So, hear me out I've been told a few times N O T to use the fopen() function in PHP, because it is not safe. It was even disabled on the server where I had to use, and our provider simply said "It is not safe". Now we have our own server and full control over everything. Now, I need to use the fopen() function for Google's reCaptcha. My question is.... is it a good idea to use fopen() like that? Will I be (more) vulnerable to attacks? Also, I did found some similar answers to this same question, but they are over 7 years old. The PHP version is 7.3 where it would be running.
To avoid this, I just implemented a simple math question, but reCaptcha would really, really be nice.
$recapchaResponse=$_POST['g-recaptcha-response'];
$secretKey = 'superDuperSecret';
$request = fopen("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$recapchaResponse);
$response = json_decode($request);
etc...
Aucun commentaire:
Enregistrer un commentaire