douliaodun9153 2019-06-03 10:30
浏览 132
已采纳

如何通过recaptcha检查HTML表单中的数据?

I'm working on a contact website, where I want to have contact form. I want it to send data to e-mail and I want it to be checked by Google's recaptcha v3.

This is my second try. In the past, I've done it successfully without recaptcha. Now, I used this (https://codeforgeek.com/google-recaptcha-v3-tutorial/) tutorial, with following result:

script below the form

       // when form is submit
    $('#myform').submit(function() {
        // we stoped it
        event.preventDefault();
        var mail = $('#email').val();
        var comment = $("#sprava").val();
        // needs for recaptacha ready
        grecaptcha.ready(function() {
            // do request for recaptcha token
            // response is promise with passed token
            grecaptcha.execute('__SITE-KEY__', {action: 'create_comment'}).then(function(token) {
                // add token to form
                $('#myform').prepend('<input type="hidden" name="g-recaptcha-response" value="' + token + '">');
                    $.post("form.php",{mail: mail, comment: comment, token: token}, function(result) {
                            if(result.success) {
                                    alert('Thanks for message')
                            } else {
                                    alert('An error occured')
                            }
                    });
            });;
        });
  });
  </script>

the names of html form fields are "email", "vyber", "sprava"

form.php

<?php
  $mail;$comment;$captcha;
  $mail = filter_input(INPUT_POST, 'mail', FILTER_VALIDATE_EMAIL);
  $comment = filter_input(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
  $captcha = filter_input(INPUT_POST, 'token', FILTER_SANITIZE_STRING);
  }

  function email_sending(){
    $webmaster_email = "bla@bla.com";
    $sender_email= "blabla@bla.com" ;

    $email_address = $_REQUEST['email'] ;
    $selection = $_REQUEST['vyber'] ;
    $message = $_REQUEST['sprava'];

    $msg =
    "E-mail: " . $email_address . "
" .
    "I'm interested in " . $selection . "
" .
    "Message: " . $message ;


    mail( "$webmaster_email", "You have mail", $msg, $header);
  }

  if($responseKeys["success"]) {
    echo json_encode(array('success' => 'true'));
    email_sending();
  } else {
    echo json_encode(array('success' => 'false'));
  }
?>

The problem isn't within recaptcha part, but then I recieve e-mail, where data is missing. (it shows only variable names, not actual values). I might think it's because of naming in script, as I'm not sure what to write in declaration of variables. I'd be glad to receive any input about this problem.

  • 写回答

1条回答 默认 最新

  • dongyuxiao6295 2019-06-06 15:05
    关注

    I managed to solve this problem by changing server-side code like below, thanks to this Recaptcha tutorial. 

      // Check if form was submitted:
  if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['recaptcha_response'])) {

// Build POST request:
$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
$recaptcha_secret = '__SECRET-KEY___';
$recaptcha_response = $_POST['recaptcha_response'];

// Make and decode POST request:
$recaptcha = file_get_contents($recaptcha_url . '?secret=' . $recaptcha_secret . '&response=' . $recaptcha_response);
$recaptcha = json_decode($recaptcha);

// Take action based on the score returned:
if ($recaptcha->success == true) {
    // Verified - send email

} else {
    // Not verified - show form error

}

    }

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 Fluent udf 编写问题
  • ¥15 求合并两个字节流VB6代码
  • ¥15 Pyqt 如何正确的关掉Qthread,并且释放其中的锁?
  • ¥30 网站服务器通过node.js部署了一个项目!前端访问失败
  • ¥15 WPS访问权限不足怎么解决
  • ¥15 java幂等控制问题
  • ¥15 海湾GST-DJ-N500
  • ¥15 氧化掩蔽层与注入条件关系
  • ¥15 Django DRF 如何反序列化得到Python对象类型数据
  • ¥15 多数据源与Hystrix的冲突