Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
sorry_i_noob2018-06-30 23:00:17
reCAPTCHA
sorry_i_noob, 2018-06-30 23:00:17

RECAPTCHA, AJAX and MVC - In order not to generate a new captcha every time the controller is accessed, we save it to the session. But what if the time is up?

Hello! I have a captcha in the article edit.
To save the changes, you need to solve the captcha. If the captcha is not solved, then the server issues an error message via AJAX.
Let's imagine that the user solved the captcha. Sent the changes to the server. Validation passed, changes saved. Everything is great.
But then the user saw that he forgot to put a comma here and there. He puts it and again sends the form to the server. In the controller, the form is validated and... CAPTCHA. The problem is that when checking a new captcha is created:

$response = null;
$reCaptcha = new ReCaptcha(self::SECRET_KEY);
if ($value) {
  $response = $reCaptcha->verifyResponse(
    $_SERVER["REMOTE_ADDR"],
    $value
  );
}
if ($response != null && $response->success) {
  return true;
}

What happens? The user "fails" on the captcha validation, since the second time the server accessed the captcha, a new captcha was generated. However, the user cannot click the checkmark on the captcha, since it has already been clicked.
What to do? It was decided to save the captcha result in the session. And reset the session when the controller is loaded in the usual way (not through AJAX). This suggests that I just reloaded the page or just opened it (therefore, there should not be a captcha session).
Everything would be fine, but the captcha has an expiration date, after which it becomes inactive.
Actually, the question itself. How to check inactive captcha? I already have a saved result of the captcha check in the session. You can only check the checkbox - if value == true. But it's not a captcha solution, is it? Otherwise, why all the following code?
As far as I understand, it is pointless to detect the captcha lifetime, since it changes depending on the user's activity.
Here is the verification code:
static public function captcha_is_true($value, $validation) {
    // Заблоговременный результат
    if (!$value) { 
      return $validation->error(self::FUNCTION_NAME, null);
    }
    $captcha_is_true = Session::instance()->get(self::SESSION_NAME);
    if ($captcha_is_true) {
      return true; // НО ЭТО ВЕДЬ НЕ РАЗГАДКА КАПЧИ? 
    }

    // Вычисляемый результат
    $response = null;
    $reCaptcha = new ReCaptcha(self::SECRET_KEY);
    if ($value) {
      $response = $reCaptcha->verifyResponse(
        $_SERVER["REMOTE_ADDR"],
        $value
      );
    }
    if ($response != null && $response->success) {
      Session::instance()->set(self::SESSION_NAME, true);
      return true;
    } else {
      return $validation->error(self::FUNCTION_NAME, null);
    }
  }

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
P
Pogran2017-10-15 23:33:09
How to detect a parser? 7Reply
T
testkeyc2020-02-11 09:14:41
How to fix an error when connecting captcha from google? 0Reply
G
greendizer122017-11-08 21:46:57
How to emit a recaptchav2 pass without a browser? 1Reply
S
survivor20052020-03-25 22:51:40
How to install more than 2 google recaptca on one site? 2Reply
B
Bayda2018-01-24 16:39:57
Why don't two reCAPTCHA sent via ajax work? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question