我正在我的PHP应用程序中使用Google ReCaptcha库。它已经可靠地工作了一段时间。但是,今天,我开始收到与库相关的错误。
*[05-Apr-2018 09:19:03 America/Chicago] Severity: 2,Message: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed,File: E:inetpubwwwrootvendorgooglerecaptchasrcReCaptchaRequestMethodPost.php,Line: 68
[05-Apr-2018 09:19:04 America/Chicago] Severity: 2,Message: file_get_contents(): Failed to enable crypto,File: E:inetpubwwwrootvendorgooglerecaptchasrcReCaptchaRequestMethodPost.php,Line: 68
[05-Apr-2018 09:19:04 America/Chicago] Severity: 2,Message: file_get_contents(https://www.google.com/recaptcha/api/siteverify): failed to open stream: operation failed,File: E:inetpubwwwrootvendorgooglerecaptchasrcReCaptchaRequestMethodPost.php,Line: 68*
我没有对我的申请进行任何更改。这个问题突然开始,(从我的角度来看(没有合乎逻辑的解释。
作为参考,这是来自谷歌图书馆的帖子.php(不是我写的(。
public function submit(RequestParameters $params)
{
/**
* PHP 5.6.0 changed the way you specify the peer name for SSL context options.
* Using "CN_name" will still work, but it will raise deprecated errors.
*/
$peer_key = version_compare(PHP_VERSION, '5.6.0', '<') ? 'CN_name' : 'peer_name';
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencodedrn",
'method' => 'POST',
'content' => $params->toQueryString(),
// Force the peer to validate (not needed in 5.6.0+, but still works)
'verify_peer' => true,
// Force the peer validation to use www.google.com
$peer_key => 'www.google.com',
),
);
$context = stream_context_create($options);
return file_get_contents(self::SITE_VERIFY_URL, false, $context);
}
最后一行是"68"。我正在使用 PHP 7.1。与OpenSSL 1.0.2k 26 Jan 2017.我按如下方式调用图书馆:
// validate ReCaptcha
$response = null;
$reCaptcha = new ReCaptchaReCaptcha(RECAPTCHA_SECRET);
if ($_POST["g-recaptcha-response"]) {
$response = $reCaptcha->verify(
$_POST["g-recaptcha-response"], $_SERVER["REMOTE_ADDR"]
);
}
任何建议将不胜感激。该应用程序托管在IIS和Windows Server上。
Mikail G.的答案几乎是正确的,你确实需要通过CURL访问它。我认为有些东西已经发生了变化,实际上阻止了您当前(和我的(工作,因为我最近几天看到了几篇关于它的帖子。
请改用这个:
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => 'https://www.google.com/recaptcha/api/siteverify',
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => [
'secret' => $secretKey,
'response' => $captcha,
'remoteip' => $_SERVER['REMOTE_ADDR']
],
CURLOPT_RETURNTRANSFER => true
]);
$output = curl_exec($ch);
curl_close($ch);
$json = json_decode($output);
<?php
if(isset($_POST['submit']))
{
$stream_opts = [
"ssl" => [
"verify_peer"=>false,
"verify_peer_name"=>false,
]
];
$secret = '6Le__FoUAAXXXXXXXXXXXXXXoQtXhJfdZi92ZPHaAj';
$gRecaptchaResponse = $_POST['g-recaptcha-response'];
$remoteIp = $_SERVER['REMOTE_ADDR'];
$url="https://www.google.com/recaptcha/api/siteverify?secret=$secret&response=$gRecaptchaResponse&remoteip=$remoteIp";
$response=file_get_contents($url,false, stream_context_create($stream_opts));
$result = json_decode($response);
if ($result->success)
{
header("location: index.php");
}
else
echo 'Captcha verification failed.
}
?>
无需包含自动加载.php文件。只需在关闭标签之前包含下面的文件 <script src='https://www.google.com/recaptcha/api.js'></script>和提交按钮之前添加以下代码<div class="g-recaptcha" data-sitekey="6Le__FoUAAXXXXXXXXXXXXXXoQtXhJfdZi92ZPHaAj"></div>
将 recaptcha v2 的所有文件夹复制并粘贴到您站点的主目录中。这将 100% 在没有 SSL 的本地主机中工作。谢谢
为了
解决这个问题,你需要用"http"调用谷歌api,或者使用不同的方式发出请求,如curl,这里是函数这样做:
function file_get_contents_curl($url, $data (array)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,
json_encode($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$server_output = curl_exec ($ch);
curl_close ($ch);
return $server_output;
}
你为什么不试试集成reCpatcha的分步指南