0 Replies Latest reply on Dec 17, 2015 2:48 PM by carmean

    Using Google Recaptcha for online PHP forms in Filemaker

    carmean

      Google's recaptcha works great with online PHP forms in Filemaker. 

      The Google instructions are simple- in the submittal form (e.g. addrecord.php) put

      <script src="https://www.google.com/recaptcha/api.js" async defer></script>
      

      as the last item in the HTML header ['async defer' is optional] and display the widget...

       

      <div class="g-recaptcha" data-sitekey="The-Public-Site-Key-Google-gives-you"></div> 
      

        in the form.

       

      I found I needed a hidden field for the recaptcha as the last submitted field, e.g., I created a field named 'google_recaptcha' and put

      <!-- Last Field submitted is to capture google_recaptcha string otherwise it goes in the real last field -->
      <input type="hidden"  name="google_recaptcha" value=""> 
      

      which when submitted is filled with characters.  Maybe someone has a suggestion to make this unnecessary?

       

      When my table (and sub-table) structure was not correct (even if it looks fine in the browser) the recaptcha was rejected (this took some experimenting to discover the problem).

       

      For the confirmation form, the Google Recaptcha code goes first- if you are trouble shooting you might comment out each 'Die' line to see if your form is still submitting.

       

      <?php
      class GoogleRecaptcha 
      {
          /* Google recaptcha API url */
          private $google_url = "https://www.google.com/recaptcha/api/siteverify";
          private $secret = 'The-Secret-key-for-communication-between-your-site-and-Google';
      
          public function VerifyCaptcha($response)
          {
              $url = $this->google_url."?secret=".$this->secret.
                     "&response=".$response;
      
              $curl = curl_init();
              curl_setopt($curl, CURLOPT_URL, $url);
              curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
              curl_setopt($curl, CURLOPT_TIMEOUT, 15);
              curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, TRUE);
              curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, TRUE); 
              $curlData = curl_exec($curl);
      
              curl_close($curl);
      
              $res = json_decode($curlData, TRUE);
              if($res['success'] == 'true') 
                  return TRUE;
              else
                  return FALSE;
                  die;
          }
      }
      
      $message = 'Google reCaptcha';
      if($_SERVER["REQUEST_METHOD"] == "POST")
      {
          $response = $_POST['g-recaptcha-response'];
      
          if(!empty($response))
          {
                $cap = new GoogleRecaptcha();
                $verified = $cap->VerifyCaptcha($response);
      
                if($verified) {
                  $message = "Captcha Success!";
                } else {
                  $message = "Please go back and reenter captcha";
                  echo   $message ;
                  die;    
                }
          }
      } 
      
                if(($message) != 'Captcha Success!') {
                       echo   "<h2 >Go back and click on the 'I am not a robot' button<h2>" ;
                die;
                } else {
                 }
      
      
          /** FileMaker PHP Site Assistant Generated File  (your PHP and HTML form successfully submitted message starts here...
          /**
          * FileMaker PHP Site Assistant Generated File
          */
          */
      

       

      The PHP for Filemaker start after the 'Die'  statements so it will not be submitted unless the recaptcha completion is successful.