1

The user always gets rejected for some reason.

On the client side, we have exactly what's called for v2, with the

<script src="https://www.google.com/recaptcha/api.js"></script>

above the closing head tag, and the

<div class="g-recaptcha" data-sitekey="CLIENT SIDE SECRET">

in the proper spot on the form. (Our proper secret is in the CLIENT SIDE SECRET spot.)

On the server side, we have:

$response = $_POST["g-recaptcha-response"];
$url = 'https://www.google.com/recaptcha/api/siteverify';
$data = array(
    'secret' => 'SERVER SIDE SECRET',
    'response' => $_POST["g-recaptcha-response"],
    // for Cloudflare
    'remoteip' => (isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER['REMOTE_ADDR'])
);
$options = array(
    'http' => array (
        'method' => 'POST',
        'content' => http_build_query($data)
    )
);
$context = stream_context_create($options);
$verify = file_get_contents($url, false, $context);
$captcha_success = json_decode($verify);

if ($captcha_success->success==false) {
    echo "<h3>You are a bot! Go away!</h3>";
    exit;
} else if ($captcha_success->success==true) {
    //echo "<h3>You are not not a bot!</h3>";
}

(Again, the proper secret is in the right spot.) I've tried some different code on the server side, and nothing has worked.

Any help would be appreciated. Thank you!

Linny
  • 818
  • 1
  • 9
  • 22
jamminjames
  • 47
  • 10

1 Answers1

0

Okay, finally figured this out. It's very simple: the form was inside a table, and according to another post I finally found, because of that, the form was closing prematurely in the DOM, and Recaptcha couldn't find the g-recaptcha-response it had initially created. Putting the <form> tags outside the table solved the problem.

I'll bet this is a pretty common mistake, I'm surprised it was so hard to find the solution. I hope this helps someone else experiencing this very frustrating problem.

jamminjames
  • 47
  • 10