我正在将reCaptcha从谷歌添加到我的表单.问题是即使我按照谷歌的说明.我仍然可以按下提交按钮而不进行重新接收.任何想法请说明相关的代码片段.
<head> <Meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>webpage title</title> <link rel="stylesheet" type="text/css" href="view.css" media="all"> <script type="text/javascript" src="view.js"></script> <script src='https://www.google.com/recaptcha/api.js'></script> </head>
而这个片段是网页的一部分
<div class="g-recaptcha" data-sitekey="xxxxxxmyapikeyxxxxxxx_xxxxxxmyapikeyxxxxxxx"></div>
<li class="buttons">
<input type="hidden" name="form_id" value="1136056" />
<input id="saveForm" class="button_text" type="submit" name="submit" value="Submit" />
</li>
</ul>
</form>
据我所知,我已将代码放在我网页的指定区域.一个在HTML模板上的结束标记之前,以及我想要显示reCAPTCHA小部件的末尾的代码段.
我在提交按钮之前放了recaptcha.关于服务器端集成有一部分我不明白.
[QUOTE] When your users submit the form where you integrated reCAPTCHA,you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user,send a POST request with these parameters: URL: https://www.google.com/recaptcha/api/siteverify secret (required) xxxxxmysecretkeyxxxxxxx response (required) The value of 'g-recaptcha-response'. remoteip The end user's ip address. [/QUOTE]
请有人请说清楚这一点.
谢谢
解决方法
因此,我们设置表单并确保包含您的库,我阻止在recaptcha尚未完成时单击提交按钮并显示工具提示以通知用户需要继续.然后在使用回调方法完成后启用它.
的login.PHP
<div class="formContainer">
<script src='https://www.google.com/recaptcha/api.js'></script>
<form action="loginHandler.PHP" method="post" name="login_form" id="loginForm" class="loginForm">
<h2>Login</h2>
<p><input type="text" required placeholder="Email" name="email"></p>
<p><input type="password" required placeholder="Password" name="password" id="password"></p>
<div class="g-recaptcha" data-callback="captcha_filled"
data-expired-callback="captcha_expired"
data-sitekey="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX">
</div>
<div>
<p class="show-tt" data-toggle="tooltip" title="Complete the reCAPTCHA to login." data-placement="bottom">
<input id="submitLogin" type="submit" value="Login">
</p>
</div>
</form>
</div>
<script>
//prevent submit and show tooltip until captch is complete.
var submit = false;
$("#submitLogin").prop('disabled',true);
function captcha_filled() {
submit = true;
$("#submitLogin").prop('disabled',false);
$(".show-tt").tooltip('destroy');
}
function captcha_expired() {
submit = false;
$("#submitLogin").prop('disabled',true);
showTooltip();
}
function showTooltip () {
$(".show-tt").tooltip('show');
}
</script>
现在我们发布到loginHandler.PHP,或者你的表单提交的地方,然后我们将分配你的密钥,然后用谷歌验证请求.
loginHandler.PHP
$secret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
if (isset($_POST["g-recaptcha-response"])) {
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secret) .
'&response=' . urlencode($_POST['g-recaptcha-response']) . '&remoteip=' . urlencode($_SERVER['REMOTE_ADDR']);
//ip address is optional
$result = json_decode(file_get_contents($url),true);
if ($result != null && $result['success'] === true) {
//success,handle login/submit data or whatever
} else {
//response is bad,handle the error
header('Location: login.PHP?error=4');
}
} else {
//captcha response is not set,handle error
header('Location: login.PHP?error=5');
}
