Servlets GoogleRecaptchaV3示例演示
到目前为止,我一直在使用Google Recaptcha v2,但现在我想使用最新版本(v3)更新我的Web应用程序 有没有人可以为一个基本表单添加一个完全工作的GoogleRecaptchaV3示例,因为我找不到它的任何工作演示 我真的很感激 多谢各位Servlets GoogleRecaptchaV3示例演示,servlets,recaptcha,recaptcha-v3,Servlets,Recaptcha,Recaptcha V3,到目前为止,我一直在使用Google Recaptcha v2,但现在我想使用最新版本(v3)更新我的Web应用程序 有没有人可以为一个基本表单添加一个完全工作的GoogleRecaptchaV3示例,因为我找不到它的任何工作演示 我真的很感激 多谢各位 PS:我在服务器端使用Java Servlets,但不管您是否解释使用PHP或其他什么工具。实现ReCaptcha v3的简单代码 基本JS代码 <script src="https://www.google.com/recap
PS:我在服务器端使用Java Servlets,但不管您是否解释使用PHP或其他什么工具。实现ReCaptcha v3的简单代码 基本JS代码
<script src="https://www.google.com/recaptcha/api.js?render=your reCAPTCHA site key here"></script>
<script>
grecaptcha.ready(function() {
// do request for recaptcha token
// response is promise with passed token
grecaptcha.execute('your reCAPTCHA site key here', {action:'validate_captcha'})
.then(function(token) {
// add token value to form
document.getElementById('g-recaptcha-response').value = token;
});
});
</script>
grecaptcha.ready(函数(){
//对recaptcha令牌的do请求
//响应是带有传递令牌的承诺
execute('your reCAPTCHA site key here',{action:'validate_captcha'})
.then(功能(令牌){
//向表单中添加令牌值
document.getElementById('g-recaptcha-response')。value=token;
});
});
<form id="form_id" method="post" action="your_action.php">
<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response">
<input type="hidden" name="action" value="validate_captcha">
.... your fields
</form>
.... 你的领域
if (isset($_POST['g-recaptcha-response'])) {
$captcha = $_POST['g-recaptcha-response'];
} else {
$captcha = false;
}
if (!$captcha) {
//Do something with error
} else {
$secret = 'Your secret key here';
$response = file_get_contents(
"https://www.google.com/recaptcha/api/siteverify?secret=" . $secret . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']
);
// use json_decode to extract json response
$response = json_decode($response);
if ($response->success === false) {
//Do something with error
}
}
//... The Captcha is valid you can continue with the rest of your code
//... Add code to filter access using $response . score
if ($response->success==true && $response->score <= 0.5) {
//Do something to denied access
}
if(isset($\u POST['g-recaptcha-response'])){
$captcha=$_POST['g-recaptcha-response'];
}否则{
$captcha=错误;
}
如果(!$captcha){
//做错事
}否则{
$secret='此处为您的密钥';
$response=文件\u获取\u内容(
"https://www.google.com/recaptcha/api/siteverify?secret=“$secret.”&response=“.$captcha.”&remoteip=“.$\u服务器['REMOTE\u ADDR']
);
//使用json_decode提取json响应
$response=json_decode($response);
如果($response->success==false){
//做错事
}
}
//... 验证码有效。您可以继续使用其余代码
//... 添加代码以使用$response筛选访问。分数
如果($response->success==true&&$response->score我假设您已经准备好了站点密钥和密码。请遵循此步骤
在HTML文件中,添加脚本
<script src="https://www.google.com/recaptcha/api.js?render=put your site key here"></script>
此外,请务必使用jQuery以方便事件处理
这是简单的表格
<form id="comment_form" action="form.php" method="post" >
<input type="email" name="email" placeholder="Type your email" size="40"><br><br>
<textarea name="comment" rows="8" cols="39"></textarea><br><br>
<input type="submit" name="submit" value="Post comment"><br><br>
</form>
您需要初始化GoogleRecapTCha并侦听ready事件
<script>
// when form is submit
$('#comment_form').submit(function() {
// we stoped it
event.preventDefault();
var email = $('#email').val();
var comment = $("#comment").val();
// needs for recaptacha ready
grecaptcha.ready(function() {
// do request for recaptcha token
// response is promise with passed token
grecaptcha.execute('put your site key here', {action: 'create_comment'}).then(function(token) {
// add token to form
$('#comment_form').prepend('<input type="hidden" name="g-recaptcha-response" value="' + token + '">');
$.post("form.php",{email: email, comment: comment, token: token}, function(result) {
console.log(result);
if(result.success) {
alert('Thanks for posting comment.')
