Vergleich inc/class_captcha.php - 1.8.15 - 1.8.23

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 39Zeile 39
	 * Type of CAPTCHA.
*
* 1 = Default CAPTCHA

	 * Type of CAPTCHA.
*
* 1 = Default CAPTCHA

	 * 2 = reCAPTCHA

 
	 * 4 = NoCATPCHA reCAPTCHA

	 * 4 = NoCATPCHA reCAPTCHA

 
	 * 5 = reCAPTCHA invisible
* 6 = hCaptcha
* 7 = hCaptcha invisible
* 8 = reCAPTCHA v3

	 *
* @var int
*/

	 *
* @var int
*/

Zeile 104Zeile 107
		{
$this->captcha_template = $template;


		{
$this->captcha_template = $template;


			if($this->type == 2)

			if($this->type == 4)

			{

			{

				$this->captcha_template .= "_recaptcha";
}
elseif($this->type == 4){

 
				$this->captcha_template .= "_nocaptcha";
}

				$this->captcha_template .= "_nocaptcha";
}

			elseif($this->type == 5){
$this->captcha_template .= "_recaptcha_invisible";
}
}














			elseif($this->type == 5)
{
$this->captcha_template .= "_recaptcha_invisible";
}
elseif($this->type == 6)
{
$this->captcha_template .= "_hcaptcha";
}
elseif($this->type == 7)
{
$this->captcha_template .= "_hcaptcha_invisible";
}
elseif($this->type == 8)
{
$this->captcha_template .= "_recaptcha_invisible";
}
}


// Work on which CAPTCHA we've got installed


// Work on which CAPTCHA we've got installed

		if($this->type == 2 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])
{
// We want to use reCAPTCHA, set the server options
$this->server = "//www.google.com/recaptcha/api";
$this->verify_server = "www.google.com";

if($build == true)
{

		if(in_array($this->type, array(4, 5, 8)) && $mybb->settings['recaptchapublickey'] && $mybb->settings['recaptchaprivatekey'])
{
// We want to use noCAPTCHA or reCAPTCHA invisible, set the server options
$this->server = "//www.google.com/recaptcha/api.js";
$this->verify_server = "https://www.google.com/recaptcha/api/siteverify";

if($build == true)
{

				$this->build_recaptcha();
}
}

				$this->build_recaptcha();
}
}

		elseif(in_array($this->type, array(4, 5)) && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])

		elseif(in_array($this->type, array(6, 7)) && $mybb->settings['hcaptchapublickey'] && $mybb->settings['hcaptchaprivatekey'])

		{

		{

			// We want to use noCAPTCHA or reCAPTCHA invisible, set the server options
$this->server = "//www.google.com/recaptcha/api.js";
$this->verify_server = "https://www.google.com/recaptcha/api/siteverify";

			// We want to use hCaptcha or hCaptcha invisible, set the server options
$this->server = "//www.hcaptcha.com/1/api.js";
$this->verify_server = "https://hcaptcha.com/siteverify";


if($build == true)
{


if($build == true)
{

				$this->build_recaptcha();

				$this->build_hcaptcha();

			}
}
elseif($this->type == 1)

			}
}
elseif($this->type == 1)

Zeile 165Zeile 178
		// This will build a MyBB CAPTCHA
$randomstr = random_str(5);
$imagehash = md5(random_str(12));

		// This will build a MyBB CAPTCHA
$randomstr = random_str(5);
$imagehash = md5(random_str(12));





		$insert_array = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,

		$insert_array = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,

Zeile 175Zeile 188
		$db->insert_query("captcha", $insert_array);
eval("\$this->html = \"".$templates->get($this->captcha_template)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage")."\";");

		$db->insert_query("captcha", $insert_array);
eval("\$this->html = \"".$templates->get($this->captcha_template)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage")."\";");

	}


	}


	function build_recaptcha()
{
global $lang, $mybb, $templates;


	function build_recaptcha()
{
global $lang, $mybb, $templates;


		// This will build a reCAPTCHA
$server = $this->server;
$public_key = $mybb->settings['captchapublickey'];
















		// This will build a reCAPTCHA
$server = $this->server;
$public_key = $mybb->settings['recaptchapublickey'];

eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");
}

function build_hcaptcha()
{
global $lang, $mybb, $templates;

// This will build a hCaptcha
$server = $this->server;
$public_key = $mybb->settings['hcaptchapublickey'];
$captcha_theme = $mybb->settings['hcaptchatheme'];
$captcha_size = $mybb->settings['hcaptchasize'];


		eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");

		eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");

		//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");

 
	}

/**
* @return string

	}

/**
* @return string

	 */

	 */

	function build_hidden_captcha()
{
global $db, $mybb, $templates;

	function build_hidden_captcha()
{
global $db, $mybb, $templates;

Zeile 203Zeile 229
			// Names
$hash = "imagehash";
$string = "imagestring";

			// Names
$hash = "imagehash";
$string = "imagestring";


// Values


// Values

			$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);

			$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);

		}
elseif($this->type == 2)
{
// Names
$hash = "recaptcha_challenge_field";
$string = "recaptcha_response_field";

// Values
$field['hash'] = $mybb->input['recaptcha_challenge_field'];
$field['string'] = $mybb->input['recaptcha_response_field'];

