Recaptcha invia dati al submit

[ada50]

Salve sono qua a chiedere aiuto ancora una volta. Ho inserito in un form il recaptcha di Google e l'ho provato su server locale. La cosa strana e che quando ricevo l'email con i dati inseriti nel form dall'utente mi arrivano anche i dati del recaptcha.
Per essere più chiaro posto il risultato:

Dati Utente
IP Address : 127.0.0.1
Nome : nero
Cognome : wolfe
Email : miamail@gmail.com
Verifica : miamail@gmail.com
Citta :
Professione :
FormPrivacy : confermato
Risposta : verde
Recaptcha Challenge Field : 03AHJ_VutTacncr9CWiGH3HQKXHA2GQXFpAG6FF7laW2DAn_Ml yEIXWKiEK5CoOCZuFxNDxSy9POfznBOrQr61Rl0GT80N7X1pyg BSiERmMzCYj7oLKa5ATQrfUbMyMzEviB-NztO9yi72EnuHz9tBTegMJKD5vB-yZw
Recaptcha Response Field : for tslling[/SIZE] [/SIZE] Non sò se questo è normale.

Per maggiore chiarezza inserisco lo script php

Codice PHP:

<?php
require_once('recaptchalib.php');
$privatekey = "mia privatekey";
$publickey = "miapublickey";
if (isset($_POST['recaptcha_response_field']))
{
   $response = recaptcha_check_answer($privatekey, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
   if (!$response->is_valid)
   {
      die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $response->error . ")");
   }
}
?>
<?php
   function ValidateEmail($email)
   {
      $pattern = '/^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i';
      return preg_match($pattern, $email);
   }

   if($_SERVER['REQUEST_METHOD'] == 'POST')
   {
      $mailto = 'mia@mail';
      $mailfrom = isset($_POST['email']) ? $_POST['email'] : $mailto;
      $subject = 'Nuovo Iscritto';
      $message = 'Dati Utente';
      $success_url = './conferma.html';
      $error_url = '';
      $error = '';
      $mysql_server = '127.0.0.1';
      $mysql_database = 'db_form';
      $mysql_table = 'dati';
      $mysql_username = 'root';
      $mysql_password = '';
      $autoresponder_from = 'noreplay@miamail';
      $autoresponder_subject = ' ';
      $autoresponder_message = '';
      $eol = "\n";
      $max_filesize = isset($_POST['filesize']) ? $_POST['filesize'] * 1024 : 1024000;
      $boundary = md5(uniqid(time()));

      $header  = 'From: '.$mailfrom.$eol;
      $header .= 'Reply-To: '.$mailfrom.$eol;
      $header .= 'MIME-Version: 1.0'.$eol;
      $header .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'.$eol;
      $header .= 'X-Mailer: PHP v'.phpversion().$eol;
      if (!ValidateEmail($mailfrom))
      {
         $error .= "The specified email address is invalid!\n
";
      }

      if (!empty($error))
      {
         $errorcode = file_get_contents($error_url);
         $replace = "##error##";
         $errorcode = str_replace($replace, $error, $errorcode);
         echo $errorcode;
         exit;
      }

      $internalfields = array ("submit", "reset", "send", "captcha_code");
      $message .= $eol;
      $message .= "IP Address : ";
      $message .= $_SERVER['REMOTE_ADDR'];
      $message .= $eol;
      foreach ($_POST as $key => $value)
      {
         if (!in_array(strtolower($key), $internalfields))
         {
            if (!is_array($value))
            {
               $message .= ucwords(str_replace("_", " ", $key)) . " : " . $value . $eol;
            }
            else
            {
               $message .= ucwords(str_replace("_", " ", $key)) . " : " . implode(",", $value) . $eol;
            }
         }
      }

      $body  = 'This is a multi-part message in MIME format.'.$eol.$eol;
      $body .= '--'.$boundary.$eol;
      $body .= 'Content-Type: text/plain; charset=ISO-8859-1'.$eol;
      $body .= 'Content-Transfer-Encoding: 8bit'.$eol;
      $body .= $eol.stripslashes($message).$eol;
      if (!empty($_FILES))
      {
          foreach ($_FILES as $key => $value)
          {
             if ($_FILES[$key]['error'] == 0 && $_FILES[$key]['size'] <= $max_filesize)
             {
                $body .= '--'.$boundary.$eol;
                $body .= 'Content-Type: '.$_FILES[$key]['type'].'; name='.$_FILES[$key]['name'].$eol;
                $body .= 'Content-Transfer-Encoding: base64'.$eol;
                $body .= 'Content-Disposition: attachment; filename='.$_FILES[$key]['name'].$eol;
                $body .= $eol.chunk_split(base64_encode(file_get_contents($_FILES[$key]['tmp_name']))).$eol;
             }
         }
      }
      $body .= '--'.$boundary.'--'.$eol;
      mail($mailto, $subject, $body, $header);
      $autoresponder_header  = 'From: '.$autoresponder_from.$eol;
      $autoresponder_header .= 'Reply-To: '.$autoresponder_from.$eol;
      $autoresponder_header .= 'MIME-Version: 1.0'.$eol;
      $autoresponder_header .= 'Content-Type: text/plain; charset=ISO-8859-1'.$eol;
      $autoresponder_header .= 'Content-Transfer-Encoding: 8bit'.$eol;
      $autoresponder_header .= 'X-Mailer: PHP v'.phpversion().$eol;
      mail($mailfrom, $autoresponder_subject, $autoresponder_message, $autoresponder_header);
      $search = array("ä", "Ä", "ö", "Ö", "ü", "Ü", "ß", "!", "§", "$", "%", "&", "/", "\x00", "^", "°", "\x1a", "-", "\"", " ", "\\", "\0", "\x0B", "\t", "\n", "\r", "(", ")", "=", "?", "`", "*", "'", ":", ";", ">", "<", "{", "}", "[", "]", "~", "²", "³", "~", "µ", "@", "|", "<", "+", "#", ".", "´", "+", ",");
      $replace = array("ae", "Ae", "oe", "Oe", "ue", "Ue", "ss");
      foreach($_POST as $name=>$value)
      {
         $name = str_replace($search, $replace, $name);
         $name = strtoupper($name);
         $form_data[$name] = $value;
      }
      mysql_connect($mysql_server, $mysql_username, $mysql_password) or die('Failed to connect to database server!
'.mysql_error());
      mysql_query("CREATE DATABASE IF NOT EXISTS $mysql_database");
      mysql_select_db($mysql_database) or die('Failed to select database
'.mysql_error());
      mysql_query("CREATE TABLE IF NOT EXISTS $mysql_table (ID int(9) NOT NULL auto_increment, DATESTAMP DATE, TIME VARCHAR(8), IP VARCHAR(15), BROWSER TINYTEXT, PRIMARY KEY (id)) TYPE=MyISAM");
      foreach($form_data as $name=>$value)
      {
         mysql_query("ALTER TABLE $mysql_table ADD $name VARCHAR(255)");
      }
      mysql_query("INSERT INTO $mysql_table (DATESTAMP, TIME, IP, BROWSER)
                   VALUES ('".date("Y-m-d")."',
                   '".date("G:i:s")."',
                   '".$_SERVER['REMOTE_ADDR']."',
                   '".$_SERVER['HTTP_USER_AGENT']."')")or die('Failed to insert data into table!
'.mysql_error()); 
      $id = mysql_insert_id();
      foreach($form_data as $name=>$value)
      {
         mysql_query("UPDATE $mysql_table SET $name='".mysql_real_escape_string($value)."' WHERE ID=$id") or die('Failed to update table!
'.mysql_error());
      }
      mysql_close();
      header('Location: '.$success_url);
      exit;
   }
?>

