Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 13 of 13
  1. #1
    Regular Coder gcmax's Avatar
    Join Date
    Sep 2010
    Location
    Leeds
    Posts
    108
    Thanks
    8
    Thanked 5 Times in 5 Posts

    "For security reasons, you must pass the remote ip to reCAPTCHA"

    Hello.

    I keep getting the warning: "For security reasons, you must pass the remote ip to reCAPTCHA" no matter what I change within my code and I just can't understand why. The Google documentation for implementing in PHP is very simple and the resulting script throws no syntax errors.

    It seems to have a problem with this line (Google's code) in verify.php:
    Code:
    $SERVER["REMOTE_ADDR"],
    The setup is a custom blog: http://www.bellsdomestics.co.uk/blog.php storing comments in an html file and including them on a php page which contains html form and other elements. Simple checking of form fields is being done by javascript and the method is POST with verify.php as the action.

    Code:
    HTML
    <!-- Comments Section -->
    <div class="cmnt_wrap"><div class="cmnt_bakg"><div class="cmnt"><?php include "blog_cmnt.html"; ?></div></div></div>
    
    <!-- Reply to Post -->
    <div class="rply_wrap"><div class="rply_bakg"><div class="rply_head"></div><div class="rply_body"><div class="rply_innr">
    <form id="blog_rply" action="script/verify.php" onsubmit="return validateForm()" method="post">
    <p><label for="name" />Name&nbsp;&nbsp;</p>
    <fieldset><input type="text" id="name" name="name" class="field" /></fieldset>
    <p><label for="content" /><br/>Enter your comment in the box below<br/></p>
    <p><textarea id="content" name="comment" class="field" rows="" cols=""></textarea><br/></p>
    <div id="recaptcha">
    <?php
    require_once('script/recaptchalib.php');
    $publickey = "my_public_key_hiddden";
    echo recaptcha_get_html($publickey);
    ?>
    </div>
    <fieldset><input type="submit" id="submit" name="submit" value="" /></fieldset>
    </form>
    </div></div></div></div>
    Code:
    PHP (verify.php)
    <?php
    if($_POST){
    require_once('recaptchalib.php');
    $privatekey =  "my_private_key_hidden";
    $resp = recaptcha_check_answer ($privatekey,
    $SERVER["REMOTE_ADDR"],
    $POST["recaptcha_challenge_field"],
    $POST["recaptcha_response_field"]);
    
    // If repsonse is NOT (!) valid, warn the user
    if (!$resp->is_valid){
    die ("The reCAPTCHA wasn't entered correctly. Please try again.".
    "(reCAPTCHA said: " . $resp->error . ")");
    
    // If the response is correct then allow comments to be added
    }else{
    
    $name = $_POST['name'];
    $content = $_POST['comment'];
    $handle = fopen("../blog_cmnt.html","a");
    fwrite($handle,"<b>" . $name . "</b>:<br/>" . $content . "<br/><br/>");
    fclose($handle);
    }
    echo "Your comment has been added, now returning to Bells Domestics Blog...";
    header('Location:' . $_SERVER['HTTP_REFERER']);
    } 
    ?>
    The other PHP script is the recaptchalib.php which was downloaded from: https://code.google.com/p/recaptcha/...Aphplib-Latest this has not been altered.

    I would really appreciate some help and if anyone else is suffering from the same issues maybe they can get them resolved too.
    Last edited by gcmax; 03-21-2013 at 01:27 PM.
    ---------------------------------
    website: www.gcmax.co.uk
    webmail: stevenbell@gcmax.co.uk
    ---------------------------------

  • #2
    Regular Coder patryk's Avatar
    Join Date
    Oct 2012
    Location
    /dev/couch
    Posts
    398
    Thanks
    2
    Thanked 64 Times in 64 Posts
    you have $SERVER["REMOTE_ADDR"] instead of $_SERVER["REMOTE_ADDR"] in verify.php. typo

    and why use that annoying recaptcha? who the hell can read that hieroglyphs...
    Last edited by patryk; 03-21-2013 at 02:57 PM.

