amirelgohary1990 Posted January 26 Share Posted January 26 (edited) Hello I am receiving a huge amount of spam emails, now I am trying to implement Google Recaptcha V3 in my custom PHP From, I implemented all the steps for G-Recaptcha, but I receive error invalid-input-secret And I am sure that the secret code shout be copied right I added the below to the head tag <script src="https://www.google.com/recaptcha/api.js?render=6LfyPF0pAAAAAHLxp3315RTN7jrRvBe6kLdHGAiT"></script> <script> grecaptcha.ready(function() { grecaptcha.execute('6LfyPF0pAAAAAHLxp3315RTN7jrRvBe6kLdHGAiT', {action: 'submit'}).then(function(token) { let recaptchaResponse = document.getElementById("recaptchaResponse"); console.log(recaptchaResponse); recaptchaResponse.value = token; }); }); </script> Then added hidden input before the submit button in the Form <input type="hidden" name="recaptcha_response" id="recaptchaResponse"> <input class="contactInput no-border cursorPointer buttonStyle" name="submitContact" value="Submit" type="submit"> And finally, I implemented the PHP code if(isset($_POST['submitContact']) && $_SERVER['REQUEST_METHOD'] == 'POST'){ $recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify'; $recaptcha_secret = '6LfyPF0pAAAAAEsS5lfN_WL3wKHh1XfGo0oE_PYU'; $recaptcha_response = $_POST['recaptcha_response']; $recaptcha = file_get_contents($recaptcha_url."?secret=".$recaptcha_secret."?response=".$recaptcha_response); $recaptcha = json_decode($recaptcha); if($recaptcha->success ==true){ if($recaptcha->score >= 0.5){ echo "Recaptcha Success"; }else{ echo"<pre>"; print_r("Recaptcha Not Verified"); echo"</pre>"; } }else{ echo"<pre>"; print_r($recaptcha); echo"</pre>"; } } But receiving the below error stdClass Object ( [success] => [error-codes] => Array ( [0] => invalid-input-secret ) ) Edited January 26 by amirelgohary1990 Removed " and added ' in recaptcha url Quote Link to comment Share on other sites More sharing options...
requinix Posted January 26 Share Posted January 26 1. Thank you for posting your reCAPTCHA secret to a public forum. Please cancel it and generate a new one immediately. And then don't publish it anywhere. 2. The URL you're constructing has two problems, but they're irrelevant because: 3. Per the documentation, you need to send a POST request to /siteverify. Not a GET request. Which typically means using cURL. If you still have problems, remember to post your updated code. Quote Link to comment Share on other sites More sharing options...
amirelgohary1990 Posted January 26 Author Share Posted January 26 6 hours ago, requinix said: 1. Thank you for posting your reCAPTCHA secret to a public forum. Please cancel it and generate a new one immediately. And then don't publish it anywhere. 2. The URL you're constructing has two problems, but they're irrelevant because: 3. Per the documentation, you need to send a POST request to /siteverify. Not a GET request. Which typically means using cURL. If you still have problems, remember to post your updated code. Hello This secret code will not be published into the live site, just a test copy The below code worked with me if(isset($_POST['submitContact']) && $_SERVER['REQUEST_METHOD'] == 'POST'){ $postdata = http_build_query(["secret"=>"6LfyPF0pAAAAAEsS5lfN_WL3wKHh1XfGo0oE_PYU","response"=>$recaptcha_response]); $opts = ['http' => [ 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata ] ]; $context = stream_context_create($opts); $result = file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context); $recaptcha = json_decode($result); if($recaptcha->success ==true){ if($recaptcha->score >= 0.5){ echo "Recaptcha Success"; }else{ echo"<pre>"; print_r("Recaptcha Not Verified"); echo"</pre>"; } }else{ echo"<pre>"; print_r($recaptcha); echo"</pre>"; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.