1. 首頁
  2. 問答
  3. 試圖實施新的Google CAPTCHA

試圖實施新的Google CAPTCHA

2015-12-01 28 views
2

由於某種原因,這個實現很容易,但我似乎無法做到。試圖實施新的Google CAPTCHA

我已經在窗體中實現了。這裏是link,但是表單仍然會提交而不驗證CAPTCHA。這是我的表單處理頁面,在這裏完成了CAPTCHA驗證。

如果有人能幫我解決這個問題,我將不勝感激。

<?php 
require_once('../Connections/conn.php'); 

// session_start(); 

// captcha validation 
if(isset($_POST['submit'])){ 

$url="https://www.google.com/recaptcha/api/siteverify"; 
$privatekey='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; 
$response = file_get_contents($url."?secret=".$privatekey."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']); 

$data= json_decode($response); 

} 




?> 


<!DOCTYPE html> 
<!--[if (gte IE 9)|!(IE)]><!--> 
<html lang="en"> 
<!--<![endif]--> 
<head> 

    <!-- Basic Page Needs 
    ================================================== --> 
    <meta charset="utf-8"> 
    <title>WOWSERVICE NIGERIA</title> 
    <meta name="description" content="Extent - another WordPress theme"> 
    <meta name="author" content="Webnus"> 

    <!-- Mobile Specific Metas 
    ================================================== --> 
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> 

    <!-- CSS 
    ================================================== --> 
    <link rel="stylesheet" href="../css/style.css" type="text/css"> 
<link rel="stylesheet" href="../css/bootstrap.min.css" type="text/css"> 


<!-- <link href='http://fonts.googleapis.com/css?family=Source+Sans+Pro:300italic,400italic,400,300,600,700,900|Varela|Arapey:400,400italic' rel="stylesheet" type='text/css' >--> 

    <!-- JS 
    ================================================== --> 
    <script src="js/jquery.min.js" type="text/javascript"></script> 
    <script src="layerslider/js/greensock.js" type="text/javascript"></script> 
    <script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script> 
    <script src="SpryAssets/SpryValidationSelect.js" type="text/javascript"></script> 
    <link rel="stylesheet" href="css/datepicker.css"> 




<!--[if lt IE 9]> 
    <script src="../js/modernizr.custom.11889.js" type="text/javascript"></script> 
    <script src="../js/respond.js" type="text/javascript"></script> 
    <![endif]--> 
    <!-- HTML5 Shiv events (end)--> 
    <!-- MEGA MENU --> 

    <!-- Favicons 
    ================================================== --> 
    <link rel="shortcut icon" href="images/favicon.ico"> 
    <link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css"> 
    <link href="SpryAssets/SpryValidationSelect.css" rel="stylesheet" type="text/css"> 
</head> 
<body class="yakisoba yakisoba-home"> 

<!-- Primary Page Layout 
================================================== --> 
<div id="wrap" class="boxed-wrap"> 

    <!-- Top Bar --> 
    <section class="top-bar"> 
     <div class="container"> 
     <div class="top-links lftflot"> 
     <a href="#">About</a> 
      <a href="#">Articles</a> 
      <a href="#">Service News</a> 
      <a href="#">Survey</a> 
      <a href="#">Contact</a> 
     </div> 
     <div class="socialfollow rgtflot"><a href="" class="facebook"><i class="fa-facebook"></i></a><a href="" class="twitter"><i class="fa-twitter"></i></a><a href="" class="vimeo"><i class="fa-vimeo-square"></i></a></div> 
    </div> 
    </section> <!-- end top-bar --> 