  • Users who have thanked patryk for this post:

    gcmax (03-21-2013)

  • #3
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,313
    Thanks
    58
    Thanked 525 Times in 512 Posts
    Blog Entries
    5
    Quote Originally Posted by patryk View Post
    and why use that annoying recaptcha?
    +1.

    I can't read them and the audible versions are impossible to understand too. They've gone far too far with making it unrecognisable

    You're best off using a question and answer now
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Image counting ftw!
    How many bunnies do you see in this image?
    I keep recaptcha at bay with a 10' pole I makeshift'd.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #5
    Regular Coder gcmax's Avatar
    Join Date
    Sep 2010
    Location
    Leeds
    Posts
    108
    Thanks
    8
    Thanked 5 Times in 5 Posts

    Smile

    Thanks patryk
    Wow, what an oversight. I also had to change;

    Code:
    $POST["recaptcha_challenge_field"],
    $POST["recaptcha_response_field"]);
    to
    Code:
    $_POST["recaptcha_challenge_field"],
    $_POST["recaptcha_response_field"]);
    Not sure why Google would supply faulty code like this. Documentation is pretty limited also.


    Just have to get my function correct now for reloading the original page as everything else is working!

    <b>Ps:</b> I know what your saying with the unreadable words, CAPTCHA can be frustrating but this 'seemed' like a quick fix to stop spam. This was after I ip banned a commenter from the site. Unfortunately we lost our google position due to lots of viagra spam from a robot based in Russia ~ lame :/
    ---------------------------------
    website: www.gcmax.co.uk
    webmail: stevenbell@gcmax.co.uk
    ---------------------------------

  • #6
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,313
    Thanks
    58
    Thanked 525 Times in 512 Posts
    Blog Entries
    5
    Quote Originally Posted by gcmax View Post
    CAPTCHA can be frustrating
    No, not Captcha, ReCaptcha. Captcha is the name of the technique and there are many that are still easy to read while blocking bots (well temporarily anyway).

    ReCaptcha is a service that offers you a captcha on your site. THEIR captchas are increasingly hard to use. If you use it, you use it at your peril especially on contact and order forms.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #7
    Regular Coder patryk's Avatar
    Join Date
    Oct 2012
    Location
    /dev/couch
    Posts
    398
    Thanks
    2
    Thanked 64 Times in 64 Posts
    Quote Originally Posted by Fou-Lu View Post
    Image counting ftw!
    How many bunnies do you see in this image?
    I keep recaptcha at bay with a 10' pole I makeshift'd.
    once i got so frustrated with reCaptcha that i made this: http://photocaptcha.us/demo.php
    ...kinda dropped the project some time ago tho

  • #8
    Regular Coder gcmax's Avatar
    Join Date
    Sep 2010
    Location
    Leeds
    Posts
    108
    Thanks
    8
    Thanked 5 Times in 5 Posts
    A good idea patryk, could mean some nice extra traffic. I guess for people with screen readers you just use the alt tag instead of having to build an audio library for every captcha.

    UPDATE: Just finished off the coding for it now: http://www.bellsdomestics.co.uk/blog.php

    All working now so it's time for some content, then solve Google+1 and Facebook button issues and finally W3C compliance.
    Other than that and interestingly I think a robot or someone messing around who has seen this thread put a spam comment in after I got recaptcha to work!! I really do hope it is a joke and not a sign of things to come because otherwise, what is the point of having a recaptcha?

    Cheers.
    ---------------------------------
    website: www.gcmax.co.uk
    webmail: stevenbell@gcmax.co.uk
    ---------------------------------

  • #9
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Quote Originally Posted by patryk View Post
    once i got so frustrated with reCaptcha that i made this: http://photocaptcha.us/demo.php
    ...kinda dropped the project some time ago tho
    I like it!

    Quote Originally Posted by gcmax View Post
    A good idea patryk, could mean some nice extra traffic. I guess for people with screen readers you just use the alt tag instead of having to build an audio library for every captcha.

