fixes #15
Admittedly didn't spend time looking into where/when/why the token got passed around, but on a client's site $_POST['g-recaptcha-token'] was an empty string and the correct token was in $_POST['captcha']. However the code didn't reach that because $_POST['g-recaptcha-token'] is technically set. Changing to !empty instead fixed this for me.