Asked  7 Months ago    Answers:  5   Viewed   30 times

Recently, Google completely overhauled their reCaptcha API and simplified it to a single checkbox.


The problem is, I can submit a form with the reCaptcha included without checking it and the form will ignore the reCaptcha.

Before you had to send the form to a PHP file with the private key et al, but I'm not seeing any mention of that in their Developer's Guide. I have no idea how to validate the form to be sure the new reCaptcha was filled by the user.

Am I missing something? Is that PHP file with the private key still required?

All I have for the reCaptcha so far is:

<div data-type="image" class="g-recaptcha" data-sitekey="My Public Key"></div>



If you want to check if the User clicked on the I'm not a robot checkbox, you can use the .getResponse() function provided by the reCaptcha API.

It will return an empty string in case the User did not validate himself, something like this:

if (grecaptcha.getResponse() == ""){
    alert("You can't proceed!");
} else {
    alert("Thank you");

In case the User has validated himself, the response will be a very long string.

More about the API can be found on this page: reCaptcha Javascript API

Wednesday, March 31, 2021
answered 7 Months ago

this is solution


    <title>Google recapcha demo - Codeforgeek</title>
    <script src=''></script>
    <h1>Google reCAPTHA Demo</h1>
    <form id="comment_form" action="form.php" method="post">
      <input type="email" placeholder="Type your email" size="40"><br><br>
      <textarea name="comment" rows="8" cols="39"></textarea><br><br>
      <input type="submit" name="submit" value="Post comment"><br><br>
      <div class="g-recaptcha" data-sitekey="=== Your site key ==="></div>


    $email; $comment; $captcha;


        echo '<h2>Please check the the captcha form.</h2>';

    $response = json_decode(file_get_contents(" SECRET KEY&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
    if($response['success'] == false)
        echo '<h2>You are spammer ! Get the @$%K out</h2>';
        echo '<h2>Thanks for posting comment.</h2>';

Wednesday, March 31, 2021
answered 7 Months ago

For displaying the reCAPTCHA widget you don't need any library file, you just have to include the necessary JavaScript resource, like this:

    <title>reCAPTCHA demo: Simple page</title>
     <script src="" async defer></script>
    <form action="?" method="POST">
      <div class="g-recaptcha" data-sitekey="your_site_key"></div>
      <input type="submit" value="Submit">

Here's the reference:

  • Displaying the widget

Now comes to your user's response. Since you're using Google reCAPTCHA V2, you should fetch the user's response using the POST parameter g-recaptcha-response.

Here's the reference:

  • Verifying the user's response

So your code should be like this:

    if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])){
        $privatekey = "YOUR_PRIVATE_KEY";

        //get verified response data
        $param = "".$privatekey."&response=".$_POST['g-recaptcha-response'];
        $verifyResponse = file_get_contents($param);
        $responseData = json_decode($verifyResponse);

            // success
            echo "success";

            // failure
            echo "failure";
        // user didn't enter reCAPTCHA
        echo "The reCAPTCHA wasn't entered correctly. Go back and try it again.";
Saturday, May 29, 2021
answered 5 Months ago

You have to do it programmatically thanks to a new v2 grecaptcha method: grecaptcha.execute() so that recaptcha doesn't replace the button's default click event which was preventing the default HTML5 form validation.

The event path is:

  1. Submit button click event: browser built-in form validation
  2. Form submit event: call grecaptcha.execute()
  3. reCAPTCHA callback: submit the form

$('#form-contact').submit(function (event) {

function formSubmit(response) {
  // submit the form which now includes a g-recaptcha-response input
<script src=""></script>
<script src=""></script>
<form action="?">
  <div class="g-recaptcha" 
  <button type="submit">Submit</button>
Wednesday, July 28, 2021
answered 3 Months ago

There is a third-party Django app to implement the new reCAPTCHA v2 here:

After installing it, add the following lines to the following files:

NORECAPTCHA_SITE_KEY = <the Google provided site_key>
NORECAPTCHA_SECRET_KEY = <the Google provided secret_key>

from nocaptcha_recaptcha.fields import NoReCaptchaField

class YourForm(forms.Form):
    captcha = NoReCaptchaField()

# In your template, add the following script tag:
<script src="" async defer></script>
Wednesday, September 22, 2021
answered 4 Weeks ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :