June 2, 2019
You’ll need your “site key” and “secret” in order to proceed.
A. Add the JavaScript library to your page, for example in the <HEAD> or <BODY> block.
B. Add this HTML code where you want to show the hCaptcha button, for example inside a login form. Remember to replace “your_site_key” with your actual site key!
In order to confirm the user sent you a real passcode, and in order to get credited for the answer, you must check the result from your server while providing your secret.
The simplest way to do this with PHP is something like the following. Remember to replace “your_secret_key” with your actual secret!
if you prefer the cURL style, you could use:
We do not suggest using a GET request with URL parameters, like this:
As this may break now or in the future due to the length of the URL.
Q: How do I know if it’s working?
A: You’ll see the “served” / “solved” / “verified” counters on your hCaptcha.com dashboard go up.
Served when captcha is being shown to users, solved when somebody solved the challenge and verified once you successfully send the hCaptcha token the user gave you to siteverify.
If you don’t see “verified” going up after making your backend call, make sure that you are sending the siteverify request correctly.
Q: How do I prevent the user from submitting a form to my server without a valid hCaptcha response?
Q: What does a complete PHP contact form example look like?
A: here’s a complete example. Put this in contact-form.php and add your secret and site key.