From ada3beb0a6c649bd9bfc6a87b2fe69ee8ae563f7 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Sat, 1 Feb 2020 08:57:06 +0100 Subject: initial checkin --- addons/copyable_captcha.php | 104 ++++++++++++++++++++++++++++ addons/funnyquestion.php | 160 ++++++++++++++++++++++++++++++++++++++++++++ addons/index.html | 1 + addons/recaptcha.php | 136 +++++++++++++++++++++++++++++++++++++ 4 files changed, 401 insertions(+) create mode 100644 addons/copyable_captcha.php create mode 100644 addons/funnyquestion.php create mode 100644 addons/index.html create mode 100644 addons/recaptcha.php (limited to 'addons') diff --git a/addons/copyable_captcha.php b/addons/copyable_captcha.php new file mode 100644 index 0000000..8f136d9 --- /dev/null +++ b/addons/copyable_captcha.php @@ -0,0 +1,104 @@ +bind('register_after_validation', array($this, 'hook_register_after_validation')); + $manager->bind('register_before_header', array($this, 'hook_register_before_header')); + $manager->bind('register_before_submit', array($this, 'hook_register_before_submit')); + } + + function load_lang() + { + global $pun_user; + + if (isset($this->lang)) return; + + $user_lang = file_exists(PUN_ROOT.'lang/'.$pun_user['language'].'/copyable_captcha.php') + ? $pun_user['language'] + : 'English'; + require PUN_ROOT.'lang/'.$user_lang.'/copyable_captcha.php'; + + $this->lang = $lang_copyable_captcha; + } + + function hook_register_after_validation() + { + global $errors, $cookie_name, $cookie_seed; + + if (isset($_POST['req_word']) && isset($_COOKIE[$cookie_name.'_captcha']) && substr_count($_COOKIE[$cookie_name.'_captcha'], '-') === 1) { + list($hash, $time) = explode('-', $_COOKIE[$cookie_name.'_captcha']); + $word = $_POST['req_word']; + if ((int)$time <= time() - 120 || $hash !== sha1(strtolower($word).$cookie_seed.'secret'.$time)) { + $this->load_lang(); + $errors[] = $this->lang['Captcha error']; + } + } else { + $this->load_lang(); + $errors[] = $this->lang['Captcha error']; + } + } + + + function hook_register_before_header() + { + global $required_fields, $errors, $cookie_name, $cookie_seed; + + $this->load_lang(); + $required_fields['req_word'] = $this->lang['Captcha']; + + $time = time(); + $word = random_pass(mt_rand(4, 6)); + $hash = sha1(strtolower($word).$cookie_seed.'secret'.$time); + forum_setcookie($cookie_name.'_captcha', $hash.'-'.$time, $time + 120); + + $array = str_split($word); + $mixin = random_pass(mt_rand(1, 3)); + $i = -1; + $this->styles = ''; + foreach (str_split($mixin) as $ch) { + $i = mt_rand($i+1, count($array)); + array_splice($array, $i, 0, $ch); + $this->styles .= '.masq i:nth-child('.($i + 1).'){display:none;} '; + } + $this->spans = ''.implode('', $array).''; + } + + + function hook_register_before_submit() + { + global $lang_common; + + $this->load_lang(); + +?> +
+
+ lang['Captcha legend'] ?> +
+ +

