I made a form in PHP with Google Captcha . Everything works. If someone sends the email via form, it arrives perfect, has required, etc. The problem is that the spans access the e-mail page on the site, eg "www.site.com.br/enviar-email.php" .
Can you put a code inside the same file by preventing it from accessing this page or by preventing the code from working because the fields are empty?
This is the code:
<?
function post_captcha($user_response) {
$fields_string = '';
$fields = array(
'secret' => '____aqui a secret key____',
'response' => $user_response
);
foreach($fields as $key=>$value)
$fields_string .= $key . '=' . $value . '&';
$fields_string = rtrim($fields_string, '&');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
$result = curl_exec($ch);
curl_close($ch);
return json_decode($result, true);
}
// Call the function post_captcha
$res = post_captcha($_POST['g-recaptcha-response']);
if (!$res['success']) {
// What happens when the CAPTCHA wasn't checked
echo '<p>Please go back and make sure you check the security CAPTCHA box.</p><br>';
} else {
// If CAPTCHA is successfully completed...
// Paste mail function or whatever else you want to happen here!
echo '<br><p>CAPTCHA was completed successfully!</p><br>';
}
$nome = $_POST['nome'];
$fone = $_POST['telefone'];
$email = $_POST['endereco'];
$assunto = $_POST['assunto'];
$msg = $_POST['msg'];
$conteudo = "<table width='600' border='0' cellspacing='2' cellpadding='2'>
<tr>
<td colspan='1' align='center'><h3><em>Assunto do E-mail</em></h3></td>
</tr>
<tr>
<td width='30%' bgcolor='#f0f0f0'><strong>Nome:</strong></td>
<td>$nome</td>
</tr>
<tr>
<td width='30%' bgcolor='#f0f0f0'><strong>Telefone:</strong></td>
<td>$fone</td>
</tr>
<tr>
<td width='30%' bgcolor='#f0f0f0'><strong>Email:</strong></td>
<td>$email</td>
</tr>
<tr>
<td width='30%' bgcolor='#f0f0f0'><strong>Assunto:</strong></td>
<td>$assunto</td>
</tr>
<tr>
<td width='30%' bgcolor='#f0f0f0'><strong>Mensagem:</strong></td>
<td>$msg</td>
</tr>
</table>";
$seuemail = "[email protected]";
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=UTF-8\r\n";
$headers .= "From:".$email." \r\n";
$assunto = $assunto;
$enviar = mail($seuemail, $assunto, $conteudo, $headers);
if($enviar) {
echo "<script type='text/javascript'> alert('Contato Enviado com Sucesso!'); window.location.href='contato.php'; </script>";
}else{
echo "<script type='text/javascript'> alert('Ocorreu algum erro ao enviar o formulário'); </script>";
}
?>