OWLIB Web Directory

~ OWLIB Web Directory ~ Since 2005 ~

Tweet

Login | Home | News | Blogs | Suggest URL | Latest Links | Submission Guidelines | About Us | Link To Us | Email Us

 

How to implement Google reCaptcha version 2.0 in websites that use Oracle PL/SQL with Oracle Database Express Edition (XE)

Date: December 28, 2015
Tags: Oracle Database Express Edition, Google Recaptcha, Oracle Pl/Sql


Oracle stored packages (and procedures) do not allow dashes/hyphen ("-") in the parameter name. Oracle will not allow you to create a package with parameter name as g-recaptcha-response. Hence, you will not be able to post using g-recaptcha-response. Instead create a parameter called g_recaptcha_response in your package. Also create a field in your html form with the name of g_recaptcha_response. In other words, you will post  g_recaptcha_response instead.

Place the "I'm not a robot" widget outside your html form. If you place this widget as part of the html form, then it will post g-recaptcha-response to your package, and the html post will error out, as you do not have (and cannot create) a parameter called g-recaptcha-response in your package.

When the user submits the html form, use JavaScript "on submit" event to get the value of reCaptcha response via grecaptcha.getResponse and populate your html form field g_recaptcha_response

Now, all you need to do is verify if the value of g_recaptcha_response received (via post) is valid or not, using API request to https://www.google.com/recaptcha/api/siteverify. You can use UTL_HTTP to do this. However, notice that this url is "https" and not "http", hence your UTL_HTTP request will fail with certificate validation error. Oracle XE does not support Oracle Wallet, directly. UTL_HTTP will not work for "https". The best way to resolve this issue is to use ProxyPass directives in your Apache web server. You will need to create a http link (on your host) that redirects to google's https link. Then, use your http link in UTL_HTTP request to call https://www.google.com/recaptcha/api/siteverify. More details about this workaround are at https://blog.hazrulnizam.com/openssl-workaround-oracle-xe-wallet/.

An example of this implementation can be found at http://www.owlib.com/dir/dir.suggest_url?p_cat_id=-1.

Please feel free to email us with your comments or questions. Thanks.

References:

https://developers.google.com/recaptcha/intro

 

Comments:

Leo
December 31, 2015
Thanks! This really helped.
Reply

Sandra
January 01, 2016
Can you share your website?
Reply

Leo
January 01, 2016
Working on it!!!
Reply

Sam
December 31, 2015
Tried the Oracle Wallet Workaround for Oracle XE. Did not work. Do we have any other workarounds. Thanks.
Reply

Jason
January 01, 2016
The workaround does not work always. Just do the redirect in apache or any other webserver.
Reply

James
January 01, 2016
When is the next version of Oracle XE coming?
Reply

Rod Smith
January 01, 2016
It should come out after Oracle Database 12c Release 2 is GA.
Reply

James
April 24, 2016
Agree.
Reply

Rahul Sharma
January 01, 2016
You never know.
Reply

 
Name*:
Email*:
The content of this field is kept private and will not be shown publicly.
Comment*:
 
Copyright © 2005-2016 OWLIB.COM - OWLIB Web Directory. All Rights Reserved. | Terms of Use | Privacy Policy | Check Submission Status