Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

helpmyworld's avatar

ReCaptcha integration with Laravel

Please assist me with correcting my recaptcha validation or request.

public function register(Request $request){
       
    	if($request->isMethod('post')){
    	    $data = $request->except(['_token','password']);
    	    $data['password'] = bcrypt($request->password);

            if($this->userExists($data['email'])){
                return redirect()->back()->with('flash_message_error','Email already exists!');
            }
 			//help me with this line below to work with this public function register;
            $data = $request ->except ([ 'g-recaptcha-response' => 'required|captcha',]);
            $user = $this->create($data);

            return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

    	}
    }
0 likes
16 replies
martinbean's avatar

@helpmyworld Are we supposed to guess what problem you’re having…?

How can any one help you “correct” your code if we don’t know what’s actually going wrong? 🤷‍♂️

helpmyworld's avatar

@martinbean You are right. I did not think things through. I am including a google Recaptcha in my website for registration. The tutorial the I am following has the below code. On the controller to create or register user. My code is like this is different on the public function create. See the second code.

public function create (Request $request)
    {
        return [
             'name' => 'required|max: 255',
             'email' => 'required|email|max: 255'
             'g-recaptcha-response' => 'required|recaptcha'
         ];
    }

//MY CODE

public function register(Request $request){
    	if($request->isMethod('post')){
    	    $data = $request->except(['_token','password']);
    	    $data['password'] = bcrypt($request->password);
            if($this->userExists($data['email'])){
                return redirect()->back()->with('flash_message_error','Email already exists!');
            }
    //THE RECAPTCHA WILL GO HERE: g-recaptcha-response' => 'required|recaptcha
            $user = $this->create($data);
            return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');
    	}
    }

I just want to add " 'g-recaptcha-response' => 'required|recaptcha' in my code for it to execute the fuction.

Snapey's avatar
public function register(Request $request){

		$request->validate([
				'email' => 'required|unique:users',
				'g-recaptcha-response' => 'required|captcha',
				'password' => 'required';
		]);
       
		$user->create([
				'username' => $request->input('username'),
				'email' => $request->input('email'),
				'password' => $request->input('password'),				
		]);

        return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

}
helpmyworld's avatar

@Snapey Thank you, the form does not action or user is not registered/created after I included this .

class UsersController extends Controller
{
    public function userLoginRegister(){
        $meta_title = "User Login/Register - Publishing Books";
        return view('users.login_register')->with(compact('meta_title'));
    }

    public function register(Request $request){
        $request->validate([
                'email' => 'required|unique:users',
                'g-recaptcha-response' => 'required|captcha',
                'password' => 'required'
        ]);
        $user->create([
                'username' => $request->input('username'),
                'email' => $request->input('email'),
                'password' => $request->input('password'),              
        ]);
        return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

}

    public function create($data){
        $user = User::create($data);
        // Send Confirmation Email
        $email = $user->email;
        $messageData = ['email'=>$user->email,'name'=>$data['name'],'code'=>base64_encode($data['email'])];
        Mail::send('emails.confirmation',$messageData,function($message) use($email){
            $message->to($email)->subject('Confirm your Account');
        });
        return $user;
    }
helpmyworld's avatar

This is the controller that works currently on the site without any recaptcha.

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\User;
use App\Country;
use Auth;
use Session; 
use DB;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use App\Exports\usersExport;
use Maatwebsite\Excel\Facades\Excel;
use Carbon\Carbon;

class UsersController extends Controller
{

    public function userLoginRegister(){
        $meta_title = "User Login/Register - Publishing Books";
        return view('users.login_register')->with(compact('meta_title'));
    }

    public function login(Request $request){
        if($request->isMethod('post')){
            $data = $request->all();
            /*echo "<pre>"; print_r($data); die;*/
            if(Auth::attempt(['email'=>$data['email'],'password'=>$data['password']])){
                $userStatus = auth()->user();

                if($userStatus->status == 0){
                    return redirect()->back()->with('flash_message_error','Your account is not activated! Please confirm your email to activate.');    
                }
                else{
                    if($userStatus->type == 'Author'){
                        Session::put('frontSession',$data['email']);

                        if(!empty(Session::get('session_id'))){
                            $session_id = Session::get('session_id');
                            DB::table('cart')->where('session_id',$session_id)->update(['user_email' => $data['email']]);
                        }
                        return redirect()->route('author.dashboard');
                    }
                    else{
                        Session::put('frontSession',$data['email']);

                        if(!empty(Session::get('session_id'))){
                            $session_id = Session::get('session_id');
                            DB::table('cart')->where('session_id',$session_id)->update(['user_email' => $data['email']]);
                        }

