Explicit render example

Author: rowan-m

examples/index.php

@@ -55,6 +55,7 @@
     <li><h2>reCAPTCHA v2</h2>
     <ul>
       <li><a href="/recaptcha-v2-checkbox.php">"I'm not a robot" checkbox</a></li>
+      <li><a href="/recaptcha-v2-checkbox-explicit.php">"I'm not a robot" checkbox - Explicit render</a></li>
       <li><a href="/recaptcha-v2-invisible.php">Invisible</a></li>
     </ul>
     </li>
@@ -66,12 +67,11 @@
   </ul>
 </main>
 
-<!-- Global site tag (gtag.js) - Google Analytics -->
+<!-- Google Analytics - just ignore this -->
 <script async src="https://www.googletagmanager.com/gtag/js?id=UA-123057962-1"></script>
 <script>
   window.dataLayer = window.dataLayer || [];
   function gtag(){dataLayer.push(arguments);}
   gtag('js', new Date());
-
   gtag('config', 'UA-123057962-1');
 </script>

examples/recaptcha-v2-checkbox-explicit.php

@@ -0,0 +1,155 @@
+<?php
+/**
+ * @copyright Copyright (c) 2015, Google Inc.
+ * @link      https://www.google.com/recaptcha
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+// Initiate the autoloader. The file should be generated by Composer.
+// You will provide your own autoloader or require the files directly if you did
+// not install via Composer.
+require_once __DIR__ . '/../vendor/autoload.php';
+
+// Register API keys at https://www.google.com/recaptcha/admin
+$siteKey = '';
+$secret = '';
+
+// Copy the config.php.dist file to config.php and update it with your keys to run the examples
+if ($siteKey == '' && is_readable(__DIR__ . '/config.php')) {
+    $config = include __DIR__ . '/config.php';
+    $siteKey = $config['v2-standard']['site'];
+    $secret = $config['v2-standard']['secret'];
+}
+
+// reCAPTCHA supports 40+ languages listed here: https://developers.google.com/recaptcha/docs/language
+$lang = 'en';
+?>
+<!DOCTYPE html>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width,height=device-height,minimum-scale=1">
+<link rel="shortcut icon" href="https://www.gstatic.com/recaptcha/admin/favicon.ico" type="image/x-icon"/>
+<link rel="canonical" href="https://recaptcha-demo.appspot.com/recaptcha-v2-checkbox-explicit.php">
+
+<script type="application/ld+json">
+  {
+    "@context": "http://schema.org",
+    "@type": "WebSite",
+    "name": "reCAPTCHA demo - \"I'm not a robot\" checkbox - Explicit render",
+    "url": "https://recaptcha-demo.appspot.com/recaptcha-v2-checkbox-explicit.php"
+  }
+</script>
+
+<meta name="description" content="reCAPTCHA demo - &quot;I'm not a robot&quot; checkbox - Explicit render" />
+<meta property="og:url" content="https://recaptcha-demo.appspot.com/recaptcha-v2-checkbox-explicit.php" />
+<meta property="og:type" content="website" />
+<meta property="og:title" content="reCAPTCHA demo - &quot;I'm not a robot&quot; checkbox - Explicit render" />
+<meta property="og:description" content="reCAPTCHA demo - &quot;I'm not a robot&quot; checkbox - Explicit render" />
+<link rel="stylesheet" type="text/css" href="/examples.css">
+
+<title>reCAPTCHA demo - "I'm not a robot" checkbox - Explicit render</title>
+<header>
+    <h1>reCAPTCHA demo</h1><h2>"I'm not a robot" checkbox - Explicit render</h2>
+    <p><a href="/">↤ Home</a></p>
+</header>
+<main>
+<?php
+if ($siteKey === '' || $secret === ''):
+?>
+    <h2>Add your keys</h2>
+    <p>If you do not have keys already then visit <kbd> <a href = "https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a></kbd> to generate them. Edit this file and set the respective keys in the <kbd>config.php</kbd> file or directly to <kbd>$siteKey</kbd> and <kbd>$secret</kbd>. Reload the page after this.</p>
+    <?php
+elseif (isset($_POST['g-recaptcha-response'])):
+    // The POST data here is unfiltered because this is an example.
+    // In production, *always* sanitise and validate your input'
+    ?>
+        <h2><kbd>POST</kbd> data</h2>
+        <kbd><pre><?php var_export($_POST);?></pre></kbd>
+        <?php
+    // If the form submission includes the "g-captcha-response" field
+    // Create an instance of the service using your secret
+    $recaptcha = new \ReCaptcha\ReCaptcha($secret);
+
+    // If file_get_contents() is locked down on your PHP installation to disallow
+    // its use with URLs, then you can use the alternative request method instead.
+    // This makes use of fsockopen() instead.
+    //  $recaptcha = new \ReCaptcha\ReCaptcha($secret, new \ReCaptcha\RequestMethod\SocketPost());
+
+    // Make the call to verify the response and also pass the user's IP address
+    $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
+
+    if ($resp->isSuccess()):
+        // If the response is a success, that's it!
+        ?>
+        <h2>Success!</h2>
+        <kbd><pre><?php var_export($resp);?></pre></kbd>
+        <p>That's it. Everything is working. Go integrate this into your real project.</p>
+        <p><a href="/recaptcha-v2-checkbox-explicit.php">⟳ Try again</a></p>
+        <?php
+    else:
+        // If it's not successful, then one or more error codes will be returned.
+        ?>
+        <h2>Something went wrong</h2>
+        <p>The following error was returned:
+        <?php
+        foreach ($resp->getErrorCodes() as $code) {
+            echo '<kbd>', $code, '</kbd> ';
+        }
+        ?></p>
+        <p>Check the error code reference at <kbd><a href="https://developers.google.com/recaptcha/docs/verify#error-code-reference">https://developers.google.com/recaptcha/docs/verify#error-code-reference</a></kbd>.
+        <p><strong>Note:</strong> Error code <kbd>missing-input-response</kbd> may mean the user just didn't complete the reCAPTCHA.</p>
+        <p><a href="/recaptcha-v2-checkbox-explicit.php">⟳ Try again</a></p>
+        <?php
+    endif;
+else:
+    // Add the g-recaptcha tag to the form you want to include the reCAPTCHA element
+    ?>
+    <p>Complete the reCAPTCHA then submit the form.</p>
+    <form action="/recaptcha-v2-checkbox-explicit.php" method="post">
+        <fieldset>
+            <legend>An example form</legend>
+            <label class="form-field">Example input A: <input type="text" name="ex-a" value="foo"></label>
+            <label class="form-field">Example input B: <input type="text" name="ex-b" value="bar"></label>
+            <!-- Set up a container to render the widget -->
+            <div class="g-recaptcha form-field"></div>
+            <!-- Disable the button by default, will enable when the widget loads -->
+            <button class="form-field" type="submit" disabled>Submit ↦</button>
+        </fieldset>
+    </form>
+    <script type="text/javascript">
+    var onloadCallback = function() {
+        var captchaContainer = document.querySelector('.g-recaptcha');
+        grecaptcha.render(captchaContainer, {
+          'sitekey' : '<?php echo $siteKey; ?>'
+        });
+        document.querySelector('button[type="submit"]').disabled = false;
+    };
+    </script>
+    <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl=<?php echo $lang; ?>&onload=onloadCallback&render=explicit" async defer></script>
+    <?php
+endif;?>
+</main>
+
+<!-- Google Analytics - just ignore this -->
+<script async src="https://www.googletagmanager.com/gtag/js?id=UA-123057962-1"></script>
+<script>
+  window.dataLayer = window.dataLayer || [];
+  function gtag(){dataLayer.push(arguments);}
+  gtag('js', new Date());
+  gtag('config', 'UA-123057962-1');
+</script>

