Recaptcha 2 authenticates on one xampp localhost. But not in another

Hi guys,

i am developing a project for a student having a recaptcha 2 in a form.
it works perfectly in my xampp local host. but when i moved the project to student’s xampp localhost and recaptcha works, but authontication returns " You have failed our Human Verification test."

here is the code for your review.

$secretKey = "6Le9tPMUxxxxxxxxxxxx6SNKOCSC8EVVfh3J_O";
$ip = $_SERVER['REMOTE_ADDR'];
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secretKey) .  '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response,true);
// should return JSON with success as true
if($responseKeys["success"]) {
		//script will continue 
} else {
		echo '<h2>You have failed our Human Verification test. Sorry we cant proceed with the registration.</h2>';
		exit;
}

Edited : it shows invalid keys in failed server. so i think i am close to finding the problem

note working -
array(2) { [“success”]=> bool(false) [“error-codes”]=> array(1) { [0]=> string(12) “invalid-keys” } }

working -
array(3) { [“success”]=> bool(true) [“challenge_ts”]=> string(20) “2020-05-10T08:53:15Z” [“hostname”]=> string(9) “localhost” }

I forget what website I got this tutorial from, but this helped me out a lot:

        if (hash_equals($_SESSION['token'], $token)) {
            /* The Following to get response back from Google recaptcha */
            $url = "https://www.google.com/recaptcha/api/siteverify";

            $remoteServer = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_URL);
            $response = file_get_contents($url . "?secret=" . PRIVATE_KEY . "&response=" . \htmlspecialchars($_POST['g-recaptcha-response']) . "&remoteip=" . $remoteServer);
            $recaptcha_data = json_decode($response);
            /* The actual check of the recaptcha */
            if (isset($recaptcha_data->success) && $recaptcha_data->success === TRUE) {
                $success = "Mail was sent!";
                $data['name'] = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
                $data['email'] = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
                $data['phone'] = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
                $data['website'] = filter_input(INPUT_POST, 'website', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
                $data['reason'] = filter_input(INPUT_POST, 'reason', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
                $data['comments'] = filter_input(INPUT_POST, 'comments', FILTER_SANITIZE_FULL_SPECIAL_CHARS);

                $send = new Email($data);
            } else {
                $success = "You're not a human!"; // Not on a production server:
            }
        } else {
            // Log this as a warning and keep an eye on these attempts
        }

You also need to setup a local access keys (recommended) and setup it up in Google in order to work correctly on a local server. Ignore the outer if statement.

1 Like

Thank you!. but i just managed to solve the issue by generating a new recaptcha key from other localhost computer and it worked :smiley: