diff options
Diffstat (limited to 'phpBB/phpbb/captcha/plugins')
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/captcha_abstract.php | 24 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/gd.php | 25 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/gd_wave.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/qa.php | 44 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/recaptcha.php | 137 |
5 files changed, 60 insertions, 172 deletions
diff --git a/phpBB/phpbb/captcha/plugins/captcha_abstract.php b/phpBB/phpbb/captcha/plugins/captcha_abstract.php index 24ed7f939d..82b08704ff 100644 --- a/phpBB/phpbb/captcha/plugins/captcha_abstract.php +++ b/phpBB/phpbb/captcha/plugins/captcha_abstract.php @@ -34,12 +34,12 @@ abstract class captcha_abstract function init($type) { - global $config, $db, $user; + global $config, $request; // read input - $this->confirm_id = request_var('confirm_id', ''); - $this->confirm_code = request_var('confirm_code', ''); - $refresh = request_var('refresh_vc', false) && $config['confirm_refresh']; + $this->confirm_id = $request->variable('confirm_id', ''); + $this->confirm_code = $request->variable('confirm_code', ''); + $refresh = $request->variable('refresh_vc', false) && $config['confirm_refresh']; $this->type = (int) $type; @@ -56,8 +56,6 @@ abstract class captcha_abstract function execute_demo() { - global $user; - $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)); $this->seed = hexdec(substr(unique_id(), 4, 10)); @@ -117,7 +115,7 @@ abstract class captcha_abstract function get_demo_template($id) { - global $config, $user, $template, $phpbb_admin_path, $phpEx; + global $config, $template, $request, $phpbb_admin_path, $phpEx; $variables = ''; @@ -125,7 +123,7 @@ abstract class captcha_abstract { foreach ($this->captcha_vars as $captcha_var => $template_var) { - $variables .= '&' . rawurlencode($captcha_var) . '=' . request_var($captcha_var, (int) $config[$captcha_var]); + $variables .= '&' . rawurlencode($captcha_var) . '=' . $request->variable($captcha_var, (int) $config[$captcha_var]); } } @@ -153,7 +151,7 @@ abstract class captcha_abstract function garbage_collect($type) { - global $db, $config; + global $db; $sql = 'SELECT DISTINCT c.session_id FROM ' . CONFIRM_TABLE . ' c @@ -193,9 +191,9 @@ abstract class captcha_abstract function validate() { - global $config, $db, $user; + global $user; - if (empty($user->lang)) + if (!$user->is_setup()) { $user->setup(); } @@ -350,7 +348,9 @@ abstract class captcha_abstract function is_solved() { - if (request_var('confirm_code', false) && $this->solved === 0) + global $request; + + if ($request->variable('confirm_code', false) && $this->solved === 0) { $this->validate(); } diff --git a/phpBB/phpbb/captcha/plugins/gd.php b/phpBB/phpbb/captcha/plugins/gd.php index f6200b5b2f..831e5bcfdf 100644 --- a/phpBB/phpbb/captcha/plugins/gd.php +++ b/phpBB/phpbb/captcha/plugins/gd.php @@ -53,38 +53,31 @@ class gd extends captcha_abstract function acp_page($id, &$module) { - global $db, $user, $auth, $template; - global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; + global $user, $template, $phpbb_log, $request; + global $config; $user->add_lang('acp/board'); - $config_vars = array( - 'enable_confirm' => 'REG_ENABLE', - 'enable_post_confirm' => 'POST_ENABLE', - 'confirm_refresh' => 'CONFIRM_REFRESH', - 'captcha_gd' => 'CAPTCHA_GD', - ); - $module->tpl_name = 'captcha_gd_acp'; $module->page_title = 'ACP_VC_SETTINGS'; $form_key = 'acp_captcha'; add_form_key($form_key); - $submit = request_var('submit', ''); + $submit = $request->variable('submit', ''); if ($submit && check_form_key($form_key)) { $captcha_vars = array_keys($this->captcha_vars); foreach ($captcha_vars as $captcha_var) { - $value = request_var($captcha_var, 0); + $value = $request->variable($captcha_var, 0); if ($value >= 0) { - set_config($captcha_var, $value); + $config->set($captcha_var, $value); } } - add_log('admin', 'LOG_CONFIG_VISUAL'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action)); } else if ($submit) @@ -95,7 +88,7 @@ class gd extends captcha_abstract { foreach ($this->captcha_vars as $captcha_var => $template_var) { - $var = (isset($_REQUEST[$captcha_var])) ? request_var($captcha_var, 0) : $config[$captcha_var]; + $var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, 0) : $config[$captcha_var]; $template->assign_var($template_var, $var); } @@ -109,7 +102,7 @@ class gd extends captcha_abstract function execute_demo() { - global $config; + global $config, $request; $config_old = $config; @@ -121,7 +114,7 @@ class gd extends captcha_abstract foreach ($this->captcha_vars as $captcha_var => $template_var) { - $config->set($captcha_var, request_var($captcha_var, (int) $config[$captcha_var])); + $config->set($captcha_var, $request->variable($captcha_var, (int) $config[$captcha_var])); } parent::execute_demo(); $config = $config_old; diff --git a/phpBB/phpbb/captcha/plugins/gd_wave.php b/phpBB/phpbb/captcha/plugins/gd_wave.php index e1d44df778..bde46f8815 100644 --- a/phpBB/phpbb/captcha/plugins/gd_wave.php +++ b/phpBB/phpbb/captcha/plugins/gd_wave.php @@ -35,7 +35,7 @@ class gd_wave extends captcha_abstract function acp_page($id, &$module) { - global $config, $db, $template, $user; + global $user; trigger_error($user->lang['CAPTCHA_NO_OPTIONS'] . adm_back_link($module->u_action)); } diff --git a/phpBB/phpbb/captcha/plugins/qa.php b/phpBB/phpbb/captcha/plugins/qa.php index a9d133d8f2..9d481acc5d 100644 --- a/phpBB/phpbb/captcha/plugins/qa.php +++ b/phpBB/phpbb/captcha/plugins/qa.php @@ -58,14 +58,14 @@ class qa */ function init($type) { - global $config, $db, $user; + global $config, $db, $user, $request; // load our language file $user->add_lang('captcha_qa'); // read input - $this->confirm_id = request_var('qa_confirm_id', ''); - $this->answer = utf8_normalize_nfc(request_var('qa_answer', '', true)); + $this->confirm_id = $request->variable('qa_confirm_id', ''); + $this->answer = $request->variable('qa_answer', '', true); $this->type = (int) $type; $this->question_lang = $user->lang_name; @@ -135,9 +135,9 @@ class qa */ public function is_installed() { - global $db; + global $phpbb_container; - $db_tool = new \phpbb\db\tools($db); + $db_tool = $phpbb_container->get('dbal.tools'); return $db_tool->sql_table_exists($this->table_captcha_questions); } @@ -334,10 +334,9 @@ class qa */ function install() { - global $db; - - $db_tool = new \phpbb\db\tools($db); + global $phpbb_container; + $db_tool = $phpbb_container->get('dbal.tools'); $schemas = array( $this->table_captcha_questions => array ( 'COLUMNS' => array( @@ -572,9 +571,9 @@ class qa */ function check_answer() { - global $db; + global $db, $request; - $answer = ($this->question_strict) ? utf8_normalize_nfc(request_var('qa_answer', '', true)) : utf8_clean_string(utf8_normalize_nfc(request_var('qa_answer', '', true))); + $answer = ($this->question_strict) ? $request->variable('qa_answer', '', true) : utf8_clean_string($request->variable('qa_answer', '', true)); $sql = 'SELECT answer_text FROM ' . $this->table_captcha_answers . ' @@ -626,7 +625,9 @@ class qa */ function is_solved() { - if (request_var('qa_answer', false) && $this->solved === 0) + global $request; + + if ($request->variable('qa_answer', false) && $this->solved === 0) { $this->validate(); } @@ -639,8 +640,7 @@ class qa */ function acp_page($id, &$module) { - global $user, $template; - global $config; + global $config, $request, $phpbb_log, $template, $user; $user->add_lang('acp/board'); $user->add_lang('captcha_qa'); @@ -655,9 +655,9 @@ class qa $form_key = 'acp_captcha'; add_form_key($form_key); - $submit = request_var('submit', false); - $question_id = request_var('question_id', 0); - $action = request_var('action', ''); + $submit = $request->variable('submit', false); + $question_id = $request->variable('question_id', 0); + $action = $request->variable('action', ''); // we have two pages, so users might want to navigate from one to the other $list_url = $module->u_action . "&configure=1&select_captcha=" . $this->get_service_name(); @@ -762,7 +762,7 @@ class qa $this->acp_add_question($question_input); } - add_log('admin', 'LOG_CONFIG_VISUAL'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($list_url)); } } @@ -848,7 +848,9 @@ class qa */ function acp_get_question_input() { - $answers = utf8_normalize_nfc(request_var('answers', '', true)); + global $request; + + $answers = $request->variable('answers', '', true); // Convert answers into array and filter if answers are set if (strlen($answers)) @@ -859,9 +861,9 @@ class qa } $question = array( - 'question_text' => request_var('question_text', '', true), - 'strict' => request_var('strict', false), - 'lang_iso' => request_var('lang_iso', ''), + 'question_text' => $request->variable('question_text', '', true), + 'strict' => $request->variable('strict', false), + 'lang_iso' => $request->variable('lang_iso', ''), 'answers' => $answers, ); return $question; diff --git a/phpBB/phpbb/captcha/plugins/recaptcha.php b/phpBB/phpbb/captcha/plugins/recaptcha.php index 584f3afec1..152709a9ea 100644 --- a/phpBB/phpbb/captcha/plugins/recaptcha.php +++ b/phpBB/phpbb/captcha/plugins/recaptcha.php @@ -18,12 +18,6 @@ class recaptcha extends captcha_abstract var $recaptcha_server = 'http://www.google.com/recaptcha/api'; var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :( - // We are opening a socket to port 80 of this host and send - // the POST request asking for verification to the path specified here. - var $recaptcha_verify_server = 'www.google.com'; - var $recaptcha_verify_path = '/recaptcha/api/verify'; - - var $challenge; var $response; /** @@ -37,12 +31,11 @@ class recaptcha extends captcha_abstract function init($type) { - global $config, $db, $user; + global $user, $request; $user->add_lang('captcha_recaptcha'); parent::init($type); - $this->challenge = request_var('recaptcha_challenge_field', ''); - $this->response = request_var('recaptcha_response_field', ''); + $this->response = $request->variable('g-recaptcha-response', ''); } public function is_available() @@ -75,7 +68,7 @@ class recaptcha extends captcha_abstract function acp_page($id, &$module) { - global $config, $db, $template, $user; + global $config, $template, $user, $phpbb_log, $request; $captcha_vars = array( 'recaptcha_pubkey' => 'RECAPTCHA_PUBKEY', @@ -87,21 +80,21 @@ class recaptcha extends captcha_abstract $form_key = 'acp_captcha'; add_form_key($form_key); - $submit = request_var('submit', ''); + $submit = $request->variable('submit', ''); if ($submit && check_form_key($form_key)) { $captcha_vars = array_keys($captcha_vars); foreach ($captcha_vars as $captcha_var) { - $value = request_var($captcha_var, ''); + $value = $request->variable($captcha_var, ''); if ($value) { - set_config($captcha_var, $value); + $config->set($captcha_var, $value); } } - add_log('admin', 'LOG_CONFIG_VISUAL'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action)); } else if ($submit) @@ -112,7 +105,7 @@ class recaptcha extends captcha_abstract { foreach ($captcha_vars as $captcha_var => $template_var) { - $var = (isset($_REQUEST[$captcha_var])) ? request_var($captcha_var, '') : ((isset($config[$captcha_var])) ? $config[$captcha_var] : ''); + $var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, '') : ((isset($config[$captcha_var])) ? $config[$captcha_var] : ''); $template->assign_var($template_var, $var); } @@ -151,7 +144,6 @@ class recaptcha extends captcha_abstract $template->assign_vars(array( 'RECAPTCHA_SERVER' => $this->recaptcha_server, 'RECAPTCHA_PUBKEY' => isset($config['recaptcha_pubkey']) ? $config['recaptcha_pubkey'] : '', - 'RECAPTCHA_ERRORGET' => '', 'S_RECAPTCHA_AVAILABLE' => self::is_available(), 'S_CONFIRM_CODE' => true, 'S_TYPE' => $this->type, @@ -202,106 +194,25 @@ class recaptcha extends captcha_abstract } } -// Code from here on is based on recaptchalib.php -/* - * This is a PHP library that handles calling reCAPTCHA. - * - Documentation and latest version - * http://recaptcha.net/plugins/php/ - * - Get a reCAPTCHA API Key - * http://recaptcha.net/api/getkey - * - Discussion group - * http://groups.google.com/group/recaptcha - * - * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net - * AUTHORS: - * Mike Crawford - * Ben Maurer - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ - - /** - * Submits an HTTP POST to a reCAPTCHA server - * @param string $host - * @param string $path - * @param array $data - * @param int port - * @return array response - */ - function _recaptcha_http_post($host, $path, $data, $port = 80) - { - $req = $this->_recaptcha_qsencode ($data); - - $http_request = "POST $path HTTP/1.0\r\n"; - $http_request .= "Host: $host\r\n"; - $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; - $http_request .= "Content-Length: " . strlen($req) . "\r\n"; - $http_request .= "User-Agent: reCAPTCHA/PHP/phpBB\r\n"; - $http_request .= "\r\n"; - $http_request .= $req; - - $response = ''; - if (false == ($fs = @fsockopen($host, $port, $errno, $errstr, 10))) - { - trigger_error('RECAPTCHA_SOCKET_ERROR', E_USER_ERROR); - } - - fwrite($fs, $http_request); - - while (!feof($fs)) - { - // One TCP-IP packet - $response .= fgets($fs, 1160); - } - fclose($fs); - $response = explode("\r\n\r\n", $response, 2); - - return $response; - } - /** * Calls an HTTP POST function to verify if the user's guess was correct - * @param array $extra_params an array of extra variables to post to the server - * @return ReCaptchaResponse + * + * @return bool|string Returns false on success or error string on failure. */ - function recaptcha_check_answer($extra_params = array()) + function recaptcha_check_answer() { global $config, $user; //discard spam submissions - if ($this->challenge == null || strlen($this->challenge) == 0 || $this->response == null || strlen($this->response) == 0) + if ($this->response == null || strlen($this->response) == 0) { return $user->lang['RECAPTCHA_INCORRECT']; } - $response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path, - array( - 'privatekey' => $config['recaptcha_privkey'], - 'remoteip' => $user->ip, - 'challenge' => $this->challenge, - 'response' => $this->response - ) + $extra_params - ); - - $answers = explode("\n", $response[1]); + $recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_privkey']); + $result = $recaptcha->verify($this->response, $user->ip); - if (trim($answers[0]) === 'true') + if ($result->isSuccess()) { $this->solved = true; return false; @@ -311,22 +222,4 @@ class recaptcha extends captcha_abstract return $user->lang['RECAPTCHA_INCORRECT']; } } - - /** - * Encodes the given data into a query string format - * @param $data - array of string elements to be encoded - * @return string - encoded request - */ - function _recaptcha_qsencode($data) - { - $req = ''; - foreach ($data as $key => $value) - { - $req .= $key . '=' . urlencode(stripslashes($value)) . '&'; - } - - // Cut the last '&' - $req = substr($req, 0, strlen($req) - 1); - return $req; - } } |