    UPDATE: Just finished off the coding for it now: http://www.bellsdomestics.co.uk/blog.php

    All working now so it's time for some content, then solve Google+1 and Facebook button issues and finally W3C compliance.
    Other than that and interestingly I think a robot or someone messing around who has seen this thread put a spam comment in after I got recaptcha to work!! I really do hope it is a joke and not a sign of things to come because otherwise, what is the point of having a recaptcha?

    Cheers.
    Captcha's block bots, not people. There are actually people whom are paid just to post spam. Bots are much easier to write of course, and if you use common things like a vBulletin or a widely used cms than you are often targeted for the ease of automation.
    There isn't a thing you can do about a human though. That's why you need to add additional spam blocking tools. For example, from what I see I delete about 20 posts per hour on average as spam. Given what it shows, those are posts and threads not seen by other users, so our new spam fighting techniques are working well. I don't mind cleaning up a few hundred junk spam that's stuck in moderation queue every day; it sure beats a few months ago when we were seeing hundreds of posts passing through queue and showing up. What a mess that was.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #10
    Regular Coder patryk's Avatar
    Join Date
    Oct 2012
    Location
    /dev/couch
    Posts
    398
    Thanks
    2
    Thanked 64 Times in 64 Posts
    Quote Originally Posted by gcmax View Post
    I guess for people with screen readers you just use the alt tag instead of having to build an audio library for every captcha.
    Cheers.
    but it has audio. i just never made nice button for it in gui. click TTS link

    and btw i personally find this one easier to understand that reCaptcha's text-to-speach. it seams to me that reCaptcha's goal in creating that TTS thing was to make blind ppl feel like they are getting deaf too
    Last edited by patryk; 03-21-2013 at 07:19 PM.

  • #11
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,627
    Thanks
    0
    Thanked 647 Times in 637 Posts
    Quote Originally Posted by tangoforce View Post
    I can't read them and the audible versions are impossible to understand too. They've gone far too far with making it unrecognisable

    "They" haven't made it unrecognisable at all - they know it is unrecognisable and are asking for help in figuring it out. Each RECAPTCHA image consists of two words - one known and one that is straight out of a book that has been scanned in where they can't make sense of the word. By having lots of people guess at what they think the word is they hope to be able to finish converting the scanned book into text. The actual CAPTCHA portion works mainly off of the easier to read word that is already known.

    That this also provides a way to try to block bots is a side effect - the primary purpose that RECAPTCHA is intending to perform is to get help in decoding words where the OCR they are using can't figure out the word from the scanned copy. Their end goal is to end up with millions of books scanned and converted to text.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • #12
    Regular Coder gcmax's Avatar
    Join Date
    Sep 2010
    Location
    Leeds
    Posts
    108
    Thanks
    8
    Thanked 5 Times in 5 Posts

    UPDATE: reCAPTCHA removed!

    After the effort to get reCAPTCHA to work we still got spam and from the context, frequency and no. of pages viewed they were bots.
    To fix I made a small PHP script to send the contents of the message to my email address at work, after which I will manually add comments after reviewing them first. It seems the only way to fully block all spam.

    Ps: Google has now reduced our website to 2 extra links under our main URL due to this latest spam, so I can't take the risk any more. I HATE spammers

    By the way if anyone wants my code for the message system, pm me and I will help you implement it, maybe you will have better luck than I did!
    ---------------------------------
    website: www.gcmax.co.uk
    webmail: stevenbell@gcmax.co.uk
    ---------------------------------

  • #13
    Regular Coder patryk's Avatar
    Join Date
    Oct 2012
    Location
    /dev/couch
    Posts
    398
    Thanks
    2
    Thanked 64 Times in 64 Posts
    if that's only against bots then why not simply use honeypot? http://en.wikipedia.org/wiki/Honeypot_(computing)
    99% of spambots won't know if form input is hidden or not. just name inputs in smart manner and you should be good


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •