Nowadays everyone wants to get rid of spamming on their website whether it is spam comment or spam messages or spam traffic on your site. To protect your website from spamming, one of the best and easiest way is to use Google reCAPTCHA.
In earlier days, people used to put some random number or string on the screen and verify it on the server-side.
But this method is the old day’s method and it is also time taking for many users whereas Google’s reCAPTCHA method is easy to use and takes less time resulting in better user experience. They just need a single click to prove that they are humans and not a robot. Google reCAPTCHA is very easy to implement in a PHP script.
In this blog, you will learn how to integrate google reCAPTCHA on your website with PHP step by step.
Step 1: To fetch reCAPTCHA API key
To get an API key to use reCAPTCHA, you need to register your website at – https://www.google.com/recaptcha/admin. The screenshots are given below for your help:
Label: Use a label of your own choice, so that it easy to recognize the site in the future.
reCAPTCHA type: Choose any one type of reCAPTCHA you prefer for your site. There are two types available currently i.e., reCAPTCHA v3 and reCAPTCHA v2. We have used reCAPTCHA v2 in the sample project.
Domains: Here you need to enter your website name for which you will be implementing the reCAPTCHA functionality. It is applicable to the domains you enter here, and also to its subdomains. For example, a registration for abc.com also registers xyz.abc.com.
Now just check the checkbox of Accept the reCAPTCHA Terms of Service and click on Submit button.
Now you have the site key and secret key for your website.
Step 2: Implement reCAPTHA functionality to your site
- To add reCAPTCHA first you need to include reCAPTCHA JavaScript library in your HTML.
<script src='https://www.google.com/recaptcha/api.js' async defer >
- Now add this HTML code where you want to show the reCAPTCHA widget.
<div class="g-recaptcha" data-sitekey="site_key">
- Replace site_key with the site key provided by the google for your website.
- It is done now, just refresh your page and you will see the reCAPTCHA widget on your site.
Step 3: To Validate user’s response
Now, you need to validate the response when a user clicks on the reCAPTCHA widget. The PHP code to verify the user’s response is given below:
<?php if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) { $secret = 'your_actual_secret_key'; $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']); $responseData = json_decode($verifyResponse); if($responseData->success) { $succMsg = 'Your contact request have submitted successfully.'; } else { $errMsg = 'Robot verification failed, please try again.'; } } ?>
Add your actual secret key in the above code and you are Done.
Get the Sample code here.