e il relativo html almeno la parte Java e la parte eco del recaptcha:

codice:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text/javascript">
<!--
function Validateform(theForm)
{
   var regexp;
   regexp = /^[A-Za-zƒŠŒŽšœžŸÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿ \t\r\n\f]*$/;
   if (!regexp.test(theForm.formboxNome.value))
   {
      alert("Campo nome obbligatorio");
      theForm.formboxNome.focus();
      return false;
   }
   if (theForm.formboxNome.value == "")
   {
      alert("Campo nome obbligatorio");
      theForm.formboxNome.focus();
      return false;
   }
   regexp = /^[A-Za-zƒŠŒŽšœžŸÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿ \t\r\n\f\']*$/;
   if (!regexp.test(theForm.formboxCognome.value))
   {
      alert("Campo cognome obbligatorio");
      theForm.formboxCognome.focus();
      return false;
   }
   if (theForm.formboxCognome.value == "")
   {
      alert("Campo cognome obbligatorio");
      theForm.formboxCognome.focus();
      return false;
   }
   regexp = /^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i;
   if (!regexp.test(theForm.formboxemail.value))
   {
      alert("Campo Email obbligatorio");
      theForm.formboxemail.focus();
      return false;
   }
   if (theForm.formboxemail.value == "")
   {
      alert("Campo Email obbligatorio");
      theForm.formboxemail.focus();
      return false;
   }
   regexp = /^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i;
   if (!regexp.test(theForm.formboxVerifica.value))
   {
      alert("L'indirizzo Email inserito non corrisponde");
      theForm.formboxVerifica.focus();
      return false;
   }
   if (theForm.formboxVerifica.value == "")
   {
      alert("L'indirizzo Email inserito non corrisponde");
      theForm.formboxVerifica.focus();
      return false;
   }
   if (theForm.formboxVerifica.value != theForm.formboxemail.value)
   {
      alert("L'indirizzo Email inserito non corrisponde");
      theForm.formboxVerifica.focus();
      return false;
   }
   regexp = /^[A-Za-zƒŠŒŽšœžŸÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿ \t\r\n\f\']*$/;
   if (!regexp.test(theForm.formboxcitta.value))
   {
      alert("Please enter only letter, whitespace and \"\'\" characters in the \"citta\" field.");
      theForm.formboxcitta.focus();
      return false;
   }
   regexp = /^[A-Za-zƒŠŒŽšœžŸÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýþÿ \t\r\n\f]*$/;
   if (!regexp.test(theForm.formboxProfessione.value))
   {
      alert("Please enter only letter and whitespace characters in the \"professione\" field.");
      theForm.formboxProfessione.focus();
      return false;
   }
   if (theForm.formcontrolloPrivacy.checked != true)
   {
      alert("Devi accettare le condizionidella privacy");
      return false;
   }
   regexp = ;
   if (!regexp.test(theForm.formEditbox1.value))
   {
      alert("Colori campo obbligatorio");
      theForm.formEditbox1.focus();
      return false;
   }
   if (theForm.formEditbox1.value == "")
   {
      alert("Colori campo obbligatorio");
      theForm.formEditbox1.focus();
      return false;
   }
   return true;
}
//-->
</script>
<script type="text/javascript">
var RecaptchaOptions = {
   theme: 'white'
};
</script>
</head>
<body>
<div id="container">
<div id="header" style="position:absolute;text-align:left;left:0px;top:5px;width:960px;height:200px;z-index:20;" title="">
</div>
<div id="wb_formExtension1" style="position:absolute;left:87px;top:538px;width:324px;height:138px;z-index:17;">
<?php
echo recaptcha_get_html($publickey);
?>
</form>
</div>

C'è un modo per evitarlo? A me sembra superfluo ricevere tutte quelle righe.