我想以一种非常简单的形式实现Recaptcha
我在客户端有一个index.html文件,在服务器端有一个post.php文件.
我已经尝试将recaptcha集成到服务器站点上,如下面的代码所示.
我做了一些测试,似乎有预期的结果…
当我尝试此查询时出现问题
for X in `seq 0 100`; do curl -D - "http://example.com/post.php" -d
"email=email${X}%40example.com&tos=on&g-recaptcha-response[]=plm&submit="; done
结果是我已成功绕过了recapcha,而我不确定是什么问题.
最有可能的是,我的php代码有问题,但是究竟是什么?
post.php
<?php
$email;$submit;$captcha;
if(isset($_POST['submit']))
{
$email=filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
}
if(isset($_POST['g-recaptcha-response']))
{
$captcha=$_POST['g-recaptcha-response'];
}
if(!$captcha)
{
echo '<h2>Please check the the captcha form.</h2>';
exit;
}
$response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Le[whatever[7_t&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
if($response.success==false)
{
echo '<h2>You are spammer ! Get the @$%K out</h2>';
}
else
{
$file = 'email-list.txt';
if (filter_var($email, FILTER_VALIDATE_EMAIL))
{
if(!(exec('grep '.escapeshellarg($email).' '.$file)))
{
// Open the file to get existing content
$current = file_get_contents($file);
// Append a new person to the file
$current .= $email . "\n";
// Write the contents back to the file
file_put_contents($file, $current);
header('Location: index.html?success='.urlencode($email));
}
else
header('Location: index.html?fail='.urlencode($email));
}
else
{
echo "$email is <strong>NOT</strong> a valid email address.<br/><br/>";
}
}
?>
index.html
...
<div class="form-group" ng-cloak>
<div class="g-recaptcha" ng-show="IAgree" data-sitekey="6LeEW[whatever]-UXo3"></div>
</div>
...
我该如何解决?英语不是我的母语.请原谅输入错误.
解决方法:
正如我在上面的评论中提到的-file_get_contents返回一个字符串.您需要使用json_decode函数将json字符串解码为php对象:
$url = "https://www.google.com/recaptcha/api/siteverify?"
$response = json_decode(file_get_contents($url));
if($response->success == false) {
echo "Oh no";
}