Unable to get error codes from ReCaptchaResponse

Question

I am currently using the reCaptcha library available here to run reCaptcha on my web site which uses LAMP version 2.2.22, and PHP version 5.4.39-0+deb7u2, on Debian 6.5. My PHP code is as follows.

// Recaptcha check
$secret = "SomeAlphaNumericGibberish";
$response = null;
$reCaptcha = new ReCaptcha($secret);
if ($reCaptcha ==NULL){
    echo "Null pointer "  . "<br>";
} else{
    echo "Valid pointer "  . "<br>";
}
    if ($_POST["g-recaptcha-response"]) {
    echo "Remote IP: ". $_SERVER["REMOTE_ADDR"]  . "<br>";
    $response = $reCaptcha->verifyResponse(
        $_SERVER["REMOTE_ADDR"],
        $_POST["g-recaptcha-response"]
    );
}
if ($response != null && $response->success) {
    echo "Welcome " . $_POST["username"] . "!" . "<br>";
} else if ($response == null) {echo "Null pointer "  . "<br>";}
else {
    echo "Bad response"  . "<br>";
      foreach ($response->getErrorCodes() as $code) {
            echo  $code . "<br>";
     }
   echo "End of error codes"  . "<br>";
}

The output is as follows

Valid pointer
Remote IP: 192.168.1.4
Bad response

However, I don't get any output after that. I ran

sudo cat /var/log/apache2/error.log

and got

PHP Fatal error:  Call to undefined method ReCaptchaResponse::getErrorCodes()

I was unable to find any discussions about this error message.

Use the new recaptcha. all you have to do is use curl to check the validity of the response. its easy — r3wt, May 16 '15 at 23:27

r3wt · Accepted Answer · 2016-05-27T17:41:14.147

2

No need to even use that library at all. it adds unnecessary weight.

Assuming you are using the latest recaptcha js library and your html is configured, this will work:

$recaptchasecret = 'adslfjasdlf';

$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify?secret='.
    $recaptchasecret.'&response='.$_POST['g-recaptcha-response'].'&remoteip='.$_SERVER['REMOTE_ADDR'];

$curl = curl_init();
curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => $recaptcha_url,
    CURLOPT_USERAGENT => 'MyWebsite.Com'
));
$response = curl_exec($curl);
curl_close($curl);
unset($curl);

$auth = json_decode($response,false);
if(!$auth->success){
    throw new exception('Captcha Failed!');
}

edited May 27 '16 at 17:41

answered May 16 '15 at 23:33

r3wt

4,642
2
33
55

I have in my html header and
in my html body. $curl = curl_init(); doesn't work for me. Thanks, – OtagoHarbour May 16 '15 at 23:57
It's a dedicated server in my basement. Thanks, – OtagoHarbour May 17 '15 at 00:11
sudo cat /var/log/apache2/error.log gives "Call to undefined function curl_init()". Thanks, – OtagoHarbour May 17 '15 at 00:44
OK. I had to install the curl library as per http://stackoverflow.com/questions/4477535/curl-init-function-not-working . – OtagoHarbour May 17 '15 at 01:40
"sudo cat /var/log/apache2/error.log" now gives "PHP Fatal error: Uncaught exception 'Exception' with message 'Captcha Failed!'" – OtagoHarbour May 17 '15 at 01:44
@OtagoHarbour that means that the response from Google was that the captcha failed... hence the line in the code that says `throw new exception('Captcha Failed!');` You need to learn to catch exceptions and return the response. that's a homework problem for you. obviously, make sure you replace `$recaptchasecret` with your actual secret key. – r3wt May 17 '15 at 22:02
I noticed that $recaptcha_url is not used in your sample code. Should it be used instead of $url in curl_setopt_array(). Thanks, – OtagoHarbour May 17 '15 at 22:44
The variable, $response, that is fed into json_decode() is a json object with the form { "success": false }. So it is a failure but no error-codes are supplied. I don;t see how to return a response, other than fail, if there ae no error codes. Thanks, – OtagoHarbour May 17 '15 at 22:49
@OtagoHarbour Thanks, i'll update the answer. You are correct. The api returns no message. only success or failure. this is the intended behavior obviously. lol. just alert the user that they failed the captcha. you don't need to worry about any response from googles api other than success or failure. – r3wt May 18 '15 at 02:18
1

I appear to be on top of it now. I think I will use an Ajax call to enable the submit button when the user successfully verifies. Thanks very much for your help! – OtagoHarbour May 18 '15 at 02:47
@r3wt $auth = json_decode(($response),false); was short of opening ellipse (. website didn't allow me to correct it. – Any Body Jul 02 '15 at 12:34

Unable to get error codes from ReCaptchaResponse

1 Answers1