Okay, that is pretty raw, but better to have it in place than trying to play catch-up. Introducing an early stage of CAPTCHA modules.

git-svn-id: file:///svn/phpbb/trunk@8889 89ea8834-ac86-4346-8a33-228a782c2dd0
author: Henry Sudhof <kellanved@phpbb.com> 2008-09-19 13:17:30 +0000
committer: Henry Sudhof <kellanved@phpbb.com> 2008-09-19 13:17:30 +0000
commit: 461be11e8d0f5d4bd879cf95bd1472dbe985e0b6 (patch)
tree: d170e1a09d717a49bf676ef1f2ed9edbfa1be0db /phpBB/includes/auth
parent: 5349280538df70d63c5e6f91e7f4e6ecad01d23d (diff)
download: forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar
forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.gz
forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.bz2
forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.xz
forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.zip
1 files changed, 6 insertions, 33 deletions
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index fa99a2fe4c..402f22f827 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -81,42 +81,15 @@ function login_db(&$username, &$password)
 		}
 		else
 		{
-			global $user;
-
-			$sql = 'SELECT code
-				FROM ' . CONFIRM_TABLE . "
-				WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
-					AND session_id = '" . $db->sql_escape($user->session_id) . "'
-					AND confirm_type = " . CONFIRM_LOGIN;
-			$result = $db->sql_query($sql);
-			$confirm_row = $db->sql_fetchrow($result);
-			$db->sql_freeresult($result);
-
-			if ($confirm_row)
+			$captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']);
+			$captcha->init(CONFIRM_LOGIN);
+			$vc_response = $captcha->validate();
+			if ($vc_response)
 			{
-				if (strcasecmp($confirm_row['code'], $confirm_code) === 0)
-				{
-					$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
-						WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
-							AND session_id = '" . $db->sql_escape($user->session_id) . "'
-							AND confirm_type = " . CONFIRM_LOGIN;
-					$db->sql_query($sql);
-				}
-				else
-				{
-					return array(
+				return array(
 						'status'		=> LOGIN_ERROR_ATTEMPTS,
-						'error_msg'		=> 'CONFIRM_CODE_WRONG',
+						'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS',
 						'user_row'		=> $row,
-					);
-				}
-			}
-			else
-			{
-				return array(
-					'status'		=> LOGIN_ERROR_ATTEMPTS,
-					'error_msg'		=> 'CONFIRM_CODE_WRONG',
-					'user_row'		=> $row,
 				);
 			}
 		}
author	Henry Sudhof <kellanved@phpbb.com>	2008-09-19 13:17:30 +0000
committer	Henry Sudhof <kellanved@phpbb.com>	2008-09-19 13:17:30 +0000
commit	461be11e8d0f5d4bd879cf95bd1472dbe985e0b6 (patch)
tree	d170e1a09d717a49bf676ef1f2ed9edbfa1be0db /phpBB/includes/auth
parent	5349280538df70d63c5e6f91e7f4e6ecad01d23d (diff)
download	forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.gz forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.bz2 forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.tar.xz forums-461be11e8d0f5d4bd879cf95bd1472dbe985e0b6.zip