i am developing a project for a student having a recaptcha 2 in a form.
it works perfectly in my xampp local host. but when i moved the project to student’s xampp localhost and recaptcha works, but authontication returns " You have failed our Human Verification test."
here is the code for your review.
$secretKey = "6Le9tPMUxxxxxxxxxxxx6SNKOCSC8EVVfh3J_O";
$ip = $_SERVER['REMOTE_ADDR'];
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secretKey) . '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response,true);
// should return JSON with success as true
if($responseKeys["success"]) {
//script will continue
} else {
echo '<h2>You have failed our Human Verification test. Sorry we cant proceed with the registration.</h2>';
exit;
}
Edited : it shows invalid keys in failed server. so i think i am close to finding the problem
I forget what website I got this tutorial from, but this helped me out a lot:
if (hash_equals($_SESSION['token'], $token)) {
/* The Following to get response back from Google recaptcha */
$url = "https://www.google.com/recaptcha/api/siteverify";
$remoteServer = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_URL);
$response = file_get_contents($url . "?secret=" . PRIVATE_KEY . "&response=" . \htmlspecialchars($_POST['g-recaptcha-response']) . "&remoteip=" . $remoteServer);
$recaptcha_data = json_decode($response);
/* The actual check of the recaptcha */
if (isset($recaptcha_data->success) && $recaptcha_data->success === TRUE) {
$success = "Mail was sent!";
$data['name'] = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$data['email'] = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$data['phone'] = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$data['website'] = filter_input(INPUT_POST, 'website', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$data['reason'] = filter_input(INPUT_POST, 'reason', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$data['comments'] = filter_input(INPUT_POST, 'comments', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$send = new Email($data);
} else {
$success = "You're not a human!"; // Not on a production server:
}
} else {
// Log this as a warning and keep an eye on these attempts
}
You also need to setup a local access keys (recommended) and setup it up in Google in order to work correctly on a local server. Ignore the outer if statement.