Google recently launched a new way to prevent bots sending form requests. Old reCAPTCHA asked website users to fill a input box with text presented in an image. This old reCAPTCHA model was not user friendly and had become less secure as new algorithms were developed to break it. Therefore Google came out with a new reCAPTCHA model. The new model can verify spam or not by just using a checkbox. Now users don’t have to read the scary text and fill text boxes. The new reCAPTCHA model is called as “No CAPTCHA reCAPTCHA”.
The new model is more user friendly and secure.
Registering and Retrieving Keys
To integrate the new reCAPTCHA in your website forms first register your site and retrieve reCAPTCHA client and secret keys.
PHP Code Example
Integrating it is very easy. Here is a PHP code example of integrating in your forms
<html>
<head>
<title>Google reCAPTCHA demo</title>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body>
<form method="post" action="index.php">
<div class="g-recaptcha" data-sitekey=""></div>
<input type="submit" />
</form>
</body>
</html>
<?php
if($_SERVER["REQUEST_METHOD"] === "POST")
{
//form submitted
//check if other form details are correct
//verify captcha
$recaptcha_secret = "";
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$recaptcha_secret."&response=".$_POST['g-recaptcha-response']);
$response = json_decode($response, true);
if($response["success"] === true)
{
echo "Logged In Successfully";
}
else
{
echo "You are a robot";
}
}
Here assign data-sitekey attribute to site key and PHP recaptcha_secret variable to secret key.