diff options
Diffstat (limited to 'phpBB/phpbb/captcha')
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/captcha_abstract.php | 18 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/gd.php | 16 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/qa.php | 44 | ||||
| -rw-r--r-- | phpBB/phpbb/captcha/plugins/recaptcha.php | 137 | 
4 files changed, 56 insertions, 159 deletions
| diff --git a/phpBB/phpbb/captcha/plugins/captcha_abstract.php b/phpBB/phpbb/captcha/plugins/captcha_abstract.php index 24ed7f939d..b29f144f97 100644 --- a/phpBB/phpbb/captcha/plugins/captcha_abstract.php +++ b/phpBB/phpbb/captcha/plugins/captcha_abstract.php @@ -34,12 +34,12 @@ abstract class captcha_abstract  	function init($type)  	{ -		global $config, $db, $user; +		global $config, $db, $user, $request;  		// read input -		$this->confirm_id = request_var('confirm_id', ''); -		$this->confirm_code = request_var('confirm_code', ''); -		$refresh = request_var('refresh_vc', false) && $config['confirm_refresh']; +		$this->confirm_id = $request->variable('confirm_id', ''); +		$this->confirm_code = $request->variable('confirm_code', ''); +		$refresh = $request->variable('refresh_vc', false) && $config['confirm_refresh'];  		$this->type = (int) $type; @@ -117,7 +117,7 @@ abstract class captcha_abstract  	function get_demo_template($id)  	{ -		global $config, $user, $template, $phpbb_admin_path, $phpEx; +		global $config, $user, $template, $request, $phpbb_admin_path, $phpEx;  		$variables = ''; @@ -125,7 +125,7 @@ abstract class captcha_abstract  		{  			foreach ($this->captcha_vars as $captcha_var => $template_var)  			{ -				$variables .= '&' . rawurlencode($captcha_var) . '=' . request_var($captcha_var, (int) $config[$captcha_var]); +				$variables .= '&' . rawurlencode($captcha_var) . '=' . $request->variable($captcha_var, (int) $config[$captcha_var]);  			}  		} @@ -195,7 +195,7 @@ abstract class captcha_abstract  	{  		global $config, $db, $user; -		if (empty($user->lang)) +		if (!$user->is_setup())  		{  			$user->setup();  		} @@ -350,7 +350,9 @@ abstract class captcha_abstract  	function is_solved()  	{ -		if (request_var('confirm_code', false) && $this->solved === 0) +		global $request; + +		if ($request->variable('confirm_code', false) && $this->solved === 0)  		{  			$this->validate();  		} diff --git a/phpBB/phpbb/captcha/plugins/gd.php b/phpBB/phpbb/captcha/plugins/gd.php index f6200b5b2f..1727dcc1bb 100644 --- a/phpBB/phpbb/captcha/plugins/gd.php +++ b/phpBB/phpbb/captcha/plugins/gd.php @@ -53,7 +53,7 @@ class gd extends captcha_abstract  	function acp_page($id, &$module)  	{ -		global $db, $user, $auth, $template; +		global $db, $user, $auth, $template, $phpbb_log, $request;  		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;  		$user->add_lang('acp/board'); @@ -70,21 +70,21 @@ class gd extends captcha_abstract  		$form_key = 'acp_captcha';  		add_form_key($form_key); -		$submit = request_var('submit', ''); +		$submit = $request->variable('submit', '');  		if ($submit && check_form_key($form_key))  		{  			$captcha_vars = array_keys($this->captcha_vars);  			foreach ($captcha_vars as $captcha_var)  			{ -				$value = request_var($captcha_var, 0); +				$value = $request->variable($captcha_var, 0);  				if ($value >= 0)  				{ -					set_config($captcha_var, $value); +					$config->set($captcha_var, $value);  				}  			} -			add_log('admin', 'LOG_CONFIG_VISUAL'); +			$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');  			trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action));  		}  		else if ($submit) @@ -95,7 +95,7 @@ class gd extends captcha_abstract  		{  			foreach ($this->captcha_vars as $captcha_var => $template_var)  			{ -				$var = (isset($_REQUEST[$captcha_var])) ? request_var($captcha_var, 0) : $config[$captcha_var]; +				$var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, 0) : $config[$captcha_var];  				$template->assign_var($template_var, $var);  			} @@ -109,7 +109,7 @@ class gd extends captcha_abstract  	function execute_demo()  	{ -		global $config; +		global $config, $request;  		$config_old = $config; @@ -121,7 +121,7 @@ class gd extends captcha_abstract  		foreach ($this->captcha_vars as $captcha_var => $template_var)  		{ -			$config->set($captcha_var, request_var($captcha_var, (int) $config[$captcha_var])); +			$config->set($captcha_var, $request->variable($captcha_var, (int) $config[$captcha_var]));  		}  		parent::execute_demo();  		$config = $config_old; diff --git a/phpBB/phpbb/captcha/plugins/qa.php b/phpBB/phpbb/captcha/plugins/qa.php index 2771369e57..4df8a86432 100644 --- a/phpBB/phpbb/captcha/plugins/qa.php +++ b/phpBB/phpbb/captcha/plugins/qa.php @@ -58,14 +58,14 @@ class qa  	*/  	function init($type)  	{ -		global $config, $db, $user; +		global $config, $db, $user, $request;  		// load our language file  		$user->add_lang('captcha_qa');  		// read input -		$this->confirm_id = request_var('qa_confirm_id', ''); -		$this->answer = utf8_normalize_nfc(request_var('qa_answer', '', true)); +		$this->confirm_id = $request->variable('qa_confirm_id', ''); +		$this->answer = $request->variable('qa_answer', '', true);  		$this->type = (int) $type;  		$this->question_lang = $user->lang_name; @@ -113,9 +113,9 @@ class qa  	*/  	public function is_installed()  	{ -		global $db; +		global $phpbb_container; -		$db_tool = new \phpbb\db\tools($db); +		$db_tool = $phpbb_container->get('dbal.tools');  		return $db_tool->sql_table_exists($this->table_captcha_questions);  	} @@ -306,10 +306,9 @@ class qa  	*/  	function install()  	{ -		global $db; - -		$db_tool = new \phpbb\db\tools($db); +		global $phpbb_container; +		$db_tool = $phpbb_container->get('dbal.tools');  		$schemas = array(  				$this->table_captcha_questions		=> array (  					'COLUMNS' => array( @@ -542,9 +541,9 @@ class qa  	*/  	function check_answer()  	{ -		global $db; +		global $db, $request; -		$answer = ($this->question_strict) ? utf8_normalize_nfc(request_var('qa_answer', '', true)) : utf8_clean_string(utf8_normalize_nfc(request_var('qa_answer', '', true))); +		$answer = ($this->question_strict) ? $request->variable('qa_answer', '', true) : utf8_clean_string($request->variable('qa_answer', '', true));  		$sql = 'SELECT answer_text  			FROM ' . $this->table_captcha_answers . ' @@ -596,7 +595,9 @@ class qa  	*/  	function is_solved()  	{ -		if (request_var('qa_answer', false) && $this->solved === 0) +		global $request; + +		if ($request->variable('qa_answer', false) && $this->solved === 0)  		{  			$this->validate();  		} @@ -609,8 +610,7 @@ class qa  	*/  	function acp_page($id, &$module)  	{ -		global $user, $template; -		global $config; +		global $config, $request, $phpbb_log, $template, $user;  		$user->add_lang('acp/board');  		$user->add_lang('captcha_qa'); @@ -625,9 +625,9 @@ class qa  		$form_key = 'acp_captcha';  		add_form_key($form_key); -		$submit = request_var('submit', false); -		$question_id = request_var('question_id', 0); -		$action = request_var('action', ''); +		$submit = $request->variable('submit', false); +		$question_id = $request->variable('question_id', 0); +		$action = $request->variable('action', '');  		// we have two pages, so users might want to navigate from one to the other  		$list_url = $module->u_action . "&configure=1&select_captcha=" . $this->get_service_name(); @@ -732,7 +732,7 @@ class qa  						$this->acp_add_question($question_input);  					} -					add_log('admin', 'LOG_CONFIG_VISUAL'); +					$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');  					trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($list_url));  				}  			} @@ -818,7 +818,9 @@ class qa  	*/  	function acp_get_question_input()  	{ -		$answers = utf8_normalize_nfc(request_var('answers', '', true)); +		global $request; + +		$answers = $request->variable('answers', '', true);  		// Convert answers into array and filter if answers are set  		if (strlen($answers)) @@ -829,9 +831,9 @@ class qa  		}  		$question = array( -			'question_text'	=> request_var('question_text', '', true), -			'strict'		=> request_var('strict', false), -			'lang_iso'		=> request_var('lang_iso', ''), +			'question_text'	=> $request->variable('question_text', '', true), +			'strict'		=> $request->variable('strict', false), +			'lang_iso'		=> $request->variable('lang_iso', ''),  			'answers'		=> $answers,  		);  		return $question; diff --git a/phpBB/phpbb/captcha/plugins/recaptcha.php b/phpBB/phpbb/captcha/plugins/recaptcha.php index 584f3afec1..152709a9ea 100644 --- a/phpBB/phpbb/captcha/plugins/recaptcha.php +++ b/phpBB/phpbb/captcha/plugins/recaptcha.php @@ -18,12 +18,6 @@ class recaptcha extends captcha_abstract  	var $recaptcha_server = 'http://www.google.com/recaptcha/api';  	var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :( -	// We are opening a socket to port 80 of this host and send -	// the POST request asking for verification to the path specified here. -	var $recaptcha_verify_server = 'www.google.com'; -	var $recaptcha_verify_path = '/recaptcha/api/verify'; - -	var $challenge;  	var $response;  	/** @@ -37,12 +31,11 @@ class recaptcha extends captcha_abstract  	function init($type)  	{ -		global $config, $db, $user; +		global $user, $request;  		$user->add_lang('captcha_recaptcha');  		parent::init($type); -		$this->challenge = request_var('recaptcha_challenge_field', ''); -		$this->response = request_var('recaptcha_response_field', ''); +		$this->response = $request->variable('g-recaptcha-response', '');  	}  	public function is_available() @@ -75,7 +68,7 @@ class recaptcha extends captcha_abstract  	function acp_page($id, &$module)  	{ -		global $config, $db, $template, $user; +		global $config, $template, $user, $phpbb_log, $request;  		$captcha_vars = array(  			'recaptcha_pubkey'				=> 'RECAPTCHA_PUBKEY', @@ -87,21 +80,21 @@ class recaptcha extends captcha_abstract  		$form_key = 'acp_captcha';  		add_form_key($form_key); -		$submit = request_var('submit', ''); +		$submit = $request->variable('submit', '');  		if ($submit && check_form_key($form_key))  		{  			$captcha_vars = array_keys($captcha_vars);  			foreach ($captcha_vars as $captcha_var)  			{ -				$value = request_var($captcha_var, ''); +				$value = $request->variable($captcha_var, '');  				if ($value)  				{ -					set_config($captcha_var, $value); +					$config->set($captcha_var, $value);  				}  			} -			add_log('admin', 'LOG_CONFIG_VISUAL'); +			$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');  			trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action));  		}  		else if ($submit) @@ -112,7 +105,7 @@ class recaptcha extends captcha_abstract  		{  			foreach ($captcha_vars as $captcha_var => $template_var)  			{ -				$var = (isset($_REQUEST[$captcha_var])) ? request_var($captcha_var, '') : ((isset($config[$captcha_var])) ? $config[$captcha_var] : ''); +				$var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, '') : ((isset($config[$captcha_var])) ? $config[$captcha_var] : '');  				$template->assign_var($template_var, $var);  			} @@ -151,7 +144,6 @@ class recaptcha extends captcha_abstract  			$template->assign_vars(array(  				