'Verify Site key and secret key is correct in recapcha

Hi currently i have implemented recaptcha v2 in my php website and everything is working fine. I have added 2 text box where I can insert site key and secret key. But the problem is even the keys are wrong still recaptcha is showing and for wrong keys recaptcha v2 always fail.

  1. So I want to know, how can I verify site key and secret key of a website is correct or not via code ?

  2. Also is there any way I can know the recaptcha is working or not via code ?

I have read this documentation but there is no ReCaptchaResponse for site key and secret key is wrong .

Example of wrong keys

Actual keys

Site Key: 7LeAbKcdAAAAAOezcfoFK-tekV_H2V0IzTy5rUn-

secret Key: 7LeAbKcdAAAAAMfyCxR7teg5VzB1Am5Q1jk_I6Tb

Wrong keys

Site Key: 7LeAbKcdAAAAAOezcfoFK-tekV_H2V0IzTy5rUn-

secret Key: 7LeAbKcdAAAAAMfyCxR7teg5VzB1Am6Q1jk_I6Tb

Here in wrong keys, i just changed one number but still the recaptcha keep showing . Actually if the site key and secret key is wrong then it should not display.

I have seen this link and it is very helpful. But for my case even if both site key and secret key is correct i am getting ERROR for site owner: Invalid domain for site key

Please help to find a solution.

phprecaptcha


Solution 1:[1]

Google does not provide methods to verify site keys or secret keys. You should make sure your secret key and the site key match each other before entering.

Solution 2:[2]

There's an answer to this where we can verify the recaptcha on the server side (https://stackoverflow.com/a/27439796/7275579)


<?php
    $captcha;

    if(isset($_POST['g-recaptcha-response']))
        $captcha=$_POST['g-recaptcha-response'];

    if(!$captcha){
        echo '<h2>Please check the the captcha form.</h2>';
        exit;
    }

    $response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=SECRET_KEY&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);

    if($response['success'] == false)
    {
        echo 'Invalid';
    }
    else
    {
        // Proceed
    }

Also make sure to encode the captcha using urlencode

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Henryc17
Solution 2 Ayrush

Related Questions