Thank you for Send The Details');

return true;
}
}
</script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>

<script src="https://www.google.com/recaptcha/api.js" async defer></script>
</head>
<body oncontextmenu="return false" ondragstart="return false" onselectstart="return false">
<!-- Container -->
<div id="container">
<!-- Start Header -->
<div class="hidden-header"></div>
<header class="clearfix">
<!-- Start Top Bar -->
<?php include_once(); ?>
<!-- End Top Bar -->
<!-- Start Header ( Logo & Naviagtion ) -->
<div class="navbar navbar-default navbar-top">
<div class="container">
<div class="navbar-header">
<!-- Stat Toggle Nav Link For Mobiles -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<i class="fa fa-bars"></i>
</button>
<!-- End Toggle Nav Link For Mobiles -->
<a class="navbar-brand" href="index.php"><img alt="" src="images/margo.png"></a>
</div>
<div class="navbar-collapse collapse">
<!-- Start Navigation List -->
<!-- End Navigation List -->
</div>
</div>
</div>
<!-- End Header ( Logo & Naviagtion ) -->
</header>
<!-- End Header -->
<!-- Start Page Banner -->
<!-- End Page Banner -->
<!-- Start Content -->
<div id="content">
<div class="container">
<div class="page-content">
<div class="col-md-8">
<!-- Classic Heading -->
<h4 class="classic-title"><span>Contact Us</span></h4>
<!-- Start Contact Form -->
<div id="contact-form" class="contatct-form">
<div class="loader"></div>
<form method="post">
<div class="row">
<?php
if (isset($succMsg)) {
echo $succMsg;
} else {
echo "";
}
if (isset($errMsg)) {
echo $errMsg;
} else {
echo "";
}
?>
<div class="col-md-4">
<label for="name">Name<span class="required">*</span></label>
<span class="name-missing">Please enter your name</span>
<input id="name" name="name" type="text" value="" size="60">
</div>
<div class="col-md-4">
<label for="e-mail">Email<span class="required">*</span></label>
<span class="email-missing">Please enter a valid e-mail</span>
<input id="e-mail" name="email" type="text" value="" size="60">
</div>
<div class="col-md-4">
<label for="url">Website</label>
<input id="url" name="url" type="text" value="" size="80">
</div>
</div>
<div class="row">
<div class="col-md-12">
<label for="message">Add Your Comment</label>
<span class="message-missing">Say something!</span>
<textarea id="message" name="message" cols="45" rows="10"></textarea>
<br>
<div class="g-recaptcha" data-sitekey="<?php echo $siteKey; ?>"></div>
<input type="submit" name="submit" class="button" id="submit_btn" value="Send Message" onclick="return valtest();">
</div>
</div>
</form>
</div>
<br/>
<!-- End Contact Form -->
</div>

<div class="col-md-4">

<!-- Classic Heading -->
<h4 class="classic-title"><span>Head Office</span></h4>

<!-- Divider -->
<div class="hr1" style="margin-bottom:10px;"></div>

<!-- Info - Icons List -->
<ul class="icons-list">
</ul>

<div class="hr1" style="margin-bottom:50px;"></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- End content -->
<!-- Start Map -->
<!-- End Map -->
<!-- Start Footer -->
<?php
include_once('footer.php');
?>
<!-- End Footer -->
</div>
<!-- End Container -->
<!-- Go To Top Link -->
<a href="#" class="back-to-top"><i class="fa fa-angle-up"></i></a>
<div id="loader">
<div class="spinner">
<div class="dot1"></div>
<div class="dot2"></div>
</div>
</div>
</body>
</html>

【讨论】:

  • 您应该删除该答案,因为它没有。将此内容放入您的问题中。
【解决方案2】:

首先你必须检查recaptcha isset:

<?php

$errMsg = "";
$succMsg = "";

/**************************/
/* GOOGLE reCAPTCHA START */
/**************************/
require_once '../../reCAPTCHA/autoload.php';
$siteKey = 'sitekey';
$secret = 'secretkey';
/************************/
/* GOOGLE reCAPTCHA END */
/************************/

if ((isset($_POST['submit']) | !empty($_POST["submit"]))) {

    if ((isset($_POST['g-recaptcha-response'])) && !empty($_POST["g-recaptcha-response"])) {

        $recaptcha = new \ReCaptcha\ReCaptcha($secret);
        $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
        if ($resp->isSuccess()) {

            $succMsg = "Success Message";

            /**
             * DO THE DB ENTRIES HERE
             */

        }

    } else {

        $errMsg = "Error With Captcha";
    }
}
?>

您将需要来自 google 的 these 文件。
它们在这里加载:require_once '../../reCAPTCHA/autoload.php';

您的表单页面应如下所示:

<head>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>

    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
</head>
<div id="contact-form" class="contatct-form">
    <div class="loader"></div>
    <form method="post">
        <div class="row">
            <?php
                if (isset($succMsg)) {
                    echo $succMsg;
                } else {
                    echo "";
                }
                if (isset($errMsg)) {
                    echo $errMsg;
                } else {
                    echo "";
                }
            ?>
            <div class="col-md-4">
                <label for="name">Name<span class="required">*</span></label>
                <span class="name-missing">Please enter your name</span>
                <input id="name" name="name" type="text" value="" size="60">
            </div>
            <div class="col-md-4">
                <label for="e-mail">Email<span class="required">*</span></label>
                <span class="email-missing">Please enter a valid e-mail</span>
                <input id="e-mail" name="email" type="text" value="" size="60">
            </div>
            <div class="col-md-4">
                <label for="url">Website</label>
                <input id="url" name="url" type="text" value="" size="80">
            </div>
        </div>
        <div class="row">
            <div class="col-md-12">
                <label for="message">Add Your Comment</label>
                <span class="message-missing">Say something!</span>
                <textarea id="message" name="message" cols="45" rows="10"></textarea>
                <br>
                <div class="g-recaptcha" data-sitekey="<?php echo $siteKey; ?>"></div>
                <input type="submit" name="submit" class="button" id="submit_btn" value="Send Message" onclick="return valtest();">
            </div>
        </div>
    </form>
</div>

【讨论】:

猜你喜欢
  • 1970-01-01
  • 2015-07-06
  • 2023-03-06
  • 2015-03-18
  • 2017-09-25
  • 2014-02-22
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode