How to use Google reCaptcha using PHP

Google has been presented new reCaptcha API called Are you a robot? “No Captcha reCaptcha” a total new plan captcha framework. This protects your site from spammers and robots, in this post I had actualized new reCaptch API framework with HTML login form using PHP. I like the new outline it is spotless and great, trust you will like it. It would be ideal if you investigate fast take a look at the demo.

Get reCaptcha Key
Click here to create a Google reCaptcha application.

Register Your Website
Give your website domain details without http:

Google Site Key
You will use this in HTML code.

Google Secret Key
This will help your website to communication with Google.

HTML Code
Contains simple HTML code with Google reCaptcha widget snippet. Here you have to modify the Google Site Key value.

<html>
<head>
/* Google reCaptcha JS */
<script src="https://www.google.com/recaptcha/api.js"></script>
</head>
<body>
<form action="" method="post">
Username
<input type="text" name="username" class="input" />
Password
<input type="password" name="password" class="input" />
<div class="g-recaptcha" data-sitekey="Google Site Key"></div>
<input type="submit"  value="Log In" />
<span class='msg'><?php echo $msg; ?></span>
</form>
</body>
</html>

index.php
Contains PHP code, here you have to modify the Google Secret Key.

<?php
include("db.php");
session_start();

$msg='';
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$recaptcha=$_POST['g-recaptcha-response'];
if(!empty($recaptcha))
{
include("getCurlData.php");
$google_url="https://www.google.com/recaptcha/api/siteverify";
$secret='Google Secret Key';
$ip=$_SERVER['REMOTE_ADDR'];
$url=$google_url."?secret=".$secret."&response=".$recaptcha."&remoteip=".$ip;
$res=getCurlData($url);
$res= json_decode($res, true);
//reCaptcha success check 
if($res['success'])
{
//Include login check code
}
else
{
$msg="Please re-enter your reCAPTCHA.";
}

}
else
{
$msg="Please re-enter your reCAPTCHA.";
}

}
?>

Login Check Code
This code will verify username and password details in database.

$username=mysqli_real_escape_string($db,$_POST['username']);
$password=md5(mysqli_real_escape_string($db,$_POST['password']));
if(!empty($username) && !empty($password))
{
$result=mysqli_query($db,"SELECT id FROM users WHERE username='$username' and passcode='$password'");
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
if(mysqli_num_rows($result)==1)
{
$_SESSION['login_user']=$username;
header("location: home.php"); //Success redirection page. 
}
else
{
$msg="Please give valid Username or Password.";
}

}
else
{
$msg="Please give valid Username or Password.";
}

getCurlData.php
CURL function for Google reCaptcha verification. Enable php_curl extension in php.ini configuration file.

<?php
function getCurlData($url)
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16");
$curlData = curl_exec($curl);
curl_close($curl);
return $curlData;
}
?>

db.php
Database configuration file, modify username, password and database values.

<?php
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'username');
define('DB_PASSWORD', 'password');
define('DB_DATABASE', 'database');
$db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
?>

Chockalingam