Recaptcha Request is returning Null

Question

I'm trying to implement this Recaptcha request into my sign-up form, however it isn't working. The cURL/JSON request returns null when I successfully validate the Recaptcha on my website.

I tried using var_dump on the "error-codes": from the JSON request, and it only returns null; whereas in this document it shows that it is clearly meant to output two items in the JSON request.

Thanks in advance, I haven't done much work with JSON/cURL, so be easy on me.

Here's my code:

PHP

<?php

    if($_SERVER["REQUEST_METHOD"] == "POST") {
        $recaptcha = $_POST['g-recaptcha-response'];
        if(!empty($recaptcha)) {

            function getCurlData($url) {
                $curl = curl_init();
                curl_setopt($curl, CURLOPT_URL, $url);
                curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
                curl_setopt($curl, CURLOPT_TIMEOUT, 10);
                curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16");
                $curlData = curl_exec($curl);
                curl_close($curl);
                return $curlData;
            }

            $google_url = "https://www.google.com/recaptcha/api/siteverify";
            $secret = 'You will never know >:D';
            $ip = $_SERVER['REMOTE_ADDR'];
            $url = $google_url . "?secret=" . $secret . "&response=" . $recaptcha . "&remoteip=" . $ip;
            $res = getCurlData($url);
            $res = json_decode($res, true);

            // var_dumping returns null
            var_dump($res);

            //reCaptcha success check 
            if($res['success'] == true) {
                echo "Recaptcha was successfully validated";
            } else {
                echo "Recaptcha was not validated, please try again";
            }
        } else {
            echo "You didn't validate the Recaptcha";
        }
    }
?>

HTML

<form action="home.php" method="post">
    <div class="g-recaptcha" data-sitekey="I removed it for this post"></div>
    <input class="btn btn-primary" type="submit" name="submit" value="SIGN UP" />
</form>

Answer 1

Here is my code running without problem:

Client Side:

<div class="g-recaptcha" data-sitekey="PUBLIC_KEY"></div>

Server Side:

if (isset($_POST['g-recaptcha-response'])) {
    $captcha = $_POST['g-recaptcha-response'];
    $privatekey = "SECRET_KEY";
    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $data = array(
        'secret' => $privatekey,
        'response' => $captcha,
        'remoteip' => $_SERVER['REMOTE_ADDR']
    );

    $curlConfig = array(
        CURLOPT_URL => $url,
        CURLOPT_POST => true,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POSTFIELDS => $data
    );

    $ch = curl_init();
    curl_setopt_array($ch, $curlConfig);
    $response = curl_exec($ch);
    curl_close($ch);
}

$jsonResponse = json_decode($response);

if ($jsonResponse->success === true) {
    doSomething();
}
else {
    doSomeOtherThing();
}

Working here! :)

Answer 2

Your problem is probably with the SSL certificate. You can put this line to let curl ignore it:

curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false)

However, you can put this to test on your localhost but when uploading your website, it is better to have an SSL certificate and this line removed.