Richard Korts
asked on
I'm a Human captcha checkbox
How do I see the code to implement this?
This is a beta API for reCAPTCHA. I gather this from the source of their JS API: https://www.google.com/recaptcha/api.js referencing "API2". And I also found this: http://jaswsinc.com/recaptcha-ads/ Apparently they did an invite-only beta of their "no CAPTCHA reCAPTCHA" So.... You probably won't be able to make it work on your site, yet. I can't find any information on opting into the beta, but if you search for "No CAPTCHA reCAPTCHA beta" you can see a number of people that have mentioned getting the email from Google for them to join.
IMPORTANT EDIT Google introduced the new reCAPTCHA
Google Online Security blog: Are you a robot? Introducing “No CAPTCHA reCAPTCHA”
Google reCAPTCHA: Introducing the new reCAPTCHA!
Google Online Security blog: Are you a robot? Introducing “No CAPTCHA reCAPTCHA”
Google reCAPTCHA: Introducing the new reCAPTCHA!
It sounds like you are talking about Google's reCAPTCHA.
You can read more and sign up for it here: https://www.google.com/recaptcha/intro/
The developer docs are here: https://developers.google.com/recaptcha/intro
More specifically, code examples can be found here: https://developers.google.com/recaptcha/docs/display
They actually have a new version of it that just came out - invisible to users. So keep that in mind too when looking through the docs.
You can read more and sign up for it here: https://www.google.com/recaptcha/intro/
The developer docs are here: https://developers.google.com/recaptcha/intro
More specifically, code examples can be found here: https://developers.google.com/recaptcha/docs/display
They actually have a new version of it that just came out - invisible to users. So keep that in mind too when looking through the docs.
ASKER
Tahir Qureshi
Does not tell implementation details. Says this:
When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required) 6LdhSxoUAAAAAJjGNd21boVS-5 Ye_STkHR2v 156u
response (required) The value of 'g-recaptcha-response'.
remoteip The end user's ip address.
The reCAPTCHA documentation site describes more details and advanced configurations.
I'm interpreting this to mean I will get something back when I post the form? What? Where? How?
All all things Google, too complex.
Does not tell implementation details. Says this:
When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required) 6LdhSxoUAAAAAJjGNd21boVS-5
response (required) The value of 'g-recaptcha-response'.
remoteip The end user's ip address.
The reCAPTCHA documentation site describes more details and advanced configurations.
I'm interpreting this to mean I will get something back when I post the form? What? Where? How?
All all things Google, too complex.
When you add reCAPTCHA to a form, the code will include a parameter named 'g-recaptcha-response' when the user submits the form to your site. As part of the backend code that processes the form response, you will need to read the value of 'g-recaptcha-response' and then use that to verify the user with Google (via the POST request you included in your comment).
If you let us know what language you're using to handle the backend, we could probably find some examples for you.
ASKER
Phil Phillips,
I get that; how do I get back to MY code afterwards?
Richard
I get that; how do I get back to MY code afterwards?
Richard
ASKER
php
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I do not like captcha's - I prefer the honeypot - although I use a random field name either from a list of field names or I use a form array name="data[]" so that a search for the field name is made more difficult (the honeypot is then randomly placed in the order of fields and the position recorded on the server so it knows which field to look for). I then hide the field using techniques that don't involve display: none or visbility: none and again use random methods as to where the field is "hidden".
Not foolproof but enough to get around most of the bots and isn't an eyesore. So far has been very effective.
If you have a site that has great value to a "robot" then you will need a human proving method - the ugliness of the captcha / (What... is the air-speed velocity of an unladen swallow?) approach is acceptable in relation to the value of keeping a bot out.
Not foolproof but enough to get around most of the bots and isn't an eyesore. So far has been very effective.
If you have a site that has great value to a "robot" then you will need a human proving method - the ugliness of the captcha / (What... is the air-speed velocity of an unladen swallow?) approach is acceptable in relation to the value of keeping a bot out.
ASKER
Thanks, I appreciate Julian's comments. I will look at Ray's article, seems like he's into EVERYTHING php.