0

When I press button Submit on form, reCAPTCHA will allow. My form can send message without check I'm not a robot. I don't know if it's about include ajax. How can I use reCAPTCHA with my form contact?

Thank you very much for your time and assistance in this matter.

This my HTML code.

<form class="callus" onSubmit="return false">
  <div id="result"></div>
  <input type="text" name="name" id="name">
  <input type="email" name="email" id="email">
  <textarea name="message" id="message"></textarea>
  <div class="g-recaptcha" data-sitekey="XXXXX"></div>
  <button id="submit_btn">Submit</button>
</form>

This is my Javascript.

jQuery(document).ready(function($){
  $("#submit_btn").click(function() {
    var user_name       = $('input[name=name]').val();
    var user_email      = $('input[name=email]').val();
    var user_message    = $('textarea[name=message]').val();

    var post_data, output;
    var proceed = true;
      if(user_name==""){
        proceed = false;
      }
      if(user_email==""){
        proceed = false;
      }
      if(user_subject==""){
        proceed = false;
      }
      if(user_message==""){
        proceed = false;
      }

      if(proceed) {
        post_data = {'userName':user_name, 'userEmail':user_email, 'userMessage':user_message};

        $.post('email.php', post_data, function(response){

          if(response.type == 'error') {
            output = '<div class="alert-danger">'+response.text+'</div>';
          }else{
            output = '<div class="alert-success">'+response.text+'</div>';
            $('.callus input').val('');
            $('.callus textarea').val('');
          }
        $("#result").hide().html(output).slideDown();
      }, 'json');
    }
  });

  $(".callus input, .callus textarea").keyup(function() {
    $("#result").slideUp();
  });
});

email.php

<?php
  if($_POST) {
    $to_Email       = 'demo@localhost.com';
    $subject        = 'New Contact Inquiry';

    if(!isset($_SERVER['HTTP_X_REQUESTED_WITH']) AND strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {

      $output = json_encode(
        array(
          'type'=>'error',
          'text' => 'Request must come from Ajax'
      ));
      die($output);
    }

    if(!isset($_POST["userName"]) || !isset($_POST["userEmail"]) || !isset($_POST["userMessage"])) {
      $output = json_encode(array('type'=>'error', 'text' => 'Input fields are empty!'));
      die($output);
    }

    $user_Name        = filter_var($_POST["userName"], FILTER_SANITIZE_STRING);
    $user_Email       = filter_var($_POST["userEmail"], FILTER_SANITIZE_EMAIL);
    $user_Message     = filter_var($_POST["userMessage"], FILTER_SANITIZE_STRING);

    if(strlen($user_Name)<3) {
      $output = json_encode(array('type'=>'error', 'text' => 'Name is too short or empty!'));
      die($output);
    }
    if(!filter_var($user_Email, FILTER_VALIDATE_EMAIL)) {
      $output = json_encode(array('type'=>'error', 'text' => 'Please enter a valid email!'));
      die($output);
    }

    if(strlen($user_Message)<5) {
      $output = json_encode(array('type'=>'error', 'text' => 'Too short message! Please enter something.'));
      die($output);
    }

    $message_Body = "<strong>Name: </strong>". $user_Name ."<br>";
    $message_Body .= "<strong>Email: </strong>". $user_Email ."<br>";
    $message_Body .= "<strong>Message: </strong>". $user_Message ."<br>";

    $headers = "From: " . strip_tags($user_Email) . "\r\n";
    $headers .= "Reply-To: ". strip_tags($user_Email) . "\r\n";
    $headers .= "MIME-Version: 1.0\r\n";
    $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

    $sentMail = @mail($to_Email, $subject, $message_Body, $headers);

    if(!$sentMail) {
      $output = json_encode(array('type'=>'error', 'text' => 'Could not send mail! Please check your PHP mail configuration.'));
      die($output);
    }else{
      $output = json_encode(array('type'=>'message', 'text' => 'Hi '.$user_Name .' Thank you for contacting us.'));
      die($output);
    }
  }
?>
James Kmutnb
  • 51
  • 5

1 Answers1

4

You have to validate captcha code at server side . Once you checked captcha it will give you captcha code. 

var captchaCode = this.grecaptcha.getResponse();

Re-Captcaha provide callback functions like 

<div class="g-recaptcha" id="headerCaptcha" data-callback="recaptchaCallbackHeader" data-expired-callback="recaptchaExpiryHeader" data-sitekey="xxx"></div>

You have to post this capthca code to backednd for validation inside recaptchaCallbackHeader. (refer below links for detail code)

    $secretKey = "Put your secret key here";
    $ip = $_SERVER['REMOTE_ADDR'];
    $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha."&remoteip=".$ip);

Inresponse of this API you will get . 

  $responseKeys = json_decode($response,true);
    if(intval($responseKeys["success"]) !== 1) {
      echo '<h2>You are not a robot  @$%K out</h2>';
    } else {
      echo '<h2>Thanks for posting comment.</h2>';
    }

Remember recaptcha provide two types of keys.

  1. Private key which is used on server side for validation of captcha code.
  2. Site-key which is used to render captcha on clint side.

See how reCaptcah works

And Here to validate using PHP.

manikant gautam
  • 3,521
  • 1
  • 17
  • 27