How to Add reCAPTCHA to a PHP Form

July 30, 2025
No Comments

reCAPTCHA is used to protect websites from spam, fake sign-ups, and malicious bots. It helps ensure that only real human users can submit forms or access secure areas. By adding reCAPTCHA, you reduce the risk of automated attacks and keep your data safe. It also improves user trust by showing that your site is secure. Overall, reCAPTCHA is a simple yet powerful tool to enhance website security.

Step-by-Step Solution

🔐 Go to Google reCAPTCHA Admin Console

👉 https://www.google.com/recaptcha/admin

Option A: Edit Existing Key (if you already have one)

    1. Click your existing reCAPTCHA project label

    2. Click “Settings” (gear icon in top-right)

    3. Under Domains, add:


yourdomain.com
www.yourdomain.com

(For example: gokuls.org and www.gokuls.org)

Option B: Create a New Site Key (recommended if unsure)

  1. Click + Create

  2. Fill the form:

      • Label: Any name (e.g., “Gokuls reCAPTCHA”)
      • reCAPTCHA type:  v2 → “I’m not a robot” checkbox
      • Domains:
    
yourdomain.org
www.yourdomain.org
    • Accept the reCAPTCHA terms
    • Click Submit

 

Copy the New Site Key & Secret Key

      • Site Key → Paste in your HTML:
    
<div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY_HERE"></div>
    • Secret Key → Use in backend PHP (optional for full validation)

 

Clear Cache / Reupload HTML

Sometimes browser cache or server-side CDN might still load old scripts. Make sure:

  • You clear browser cache
  • You replace the old site key with the new one
  • Your website is served under the correct domain (HTTPS recommended)

Final HTML Snippet Example

If you’re using contact.php, open it and place the code like this:


<form action="verify.php" method="POST" onsubmit="return validateRecaptcha();">
  <input type="text" name="name" required>
  <div class="g-recaptcha" data-sitekey="6LcXXXXXX-Your-Site-Key"></div>
  <input type="submit" value="Send">
</form>

<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script>
  function validateRecaptcha() {
    const response = grecaptcha.getResponse();
    if (response.length === 0) {
      alert("Please verify you're not a robot.");
      return false;
    }
    return true;
  }
</script>