'RECAPTCHA_SERVER'			=> $this->recaptcha_server,  				'RECAPTCHA_PUBKEY'			=> isset($config['recaptcha_pubkey']) ? $config['recaptcha_pubkey'] : '', -				'RECAPTCHA_ERRORGET'		=> '',  				'S_RECAPTCHA_AVAILABLE'		=> self::is_available(),  				'S_CONFIRM_CODE'			=> true,  				'S_TYPE'					=> $this->type, @@ -202,106 +194,25 @@ class recaptcha extends captcha_abstract  		}  	} -// Code from here on is based on recaptchalib.php -/* - * This is a PHP library that handles calling reCAPTCHA. - *	- Documentation and latest version - *		  http://recaptcha.net/plugins/php/ - *	- Get a reCAPTCHA API Key - *		  http://recaptcha.net/api/getkey - *	- Discussion group - *		  http://groups.google.com/group/recaptcha - * - * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net - * AUTHORS: - *   Mike Crawford - *   Ben Maurer - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ - -	/** -	* Submits an HTTP POST to a reCAPTCHA server -	* @param string $host -	* @param string $path -	* @param array $data -	* @param int port -	* @return array response -	*/ -	function _recaptcha_http_post($host, $path, $data, $port = 80) -	{ -		$req = $this->_recaptcha_qsencode ($data); - -		$http_request  = "POST $path HTTP/1.0\r\n"; -		$http_request .= "Host: $host\r\n"; -		$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; -		$http_request .= "Content-Length: " . strlen($req) . "\r\n"; -		$http_request .= "User-Agent: reCAPTCHA/PHP/phpBB\r\n"; -		$http_request .= "\r\n"; -		$http_request .= $req; - -		$response = ''; -		if (false == ($fs = @fsockopen($host, $port, $errno, $errstr, 10))) -		{ -			trigger_error('RECAPTCHA_SOCKET_ERROR', E_USER_ERROR); -		} - -		fwrite($fs, $http_request); - -		while (!feof($fs)) -		{ -			// One TCP-IP packet -			$response .= fgets($fs, 1160); -		} -		fclose($fs); -		$response = explode("\r\n\r\n", $response, 2); - -		return $response; -	} -  	/**  	* Calls an HTTP POST function to verify if the user's guess was correct -	* @param array $extra_params an array of extra variables to post to the server -	* @return ReCaptchaResponse +	* +	* @return bool|string Returns false on success or error string on failure.  	*/ -	function recaptcha_check_answer($extra_params = array()) +	function recaptcha_check_answer()  	{  		global $config, $user;  		//discard spam submissions -		if ($this->challenge == null || strlen($this->challenge) == 0 || $this->response == null || strlen($this->response) == 0) +		if ($this->response == null || strlen($this->response) == 0)  		{  			return $user->lang['RECAPTCHA_INCORRECT'];  		} -		$response = $this->_recaptcha_http_post($this->recaptcha_verify_server, $this->recaptcha_verify_path, -			array( -				'privatekey'	=> $config['recaptcha_privkey'], -				'remoteip'		=> $user->ip, -				'challenge'		=> $this->challenge, -				'response'		=> $this->response -			) + $extra_params -		); - -		$answers = explode("\n", $response[1]); +		$recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_privkey']); +		$result = $recaptcha->verify($this->response, $user->ip); -		if (trim($answers[0]) === 'true') +		if ($result->isSuccess())  		{  			$this->solved = true;  			return false; @@ -311,22 +222,4 @@ class recaptcha extends captcha_abstract  			return $user->lang['RECAPTCHA_INCORRECT'];  		}  	} - -	/** -	* Encodes the given data into a query string format -	* @param $data - array of string elements to be encoded -	* @return string - encoded request -	*/ -	function _recaptcha_qsencode($data) -	{ -		$req = ''; -		foreach ($data as $key => $value) -		{ -			$req .= $key . '=' . urlencode(stripslashes($value)) . '&'; -		} - -		// Cut the last '&' -		$req = substr($req, 0, strlen($req) - 1); -		return $req; -	}  } | 
