I've tried to implement a simple code to use reCAPTCHA on my site afterwards, but even this simple code doesn't work.
The problem is that the verify function always returns a bool (false) value. I've checked the keys several times but they are the correct ones
<head>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
</head>
<body>
<?php require_once "recaptchalib.php"; ?>
<?php
if(isset($_POST['new_comment']) && !empty($_POST['new_comment'])):
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) :
$secret = "mysecretkey";
var_dump ($_POST['g-recaptcha-response']);
$ip = $_SERVER['REMOTE_ADDR'];
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response'].'&remoteip='.$ip);
echo ("verifyresponse");
var_dump ($verifyResponse);
$responseData = json_decode($verifyResponse, true);
echo ("responseData");
var_dump ($ResponseData);
if ($response != null && $response->success) :
echo 'Form info successfully submitted';
else:
$errMsg = 'Robot verification failed, please try again.';
echo $errMsg ;
endif;
else:
$errMsg = 'Please click on the reCAPTCHA box.';
echo $errMsg ;
endif;
else:
$errMsg = '';
$succMsg = '';
endif;
?>
<form name="form1" action="thisfile.php" method="post">
Enter Comment :<br />
<textarea name="new_comment" cols="75" rows="10"></textarea><br />
<div class="g-recaptcha" data-sitekey="mysitekey"></div>
<input type="submit" value="Envoyer" />
</form>
</body>
</html>
The var_dump ($_POST['g-recaptcha-response'])
gives the expected long chain of characters, but the var_dump ($verifyResponse)
gives a bool(false)
value, and I never see the var_dump ($ResponseData)
.
Can anyone help me figure out what is wrong with this code?
I've narrowed down the problem to the fact that the file_get_content
call returns a "false" value instead of the expected
{ "success": true, "challenge_ts": "2017-12-10T15:09:12Z", "hostname": "mydomain" }
What is getting me crazy is that if echo the full string and copy it directly in the browser then I get the correct answer (above), so I can't figure out what is going wrong...
Here's the current 'stripped to the bone' version of my code (I've deleted the json_decode
call and everything after that since as long as I get a wrong return value I know the rest won't work)
<!doctype html>
<html>
<head>
<script src="https://www.google.com/recaptcha/api.js" async defer>
</script>
</head>
<body>
<?php
define('GOOGLE_RECAPTCHA_KEY','xxx');
define('GOOGLE_RECAPTCHA_SECRET_KEY','yyy');
$message = false;
if ( isset( $_POST['new_comment'], $_POST['g-recaptcha-response'] ) && !empty( $_POST['new_comment'] ) && !empty( $_POST['g-recaptcha-response'] ) ){
echo 'Sauvegarde du commentaire' ;
$secret = GOOGLE_RECAPTCHA_SECRET_KEY;
$ip = $_SERVER['REMOTE_ADDR'];
var_dump($_POST['g-recaptcha-response']);
$getResponse = 'https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response'];
var_dump($getResponse);
$GoogleResponse = file_get_contents($getResponse) ;
var_dump($GoogleResponse) ;
}
?>
<form method='post'>
Enter Comment :<br />
<textarea name='new_comment' cols='75' rows='10'></textarea>
<?php
if( !empty( $message ) )echo $message;
?>
<br />
<div class='g-recaptcha' data-sitekey='<?php echo GOOGLE_RECAPTCHA_KEY;?>'></div>
<input type='submit' value='Envoyer' />
</form>
</body>
</html>