 
		}
elseif($this->type == 3)
{
// Are You a Human can't be built as a hidden captcha
return '';

		}
elseif($this->type == 3)
{
// Are You a Human can't be built as a hidden captcha
return '';

		}

		}


eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;


eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;

Zeile 248Zeile 264
				case 'mysql':
case 'mysqli':
$field = 'imagestring';

				case 'mysql':
case 'mysqli':
$field = 'imagestring';

					break;

					break;

				default:
$field = 'LOWER(imagestring)';
break;

				default:
$field = 'LOWER(imagestring)';
break;

			}

			}


$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND {$field} = '{$imagestring}'");
$imgcheck = $db->fetch_array($query);


$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND {$field} = '{$imagestring}'");
$imgcheck = $db->fetch_array($query);





			if(!$imgcheck)
{
$this->set_error($lang->invalid_captcha_verify);
$db->delete_query("captcha", "imagehash = '{$imagehash}'");

			if(!$imgcheck)
{
$this->set_error($lang->invalid_captcha_verify);
$db->delete_query("captcha", "imagehash = '{$imagehash}'");

			}
}
elseif($this->type == 2)
{
$challenge = $mybb->input['recaptcha_challenge_field'];
$response = $mybb->input['recaptcha_response_field'];

if(!$challenge || strlen($challenge) == 0 || !$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_captcha);
}
else
{
// We have a reCAPTCHA to handle
$data = $this->_qsencode(array(
'privatekey' => $mybb->settings['captchaprivatekey'],
'remoteip' => $session->ipaddress,
'challenge' => $challenge,
'response' => $response
));

// Contact Google and see if our reCAPTCHA was successful
$http_request = "POST /recaptcha/api/verify HTTP/1.0\r\n";
$http_request .= "Host: $this->verify_server\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: ".strlen($data)."\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $data;

$fs = @fsockopen($this->verify_server, 80, $errno, $errstr, 10);

if($fs == false)

			}
}
elseif(in_array($this->type, array(4, 5)))
{
$response = $mybb->input['g-recaptcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_nocaptcha);
}
else
{
// We have a noCAPTCHA or reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'remoteip' => $session->ipaddress,
'response' => $response
));

if($response == false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);
}
else










				{

				{

					$this->set_error($lang->invalid_captcha_transmit);































					$answer = json_decode($response, true);

if($answer['success'] != 'true')
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);
}
}
}
}
elseif($this->type == 8)
{
$response = $mybb->input['g-recaptcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_nocaptcha);
}
else
{
// We have a reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'score' => $mybb->settings['recaptchascore'],
'remoteip' => $session->ipaddress,
'response' => $response
));

if($response === false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);

				}
else
{

				}
else
{

					// We connected, but is it correct?
fwrite($fs, $http_request);

					$answer = json_decode($response, true);






					while(!feof($fs))
{
$response .= fgets($fs, 1160);
}

fclose($fs);

$response = explode("\r\n\r\n", $response, 2);
$answer = explode("\n", $response[1]);

if(trim($answer[0]) != 'true')

					if($answer['success'] != 'true' || $answer['score'] < $mybb->settings['recaptchascore'])











					{
// We got it wrong! Oh no...

					{
// We got it wrong! Oh no...

						$this->set_error($lang->invalid_captcha_verify);

						$this->set_error($lang->invalid_nocaptcha);

					}
}
}
}

					}
}
}
}

		elseif(in_array($this->type, array(4, 5)))

		elseif(in_array($this->type, array(6, 7)))

		{

		{

			$response = $mybb->input['g-recaptcha-response'];

			$response = $mybb->input['h-captcha-response'];

			if(!$response || strlen($response) == 0)
{

			if(!$response || strlen($response) == 0)
{

				$this->set_error($lang->invalid_nocaptcha);

				$this->set_error($lang->invalid_hcaptcha);

			}
else
{

			}
else
{

				// We have a noCAPTCHA or reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful

				// We have an hCaptcha or hCaptcha invisible to handle
// Contact hCaptcha and see if our hCaptcha was successful

				$response = fetch_remote_file($this->verify_server, array(

				$response = fetch_remote_file($this->verify_server, array(

					'secret' => $mybb->settings['captchaprivatekey'],

					'secret' => $mybb->settings['hcaptchaprivatekey'],

					'remoteip' => $session->ipaddress,
'response' => $response
));

					'remoteip' => $session->ipaddress,
'response' => $response
));





				if($response == false)

				if($response == false)

				{
$this->set_error($lang->invalid_nocaptcha_transmit);

				{
$this->set_error($lang->invalid_hcaptcha_transmit);

				}
else
{
$answer = json_decode($response, true);

				}
else
{
$answer = json_decode($response, true);



 
					if($answer['success'] != 'true')
{
// We got it wrong! Oh no...

					if($answer['success'] != 'true')
{
// We got it wrong! Oh no...

						$this->set_error($lang->invalid_nocaptcha);

						$this->set_error($lang->invalid_hcaptcha);

					}
}
}
}

					}
}
}
}



 
		$plugins->run_hooks('captcha_validate_end', $this);

if(count($this->errors) > 0)

		$plugins->run_hooks('captcha_validate_end', $this);

if(count($this->errors) > 0)