| Zeile 39 | Zeile 39 |
|---|
* Type of CAPTCHA.
*
* 1 = Default CAPTCHA
|
* Type of CAPTCHA.
*
* 1 = Default CAPTCHA
|
* 2 = reCAPTCHA
* 3 = Are You a Human
| |
* 4 = NoCATPCHA reCAPTCHA
|
* 4 = NoCATPCHA reCAPTCHA
|
| | * 5 = reCAPTCHA invisible
* 6 = hCaptcha
* 7 = hCaptcha invisible
* 8 = reCAPTCHA v3
|
*
* @var int
*/
| *
* @var int
*/
|
| Zeile 52 | Zeile 54 |
|---|
*
* @var string
*/
|
*
* @var string
*/
|
public $captch_template = '';
| public $captcha_template = '';
|
/**
* CAPTCHA Server URL
|
/**
* CAPTCHA Server URL
|
| Zeile 62 | Zeile 64 |
|---|
public $server = '';
/**
|
public $server = '';
/**
|
* CAPTCHA Secure Server URL
*
* @var string
*/
public $secure_server = '';
/**
* CAPTCHA Verify Server
| * CAPTCHA Verify Server
|
*
* @var string
*/
public $verify_server = '';
|
*
* @var string
*/
public $verify_server = '';
|
/**
* Are You a Human configuration
*
* @var string
*/
public $ayah_web_service_host = '';
public $ayah_publisher_key = '';
public $ayah_scoring_key = '';
public $ayah_debug_mode = '';
public $ayah_use_curl = '';
|
|
/**
* HTML of the built CAPTCHA
|
/**
* HTML of the built CAPTCHA
|
*
| *
|
* @var string
|
* @var string
|
*/
| */
|
public $html = '';
/**
| public $html = '';
/**
|
| Zeile 100 | Zeile 84 |
|---|
*/
public $errors = array();
|
*/
public $errors = array();
|
| | /**
* @param bool $build
* @param string $template
*/
|
function __construct($build = false, $template = "")
{
global $mybb, $plugins;
| function __construct($build = false, $template = "")
{
global $mybb, $plugins;
|
| Zeile 119 | Zeile 107 |
|---|
{
$this->captcha_template = $template;
|
{
$this->captcha_template = $template;
|
if($this->type == 2)
| if($this->type == 4)
|
{
|
{
|
$this->captcha_template .= "_recaptcha";
| $this->captcha_template .= "_nocaptcha";
}
elseif($this->type == 5)
{
$this->captcha_template .= "_recaptcha_invisible";
|
}
|
}
|
else if($this->type == 3)
| elseif($this->type == 6)
|
{
|
{
|
$this->captcha_template .= "_ayah";
}
else if($this->type == 4){
$this->captcha_template .= "_nocaptcha";
| $this->captcha_template .= "_hcaptcha";
}
elseif($this->type == 7)
{
$this->captcha_template .= "_hcaptcha_invisible";
}
elseif($this->type == 8)
{
$this->captcha_template .= "_recaptcha_invisible";
|
}
}
// Work on which CAPTCHA we've got installed
|
}
}
// Work on which CAPTCHA we've got installed
|
if($this->type == 3 && $mybb->settings['ayahpublisherkey'] && $mybb->settings['ayahscoringkey'])
| if(in_array($this->type, array(4, 5, 8)) && $mybb->settings['recaptchapublickey'] && $mybb->settings['recaptchaprivatekey'])
|
{
|
{
|
// We want to use Are You a Human, set configuration options
$this->ayah_web_service_host = "ws.areyouahuman.com";
$this->ayah_publisher_key = $mybb->settings['ayahpublisherkey'];
$this->ayah_scoring_key = $mybb->settings['ayahscoringkey'];
$this->ayah_debug_mode = false;
$this->ayah_use_curl = true;
if($build == true)
{
$this->build_ayah();
}
}
else if($this->type == 2 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])
{
// We want to use reCAPTCHA, set the server options
$this->server = "http://www.google.com/recaptcha/api";
$this->secure_server = "https://www.google.com/recaptcha/api";
$this->verify_server = "www.google.com";
if($build == true)
{
$this->build_recaptcha();
}
}
else if($this->type == 4 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])
{
// We want to use reCAPTCHA, set the server options
$this->server = "http://www.google.com/recaptcha/api.js";
$this->secure_server = "https://www.google.com/recaptcha/api.js";
| // We want to use noCAPTCHA or reCAPTCHA invisible, set the server options
$this->server = "//www.google.com/recaptcha/api.js";
|
$this->verify_server = "https://www.google.com/recaptcha/api/siteverify";
if($build == true)
| $this->verify_server = "https://www.google.com/recaptcha/api/siteverify";
if($build == true)
|
| Zeile 171 | Zeile 141 |
|---|
$this->build_recaptcha();
}
}
|
$this->build_recaptcha();