    <header id="header" class="horizontal-w sm-rgt-mn"> 
     <div class="container"> 
     <div class="col-md-7 col-sm-6 logo-wrap"> 
      <div class="logo"> 
       <a href="home.php"><img src="../images/logo.png" width="170" id="img-logo-w1" alt="logo" class="img-logo-w1"></a> 
       <a href="home.php"><img src="../images/logo.png" width="130" id="img-logo-w2" alt="logo" class="img-logo-w2"></a> 
      </div> <!-- end logo --> 
     </div> <!-- end col-md-7 --> 
     <div class="col-md-5 col-sm-6 alignright"> 
      <hr class="vertical-space" /> 
      <div class="widget"> 
       <div class="webnus-ad"> 
        <a href="#"><img src="../images/homes/adv.jpg" alt="" /></a>   
        <div class="clear"></div> 
       </div> 
      </div> <!-- end widget --> 
     </div> <!-- end col-md-5 --> 
     </div> <!-- end container --> 
     <hr class="vertical-space" /> 
     <nav id="nav-wrap" class="nav-wrap2 mn4 darknavi"> 
     <div class="container"> 
      <ul id="nav"> 
       <li><a href="../post_complaint.php">Post Complaints</a></li> 
       <li><a href="../post_commendation.php">Post Commendation</a></li> 
       <li><a href="../request_report.php">Request for Report</a></li> 
       <li><a href="../contact_details_upload.php">Upload Contact Details</a></li> 
      <!--  <li><a href="#">Travel</a></li>--> 
      </ul> 
     </div> 
     <!-- end container --> 
     </nav> <!-- nav wrap --> 
    </header> <!-- end header --> 
    <p></br></p> 

    <div class="row"> 
     <div class="col-md-1"></div> 

     <div class="col-md-10"> 

     <div class="bg-primary"> 

    <?php 

    // if validation is successfull 

    if(isset($data->success) AND $data->success==true){ 



     $query = $_POST['query']; 
    // gets value sent over search form 

    $min_length = 3; 
    // you can set minimum length of the query if you want 

    if(strlen($query) >= $min_length){ // if query length is more or equal minimum length then 

     $query = htmlspecialchars($query); 
     // changes characters used in html to their equivalents, for example: < to &gt; 

     $query = mysql_real_escape_string($query); 
     // makes sure nobody uses SQL injection 

     $raw_results = mysql_query("SELECT * FROM request_report 
      WHERE (`ticket` LIKE '%".$query."%')") or die(mysql_error()); 



     // * means that it selects all fields, you can also write: `id`, `title`, `text` 
     // articles is the name of our table 

     // '%$query%' is what we're looking for, % means anything, for example if $query is Hello 
     // it will match "hello", "Hello man", "gogohello", if you want exact match use `title`='$query' 
     // or if you want to match just full word so "gogohello" is out use '% $query %' ...OR ... '$query %' ... OR ... '% $query' 

     if(mysql_num_rows($raw_results) > 0){ // if one or more rows are returned do following 

      while($results = mysql_fetch_array($raw_results)){ 
      // $results = mysql_fetch_array($raw_results) puts data from database into array, while it's valid it does the loop 
      if($results ['status']=='0'){ 
       echo "<p> The request associated with ticket number <strong>" .$results['ticket']."</strong> is still being processed....</p>"; 
       // posts results gotten from database(title and text) you can also show id ($results['id']) 
       } 

       else if ($results ['status']=='1'){ 

       echo "<p> The request associated with ticket number <strong>" .$results['ticket']."</strong> has been processed and closed....</p>"; 
       // posts results gotten from database(title and text) you can also show id ($results['id']) 

       } 
      } 

     } 
     else{ // if there is no matching rows do following 
      echo "Sorry no results found <br>"; 
     } 

    } 
    else{ // if query length is less than minimum 
     echo "Ticket number should be within ".$min_length; 
    } 




    //retrieving data from complaints table 



} 
else{ 

$msg="Please re-enter your reCAPTCHA."; 

} 
?>

來源

2015-12-01 eugbana

+0

不要忘記接受幫助你的答案。 –

回答

1

我希望以下將有所幫助,我已經從我自己的例子中剝離了他的代碼,它的工作。

On the page that has the captcha requirement 
-------------------------------------------- 

head 
---- 
<script type='text/javascript'> 
    function verifyCaptcha(){ 
     /* 'grc' is the id of the placeholder DIV */ 
     grecaptcha.render('grc', { 
      'sitekey' : 'aaabbbcccdddeeefff-not-secret-key', 
      'theme'  : 'light', 
      'size'  : 'compact' 
}); 
    } 
</script> 
<script src='https://www.google.com/recaptcha/api.js?onload=verifyCaptcha&render=explicit' async defer></script> 



body 
---- 
<form name='mailtest' method='post' action='/test/target.php'> 
    <input type='text' name='name' value='joe bloggs' placeholder='Please enter your name' required /> 

    <!-- empty placeholder for re-captcha: targeted in javascript function verifyCaptcha --> 
    <div id='grc'></div> 

    <input type="submit" value="Submit form" /> 
</form> 






/test/target.php (ie: the form target) 
--------------------------------------- 
$google_secret='xxx-yyy-zzz-some-very-long-secret-key'; 
if($_SERVER['REQUEST_METHOD']=='POST'){ 

