How to integrate Google reCAPTCHA in PHP Form
Hi all, I’ve to show, how to integrate Google reCAPTCHA in PHP form. reCAPTCHA protects your website from spam and abuse in form submission. reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep automated software from engaging in abusive activities on your website.
Here I’ve integrate google reCAPTCHA in subscription form for collecting subscriber name and email.
Register your website and get API key.
- Click the below link, Sign in using google account
https://www.google.com/recaptcha/admin
- Click create button (+) on right top of the window. It will redirect to register a new site.
- Enter the following details
- Label
- reCAPTCHA type (reCAPTCHA v2 -> “I’m not a robot”)
- Domains
- Accept reCAPTCHA Terms of Service
- Finally click Submit button.
- After registered successfully you will get two API key
- site key: Use this in the HTML code your site serves to users.
- secret key: Use this for communication between your site and reCAPTCHA.
- site key: Use this in the HTML code your site serves to users.
Adding Site Key
Add the following JavaScript library file inside the head tag
<script src='https://www.google.com/recaptcha/api.js'></script>
Add site key inside the form tag
<form>
<div class="g-recaptcha" data-sitekey="__SITE_KEY__"></div>
</form>
Server Validation
In server side PHP fetch google reCAPTCHA response token from user request, send a request to the API with secret key and response token for Validation. API sends a JSON response valid or not.
<?PHP
if ($_POST['g-recaptcha-response']) {
$recaptcha_secret = "____SECRET_KEY_PASTE_HERE____";
$request_url = "https://www.google.com/recaptcha/api/siteverify?secret=" . $recaptcha_secret . "&response=" . $_POST['g-recaptcha-response'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $request_url);
$response = curl_exec($ch);
curl_close($ch);
$response = json_decode($response, true);
if ($response["success"] === true) {
echo '<strong>Captcha Verified!</strong> Success...';
} else {
echo '<strong>Captcha mismatched!</strong> Please try again...';
}
}
?>
Source Code
<?PHP
if ($_POST['g-recaptcha-response']) {
$recaptcha_secret = "____SECRET_KEY_PASTE_HERE____";
$request_url = "https://www.google.com/recaptcha/api/siteverify?secret=" . $recaptcha_secret . "&response=" . $_POST['g-recaptcha-response'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $request_url);
$response = curl_exec($ch);
curl_close($ch);
$response = json_decode($response, true);
$response = json_decode($response, true);
if ($response["success"] === true) {
echo '<strong>Captcha Verified!</strong> Success...';
} else {
echo '<strong>Captcha mismatched!</strong> Please try again...';
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src='https://www.google.com/recaptcha/api.js'></script>
<style>
body{background:#88E7EF; }
form{margin: 0 auto;width: 300px;}
p{ padding:10px 10px 0px 0px; margin:0px; font-size:14px; font-family:arial; }
form input{ padding:5px; margin:0px 0px 10px; width:80%;}
form button{ padding:5px; width:50%; margin:10px 0px;}
</style>
</head>
<body>
<form method="post">
<p>Name</p>
<input type="text" name="name" autocomplete="off" id="name" />
<p>Email</p>
<input type="email" name="email" autocomplete="off" id="email" />
<div class="g-recaptcha" data-sitekey="____SITE_KEY_PASTE_HERE____"></div>
<button type="submit" id="form-submit" name="form-submit" value="Submit">Submit</button>
</form>
</body>
</html>
jorge
Hi, my website does not have a ssl certificate, does the form work anyway?
Thanks again!