您可以通过设置会话var来验证
// captcha is already submitted so no need to verify again,
if(!isset($_SESSION['human_signup']) || (time() - $_SESSION['human_signup'] > 300)){
require_once('admin/recaptcha/recaptchalib.php');
// Get a key from https://www.google.com/recaptcha/admin/create
$publickey = 'your publickey';
$privatekey = 'your privatekey';
# the response from reCAPTCHA
$resp = null;
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
$errors[] = 'The CAPTCHA wasn\'t entered correctly, please try again';
}else{
$_SESSION['human_signup'] = time();
$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
}
}然后在html表单上执行类似这样的操作来显示验证码表单。
if (!isset($_SESSION['human_signup']) || (time() - $_SESSION['human_signup'] > 300)){ ?>
CAPTCHA
height="300" width="500" frameborder="0">
value="manual_challenge">
} ?>确保在用户注册完成后删除会话。喜欢这个。
//insert registration data in db i.e. registration is complete.
//unset the session used to hide the captcha.
unset($_SESSION['human_signup']);
?>阻止用户手动输入验证码然后使用某些脚本自动创建帐户的一个不太重要的功能。
/* if user tries to register automatically by manually entering captcha and using scrpt to create accoutns */
if(isset($_SESSION['human_signup']) && ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])) {
unset($_SESSION['human_signup']);
unset($_SESSION['user_agent']);
@session_destroy();
@session_unset();
}
?>希望这会有所帮助。如果我错过了什么,请随时编辑答案。