Using Google reCaptcha always shows 'incorrect-captcha-sol'

Question

I'm trying to use Google reCaptcha on my website and after following several tutorials, I'm using as follow on my HTML page:

<section class="row" id="Contact">
        <div class="col-full">
             <form method="post" action="contact.php">
                <input name="sender" placeholder="Name" size="30"><br><br>
                <input name="senderEmail" placeholder="Email" size="30"><br><br>
                <textarea rows="10" cols="30" name="message" placeholder="Message"></textarea><br><br>
                <div class="g-recaptcha" data-sitekey="6LdFOQcTAAAAABKsku3bD6Mp3HuGYNDRN1tLlSkw"></div><br>
                <input type="submit" name="submit">
            </form>
        </div>
</section>

With the following within the <head> tag:

    <script src='https://www.google.com/recaptcha/api.js'></script>

The form loads the following PHP script as shown on Google's tutorial:

<?php

require_once('recaptchalib.php');

echo "<pre> _POST: =========\n";
print_r($_POST);
echo "\n=========\n</pre>";

$privatekey = "privatekey";
$resp = recaptcha_check_answer ($privatekey,
                             $_SERVER["REMOTE_ADDR"],
                             $_POST["recaptcha_challenge_field"],
                             $_POST["recaptcha_response_field"]);
if (!$resp->is_valid)
{
  die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
    "(reCAPTCHA said: " . $resp->error . ")");
}

?>

The problem is I always get the error incorrect-captcha-sol and can't understand why. the output I get from the PHP script is:

 _POST: =========
Array
(
 [g-recaptcha-response] => 03AHJ_VusLbTZVbhMBH2-cyOdbM81IoG7ShDtTmyVa8e34PbghyKaRYnrb4bbeuPoJXFa-2sD5B-UIOWq_zClya-VOtq8iLHXBkAR0PrElQYiQjKTm2POkjci43-yEaenh1tu_M4vKsjJGswKFlVs6IdlWhdVaMdznLBeutgHjiHRBy7fzAi0It0x5IadwMxAqVpmG7F1gRvUcQmakij4ObTqPUK4lPdc84HkkKmY62uJ45d8DwKSeR2ifRg6wL9JFxpcZkjSp4oIlltin2uCMiBDU58QQQLLKPJuSKcmm-N5p7OEt7E6gc4UZyTLpKrJ-9mMUusvLpixwFHop0e5155vEZssxzu6Zizo-LyB1mX3XOrQ8LEceydssgLvl9gJBC4f9zDBKPQdLmjfxVKdPCXLtUZVNbMDYe7cNL7gsgwJC-hLbZYTh6UV1nUdKnFnkHAACjI7M28hpKWdiyIwcJ5UAzTMPfIllMw
)

=========

Why don't I have recaptcha_challenge_field or recaptcha_response_field fields on my POST and how can I solve it?

@AndreaLigios Yes, I am sure that I used the right private key. — user26830, May 25 '15 at 12:57

Locke Donohoe · Answer 1 · 2015-05-31T09:18:15.253

3

The code I used for my recaptcha is as follows:

This goes in the header:

<script src='https://www.google.com/recaptcha/api.js'></script>

This goes where you want the actual recaptcha to be:

<div class="g-recaptcha" data-sitekey="PUBLIC_KEY_HERE"></div>

You can add this to the div to change the theme: data-theme="theme"

And this is the PHP script:

if(isset($_POST['g-recaptcha-response']))
$captcha=$_POST['g-recaptcha-response'];
if(!$captcha){
    //Captcha hasn't been checked
}
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=SECRET_KEY_HERE&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
if($response['success'] == false){
    //Captcha incorrect
}
else {
    //Success code here
}

edited May 31 '15 at 09:18

answered May 30 '15 at 13:46

Locke Donohoe

482
1
7
22

Well, `$response['success']` seems to be always false when I try that. – user26830 Jun 03 '15 at 21:30
That's very strange, it works perfectly for me. Make sure you have put in your public and secret keys properly. If that still does not work try in a brand new file to see if the results are any different. – Locke Donohoe Jun 03 '15 at 22:23
Why this works and official GOOGLE code doesn't? This is some weird magic. Thank you very much! – Telion Sep 09 '17 at 04:10

score 0 · Answer 2 · answered May 29 '15 at 00:41

0

From what I can see you do not have an else option after you check the answer. You check if its wrong but there is nothing to tell it what to do if the user got it right. Try adding something like this:

if (!$resp->is_valid) {
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")");
}
else {
    //Code for success here
}

answered May 29 '15 at 00:41

Locke Donohoe

482
1
7
22

I just didn't upload the rest of the code, since it is irrelevant to the problem and the `$resp->is_valid` always returns false as I always get an error. – user26830 May 29 '15 at 13:02
Are you using the new checkbox recaptcha? If so I can post the code I used for mine. – Locke Donohoe May 30 '15 at 06:41
I think I'm using the newest version. – user26830 May 30 '15 at 12:23

score 0 · Answer 3 · answered May 31 '15 at 09:32

I use Google New reCaptcha

https://github.com/google/recaptcha Official Code

It is StandAlone package. It works with php great.

after failed captcha i use jquery code to reload capctha

grecaptcha.reset();

because recapctha response expire after validation and captcha does not reload so it will send expired response again and again until you don't reload page to get new Captcha code.

Validation code

require('/path/to/recaptcha/autoload.php');

$recaptcha = new \ReCaptcha\ReCaptcha($secret);
$resp = $recaptcha->verify($gRecaptchaResponse, $remoteIp);
if ($resp->isSuccess()) {
} else { $errors = $resp->getErrorCodes();
foreach ($errors as $code) {
echo "<div class=\"alert alert-danger\">$code</div>";
}
echo "<p><strong>Note:</strong> Error code <tt>missing-input-response</tt> may mean the user just didn't complete the reCAPTCHA.</p>";
}

Using Google reCaptcha always shows 'incorrect-captcha-sol'

3 Answers3

Linked