recaptcha_与PHP集成recaptcha-CSDN博客

本文介绍了如何将reCAPTCHA与PHP进行集成，提供了一种防止机器人和恶意用户的方法，确保网站安全。

摘要由CSDN通过智能技术生成

recaptcha

reCAPTCHA is a free service by Google that protects your site from spam and other types of automated abuse. It uses advanced risk analysis techniques to tell humans and bots apart.

reCAPTCHA是Google的一项免费服务，可保护您的网站免受垃圾邮件和其他类型的自动滥用的侵害。它使用先进的风险分析技术来区分人和机器人。

This tutorial is aimed at people who are familiar with basic PHP and HTML forms. The source code of this tutorial is available here.

本教程面向熟悉基本PHP和HTML表单的人员。本教程的源代码可在此处获得。

注册您的API密钥reCAPTCHA API密钥 (Sign up for your API keys reCAPTCHA API keys)

To start using reCAPTCHA you will need to register your website to get the reCAPTCHA API key pair from Google. The key pair consists of a site key and a secret key. The site key is used to call or invoke the reCAPTCHA service on your site. The secret key authorizes communication between your application backend and the reCAPTCHA server to verify the user’s response. The secret key needs to be kept safe for security purposes.

要开始使用reCAPTCHA，您需要注册您的网站以从Google获取reCAPTCHA API密钥对。密钥对由站点密钥和秘密密钥组成。该站点密钥用于在您的站点上调用或调用reCAPTCHA服务。秘密密钥授权您的应用程序后端与reCAPTCHA服务器之间的通信，以验证用户的响应。为了安全起见，必须保护密钥。

Fill in the form and select the reCAPTCHA v2 and in that select “I am not a robot” checkbox option.

填写表格并选择reCAPTCHA v2，然后选择“我不是机器人”复选框。

Once submitted, Google will provide you with your site key and secret key.

提交后，Google会为您提供站点密钥和秘密密钥。

After you’ve signed up for your API keys, below are basic instructions for installing reCAPTCHA on your site. We will be using a simple form as an example.

签署API密钥后，以下是在网站上安装reCAPTCHA的基本说明。我们将以一个简单的表格为例。

添加reCAPTCHA小部件 (Adding reCAPTCHA widget)

To add reCAPTCHA to your site you will first need to add the reCAPTCHA JavaScript library in your HTML.

要将reCAPTCHA添加到您的站点，您首先需要在HTML中添加reCAPTCHA JavaScript库。

<script src='https://www.google.com/recaptcha/api.js' async defer ></script>

Now we will add the below HTML code to our form where we want the reCAPTCHA widget to appear.

现在，我们将以下HTML代码添加到我们的表单中，希望reCAPTCHA小部件出现。

<div class="g-recaptcha" data-sitekey="site_key"></div>

Replace site_key with the actual site key provided by google.

将site_key替换为Google提供的实际站点密钥。

For this tutorial, we will create a simple form to test reCAPTCHA with PHP. Once you are done refresh your page and you will see the reCAPTCHA widget on your site.

对于本教程，我们将创建一个简单的表单来使用PHP测试reCAPTCHA。完成后，刷新页面，您将在网站上看到reCAPTCHA小部件。

<form method="POST">
    <div class="g-recaptcha" data-sitekey="site_key"></div>
    <input type="submit" name="login" value="Log in">
</form>

验证用户响应 (Validating the user response)

You need to validate the response when a user clicks on the reCAPTCHA widget. To verify you need to write some PHP code as below.

当用户单击reCAPTCHA小部件时，您需要验证响应。要验证，您需要编写一些如下PHP代码。

When the form is submitted, it will send ‘g-recaptcha-response’ as a POST data. You need to verify it to see whether the user has checked the reCAPTCHA or not. We then submit the reCAPTCHA data to google for verification.

提交表单后，它将发送“ g-recaptcha-response”作为POST数据。您需要对其进行验证，以查看用户是否已检查了reCAPTCHA。然后，我们将reCAPTCHA数据提交给Google进行验证。

If $response->success is true then the captcha challenge was correctly completed and you should continue with form processing.

如果$response->success为true，则验证码验证已正确完成，您应继续进行表单处理。

If $response->success is false then the user failed to provide the correct captcha you should redisplay the form to allow them another attempt.

如果$response->success为false，则用户未能提供正确的验证码，您应重新显示该表单以允许他们再次尝试。

Notice that this code is asking for the secret key, which should not be confused with the site key. You get that from the same page as the site key.

请注意，此代码要求的是私钥，请勿将其与站点密钥混淆。您可以从与站点密钥相同的页面获得该信息。

The source code of this tutorial is available here.

本教程的源代码可在此处获得。

That’s it for today! reCAPTCHA should now be working on your site.

今天就这样！ reCAPTCHA现在应该可以在您的站点上工作了。

Originally published at https://davisonpro.dev on September 29, 2019.

最初于 2019年9月29日 发布在 https://davisonpro.dev 。