I have a form which has a few fields and a recaptcha code at the end.
When the user submits the form, the recaptcha field is validated along with the other fields on server side (PHP). If the any of the fields are invalid, the user is redirected to the same form with errors.
However, the problem is : The user has to enter the recatpcha again.
Is there any way I can NOT ask the user to enter the recaptcha again if the form validation fails but captcha validation is successful ?
分享 Sure there is. You could store the validation success of the recaptcha into the session (or a cookie, or a database) and then hide the recaptcha if the indication is there. On the serverside you simply have to check if either the recaptcha is correct or the indication is valid.
You also have to make sure that a valid recaptcha cookie can only be used once, because if not the spammer can simply sent the cookie information over and over again and work around the recaptcha.
My idea is to store a timestamp within the session under a key like "recaptcha_success" and then check if the timestamp is not older than a few minutes (whatever fits your needs). If it's not, work around the recaptcha by not validating it again. If the form is valid, remove the key so the next time the user wants to use the form he has to enter the recaptcha again.
分享
