Documentation
PHP
Use cURL for the server verification call and keep the secret out of templates.
verification helper
getenv('CAPTCHA_CC_SECRET_KEY'),
'proof_token' => $proofToken,
]);
$ch = curl_init('https://captcha.cc/v1/siteverify');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
$raw = curl_exec($ch);
if ($raw === false) {
$error = curl_error($ch);
curl_close($ch);
throw new RuntimeException('captcha.cc request failed: ' . $error);
}
curl_close($ch);
return json_decode($raw, true, 512, JSON_THROW_ON_ERROR);
}