Home/ Questions/Q 980457
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T04:23:04+00:00

Here is a tutorial that indicates how to combine jQuery Form Validation with reCAPTCHA.

  • 0

Here is a tutorial that indicates how to combine jQuery Form Validation with reCAPTCHA.
http://snipplr.com/view/15563/jquery-validating-recaptcha-with-ajax/

Based on my understanding, the above tutorial in fact does a client side validation through aJax that communicates with the server reCAPTCHA script.

After the validation is successful, I use the following code borrowed from the comments:

$('#formID').validate({ 
submitHandler: function(form) { 
 if(validateCaptcha()){ // Submit form 
offerForm.ajaxSubmit(); } } });

to submit the form and please see line 21 of the original code:

$("form").attr("action", "http://action/to/the/form_handler.php");

My question is whether or not I MUST call recaptcha_check_answer inside form_handler.php with passed in parameters 

challengeField = $("input#recaptcha_challenge_field").val();
responseField = $("input#recaptcha_response_field").val();

If not, then a person can easily avoid the reCAPTCHA by changing the validation procedure.
It seems that the same idea that we always have to both client+server validation.

Please correct my idea if I misunderstand.

// Give detail information for the issue I have ///

    <code>
    <form id="regFormBody" method="post" action="verify.php">
    ...
    </code>

      $("#regFormBody").validate({
          debug: true,
          errorPlacement: function (error, element) {
            error.insertAfter(element.parents('div.collection:first'));
          },

          rules: {
            loginemail: { required: true, email: true, rangelength: [4, 32] },
            password: { required: true, rangelength: [8, 30], passwordPattern: true },
            confirmpassword: { required: true, rangelength: [8, 30], equalTo: "#password" }
          }
          }
        });

Here is the problem I have:
If the form passes the client side validation, then it doesn’t NOT trigger the verify.php at all and stops after the validation.
thank you

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, that sounds correct to me. Yes, you definitely need to validate the captcha on the server. I don’t like the idea of validating the captcha client-side at all and I don’t think you want to be posting your reCaptchi API keys in a script that user can get hold of either. Also I’d expect the second validation of the same captcha values (your server-side check after the client-side checke) would get rejected by recaptcha’s servers anyway (confirmation of this from a comment on the original blog).

    So I think you need to post the captcha to your AJAX action handler and it should do the validation as well as your action. You could validate the user has entered something for the captcha before you submit it but IMO you shouldn’t try and validate it client side at all.

    • 0