                        return redirect('/cart');
                    }
                }

            }else{
                return redirect()->back()->with('flash_message_error','Invalid Username or Password!');
            }
        }
    }

    public function register(Request $request){
        //dd(env('APP_NAME'));;

    	if($request->isMethod('post')){
    	    $data = $request->except(['_token','password']);
    	    $data['password'] = bcrypt($request->password);

            if($this->userExists($data['email'])){
                return redirect()->back()->with('flash_message_error','Email already exists!');
            }

            $user = $this->create($data);

            return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

    	}
    }

    public function forgotPassword(Request $request){
        if($request->isMethod('post')){
            $data = $request->all();
            $userCount = User::where('email',$data['email'])->count();
            if($userCount == 0){
                return redirect()->back()->with('flash_message_error', 'Email does not exist');
            }
            //Get User Details
            $userDetails = User::where('email', $data['email'])->first();
            //Generate Random Password
            $random_password = str_random(8);
            //Encode/Secure Password
            $new_password = bcrypt($random_password);
            //Update Password
            User::where('email',$data['email'])->update(['password' => $new_password]);

            //Send Forgot Password Email Code
            $email = $data ['email'];
            $name = $userDetails->name;
            $messageData = [
                'email'=>$email,
                'name'=>$name,
                'password' =>$random_password
            ];
            Mail::send('emails.forgotpassword', $messageData, function($message)use($email){
                $message->to($email)->subject('New Password - Helpmyorld Publishing');
            });
            return redirect('login-register')->with('flash_message_success', 'Please check your email for new password');

        }

        return view ('users.forgot_password');
    }

    public function create($data){

        $user = User::create($data);

        // Send Confirmation Email
        $email = $user->email;
        $messageData = ['email'=>$user->email,'name'=>$data['name'],'code'=>base64_encode($data['email'])];
        Mail::send('emails.confirmation',$messageData,function($message) use($email){
            $message->to($email)->subject('Confirm your Account');
        });

        return $user;
    }

    public function userExists($email){
        return User::whereEmail($email)->exists();
    }

    public function confirmAccount($email){
        $email = base64_decode($email);
        $userCount = User::where('email',$email)->count();
        if($userCount > 0){
            $userDetails = User::where('email',$email)->first();
            if($userDetails->status == 1){
                return redirect('login-register')->with('flash_message_success','Your Email account is already activated. You can login now.');
            }else{
                User::where('email',$email)->update(['status'=>1]);

                // Send Welcome Email
                $messageData = ['email'=>$email,'name'=>$userDetails->name];
                Mail::send('emails.welcome',$messageData,function($message) use($email){
                    $message->to($email)->subject('Welcome to Helpmyworld ');
                });

                return redirect('login-register')->with('flash_message_success','Your Email account is activated. You can login now.');
            }
        }else{
            abort(404);
        }
    }

    public function account(Request $request){
        $user_id = Auth::user()->id;
        $userDetails = User::find($user_id);
        $countries = Country::get();

        if($request->isMethod('post')){
            $data = $request->all();
            /*echo "<pre>"; print_r($data); die;*/

            if(empty($data['name'])){
                return redirect()->back()->with('flash_message_error','Please enter your Name to update your account details!');    
            }

            if(empty($data['address'])){
                $data['address'] = '';    
            }

            if(empty($data['city'])){
                $data['city'] = '';    
            }

            if(empty($data['state'])){
                $data['state'] = '';    
            }

            if(empty($data['country'])){
                $data['country'] = '';    
            }

            if(empty($data['pincode'])){
                $data['pincode'] = '';    
            }

            if(empty($data['mobile'])){
                $data['mobile'] = '';    
            }

            $user = User::find($user_id);
            $user->name = $data['name'];
            $user->address = $data['address'];
            $user->city = $data['city'];
            $user->state = $data['state'];
            $user->country = $data['country'];
            $user->pincode = $data['pincode'];
            $user->mobile = $data['mobile'];
            $user->save();
            return redirect()->back()->with('flash_message_success','Your account details has been successfully updated!');
        }

        return view('users.account')->with(compact('countries','userDetails'));
    }

    public function chkUserPassword(Request $request){
        $data = $request->all();
        /*echo "<pre>"; print_r($data); die;*/
        $current_password = $data['current_pwd'];
        $user_id = Auth::User()->id;
        $check_password = User::where('id',$user_id)->first();
        if(Hash::check($current_password,$check_password->password)){
            echo "true"; die;
        }else{
            echo "false"; die;
        }
    }

