Secure Your PHP Forms with Google reCAPTCHA v2 Integration

Websites are a big deal in our lives today. They let us chat with friends, get info, and even do business. But now that websites are so popular, spam and bots are a big problem.

Google reCAPTCHA v2 is useful in this situation. It’s a free tool by Google that boosts website security by ensuring that visitors are humans, not robots.

So, you know those annoying spam messages that show up on websites? Google reCaptcha helps stop ’em. Adding reCAPTCHA v2 to your website is a breeze! Once it’s set up properly, it’ll display an “I’m not a Robot” checkbox on your form.

When it gets clicked then different types of images on the screen display and you have to select the images that match the question asked.

In this article, I show how you can integrate Google reCAPTCHA v2 with PHP and also explain its advantages.

Secure Your PHP Forms with Google reCAPTCHA v2 Integration


Table of Content

  1. What is reCAPTCHA v2?
  2. Benefits of using reCAPTCHA v2
  3. Register website for reCAPTCHA v2
  4. Integrate Google reCAPTCHA v2 with PHP
  5. Demo
  6. Conclusion

1. What is reCAPTCHA v2?

reCAPTCHA v2 is a free security tool from Google that makes sure users on your website are human, not robots. It does this by asking them to complete a simple challenge, like picking out objects in pictures.

This helps stop spam and bot attacks that could harm your website.


2. Benefits of using reCAPTCHA v2

Integrating reCAPTCHA v2 with PHP provides a number of benefits for your website, including:

  1. Protection against spam: Effectively prevents spam bots from sending unwanted messages to your website, especially on comment sections or contact forms.
  2. Better security: By utilizing it, you can defend your website from damaging assaults like SQL injections and XSS, which could steal confidential data or obstruct the functionality of your website.
  3. Free of cost: Cost-effective and dependable security solution for small businesses and startups because Google offers it as a free service to all website owners.

3. Register website for reCAPTCHA v2

To integrate Google reCAPTCHA v2 into your website, you first need to register and obtain site and secret keys. Follow these steps to register your website for reCAPTCHA v2:

  • Navigate to the following link and login into your Gmail account if not logged in.

How to Integrate Google reCAPTCHA with PHP

  • Enter label, select reCAPTCHA v2 from the reCAPTCHA type, and select "I'm not a robot" Checkbox.
  • Enter your website domain name(s) (e.g., makitweb.com) to enable reCAPTCHA for your site.
  • Check the Accept the reCAPTCHA Terms of Service box and click the Submit button.

How to Integrate Google reCAPTCHA with PHP

  • Copy the site and secret keys.

4. Integrate Google reCAPTCHA v2 with PHP

  • Add the <script src='https://www.google.com/recaptcha/api.js'></script> in the <head> section.
  • Create a <form > and add the <div class="g-recaptcha" data-sitekey="6Le58hkTAAAAAJuIL3-S1ZASBRtoQbpqThw0BJLz"></div>. Here, the data-sitekey has the site key value.

PHP

When the submit button is gets clicked then, pass the secret key, 'g-recaptcha-response' response and remote IP to file_get_contents method.

$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretkey."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']);

After that checking g-recaptcha-response POST or not. If it is not then displayed Verify Captcha message. Otherwise, decode the JSON response and check its success or not.

$responseData = json_decode($response);
if($responseData->success) {
   $msg = "Verified";
}

Full Code

<html>
    <head>
         <title>Secure Your PHP Forms with Google reCAPTCHA v2 Integration</title>
         <link href="style.css" rel="stylesheet" type="text/css" />
         <script src='https://www.google.com/recaptcha/api.js'></script>

         <?php
         $secretkey = "6Ld0O9caAAAAANtaR18R_wUYyxdG8FcExIhvDJSV";
         $msg = '';
         if(isset($_POST['submit'])){
               $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretkey."&response=".$_POST['g-recaptcha-response']."&remoteip=".$_SERVER['REMOTE_ADDR']);

               if(($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) {

                     $responseData = json_decode($response);

                     if($responseData->success) {
                           $msg = 'Verified';
                     }

               }else{
                     $msg = 'Verify Captcha';
               }
         }
         ?>
    </head>
    <body>

         <div class="container">
              <form method='post' action=''>
                    <h2>Google reCAPTCHA</h2>

                    <div class="content">
                         <div><h2><?php echo $msg; ?></h2></div>
                         <div>Name</div>
                         <input type='text' id="txt_name" name="txt_name" />

                         <div>Email</div>
                         <input type="text" id="txt_email" name="txt_email">

                         <div>Message</div>
                         <textarea></textarea>
             
                         <!-- reCAPTCHA -->
                         <div class="g-recaptcha" data-sitekey="6Le58hkTAAAAAJuIL3-S1ZASBRtoQbpqThw0BJLz"></div>

                         <div>
                              <input type='submit' id='submit' name='submit' value='Submit'>
                         </div>
                    </div>

              </form>
         </div>

    </body>
</html>

5. Demo

View Demo


6. Conclusion

By following the steps mentioned in the tutorial you can easily integrate Google reCAPTCHA v2 using PHP and increase the security of your website. Try it out and discover the advantages for yourself!

If you found this tutorial helpful then don't forget to share.

Leave a Comment