} else {
alert('You are spammer ! Get the @$%K out.')
}
});
});
});
});
</script>
//提交表格时
$(“#注释表单”)。提交(函数(){
//我们阻止了它
event.preventDefault();
var email=$('#email').val();
var comment=$(“#comment”).val();
//准备好了吗
grecaptcha.ready(函数(){
//对recaptcha令牌的do请求
//响应是带有传递令牌的承诺
执行('put your site key here',{action:'create_comment'})。然后(函数(令牌){
//将令牌添加到表单
$('comment_form')。前缀('';
$.post(“form.php”,{email:email,comment:comment,token:token},函数(结果){
控制台日志(结果);
如果(结果、成功){
提醒('谢谢发表评论')
}否则{
警报('您是垃圾邮件发送者!请将@$%K取出。'))
}
});
});
});
});
这是PHP示例文件。您可以使用Servlet、节点或任何后端语言来代替它
<?php
$email;$comment;$captcha;
if(isset($_POST['email'])){
$email=$_POST['email'];
}if(isset($_POST['comment'])){
$comment=$_POST['comment'];
}if(isset($_POST['token'])){
$captcha=$_POST['token'];
}
if(!$captcha){
echo '<h2>Please check the the captcha form.</h2>';
exit;
}
$secretKey = "put your secret key here";
$ip = $_SERVER['REMOTE_ADDR'];
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secretKey) . '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response,true);
header('Content-type: application/json');
if($responseKeys["success"]) {
echo json_encode(array('success' => 'true'));
} else {
echo json_encode(array('success' => 'false'));
}
?>
以下是教程链接:
希望有帮助。我们使用recaptcha-V3仅用于查看站点流量质量,并将其用作非阻塞。因为recaptcha-V3不需要在站点上显示,也可以用作隐藏,但您必须显示recaptcha隐私等链接(如建议的那样)
头中的脚本标记
<script src="https://www.google.com/recaptcha/api.js?onload=ReCaptchaCallbackV3&render='SITE KEY' async defer></script>
后端-Laravel代码:
<script>
ReCaptchaCallbackV3 = function() {
grecaptcha.ready(function() {
grecaptcha.execute("SITE KEY").then(function(token) {
$.ajax({
type: "POST",
url: `https://api.${window.appInfo.siteDomain}/v1/recaptcha/score`,
data: {
"token" : token,
},
success: function(data) {
if(data.response.success) {
window.recaptchaScore = data.response.score;
console.log('user score ' + data.response.score)
}
},
error: function() {
console.log('error while getting google recaptcha score!')
}
});
});
});
};
</script>
there is no html code since our requirement is just to get score and don't want to show recaptcha badge.
