Php 如何验证已检查reCaptcha
我正在创建一个联系人表单,如果选中Google reCaptcha v2,该表单将发送邮件。 现在,即使选中了reCaptcha,它也会回显我的文本 我试着绕过reCaptcha代码段,试着做一个if(isset),但似乎不起作用Php 如何验证已检查reCaptcha,php,recaptcha,Php,Recaptcha,我正在创建一个联系人表单,如果选中Google reCaptcha v2,该表单将发送邮件。 现在,即使选中了reCaptcha,它也会回显我的文本 我试着绕过reCaptcha代码段,试着做一个if(isset),但似乎不起作用 $email = $_POST['email']; $subject = $_POST['subject']; $message = $_POST['message']; $errorEmpty = false; $errorEmail = fa
$email = $_POST['email'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$errorEmpty = false;
$errorEmail = false;
$errorCaptcha = false;
if(empty($name) || empty($email) || empty($subject) || empty($message)){
echo "<span style='color: red;font-weight: bold;'>Fyll i alla fält!</span>";
$errorEmpty = true;
}
if(empty($_POST['g-recaptcha-response'])){
echo "<span style='color: red;font-weight:bold;'>reCaptchan är inte ifylld!</span>";
$errorCaptcha = true;
}
elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
echo "<span style='color: red;font-weight: bold;'>Du måste skriva in en giltig e-mail adress!</span>";
$errorEmail = true;
}
else{
echo "<span style='color: green;font-weight: bold;'>Ditt meddelande skickades, vi återkommer inom max 3 arbetsdagar!</span>";
}
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
$secret = '';
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
$responseData = json_decode($verifyResponse);
if($responseData->success){
$to = $email;
$subject = $subject;
$text = "Name: $name\n From: $name\n Message: $message";
$headers = "From: $email";
if($errorEmpty == false && $errorEmail == false && $errorCaptcha == false){
mail($to,$subject,$text,$headers);
}
}
} // ReCaptcha 2
$email=$\u POST['email'];
$subject=$_POST['subject'];
$message=$_POST['message'];
$errorEmpty=false;
$errorEmail=false;
$errorCaptcha=false;
if(空($name)| |空($email)| |空($subject)| |空($message)){
回音“再见!”;
$errorEmpty=true;
}
如果(空($_POST['g-recaptcha-response'])){
回声“reCaptchanär inte Ifilld!”;
$errorCaptcha=true;
}
elseif(!filter\u var($email,filter\u VALIDATE\u email)){
echo“en giltig电子邮件地址中的Du måste skriva!”;
$errorEmail=true;
}
否则{
echo“Ditt meddelande skickades,viåterkommer inom max 3 arbetsdagar!”;
}
如果(isset($_POST['g-recaptcha-response'])和&!空($_POST['g-recaptcha-response'])){
$secret='';
$verifyResponse=文件\u获取\u内容('https://www.google.com/recaptcha/api/siteverify?secret=“.$secret.&response=”.$\u POST['g-recaptcha-response']);
$responseData=json_解码($verifyResponse);
如果($responseData->success){
$to=$email;
$subject=$subject;
$text=“Name:$Name\n From:$Name\n Message:$Message”;
$headers=“From:$email”;
如果($errorEmpty==false&&$errorEmail==false&&$errorCaptcha==false){
邮件($to、$subject、$text、$headers);
}
}
}//雷帕查2
如果选中了reCaptcha,我希望mail()函数激活,否则我希望向用户回显文本。很难判断问题出在哪里。您当前的代码将始终回显某种消息(尽管您可能需要显示消息,成功或失败) 如果您说您无法获得
If($responseData->success){
来正确验证复选框,我建议您使用var\u dump($responseData)
查看响应数据,看看谷歌是否试图告诉您一些事情(坏密钥、域名等)
作为另一种方法,您可以考虑使用Google的PHP reCaptcha库作为处理这种情况的更简单方法——例如,我的代码:
function validateRecaptcha(?String $gRecaptchaResponse) {
/* API source from: https://github.com/google/recaptcha */
$recaptcha = new ReCaptcha\ReCaptcha(***SECRET HERE***);
$resp = $recaptcha->verify($gRecaptchaResponse, $_SERVER['REMOTE_ADDR']);
return $resp->isSuccess();
}
注意:使用
empty
验证用户输入时要小心。如果用户决定提交一条内容仅为0
的消息,您的If(…| | empty($message)){
检查将失败
请参阅:我查看了您的代码,发现了一些错误。我正在粘贴下面更正的代码,请尝试一下,并告诉我它是否解决了您的问题
<?php
$error = false;
$output = '';
$name = $_POST["name"];
$email = $_POST['email'];
$subject = $_POST['subject'];
$message = $_POST['message'];
if (empty($name) || empty($email) || empty($subject) || empty($message)) {
$output = "<span style='color: red;font-weight: bold;'>Fyll i alla fält!</span>";
$error = true;
}
if (empty($_POST['g-recaptcha-response'])) {
$output = "<span style='color: red;font-weight:bold;'>reCaptchan är inte ifylld!</span>";
$error = true;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$output = "<span style='color: red;font-weight: bold;'>Du måste skriva in en giltig e-mail adress!</span>";
$error = true;
}
if ($error) {
echo $output;
} else {
$secretKey = "YOUR-SECRET-KEY";
$captcha=$_POST['g-recaptcha-response'];
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' .
urlencode($secretKey) . '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response, true);
if ($responseKeys["success"]) {
// mail then
$to = $email;
$email_subject = $subject;
$email_body = "Name: $name\n From: $name\n Message: $message";
//Send the email!
$mail_check = mail($to, $email_subject, $email_body);
if ($mail_check) {
echo "Mail Sent!";
} else {
echo 'Mail Failed';
}
} else {
echo 'Response not Success';
}
}
?>
顺便说一句:不要使用mail()
。这太糟糕了。请使用phpmailer或任何比mail()
@MarcinOrlowski更中世纪的工具。好的,我会看一看。