examples/recaptcha-v2-checkbox.php

@@ -72,7 +72,7 @@
 if ($siteKey === '' || $secret === ''):
 ?>
     <h2>Add your keys</h2>
-    <p>If you do not have keys already then visit <kbd> <a href = "https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a></kbd> to generate them. Edit this file and set the respective keys in <kbd>$siteKey</kbd> and <kbd>$secret</kbd>. Reload the page after this.</p>
+    <p>If you do not have keys already then visit <kbd> <a href = "https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a></kbd> to generate them. Edit this file and set the respective keys in the <kbd>config.php</kbd> file or directly to <kbd>$siteKey</kbd> and <kbd>$secret</kbd>. Reload the page after this.</p>
     <?php
 elseif (isset($_POST['g-recaptcha-response'])):
     // The POST data here is unfiltered because this is an example.
@@ -125,21 +125,22 @@
             <legend>An example form</legend>
             <label class="form-field">Example input A: <input type="text" name="ex-a" value="foo"></label>
             <label class="form-field">Example input B: <input type="text" name="ex-b" value="bar"></label>
+            <!-- Default behaviour looks for the g-recaptcha class with a data-sitekey attribute -->
             <div class="g-recaptcha form-field" data-sitekey="<?php echo $siteKey; ?>"></div>
+            <!-- Submitting before the widget loads will result in a missing-input-response error so you need to verify server side -->
             <button class="form-field" type="submit">Submit ↦</button>
         </fieldset>
     </form>
-    <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl=<?php echo $lang; ?>" async defer></script>
+    <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl=<?php echo $lang; ?>"></script>
     <?php
 endif;?>
 </main>
 
-<!-- Global site tag (gtag.js) - Google Analytics -->
+<!-- Google Analytics - just ignore this -->
 <script async src="https://www.googletagmanager.com/gtag/js?id=UA-123057962-1"></script>
 <script>
   window.dataLayer = window.dataLayer || [];
   function gtag(){dataLayer.push(arguments);}
   gtag('js', new Date());
-
   gtag('config', 'UA-123057962-1');
 </script>

examples/recaptcha-v2-invisible.php

@@ -138,12 +138,11 @@ function onSubmit(token) {
 endif;?>
 </main>
 
-<!-- Global site tag (gtag.js) - Google Analytics -->
+<!-- Google Analytics - just ignore this -->
 <script async src="https://www.googletagmanager.com/gtag/js?id=UA-123057962-1"></script>
 <script>
   window.dataLayer = window.dataLayer || [];
   function gtag(){dataLayer.push(arguments);}
   gtag('js', new Date());
-
   gtag('config', 'UA-123057962-1');
 </script>

examples/recaptcha-v3-request-scores.php

@@ -112,12 +112,11 @@
 endif;?>
 </main>
 
-<!-- Global site tag (gtag.js) - Google Analytics -->
+<!-- Google Analytics - just ignore this -->
 <script async src="https://www.googletagmanager.com/gtag/js?id=UA-123057962-1"></script>
 <script>
   window.dataLayer = window.dataLayer || [];
   function gtag(){dataLayer.push(arguments);}
   gtag('js', new Date());
-
   gtag('config', 'UA-123057962-1');
 </script>

examples/recaptcha-v3-verify.php

@@ -37,6 +37,7 @@
     $secret = $config['v3']['secret'];
 }
 
+// Effectively we're providing an API endpoint here that will accept the token, verify it, and return the action / score to the page
 $recaptcha = new \ReCaptcha\ReCaptcha($secret);
 $resp = $recaptcha->verify($_GET['token'], $_SERVER['REMOTE_ADDR']);
 header('Content-type:application/json');