Route:
Route::post('/recaptcha/score', 'Api\\ReCaptcha\\RecaptchaScore@index');
Class:
class RecaptchaScore extends Controller
{
public function index(Request $request)
{
$score = null;
$response = (new Client())->request('post', 'https://www.google.com/recaptcha/api/siteverify', [
'form_params' => [
'response' => $request->get('token'),
'secret' => 'SECRET HERE',
],
]);
$score = json_decode($response->getBody()->getContents(), true);
if (!$score['success']) {
Log::warning('Google ReCaptcha Score', [
'class' => __CLASS__,
'message' => json_encode($score['error-codes']),
]);
}
return [
'response' => $score,
];
}
}
我们返回分数并保存在变量中,稍后提交表单时使用该变量
参考:
我认为在PHP中使用Bootstrap 4表单的功能完整的reCaptcha v3示例演示可能对某些人有用
参考显示的依赖项,交换电子邮件地址和密钥(创建您自己的密钥),表单就可以测试和使用了。为了更好地澄清逻辑,我做了代码注释,还包括注释掉的控制台日志和打印行,以便快速查看验证令牌和从Google生成的数据
附带的jQuery函数是可选的,尽管在本演示中它确实可以创建更好的用户提示体验
PHP文件(mail.PHP
):
添加密钥(2个位置)和注明的电子邮件地址
如果你最近在你的网站上实现了recaptcha,我建议你添加api.js,让谷歌在1-2天内收集你用户的行为数据。这种方式非常安全,尤其是在开始使用score之前。我看到了大多数文章,这些文章都不能正常工作,这就是为什么新开发人员和专业开发人员会这样做的原因我已经习惯了
我用一种非常简单的方式向您解释。在这段代码中,我在客户端每隔3秒生成一个google Recaptcha令牌,因为该令牌的有效期只有几分钟,这就是为什么如果任何用户需要时间填写表单,那么它可能会过期
首先,我有一个index.php文件,我将在其中编写HTML和JavaScript代码
<!DOCTYPE html>
<html>
<head>
<title>Google Recaptcha V3</title>
</head>
<body>
<h1>Google Recaptcha V3</h1>
<form action="recaptcha.php" method="post">
<label>Name</label>
<input type="text" name="name" id="name">
<input type="hidden" name="token" id="token" />
<input type="hidden" name="action" id="action" />
<input type="submit" name="submit">
</form>
<script src="https://www.google.com/recaptcha/api.js?render=put your site key here"></script>
<script src="https://code.jquery.com/jquery-3.4.1.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
setInterval(function(){
grecaptcha.ready(function() {
grecaptcha.execute('put your site key here', {action: 'application_form'}).then(function(token) {
$('#token').val(token);
$('#action').val('application_form');
});
});
}, 3000);
});
</script>
</body>
</html>
GoogleRecaptchaV3
GoogleRecaptchaV3
名称
$(文档).ready(函数(){
setInterval(函数(){
grecaptcha.ready(函数(){
execute('put your site key here',{action:'application_form'})。然后(函数(令牌){
$('令牌').val(令牌);
$('行动').val('申请表');
});
});
}, 3000);
});
接下来,我创建了recaptcha.php文件,以便在服务器端执行它
<?php
if ($_POST['submit']) {
$name = $_POST['name'];
$token = $_POST['token'];
$action = $_POST['action'];
$curlData = array(
'secret' => 'put your secret key here',
'response' => $token
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($curlData));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$curlResponse = curl_exec($ch);
$captchaResponse = json_decode($curlResponse, true);
if ($captchaResponse['success'] == '1' && $captchaResponse['action'] == $action && $captchaResponse['score'] >= 0.5 && $captchaResponse['hostname'] == $_SERVER['SERVER_NAME']) {
echo 'Form Submitted Successfully';
} else {
echo 'You are not a human';
}
}
我在PH上处理POST
<!-- contact form demo container -->
<section style="margin: 50px 20px;">
<div style="max-width: 768px; margin: auto;">
<!-- contact form -->
<div class="card">
<h2 class="card-header">Contact Form</h2>
<div class="card-body">
<form class="contact_form" method="post" action="mail.php">
<!-- form fields -->
<div class="row">
<div class="col-md-6 form-group">
<input name="name" type="text" class="form-control" placeholder="Name" required>
</div>
<div class="col-md-6 form-group">
<input name="email" type="email" class="form-control" placeholder="Email" required>
</div>
<div class="col-md-6 form-group">
<input name="phone" type="text" class="form-control" placeholder="Phone" required>
</div>
<div class="col-md-6 form-group">
<input name="subject" type="text" class="form-control" placeholder="Subject" required>
</div>
<div class="col-12 form-group">
<textarea name="message" class="form-control" rows="5" placeholder="Message" required></textarea>
</div>
<!-- form message prompt -->
<div class="row">
<div class="col-12">
<div class="contact_msg" style="display: none">
<p>Your message was sent.</p>
</div>
</div>
</div>
<div class="col-12">
<input type="submit" value="Submit Form" class="btn btn-success" name="post">
</div>