}
}
|
else if($this->type == 1)
| elseif(in_array($this->type, array(6, 7)) && $mybb->settings['hcaptchapublickey'] && $mybb->settings['hcaptchaprivatekey'])
{
// We want to use hCaptcha or hCaptcha invisible, set the server options
$this->server = "//www.hcaptcha.com/1/api.js";
$this->verify_server = "https://hcaptcha.com/siteverify";
if($build == true)
{
$this->build_hcaptcha();
}
}
elseif($this->type == 1)
|
{
if(!function_exists("imagecreatefrompng"))
|
{
if(!function_exists("imagecreatefrompng"))
|
{
| {
|
// We want to use the default CAPTCHA, but it's not installed
|
// We want to use the default CAPTCHA, but it's not installed
|
return false;
}
else if($build == true)
| return;
}
elseif($build == true)
|
{
$this->build_captcha();
|
{
$this->build_captcha();
|
}
}
| }
}
|
$plugins->run_hooks('captcha_build_end', $args);
|
$plugins->run_hooks('captcha_build_end', $args);
|
}
| }
|
|
|
| | /**
* @param bool $return Not used
*/
|
function build_captcha($return = false)
{
global $db, $lang, $templates, $theme, $mybb;
| function build_captcha($return = false)
{
global $db, $lang, $templates, $theme, $mybb;
|
| Zeile 204 | Zeile 188 |
|---|
$db->insert_query("captcha", $insert_array);
eval("\$this->html = \"".$templates->get($this->captcha_template)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage")."\";");
|
$db->insert_query("captcha", $insert_array);
eval("\$this->html = \"".$templates->get($this->captcha_template)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage")."\";");
|
}
| }
|
function build_recaptcha()
{
global $lang, $mybb, $templates;
// This will build a reCAPTCHA
$server = $this->server;
|
function build_recaptcha()
{
global $lang, $mybb, $templates;
// This will build a reCAPTCHA
$server = $this->server;
|
$public_key = $mybb->settings['captchapublickey'];
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
{
// Use secure server if HTTPS
$server = $this->secure_server;
}
| $public_key = $mybb->settings['recaptchapublickey'];
|
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");
|
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");
|
}
function build_ayah()
{
global $lang, $mybb, $templates;
define('AYAH_PUBLISHER_KEY', $this->ayah_publisher_key);
define('AYAH_SCORING_KEY', $this->ayah_scoring_key);
define('AYAH_USE_CURL', $this->ayah_use_curl);
define('AYAH_DEBUG_MODE', $this->ayah_debug_mode);
define('AYAH_WEB_SERVICE_HOST', $this->ayah_web_service_host);
require_once MYBB_ROOT."inc/3rdparty/ayah/ayah.php";
$ayah = new AYAH();
$output = $ayah->getPublisherHTML();
if(!empty($output))
{
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_ayah")."\";");
}
}
| }
function build_hcaptcha()
{
global $lang, $mybb, $templates;
// This will build a hCaptcha
$server = $this->server;
$public_key = $mybb->settings['hcaptchapublickey'];
$captcha_theme = $mybb->settings['hcaptchatheme'];
$captcha_size = $mybb->settings['hcaptchasize'];
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
}
|
|
|
| | /**
* @return string
*/
|
function build_hidden_captcha()
{
global $db, $mybb, $templates;
| function build_hidden_captcha()
{
global $db, $mybb, $templates;
|
| Zeile 260 | Zeile 233 |
|---|
// Values
$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);
|
// Values
$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);
|
}
else if($this->type == 2)
{
// Names
$hash = "recaptcha_challenge_field";
$string = "recaptcha_response_field";
// Values
$field['hash'] = $mybb->input['recaptcha_challenge_field'];
$field['string'] = $mybb->input['recaptcha_response_field'];
}
else if($this->type == 3)
| }
elseif($this->type == 3)
|
{
// Are You a Human can't be built as a hidden captcha
|
{
// Are You a Human can't be built as a hidden captcha
|
continue;
| return '';
|
}
eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;
}
|
}
eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;
}
|
| | /**
* @return bool
*/
|
function validate_captcha()
{