    public function updatePassword(Request $request){
        if($request->isMethod('post')){
            $data = $request->all();
            /*echo "<pre>"; print_r($data); die;*/
            $old_pwd = User::where('id',Auth::User()->id)->first();
            $current_pwd = $data['current_pwd'];
            if(Hash::check($current_pwd,$old_pwd->password)){
                // Update password
                $new_pwd = bcrypt($data['new_pwd']);
                User::where('id',Auth::User()->id)->update(['password'=>$new_pwd]);
                return redirect()->back()->with('flash_message_success',' Password updated successfully!');
            }else{
                return redirect()->back()->with('flash_message_error','Current Password is incorrect!');
            }
        }
    }

    public function logout(){
        Auth::logout();
        Session::forget('frontSession');
        Session::forget('session_id');
        return redirect('/');
    }

    public function checkEmail(Request $request){
    	// Check if User already exists
    	$data = $request->all();
		$usersCount = User::where('email',$data['email'])->count();
		if($usersCount>0){
			echo "false";
		}else{
			echo "true"; die;
		}		
    }

    public function viewUsers(){
        $users = User::get();
        return view('admin.users.view_users')->with(compact('users'));
    }
    public function deleteUser($id = null){
        User::where(['id'=>$id])->delete();
        return redirect()->back()->with('flash_message_success', 'User has been deleted successfully');
    }

    public function exportUsers(){
        return Excel::download(new usersExport,'users.xlsx');
    }

    public function viewUsersCharts(){
        $current_month_users = User::whereYear('created_at', Carbon::now()->year)->whereMonth('created_at', Carbon::now()->month)->count();
        $last_month_users = User::whereYear('created_at', Carbon::now()->year)->whereMonth('created_at', Carbon::now()->subMonth(1))->count();
        $last_to_last_month_users = User::whereYear('created_at', Carbon::now()->year)->whereMonth('created_at', Carbon::now()->subMonth(2))->count();
        return view('admin.users.view_users_charts')->with(compact('current_month_users','last_month_users','last_to_last_month_users'));
    }

    public function viewUsersCountriesCharts(){
        $getUserCountries = User::select('country',DB::raw('count(country) as count'))->groupBy('country')->get();
        $getUserCountries = json_decode(json_encode($getUserCountries),true);
        //echo $getUserCountries[0]['country']; die;
        /*echo "<pre>"; print_r($getUserCountries); die;*/
        return view('admin.users.view_users_countries_charts')->with(compact('getUserCountries'));
    }

}
chiefguru's avatar

@helpmyworld forgive the dumb question, but in your initial post, you use the line

$data = $request ->except ([ 'g-recaptcha-response' => 'required|captcha',]);

Now without wading through the validator code, where is the validation rule captcha coming from? As far as I can tell it's not one of the documented validation rules. Have you created your own captcha validation rule?

If you actually want to validate the Google Recaptcha, why not use the PHP library google/recaptcha that was written for this purpose, it's an easy process.

        if ($request->has('g-recaptcha-response')) {
            $token = $request->input('g-recaptcha-response');
            $secret = config('captcha.captcha_v2.captcha_secret');

            $recaptcha = new ReCaptcha($secret, new CurlPost());
            $response = $recaptcha->verify($token);
            if (!$response->isSuccess()) {
                return redirect()->back()->withErrors(['Failed Google Captcha response, please try again.']);
            }
        }
1 like
helpmyworld's avatar

@chiefguru no worries my problem is that I am a "monkey see monkey" do person. I am following a YouTube tutorial and according to it I had to create a reCaptcha.php in the Validator folder under app and put the below code.

<?php
namespace App\Validators;
use GuzzleHttp\Client;
class ReCaptcha
{
    public function validate($attribute, $value, $parameters, $validator)
    {
        $client = new Client;
        $response = $client->post(
            'https://www.google.com/recaptcha/api/siteverify',
            [
                'form_params' =>
                    [
                        'secret' => config('services.recaptcha.secret'),
                        'response' => $value
                    ]
            ]
        );
        $body = json_decode((string)$response->getBody());
        return $body->success;
    }
}

I think the tutorial is good but my challenge will be executing it in my controller when I save/create the user via registration.

//How do I include this in my public function create?

        if ($request->has('g-recaptcha-response')) {
            $token = $request->input('g-recaptcha-response');
            $secret = config('captcha.captcha_v2.captcha_secret');

            $recaptcha = new ReCaptcha($secret, new CurlPost());
            $response = $recaptcha->verify($token);
            if (!$response->isSuccess()) {
                return redirect()->back()->withErrors(['Failed Google Captcha response, please try again.']);
            }
        }
helpmyworld's avatar

@Snapey I have, I have done everything right except that my controller stores the registration user different. That is the only difference between the tutorial and my code.