    $captcha=isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response']) ? $_POST['g-recaptcha-response'] : false; 
    if(!!$captcha===false) die('empty captcha'); 

    $url="https://www.google.com/recaptcha/api/siteverify?secret=".$google_secret."&response=".trim($captcha)."&remoteip=".$_SERVER['REMOTE_ADDR']; 
    $response=json_decode(file_get_contents($url)); 

    if($response->success){ 
     /* Everything ok - proceed with processing */ 
    } else { 
     /* Verification failed, abandon request */ 
    } 

}

來源

2015-12-01 09:22:23 RamRaider

0

形式仍然沒有提交驗證驗證碼

表單提交無論是在它。如果$_POST['g-recaptcha-response']來自未解決的/ {錯誤解決的}驗證碼,那麼在服務器端當您驗證站點https://www.google.com/recaptcha/api/siteverify?...時,您將得到響應。像{success:false}。這是驗證碼無效的證明;因此實際上對於網站所有者(您)驗證碼是經過驗證的服務器端。 查看更多here

來源

2015-12-01 09:21:39

0

創建一個在同一目錄下的PHP文件作爲形式命名getCurlData.php並粘貼以下代碼並保存

function getCurlData($url) 
{ 
     $curl = curl_init(); 
     curl_setopt($curl, CURLOPT_URL, $url); 
     curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 
     curl_setopt($curl, CURLOPT_TIMEOUT, 10); 
     curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16"); 
     $curlData = curl_exec($curl); 
     curl_close($curl); 
     return $curlData; 
}

後驗證這樣使用正確的祕密密鑰和網站-key

$recaptcha=$_POST['g-recaptcha-response']; 

     if(!empty($recaptcha)) 
     { 
     include("getCurlData.php"); 
     $google_url="https://www.google.com/recaptcha/api/siteverify"; 
     $secret='put your key here'; 
     $ip=$_SERVER['REMOTE_ADDR']; 
     $url=$google_url."? secret=".$secret."&response=".$recaptcha."&remoteip=".$ip; 
     $res=getCurlData($url); 
     $res= json_decode($res, true); 
     } 
     else 
     { 
      $err_catpcha="* Verification error"; 
     }

注意這個div是在捕獲的代碼會顯示

<div class="g-recaptcha" data-sitekey="you-sitekey-here"></div>

來源

2015-12-01 09:25:55 Terabyte

0

我認爲你已經對Google reCaptcha的工作方式感到困惑 - 它不會阻止用戶發佈數據(用戶可以輕鬆繞過這樣的事情),它用於允許服務器端代碼檢查用戶是不是機器人。

這意味着您必須在服務器端有東西來檢查提交的內容。你不能僅僅做所有的客戶端。 (儘管看起來谷歌正在做所有客戶端,但reCaptcha按鈕實際上位於另一臺服務器上的iframe中。)

例如,看到谷歌的演示在這裏:https://www.google.com/recaptcha/api2/demo

請注意,它仍然POST數據回到服務器,當你點擊提交 - 這是服務器響應說你是否是人。

由於谷歌的文檔狀態:

當您的用戶請在您集成驗證碼的形式,你會 得到儘可能有效載荷名爲 「G-reCAPTCHA的響應」的字符串的一部分。爲了檢查是否谷歌已經驗證 該用戶,發送與這些參數的POST請求:

URL:https://www.google.com/recaptcha/api/siteverify

祕密(必需)的xxx
響應 (必需)「G-驗證碼的值-響應'。
remoteip結束 用戶的ip地址。

您基本上需要檢查POST請求secret是否與您的Recaptcha帳戶中的密鑰匹配。如果是這樣,那麼你應該給用戶一個下載鏈接,如果沒有,就返回一個錯誤信息。

您可以瞭解更多有關的ReCaptcha文檔在此過程中:https://developers.google.com/recaptcha/docs/verify

客戶方只

如果你不關心一個人能夠假冒的結果,並希望停止用戶提交,而不嘗試通過驗證碼,你可以使用jQuery這樣做:JSFiddle

來源

2015-12-07 14:47:35

+0

非常感謝,我最終使用了php和GDL庫來實現它。雖然我會首選使用谷歌recaptcha,但它延誤了我的工作。 – eugbana

相關問題

 相關問題