Error validating the Captcha

I could find the solution.

At first, I found out, that the same project installation with the same content (except the keys for the reCaptcha, which were each domain-dependet) worked on the one server fluently with the reCaptcha, but on the other not (look above). So I compared both queries and determined that one of the servers generated its query with & a m p ; and the other, as requested by the google-reCaptcha specification worked only with &. The & a m p ; may not be, because then the reCaptcha reports an error (success:false).

After that I take a look, how Joomla solves that problem. I use many Joomla installations on my 2nd server, which all run smoothly with reCaptcha forms. There I’ve seen the following code, which doesn’t work with http_build_query($Arr), but which use urlencode(stripslashes($value)). I changed this in user/plugins/form/form.php - and now it works on both servers very well.

                // Validate the captcha
                $query = "";
                
                // modif. generat array for later use in foreach
                 $queryArr = array(
                    'secret'   => $recaptchaSecret,
                    'response' => $form->value('g-recaptcha-response', true),
                    'remoteip' => $_SERVER['REMOTE_ADDR'],
                    'v'        => 'php_1.0',
                );
                // bad solution:
                $query = http_build_query($queryArr);
                
                // replacing better solution:
                foreach ($queryArr as $key => $value) {
                    $query .= $key.'='. urlencode(stripslashes($value)).'&';
                }
                // echo '<br />$query new/solved:'.
                $query = substr($query, 0, strlen($query) - 1);
                // echo '<br />$url: '.
                    $url = 'https://www.google.com/recaptcha/api/siteverify?' . $query;

                $responseStrg = file_get_contents($url);

It would be really good if you can take my modification into the core.
I think that the Joomla developers have not groundless chosen this variant for query generation.

1 Like