Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/google/recaptcha
PHP client library for reCAPTCHA, a free service to protect your website from spam and abuse.
https://github.com/google/recaptcha
abuse recaptcha spam
Last synced: about 2 months ago
JSON representation
PHP client library for reCAPTCHA, a free service to protect your website from spam and abuse.
- Host: GitHub
- URL: https://github.com/google/recaptcha
- Owner: google
- License: bsd-3-clause
- Created: 2014-09-30T18:30:39.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-04-30T15:47:19.000Z (5 months ago)
- Last Synced: 2024-05-18T18:02:27.173Z (4 months ago)
- Topics: abuse, recaptcha, spam
- Language: PHP
- Homepage: http://www.google.com/recaptcha/
- Size: 287 KB
- Stars: 3,456
- Watchers: 129
- Forks: 767
- Open Issues: 103
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-captcha - google/recaptcha - Biblioteka klienta PHP dla reCAPTCHA, bezpłatna usługa chroniąca twoją stronę przed spamem i nadużyciami. (Biblioteki)
- awesome-php-cn - google/recaptcha - google reCAPTCHA 验证码Client 库 (目录 / 图像 Imagery)
- php-awesome - reCAPTCHA
README
# reCAPTCHA PHP client library
[](https://travis-ci.org/google/recaptcha)
[](https://coveralls.io/github/google/recaptcha)
[](https://packagist.org/packages/google/recaptcha)
[](https://packagist.org/packages/google/recaptcha)
reCAPTCHA is a free CAPTCHA service that protects websites from spam and abuse.
This is a PHP library that wraps up the server-side verification step required
to process responses from the reCAPTCHA service. This client supports both v2
and v3.
- reCAPTCHA: https://www.google.com/recaptcha
- This repo: https://github.com/google/recaptcha
- Hosted demo: https://recaptcha-demo.appspot.com/
- Version: 1.3.0
- License: BSD, see [LICENSE](LICENSE)
## Installation
### Composer (recommended)
Use [Composer](https://getcomposer.org) to install this library from Packagist:
[`google/recaptcha`](https://packagist.org/packages/google/recaptcha)
Run the following command from your project directory to add the dependency:
```sh
composer require google/recaptcha "^1.3"
```
Alternatively, add the dependency directly to your `composer.json` file:
```json
"require": {
"google/recaptcha": "^1.3"
}
```
### Support for earlier versions of PHP
The 1.3 release moves to PHP 8 and up. For earlier versions, you will need to
stay with the 1.2 releases.
### Direct download
Download the [ZIP file](https://github.com/google/recaptcha/archive/master.zip)
and extract into your project. An autoloader script is provided in
`src/autoload.php` which you can require into your script. For example:
```php
require_once '/path/to/recaptcha/src/autoload.php';
$recaptcha = new \ReCaptcha\ReCaptcha($secret);
```
The classes in the project are structured according to the
[PSR-4](https://www.php-fig.org/psr/psr-4/) standard, so you can also use your
own autoloader or require the needed files directly in your code.
## Usage
First obtain the appropriate keys for the type of reCAPTCHA you wish to
integrate for v2 at https://www.google.com/recaptcha/admin or v3 at
https://g.co/recaptcha/v3.
Then follow the [integration guide on the developer
site](https://developers.google.com/recaptcha/intro) to add the reCAPTCHA
functionality into your frontend.
This library comes in when you need to verify the user's response. On the PHP
side you need the response from the reCAPTCHA service and secret key from your
credentials. Instantiate the `ReCaptcha` class with your secret key, specify any
additional validation rules, and then call `verify()` with the reCAPTCHA
response (usually in `$_POST['g-recaptcha-response']` or the response from
`grecaptcha.execute()` in JS which is in `$gRecaptchaResponse` in the example)
and user's IP address. For example:
```php
setExpectedHostname('recaptcha-demo.appspot.com')
->verify($gRecaptchaResponse, $remoteIp);
if ($resp->isSuccess()) {
// Verified!
} else {
$errors = $resp->getErrorCodes();
}
```
The following methods are available:
- `setExpectedHostname($hostname)`: ensures the hostname matches. You must do
this if you have disabled "Domain/Package Name Validation" for your
credentials.
- `setExpectedApkPackageName($apkPackageName)`: if you're verifying a response
from an Android app. Again, you must do this if you have disabled
"Domain/Package Name Validation" for your credentials.
- `setExpectedAction($action)`: ensures the action matches for the v3 API.
- `setScoreThreshold($threshold)`: set a score threshold for responses from the
v3 API
- `setChallengeTimeout($timeoutSeconds)`: set a timeout between the user passing
the reCAPTCHA and your server processing it.
Each of the `set`\*`()` methods return the `ReCaptcha` instance so you can chain
them together. For example:
```php
setExpectedHostname('recaptcha-demo.appspot.com')
->setExpectedAction('homepage')
->setScoreThreshold(0.5)
->verify($gRecaptchaResponse, $remoteIp);
if ($resp->isSuccess()) {
// Verified!
} else {
$errors = $resp->getErrorCodes();
}
```
You can find the constants for the libraries error codes in the `ReCaptcha`
class constants, e.g. `ReCaptcha::E_HOSTNAME_MISMATCH`
For more details on usage and structure, see [ARCHITECTURE](ARCHITECTURE.md).
### Examples
You can see examples of each reCAPTCHA type in [examples/](examples/). You can
run the examples locally by using the Composer script:
```sh
composer run-script serve-examples
```
This makes use of the in-built PHP dev server to host the examples at
http://localhost:8080/
These are also hosted on Google AppEngine Flexible environment at
https://recaptcha-demo.appspot.com/. This is configured by
[`app.yaml`](./app.yaml) which you can also use to [deploy to your own AppEngine
project](https://cloud.google.com/appengine/docs/flexible/php/download).
## Contributing
No one ever has enough engineers, so we're very happy to accept contributions
via Pull Requests. For details, see [CONTRIBUTING](CONTRIBUTING.md)