recaptcha v2 的基本服务器集成

有人可以帮我解决这个问题吗?我已经尝试了几个月,但只在 YouTube 和 Google 等上遇到了令人困惑的信息。


我正在为时事通讯建立订阅表格。它只是一个电子邮件字段和一个提交按钮。我得到了一个非常简单的 php 代码,该表单工作正常,但如果没有 recaptcha,它就会暴露给机器人:


<?php $email = $_POST['email'];

$formcontent="From: $email \n";

$recipient = "contact@myemail.com";

$subject = "Subscribe";

$mailheader = "From: $email \r\n";

mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");

echo "You have subscribed. You may close this tab now etc etc.";

?>

这就是我所需要的。此代码位于 mail.php 文件中,我在表单中使用 action="mail.php",该表单位于单独的 html 文件中。


有人可以建议我添加额外的代码来添加 SecretKey 并进行一些基本的 recaptcha 服务器集成吗?我无法理解 Google 信息网站。他们使用我从未遇到过的术语。我不知道他们想说什么。


千万里不及你
浏览 95回答 2
2回答

九州编程

如果您在表单上使用了 recaptcha,那么在提交表单时,PHP 中的 $_POST 将具有“g-recaptcha-response”。然后,您可以使用curl向Google发出API请求以验证他们的响应。以下是非常基础的内容,未经测试。您将需要做更多的工作来改善用户体验,例如使用 Ajax<?phpfunction verifyRecaptcha($response){&nbsp; //Replace the below with your secret key&nbsp; $recaptchaSecret = '<google_recaptcha_secret_key>';&nbsp; $ch = curl_init('https://www.google.com/recaptcha/api/siteverify');&nbsp; curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);&nbsp; curl_setopt($ch, CURLOPT_POST, true);&nbsp; curl_setopt($ch, CURLOPT_POSTFIELDS, array(&nbsp; &nbsp; &nbsp; 'secret' => $recaptchaSecret,&nbsp; &nbsp; &nbsp; 'response' => $response,&nbsp; ));&nbsp; $output = curl_exec($ch);&nbsp; curl_close($ch);&nbsp; //the response from Google will be a json string so decode it&nbsp; $output = json_decode($output);&nbsp; //one of the response keys is "success" which is a boolean&nbsp; return $output->success;}//First filter the POSTed data$email = filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL);$captchaResponse = filter_input(INPUT_POST,'g-recaptcha-response',FILTER_SANITIZE_STRING);//If either email or catcha reponse is missing then one or both were not completed before submitif(empty($email) || empty($captchaResponse)){&nbsp; //TODO: Better error handling here&nbsp; echo "There was an error with the submitted data.";}elseif(!verifyRecaptcha($captchaResponse))&nbsp; //this calls the above function to make the curl request{&nbsp; //TODO: Better error handling here&nbsp; echo "Recaptcha verification failed.";}else{&nbsp; //I would suggest you don't use their email as the "From" address, rather it should be a domain&nbsp; //that is allowed to send email from the server&nbsp; //Instead you want to use their email as the "Reply-To" address&nbsp; $formcontent = "From: $email \n";&nbsp; $recipient = "contact@myemail.com";&nbsp; $subject = "Subscribe";&nbsp; $mailheader = "From: $email \r\n";&nbsp; mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");&nbsp; echo "You have subscribed. You may close this tab now etc etc.";}

呼唤远方

顺便说一句,这是形式:<form class="form" action="mail5.php" method="POST"><p class="email"><input type="text" name="email" id="email" placeholder="mail@example.com" required /></p><div class="g-recaptcha" data-sitekey="My Public Key"></div><p class="submit"><input type="submit" value="Subscribe!" /></p></form>在我得到这个之前:<script src="https://www.google.com/recaptcha/api.js" async defer></script>
打开App,查看更多内容
随时随地看视频慕课网APP