You are here

Home » API reference » reCAPTCHA 8.2 » recaptcha.module

function recaptcha_captcha_validation in reCAPTCHA 8.2

Same name and namespace in other branches
  1. 8.3 recaptcha.module \recaptcha_captcha_validation()
  2. 8 recaptcha.module \recaptcha_captcha_validation()
  3. 6.2 recaptcha.module \recaptcha_captcha_validation()
  4. 6 recaptcha.module \recaptcha_captcha_validation()
  5. 7.2 recaptcha.module \recaptcha_captcha_validation()
  6. 7 recaptcha.module \recaptcha_captcha_validation()

CAPTCHA Callback; Validates the reCAPTCHA code.

1 string reference to 'recaptcha_captcha_validation'
recaptcha_captcha in ./recaptcha.module
Implements hook_captcha().

File

./recaptcha.module, line 159
Verifies if user is a human without necessity to solve a CAPTCHA.

Code

function recaptcha_captcha_validation($solution, $response, $element, $form_state) {
  $config = \Drupal::config('recaptcha.settings');
  $recaptcha_secret_key = $config
    ->get('secret_key');
  if (empty($_POST['g-recaptcha-response']) || empty($recaptcha_secret_key)) {
    return FALSE;
  }

  // Use Drupal::httpClient() to circumvent all issues with the Google library.
  $recaptcha = new ReCaptcha($recaptcha_secret_key, new Drupal8Post());

  // Ensures the hostname matches. Required if "Domain Name Validation" is
  // disabled for credentials.
  if ($config
    ->get('verify_hostname')) {
    $recaptcha
      ->setExpectedHostname($_SERVER['SERVER_NAME']);
  }
  $resp = $recaptcha
    ->verify($_POST['g-recaptcha-response'], \Drupal::request()
    ->getClientIp());
  if ($resp
    ->isSuccess()) {

    // Verified!
    return TRUE;
  }
  else {

    // Error code reference, https://developers.google.com/recaptcha/docs/verify
    $error_codes = [
      'action-mismatch' => t('Expected action did not match.'),
      'apk_package_name-mismatch' => t('Expected APK package name did not match.'),
      'bad-response' => t('Did not receive a 200 from the service.'),
      'bad-request' => t('The request is invalid or malformed.'),
      'connection-failed' => t('Could not connect to service.'),
      'invalid-input-response' => t('The response parameter is invalid or malformed.'),
      'invalid-input-secret' => t('The secret parameter is invalid or malformed.'),
      'invalid-json' => t('The json response is invalid or malformed.'),
      'missing-input-response' => t('The response parameter is missing.'),
      'missing-input-secret' => t('The secret parameter is missing.'),
      'hostname-mismatch' => t('Expected hostname did not match.'),
      'unknown-error' => t('Not a success, but no error codes received!'),
    ];
    $info_codes = [
      'challenge-timeout' => t('Challenge timeout.'),
      'score-threshold-not-met' => t('Score threshold not met.'),
      'timeout-or-duplicate' => t('The challenge response timed out or was already verified.'),
    ];
    foreach ($resp
      ->getErrorCodes() as $code) {
      if (isset($info_codes[$code])) {
        \Drupal::logger('reCAPTCHA web service')
          ->info('@info', [
          '@info' => $info_codes[$code],
        ]);
      }
      else {
        if (!isset($error_codes[$code])) {
          $code = 'unknown-error';
        }
        \Drupal::logger('reCAPTCHA web service')
          ->error('@error', [
          '@error' => $error_codes[$code],
        ]);
      }
    }
  }
  return FALSE;
}