Greg Greg - 4 months ago 34
Ajax Question

Contact form issue to handle Google reCaptcha response

I'm trying to implement google reCaptcha for my contact form. I've read several tutorials and posts on SA but without success.

My issue is that no matter wheter the user check the reCaptcha or not, the form gets send anyway as if the reCaptcha was not taken into consideration.

I have used the method described in this post and see below my full code:

What is the issue?

Many thanks

FORM

<form action="sendmessage-test.php" class="well form-horizontal" id="contact_form" method="post" name="contact_form">

fields etc.

<button class="" name="submit" type="submit"> SEND</button>
<div class="g-recaptcha" data-sitekey="mykey"></div>


</form>


AJAX

$(document).ready(function() {

$('#contact_form').bootstrapValidator({
feedbackIcons: {
valid: 'fa fa-check',
invalid: 'fa fa-times',
validating: 'fa fa-refresh'
},
fields: {
first_name: {
validators: {
stringLength: {
min: 2,
},
notEmpty: {
message: 'Veuillez indiquer votre prénom'
}
}
},
last_name: {
validators: {
stringLength: {
min: 2,
},
notEmpty: {
message: 'Veuillez indiquer votre nom'
}
}
},
email: {
validators: {
notEmpty: {
message: 'Veuillez indiquer votre adresse e-mail'
},
regexp: {
regexp: '^[^@\\s]+@([^@\\s]+\\.)+[^@\\s]+$',
message: 'Veuillez indiquer une adresse e-mail valide'
}
}
},
message: {
validators: {
stringLength: {
min: 10,
max: 1000,
message:'Votre message doit faire plus de 10 caractères et moins de 1000.'
},
notEmpty: {
message: 'Veuillez indiquer votre message'
}
}
}
}}).on('success.form.bv', function (e) {
e.preventDefault();
$('button[name="submit"]').hide();

var bv = $(this).data('bootstrapValidator');
// Use Ajax to submit form data
$.post($(this).attr('action'), $(this).serialize(), function (result) {
if (result.status == 1) {
$('#success_message').slideDown({
opacity: "show"
}, "slow")
$('#contact_form').data('bootstrapValidator').resetForm();
} else {
$('#error_message').slideDown({
opacity: "show"
}, "slow") }
}, 'json');
}
);

});


PHP

<?php

require 'PHPMailer/PHPMailerAutoload.php';

$mail = new PHPMailer;
$mail->CharSet = 'utf-8';

$email_vars = array(
'message' => str_replace("\r\n", '<br />', $_POST['message']),
'first_name' => $_POST['first_name'],
'last_name' => $_POST['last_name'],
'phone' => $_POST['phone'],
'email' => $_POST['email'],
'organisation' => $_POST['organisation'],
'server' => $_SERVER['HTTP_REFERER'],
'agent' => $_SERVER ['HTTP_USER_AGENT'],

);

// CAPTCHA


function isValid()
{
try {

$url = 'https://www.google.com/recaptcha/api/siteverify';
$data = ['secret' => 'mykey',
'response' => $_POST['g-recaptcha-response'],
'remoteip' => $_SERVER['REMOTE_ADDR']];

$options = [
'http' => [
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
]
];

$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
return json_decode($result)->success;
}
catch (Exception $e) {
return null;
}
}



//Enable SMTP debugging.
$mail->SMTPDebug = false;
//Set PHPMailer to use SMTP.
$mail->isSMTP();
//Set SMTP host name
$mail->Host = "smtp.sendgrid.net";
//Set this to true if SMTP host requires authentication to send email
$mail->SMTPAuth = true;
//Provide username and password
$mail->Username = "";
$mail->Password = "";
//If SMTP requires TLS encryption then set it
$mail->SMTPSecure = "tls";
//Set TCP port to connect to
$mail->Port = 587;

$mail->FromName = $_POST['first_name'] . " " . $_POST['last_name'];

//To be anti-spam compliant

/* $mail->From = $_POST['email']; */
$mail->From = ('mail@');
$mail->addReplyTo($_POST['email']);



$mail->addAddress("@gmail.com");
//CC and BCC
$mail->addCC("");
$mail->addBCC("");

$mail->isHTML(true);

$mail->Subject = "Nouveau message ";

$body = file_get_contents('emailtemplate.phtml');

if(isset($email_vars)){
foreach($email_vars as $k=>$v){
$body = str_replace('{'.strtoupper($k).'}', $v, $body);
}
}
$mail->MsgHTML($body);

/* $mail->Body = $_POST['message']."<br><br>Depuis la page: ". str_replace("http://", "", $_SERVER['HTTP_REFERER']) . "<br>" . $_SERVER ['HTTP_USER_AGENT'] ; */


$response = array();
if(!$mail->send()) {
$response = array('message'=>"Mailer Error: " . $mail->ErrorInfo, 'status'=> 0);
} else {
$response = array('message'=>"Message has been sent successfully", 'status'=> 1);
}

/* send content type header */
header('Content-Type: application/json');

/* send response as json */
echo json_encode($response);


?>

Answer

You need to call the function isValid you only defined it yet.

$response = array();
if(isValid()) {
    // send mail
    if(!$mail->send()) {
        $response = array('message'=>"Mailer Error: " . $mail->ErrorInfo, 'status'=> 0);
    } else {
        $response = array('message'=>"Message has been sent successfully", 'status'=> 1);
    }
} else {
    // handle error
    $response = array('message' => 'Captcha was not valid');
}

Note that you need to call isValid after it was defined.

Comments