Tutorial stores or create registration user normally like so:

public function register(Request $request){

		$request->validate([
				'email' => 'required|unique:users',
				'g-recaptcha-response' => 'required|captcha',
				'password' => 'required';
		]);
       
		$user->create([
				'username' => $request->input('username'),
				'email' => $request->input('email'),
				'password' => $request->input('password'),				
		]);

        return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

}

// my controller create or stores registrations in a customized way like this

class UsersController extends Controller
{
    public function userLoginRegister(){
        $meta_title = "User Login/Register - Publishing Books";
        return view('users.login_register')->with(compact('meta_title'));
    }

    public function register(Request $request){
        $request->validate([
                'email' => 'required|unique:users',
                'g-recaptcha-response' => 'required|captcha',
                'password' => 'required'
        ]);
        $user->create([
                'username' => $request->input('username'),
                'email' => $request->input('email'),
                'password' => $request->input('password'),              
        ]);
        return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

}

    public function create($data){
        $user = User::create($data);
        // Send Confirmation Email
        $email = $user->email;
        $messageData = ['email'=>$user->email,'name'=>$data['name'],'code'=>base64_encode($data['email'])];
        Mail::send('emails.confirmation',$messageData,function($message) use($email){
            $message->to($email)->subject('Confirm your Account');
        });
        return $user;
    }
Snapey's avatar

@helpmyworld Its irrelevant how you store

If you want to check the captcha then you have created a validation rule, and you must actually perform some validation in order to check the captcha rule

You must also correctly name the class and then correctly use it according to your naming.

See the section in the docs for creating and using your own validation rules.

https://laravel.com/docs/10.x/validation#custom-validation-rules

1 like
helpmyworld's avatar

@Snapey This is my update however I am not getting through with the registrations

Created folder "Validator" in app and added Recaptcha.php

namespace App\Validators;
use GuzzleHttp\Client;
class ReCaptcha
{
    public function validate($attribute, $value, $parameters, $validator)
    {
        $client = new Client;
        $response = $client->post(
            'https://www.google.com/recaptcha/api/siteverify',
            [
                'form_params' =>
                    [
                        'secret' => config('services.recaptcha.secret'),
                        'response' => $value
                    ]
            ]
        );
        $body = json_decode((string)$response->getBody());
        return $body->success;
    }
}

// I went to the app,servicesproviders and in my boot I added

Validator::extend('recaptcha', 'App\Validators\ReCaptcha@validate');

//in my config, services.php I added.

	//Recaptcha Configurations
    'recaptcha' => [
        'key' => env('GOOGLE_RECAPTCHA_KEY'),
        'secret' => env('GOOGLE_RECAPTCHA_SECRET'),
    ],

//My view

				<div class="g-recaptcha" data-sitekey={{config('services.recaptcha.key')}}></div>
		@endif

Then in my controller I added the validations and rules.

 public function register(Request $request){
        //dd(env('APP_NAME'));;
            
        $rules = ['g-recaptcha-response' => 'required|recaptcha', ];

        $this->validate($request, $rules, [
            'name' => 'required',
            'email' => 'required',
            'password' => 'required',
            'g-recaptcha-response' => 'required|captcha',
        ]);

        // dd('successfully validate');

    	if($request->isMethod('post')){
    	    $data = $request->except(['_token','password']);
    	    $data['password'] = bcrypt($request->password);

            if($this->userExists($data['email'])){
                return redirect()->back()->with('flash_message_error','Email already exists!');
            }
            $user = $this->create($data);

            return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

    	}
    }
helpmyworld's avatar

I ended up using mews/captcha which was easy to use and it is working. But I have a huge dissatisfactory gap of failing to get what I want which is google captcha.

public function register(Request $request){
        //dd(env('APP_NAME'));;
        
        $this->validate($request, [
            'email' => 'required|email',
            'password' => 'required',
            'captcha' => 'required|captcha'
        ],
        [
            'captcha.captcha'=>'Invalid captcha code.'
        ]);

        // dd('successfully validate');

        if($request->isMethod('post')){

            $data = $request->except(['_token','password']);
            $data['password'] = bcrypt($request->password);

            if($this->userExists($data['email'])){
                return redirect()->back()->with('flash_message_error','Email already exists!');
            }

            $user = $this->create($data);

            return redirect()->back()->with('flash_message_success','Please confirm your email to activate your account! Check also in your spam/junk mail');

        }
    }

public function reloadCaptcha()
    {
        return response()->json(['captcha'=> captcha_img('math')]);
    }

Please or to participate in this conversation.