lang['Captcha info'], $this->spans) ?>

+ +
+
+
+ '42' + ); + !isset($funnyquestion_timeout) && $funnyquestion_timeout = 3600; + !isset($funnyquestion_remember) && $funnyquestion_remember = 3600 * 24; + !isset($funnyquestion_wait) && $funnyquestion_wait = 2; + + if (file_exists(PUN_ROOT . 'lang/' . $pun_user['language'] . '/funnyquestion.php')) { + require PUN_ROOT . 'lang/' . $pun_user['language'] . '/funnyquestion.php'; + } else { + require PUN_ROOT . 'lang/English/funnyquestion.php'; + } + } + + /** + * @param flux_addon_manager $manager + */ + public function register($manager) + { + $manager->bind('register_before_submit', array($this, 'print_funnyquestion')); + $manager->bind('quickpost_before_submit', array($this, 'print_funnyquestion')); + $manager->bind('post_before_submit', array($this, 'print_funnyquestion')); + $manager->bind('register_before_validation', array($this, 'set_error_on_check_funnyquestion')); + $manager->bind('post_before_validation', array($this, 'set_error_on_check_funnyquestion')); + } + + public function print_funnyquestion() + { + echo $this->get_funnyquestion(); + } + + public function set_error_on_check_funnyquestion() + { + global $errors, $lang_funnyquestion; + $this->check_funnyquestion() || $errors[] = $lang_funnyquestion['wrong-answer']; + } + + /** + * @param string $answer + * @return string + */ + private function normalize_funnyanswer($answer) + { + return preg_replace('/[^a-z0-9]/', '', strtolower($answer)); + } + + private function set_funnycookie() + { + global $funnyquestion_hash, $funnyquestion_remember; + + $time = time(); + forum_setcookie('funnyquestion_hash', sha1($time . get_remote_address() . $funnyquestion_hash), + $time + $funnyquestion_remember); + forum_setcookie('funnyquestion_time', $time, $time + $funnyquestion_remember); + } + + /** + * @return bool + */ + private function has_funnycookie() + { + global $funnyquestion_hash, $funnyquestion_remember; + + return (!empty($_COOKIE['funnyquestion_hash']) && !empty($_COOKIE['funnyquestion_time']) + && time() - $funnyquestion_remember <= $_COOKIE['funnyquestion_time'] + && sha1($_COOKIE['funnyquestion_time'] . get_remote_address() . $funnyquestion_hash) == $_COOKIE['funnyquestion_hash']); + } + + /** + * @return string + */ + private function get_funnyquestion() + { + global $funnyquestion_disabled, $funnyquestion_hash, $funny_questions, $lang_funnyquestion, $lang_common, $pun_user; + + if ($funnyquestion_disabled || !$pun_user['is_guest'] || $this->has_funnycookie()) { + return ''; + } + + $time = time(); + $question = array_rand($funny_questions); + # make sure the user is not able to tell us the question to answer + $hash = sha1($time . $question . $funnyquestion_hash); + + return '
+
+ ' . $lang_funnyquestion['question-label'] . ' +
+ + + +
+
+
'; + } + + /** + * @return bool + */ + private function check_funnyquestion() + { + global $funnyquestion_disabled, $funnyquestion_hash, $funnyquestion_timeout, $funnyquestion_wait, $funny_questions, $pun_user; + + if ($funnyquestion_disabled || !$pun_user['is_guest'] || $this->has_funnycookie()) { + return true; + } + + if (!empty($_POST['funnyquestion_time']) + && !empty($_POST['funnyquestion_hash']) + && !empty($_POST['funny_answer']) + ) { + $now = time(); + $time = $_POST['funnyquestion_time']; + $hash = $_POST['funnyquestion_hash']; + $user_answer = $this->normalize_funnyanswer($_POST['funny_answer']); + } else { + return false; + } + + if ($now - $time > $funnyquestion_timeout) { + return false; + } elseif ($now - $time < $funnyquestion_wait) { + return false; + } + + foreach ($funny_questions as $question => $answers) { + if (!is_array($answers)) { + $answers = array($answers); + } + foreach ($answers as $answer) { + if ($this->normalize_funnyanswer($answer) == $user_answer + && $hash == sha1($time . $question . $funnyquestion_hash) + ) { + $this->set_funnycookie(); + return true; + } + } + } + + return false; + } +} diff --git a/addons/index.html b/addons/index.html new file mode 100644 index 0000000..cf1a99a --- /dev/null +++ b/addons/index.html @@ -0,0 +1 @@ +.. diff --git a/addons/recaptcha.php b/addons/recaptcha.php new file mode 100644 index 0000000..668de1c --- /dev/null +++ b/addons/recaptcha.php @@ -0,0 +1,136 @@ +is_configured()) return; + + $this->get_language(); + + if ($this->enabled_location('register')) + { + $manager->bind('register_after_validation', array($this, 'hook_after_validation')); + $manager->bind('register_before_submit', array($this, 'hook_before_submit')); + } + + if ($this->enabled_location('login')) + { + $manager->bind('login_after_validation', array($this, 'hook_after_validation')); + $manager->bind('login_before_submit', array($this, 'hook_before_submit')); + } + + if ($this->enabled_location('guestpost') && $pun_user['is_guest']) + { + $manager->bind('post_after_validation', array($this, 'hook_after_validation')); + $manager->bind('post_before_submit', array($this, 'hook_before_submit')); + $manager->bind('quickpost_before_submit', array($this, 'hook_before_submit')); + } + } + + function is_configured() + { + global $pun_config; + + return !empty($pun_config['recaptcha_enabled']) && !empty($pun_config['recaptcha_site_key']) && !empty($pun_config['recaptcha_secret_key']); + } + + function enabled_location($page) + { + global $pun_config; + + return !empty($pun_config['recaptcha_location_'.$page]); + } + + function get_language() + { + global $pun_user; + + if (file_exists(PUN_ROOT.'lang/'.$pun_user['language'].'/recaptcha_addon.php')) + require PUN_ROOT.'lang/'.$pun_user['language'].'/recaptcha_addon.php'; + else + require PUN_ROOT.'lang/English/recaptcha_addon.php'; + } + + function hook_after_validation() + { + global $errors, $lang_recaptcha; + + if (empty($errors) && !$this->verify_user_response()) + { + $errors[] = $lang_recaptcha['Error']; + } + } + + function hook_before_submit() + { + global $pun_config, $lang_recaptcha; + + $site_key = $pun_config['recaptcha_site_key']; + + ?> +
+
+ +
+

+ +
+
+
+
+ send_request($url); + + return strpos($response, '"success": true') !== false; + } + + function send_request($url) + { + if (function_exists('curl_version')) + return $this->send_curl_request($url); + else + return $this->get_remote_file($url); + } + + function send_curl_request($url) + { + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + $response = curl_exec($ch); + curl_close($ch); + + return $response; + } + + function get_remote_file($url) + { + global $lang_recaptcha; + + $response = file_get_contents($url); + + if ($response === false) + throw new Exception($lang_recaptcha['API error']); + + return $response; + } +} -- cgit v1.2.3-70-g09d2