Why is there no redirect after passing the captcha?

A

aramtop2020-03-26 22:39:17

PHP

aramtop, 2020-03-26 22:39:17

Hello, I wanted to create a captcha page, the essence of which is to redirect the user to some other page after successful completion.

I used hCaptcha, but it has the same API as Google Recaptcha, can you tell me why the following code (below) does not work? Namely - there is no automatic redirection.

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>loader main</title>
    <link rel="stylesheet" href="bulma.min.css">
    <script src='https://www.hCaptcha.com/1/api.js' async defer></script>
    <style>
        hr { height: 1px }
        p { font-size: .9rem }
        .hero { background-color: #30343f; background-image: linear-gradient(141deg, #171d25 0%, #30343f 71%, #383a51 100%); }
        .has-dark-shadow { box-shadow: 0 0 20px 3px rgba(0, 0, 0, 0.4), 2px 2px 20px 0 rgba(0, 0, 0, 0.4); }
    </style>
</head>
<body>
    <section class="hero is-fullheight">
        <div class="hero-body">
            <div class="container">
                <div class="columns">
                    <div class="column is-4 is-offset-4">
                        <div class="box has-dark-shadow">
                            <h1 class="title is-4 has-text-centered">Oups!</h1>
                            <hr class="has-background-grey-lighter">
                            <p class="has-text-centered">
                                Please confirm that you are not a robot to continue.
                            </p><br>
                            <form action="./index.php" method="POST">
                              <center><div class="h-captcha" data-sitekey="9cb74c97-b21b-43ab-94d4-07a24bc54cd8"></div>
         </center> <br/>
                              <input type="submit" value="Submit">
        </form>

                          <?php
 
  if(isset($_POST['h-captcha-response']) && !empty($_POST['h-captcha-response']))
  {
        $secret = 'тут у меня стоял секретный код но я его убрал в целях безопаности';
        $verifyResponse = file_get_contents('https://hcaptcha.com/siteverify?secret='.$secret.'&response='.$_POST['h-captcha-response'].'&remoteip='.$_SERVER['REMOTE_ADDR']);
        $responseData = json_decode($verifyResponse);
        if($responseData->success)
        {
            header('Location: https://ddd.ru/');
        }
        else
        {
            $errMsg = 'Try again to check the robot..';
        }
   }
?>
                            <hr class="has-background-grey-lighter">
                            <p class="has-text-centered has-text-grey-lighter">
                                <small>
                                    <a href="https://deqstudio.com" rel="nofollow noopener noreferrer" target="_blank">
                                        powered by deqstudio at 2020 year.
                                    </a>
                                </small>
                            </p>
                        </div>
                    </div>
                </div>
            </div>
        </div>
    </section>
</body>
</html>

And here is the test of this page where you can see it - https://loader.deqstudio.com/

Thanks in advance.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

T

ThunderCat, 2020-03-26
@ThunderCat

headers are sent BEFORE ANY non-header character is output. If you bother to set the error level to E_ALL and look at the logs, you will see a warning that the headers are already gone and it's too late to drink Borjomi.