Google Invisible reCAPTCHA integration with PHP


Google just officially released their new Invisible reCAPTCHA.Today I will show you easiest way to integrate new google Invisible reCAPTCHA version in your PHP project. Now google taking it a step further and making it invisible. Human users will be let through without seeing the "I'm not a robot" checkbox, while suspicious ones and bots still have to solve the challenges.The new google Invisible reCAPTCHA help to protect your site from bot attacks and spams. It will ensure that only human can use your site.

The official video of google Invisible reCAPTCHA  is given below

Now before we start coding we need to register our site and get a client key and secret key from google. You can register your site for free from https://www.google.com/recaptcha/admin. The registration process is fairly simple and straight forward so I am skipping it.

Now, lets start coding. Inside your config.php file

<?php
return [
	'client-key' => 'your client key',
	'secret-key' => 'your secret key'
];

Codes for login.php file (View Page)

<?php
$config = require('config.php');
?>
<html>
  <head>
    <title>reCAPTCHA demo</title>
    <script src='https://www.google.com/recaptcha/api.js'></script>
	 <script>
       function onSubmit(token) {
         document.getElementById("demo-form").submit();
       }
     </script>
  </head>
  <body>
    <form action="admin.php" method="POST" id="demo-form">
      <br>
	  <button class="g-recaptcha"
		data-sitekey="<?php echo $config['client-key']; ?>"
		data-callback="onSubmit">Submit
      </button>
    </form>
  </body>
</html>

 

Codes for admin.php file (form action)

<?php
require 'Recaptcha.php';

$recaptcha = $_POST['g-recaptcha-response'];

$object = new Recaptcha();
$response = $object->verifyResponse($recaptcha);

if(isset($response['success']) and $response['success'] != true) {
	echo "An Error Occured and Error code is :".$response['error-codes'];
}else {
	echo "Correct Recaptcha";
}

Now the main reCAPTCHA PHP library created by me. 

<?php

class Recaptcha{
	
	public function __construct(){
        $this->config = require('config.php');
    }

	public function verifyResponse($recaptcha){
		
		$remoteIp = $this->getIPAddress();

		// Discard empty solution submissions
		if (empty($recaptcha)) {
			return array(
				'success' => false,
				'error-codes' => 'missing-input',
			);
		}

		$getResponse = $this->getHTTP(
			array(
				'secret' => $this->config['secret-key'],
				'remoteip' => $remoteIp,
				'response' => $recaptcha,
			)
		);

		// get reCAPTCHA server response
		$responses = json_decode($getResponse, true);

		if (isset($responses['success']) and $responses['success'] == true) {
			$status = true;
		} else {
			$status = false;
			$error = (isset($responses['error-codes'])) ? $responses['error-codes']
				: 'invalid-input-response';
		}

		return array(
			'success' => $status,
			'error-codes' => (isset($error)) ? $error : null,
		);
	}


	private function getIPAddress(){
		if (!empty($_SERVER['HTTP_CLIENT_IP'])) 
		{
		$ip = $_SERVER['HTTP_CLIENT_IP'];
		} 
		elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) 
		{
		 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
		} 
		else 
		{
		  $ip = $_SERVER['REMOTE_ADDR'];
		}
		
		return $ip;
	}

	private function getHTTP($data){
		
		$url = 'https://www.google.com/recaptcha/api/siteverify?'.http_build_query($data);
		$response = file_get_contents($url);

		return $response;
	}
}

The server-side integration is a little tricky you need to verify the client side response by sending it to https://www.google.com/recaptcha/api/siteverify and google will verify it and will return a JSON response.
It is tricky so what I do is call a function for HTTP call in above URL and JSON decode above response from google as given above.

Invisible Recaptcha Sample Output

The above view and form action pages are extremely simplified one. You need to modify it according to your login requirements. 

You can also download above codes from my GitHub. The download link is given below

https://github.com/geordyjames/google-Invisible-reCAPTCHA





Web development
13 Mar 2017 09:39pm
PHP CodeIgniter Laravel
8409