<!-- hidden reCaptcha token input -->
<input type="hidden" id="token" name="token">
</div>
</form>
</div>
</div>
</div>
</section>
<script>
grecaptcha.ready(function() {
grecaptcha.execute('your-site-key-here', {action: 'homepage'}).then(function(token) {
// console.log(token);
document.getElementById("token").value = token;
});
// refresh token every minute to prevent expiration
setInterval(function(){
grecaptcha.execute('your-site-key-here', {action: 'homepage'}).then(function(token) {
console.log( 'refreshed token:', token );
document.getElementById("token").value = token;
});
}, 60000);
});
</script>
<!-- References for the optional jQuery function to enhance end-user prompts -->
<script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
<script src="form.js"></script>
(function ($) {
'use strict';
var form = $('.contact_form'),
message = $('.contact_msg'),
form_data;
// Success function
function done_func(response) {
message.fadeIn()
message.html(response);
setTimeout(function () {
message.fadeOut();
}, 10000);
form.find('input:not([type="submit"]), textarea').val('');
}
// fail function
function fail_func(data) {
message.fadeIn()
message.html(data.responseText);
setTimeout(function () {
message.fadeOut();
}, 10000);
}
form.submit(function (e) {
e.preventDefault();
form_data = $(this).serialize();
$.ajax({
type: 'POST',
url: form.attr('action'),
data: form_data
})
.done(done_func)
.fail(fail_func);
}); })(jQuery);
<!DOCTYPE html>
<html>
<head>
<title>Google Recaptcha V3</title>
</head>
<body>
<h1>Google Recaptcha V3</h1>
<form action="recaptcha.php" method="post">
<label>Name</label>
<input type="text" name="name" id="name">
<input type="hidden" name="token" id="token" />
<input type="hidden" name="action" id="action" />
<input type="submit" name="submit">
</form>
<script src="https://www.google.com/recaptcha/api.js?render=put your site key here"></script>
<script src="https://code.jquery.com/jquery-3.4.1.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
setInterval(function(){
grecaptcha.ready(function() {
grecaptcha.execute('put your site key here', {action: 'application_form'}).then(function(token) {
$('#token').val(token);
$('#action').val('application_form');
});
});
}, 3000);
});
</script>
</body>
</html>
<?php
if ($_POST['submit']) {
$name = $_POST['name'];
$token = $_POST['token'];
$action = $_POST['action'];
$curlData = array(
'secret' => 'put your secret key here',
'response' => $token
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($curlData));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$curlResponse = curl_exec($ch);
$captchaResponse = json_decode($curlResponse, true);
if ($captchaResponse['success'] == '1' && $captchaResponse['action'] == $action && $captchaResponse['score'] >= 0.5 && $captchaResponse['hostname'] == $_SERVER['SERVER_NAME']) {
echo 'Form Submitted Successfully';
} else {
echo 'You are not a human';
}
}
$postData = json_decode(file_get_contents('php://input'), true); //get data sent via post
$captcha = $postData['g-recaptcha-response'];
header('Content-Type: application/json');
if($captcha === ''){
//Do something with error
echo '{ "status" : "bad", "score" : "none"}';
} else {
$secret = 'your-secret-key';
$response = file_get_contents(
"https://www.google.com/recaptcha/api/siteverify?secret=" . $secret . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']
);
// use json_decode to extract json response
$response = json_decode($response);
if ($response->success === false) {
//Do something with error
echo '{ "status" : "bad", "score" : "none"}';
}else if ($response->success==true && $response->score <= 0.5) {
echo '{ "status" : "bad", "score" : "'.$response->score.'"}';
}else {
echo '{ "status" : "ok", "score" : "'.$response->score.'"}';
}
}
<input type="hidden" id="g-recaptcha-response" name="g-recaptcha-response">
$scope.grabCaptchaV3=function(){
var params = {
method: 'POST',
url: 'api/recaptcha.php',
headers: {
'Content-Type': undefined
},
data: {'g-recaptcha-response' : myCaptcha }
}
$http(params).then(function(result){
console.log(result.data);
}, function(response){
console.log(response.statusText);
});
}