Using an html form for a "contact us". This passes name, email, & message to a .php script and it works well. Add the Google recaptua v2 to this form gives a http 500 Error. This post and the code have been edited to reflect the KaplanKomputing tutorial suggested by Chris White.
You can visit the working form without recaptcha, and nonworking recaptcha here: https://coinsandhistory.com#contact
The "Google site key" I'll call here "XXXX-Google-site" and "YYYY-Google-secret".
1st the contact form html, you don't need the css styling nor the stripslashes from the tutorial.
<!DOCTYPE html>
<html>
<head>
<script src="https://www.google.com/recaptcha/api.js" async defer>
</script>
<link rel="stylesheet" href="../css/send-mail.css">
</head>
<body>
<!-- https://stackguides.com/questions/27188436/html-php-contact-form-
email/55962553 -->
<!-- https://kaplankomputing.com/blog/tutorials/
recaptcha-php-demo-tutorial/ -->
<form action="send-mail_SO2_recapt.php" method="post"
enctype="multipart/form-data" name="myemailform">
<div>
<span>Name </span>
<input type="text" name="name" value="" placeholder="Your Name">
</div>
<div>
<span>Email </span>
<input type="email" name="web_email" autocapitalize="off"
autocorrect="off"
value="" placeholder="[email protected]">
</div>
<div>
<span>messgae </span>
<textarea name="message" placeholder="message"></textarea>
</div>
<!-- Google v2 Recaptua Form -->
<div class="g-recaptcha" data-sitekey="XXXX-Google-site"></div>
<br/>
<div class="code">
<button><input type="submit" name="submit" value="Send"></button>
</div>
<i class="clear" style="display: block"></i>
</div>
</form>
</body>
</html>
And then the send-mail.php script. I called mine "send-mail_SO2_recapt.php".
<?php
/* error reporting, should rmv from working form */
error_reporting(E_ALL);
ini_set('display_errors', 1);
if(!isset($_POST['submit']))
{
//This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!";
}
$name = $_POST["name"];
$visitor_email = $_POST['web_email'];
$message = $_POST["message"];
$response = $_POST["g-recaptcha-response"];
//Validate first
if(empty($name)||empty($visitor_email))
{
echo "Name and email are needed!";
exit;
}
if(IsInjected($visitor_email))
{
echo "Bad email value!";
exit;
}
$url = "https://google.com/recaptcha/api/siteverify";
$data = array(
"secret" => "YYYY-Google-secret",
"response" => $_POST["g-recaptcha-response"]);
$options = array(
"https" => array (
"method" => "POST",
"content" => https_build_query($data)
)
);
$context = stream_context_create($options);
$verify = file_get_contents($url, false, $context);
$captcha_success=json_decode($verify);
if ($captcha_success=>success==false) {
echo "<p>You are a bot! Go away!</p>"; }
else if ($captcha_success=>success==true) {
echo "<p>You are not not a bot!</p>"; }
// $email_from = '[email protected]';//<== update the email address
$email_from = "$visitor_email";
$email_subject = "New Form submission";
$email_body = "You have received a new message from $name.\n".
"sender's email:\n $email_from\n".
"Here is the message:\n $message";
$to = "[email protected]"; //<== update the email address
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: thank_you_SO2.html');
exit;
// Function to validate against any email injection attempts
?>
If you supply code samples, please indicate what form it is: eg html, php, javascript. I can't believe I'm the 1st person to try to use a simple Google recaptua in a contact form but this question doesn't appear plainly anywhere.