Recently Google has been introduced new reCaptcha API called “Are you a robot?”. “No Captcha reCaptcha” a complete new design captcha system and it enables users to pass the “captcha” just by clicking on it. This API utilizes an Advanced Risk Analysis engine that is capable of discerning between users and bots. The best part is that the interface has been simplified to a checkbox, a vast improvement over reCAPTCHA.
In cases when the risk analysis engine can’t confidently predict whether a user is a human or an abusive agent, it will prompt a CAPTCHA and in this way google increasing the number of security checkpoints to confirm the user is valid.
So today i would like to show you how to implement new reCaptcha using PHP.I like the new design it is clean and impressive, hope you will like it.
1. Go to google’s no Captcha recaptcha website, then register your website and grab your public and secret keys.
2. Client slide integration –
Paste this snippet before the closing tag on your HTML template:
Paste this snippet in the form, where you want the reCAPTCHA widget to rapper:
3. Server side integration –
In order to verify user submitted reCAPTCH we need to send a POST request with following parameters secret, remote ip,response to the “https://www.google.com/recaptcha/api/siteverify”.We can grab the user submitted reCaptch value with ‘g-recaptcha-response’.
Here –
1. response : the value of ‘g-recaptcha-response’
2. remoteip : the end user’s ip address
3. secret: the secret key of your registered website.
To get the user’s ip address i am using below method :
function getClientIP() { if (isset($_SERVER['HTTP_CLIENT_IP'])) $ipaddress = $_SERVER['HTTP_CLIENT_IP']; else if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR']; else if(isset($_SERVER['HTTP_X_FORWARDED'])) $ipaddress = $_SERVER['HTTP_X_FORWARDED']; else if(isset($_SERVER['HTTP_FORWARDED_FOR'])) $ipaddress = $_SERVER['HTTP_FORWARDED_FOR']; else if(isset($_SERVER['HTTP_FORWARDED'])) $ipaddress = $_SERVER['HTTP_FORWARDED']; else if(isset($_SERVER['REMOTE_ADDR'])) $ipaddress = $_SERVER['REMOTE_ADDR']; else $ipaddress = 'UNKNOWN'; return $ipaddress; }
To send POST request with CURL i am using below method :
function curlRequest($url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_TIMEOUT, 10); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16"); $curlData = curl_exec($curl); curl_close($curl); return $curlData; }
Complete Script:
$secretKey,'response' => $recaptchaUserInput,'remoteip' => $userIP)); $response = curlRequest($recaptchaVerifyURL); $response = json_decode($response); if($response->success) { print_r($_POST); // valid request // send contact email into to admin via email or store contact info in database } else { echo 'Please re-enter your reCAPTCHA'; } } } ?>