I'm a Human captcha checkbox

Richard Korts
Richard Korts used Ask the Experts™
on
How do I see the code to implement this?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Tahir QureshiSystem Analyst

Commented:
This is a beta API for reCAPTCHA. I gather this from the source of their JS API: https://www.google.com/recaptcha/api.js referencing "API2". And I also found this: http://jaswsinc.com/recaptcha-ads/ Apparently they did an invite-only beta of their "no CAPTCHA reCAPTCHA" So.... You probably won't be able to make it work on your site, yet. I can't find any information on opting into the beta, but if you search for "No CAPTCHA reCAPTCHA beta" you can see a number of people that have mentioned getting the email from Google for them to join.
Tahir QureshiSystem Analyst

Commented:
IMPORTANT EDIT Google introduced the new reCAPTCHA

Google Online Security blog: Are you a robot? Introducing “No CAPTCHA reCAPTCHA”
Google reCAPTCHA: Introducing the new reCAPTCHA!
Phil PhillipsSenior Platform Engineer

Commented:
It sounds like you are talking about Google's reCAPTCHA.

You can read more and sign up for it here: https://www.google.com/recaptcha/intro/
The developer docs are here: https://developers.google.com/recaptcha/intro
More specifically, code examples can be found here: https://developers.google.com/recaptcha/docs/display

They actually have a new version of it that just came out - invisible to users. So keep that in mind too when looking through the docs.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Richard KortsBusiness Owner / Chief Developer

Author

Commented:
Tahir Qureshi

Does not tell implementation details. Says this:

When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required)      6LdhSxoUAAAAAJjGNd21boVS-5Ye_STkHR2v156u
response (required)      The value of 'g-recaptcha-response'.
remoteip      The end user's ip address.
The reCAPTCHA documentation site describes more details and advanced configurations.

I'm interpreting this to mean I will get something back when I post the form? What? Where? How?

All all things Google, too complex.
Phil PhillipsSenior Platform Engineer

Commented:
When you add reCAPTCHA to a form, the code will include a parameter named 'g-recaptcha-response' when the user submits the form to your site.  As part of the backend code that processes the form response, you will need to read the value of 'g-recaptcha-response' and then use that to verify the user with Google (via the POST request you included in your comment).
Phil PhillipsSenior Platform Engineer

Commented:
If you let us know what language you're using to handle the backend, we could probably find some examples for you.
Richard KortsBusiness Owner / Chief Developer

Author

Commented:
Phil Phillips,

I get that; how do I get back to MY code afterwards?

Richard
Richard KortsBusiness Owner / Chief Developer

Author

Commented:
php
Most Valuable Expert 2017
Distinguished Expert 2018
Commented:
I get that; how do I get back to MY code afterwards?
I am guessing you would make a cURL request - you make the call from your script you don't redirect the browser to the link. This would be a server to server call.
Fixer of Problems
Most Valuable Expert 2014
Commented:
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
I do not like captcha's - I prefer the honeypot - although I use a random field name either from a list of field names or I use a form array name="data[]" so that a search for the field name is made more difficult (the honeypot is then randomly placed in the order of fields and the position recorded on the server so it knows which field to look for). I then hide the field using techniques that don't involve display: none or visbility: none and again use random methods as to where the field is "hidden".

Not foolproof but enough to get around most of the bots and isn't an eyesore. So far has been very effective.

If you have a site that has great value to a "robot" then you will need a human proving method - the ugliness of the captcha / (What... is the air-speed velocity of an unladen swallow?) approach is acceptable in relation to the value of keeping a bot out.
Richard KortsBusiness Owner / Chief Developer

Author

Commented:
Thanks, I appreciate Julian's comments. I will look at Ray's article, seems like he's into EVERYTHING php.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial