Avatar of Richard Korts
Richard Korts
Flag for United States of America asked on

I'm a Human captcha checkbox

How do I see the code to implement this?
HTMLJavaScript

Avatar of undefined
Last Comment
Richard Korts

8/22/2022 - Mon
Tahir Qureshi

This is a beta API for reCAPTCHA. I gather this from the source of their JS API: https://www.google.com/recaptcha/api.js referencing "API2". And I also found this: http://jaswsinc.com/recaptcha-ads/ Apparently they did an invite-only beta of their "no CAPTCHA reCAPTCHA" So.... You probably won't be able to make it work on your site, yet. I can't find any information on opting into the beta, but if you search for "No CAPTCHA reCAPTCHA beta" you can see a number of people that have mentioned getting the email from Google for them to join.
Tahir Qureshi

IMPORTANT EDIT Google introduced the new reCAPTCHA

Google Online Security blog: Are you a robot? Introducing “No CAPTCHA reCAPTCHA”
Google reCAPTCHA: Introducing the new reCAPTCHA!
Phil Phillips

It sounds like you are talking about Google's reCAPTCHA.

You can read more and sign up for it here: https://www.google.com/recaptcha/intro/
The developer docs are here: https://developers.google.com/recaptcha/intro
More specifically, code examples can be found here: https://developers.google.com/recaptcha/docs/display

They actually have a new version of it that just came out - invisible to users. So keep that in mind too when looking through the docs.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Tahir Qureshi

Richard Korts

ASKER
Tahir Qureshi

Does not tell implementation details. Says this:

When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required)      6LdhSxoUAAAAAJjGNd21boVS-5Ye_STkHR2v156u
response (required)      The value of 'g-recaptcha-response'.
remoteip      The end user's ip address.
The reCAPTCHA documentation site describes more details and advanced configurations.

I'm interpreting this to mean I will get something back when I post the form? What? Where? How?

All all things Google, too complex.
Phil Phillips

When you add reCAPTCHA to a form, the code will include a parameter named 'g-recaptcha-response' when the user submits the form to your site.  As part of the backend code that processes the form response, you will need to read the value of 'g-recaptcha-response' and then use that to verify the user with Google (via the POST request you included in your comment).
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Phil Phillips

If you let us know what language you're using to handle the backend, we could probably find some examples for you.
Richard Korts

ASKER
Phil Phillips,

I get that; how do I get back to MY code afterwards?

Richard
Richard Korts

ASKER
php
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
SOLUTION
Julian Hansen

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Julian Hansen

I do not like captcha's - I prefer the honeypot - although I use a random field name either from a list of field names or I use a form array name="data[]" so that a search for the field name is made more difficult (the honeypot is then randomly placed in the order of fields and the position recorded on the server so it knows which field to look for). I then hide the field using techniques that don't involve display: none or visbility: none and again use random methods as to where the field is "hidden".

Not foolproof but enough to get around most of the bots and isn't an eyesore. So far has been very effective.

If you have a site that has great value to a "robot" then you will need a human proving method - the ugliness of the captcha / (What... is the air-speed velocity of an unladen swallow?) approach is acceptable in relation to the value of keeping a bot out.
Richard Korts

ASKER
Thanks, I appreciate Julian's comments. I will look at Ray's article, seems like he's into EVERYTHING php.