global $db, $lang, $mybb, $session, $plugins;
| function validate_captcha()
{
global $db, $lang, $mybb, $session, $plugins;
|
| Zeile 294 | Zeile 260 |
|---|
$imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));
switch($db->type)
|
$imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));
switch($db->type)
|
{
| {
|
case 'mysql':
case 'mysqli':
$field = 'imagestring';
| case 'mysql':
case 'mysqli':
$field = 'imagestring';
|
| Zeile 302 | Zeile 268 |
|---|
default:
$field = 'LOWER(imagestring)';
break;
|
default:
$field = 'LOWER(imagestring)';
break;
|
}
| }
|
$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND {$field} = '{$imagestring}'");
$imgcheck = $db->fetch_array($query);
if(!$imgcheck)
{
$this->set_error($lang->invalid_captcha_verify);
|
$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND {$field} = '{$imagestring}'");
$imgcheck = $db->fetch_array($query);
if(!$imgcheck)
{
$this->set_error($lang->invalid_captcha_verify);
|
$db->delete_query("captcha", "imagehash = '{$imagehash}'");
}
}
elseif($this->type == 2)
{
$challenge = $mybb->input['recaptcha_challenge_field'];
$response = $mybb->input['recaptcha_response_field'];
if(!$challenge || strlen($challenge) == 0 || !$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_captcha);
}
else
{
// We have a reCAPTCHA to handle
$data = $this->_qsencode(array(
'privatekey' => $mybb->settings['captchaprivatekey'],
'remoteip' => $session->ipaddress,
'challenge' => $challenge,
'response' => $response
));
// Contact Google and see if our reCAPTCHA was successful
$http_request = "POST /recaptcha/api/verify HTTP/1.0\r\n";
$http_request .= "Host: $this->verify_server\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: ".strlen($data)."\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $data;
$fs = @fsockopen($this->verify_server, 80, $errno, $errstr, 10);
if($fs == false)
{
$this->set_error($lang->invalid_captcha_transmit);
}
else
{
// We connected, but is it correct?
fwrite($fs, $http_request);
while(!feof($fs))
{
$response .= fgets($fs, 1160);
}
fclose($fs);
$response = explode("\r\n\r\n", $response, 2);
$answer = explode("\n", $response[1]);
if(trim($answer[0]) != 'true')
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_captcha_verify);
}
}
| $db->delete_query("captcha", "imagehash = '{$imagehash}'");
}
}
elseif(in_array($this->type, array(4, 5)))
{
$response = $mybb->input['g-recaptcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_nocaptcha);
}
else
{
// We have a noCAPTCHA or reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'remoteip' => $session->ipaddress,
'response' => $response
));
if($response == false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);
}
else
{
$answer = json_decode($response, true);
if($answer['success'] != 'true')
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);
}
}
|
}
}
|
}
}
|
elseif($this->type == 4)
| elseif($this->type == 8)
|
{
$response = $mybb->input['g-recaptcha-response'];
|
{
$response = $mybb->input['g-recaptcha-response'];
|
if(!$response || strlen($response) == 0)
{
| if(!$response || strlen($response) == 0)
{
|
$this->set_error($lang->invalid_nocaptcha);
}
else
{
|
$this->set_error($lang->invalid_nocaptcha);
}
else
{
|
// We have a noCAPTCHA to handle
// Contact Google and see if our reCAPTCHA was successful
| // We have a reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'score' => $mybb->settings['recaptchascore'],
'remoteip' => $session->ipaddress,
'response' => $response
));
if($response === false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);
}
else
{
$answer = json_decode($response, true);
if($answer['success'] != 'true' || $answer['score'] < $mybb->settings['recaptchascore'])
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);
}
}
}
}
elseif(in_array($this->type, array(6, 7)))
{
$response = $mybb->input['h-captcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_hcaptcha);
}
else
{
// We have an hCaptcha or hCaptcha invisible to handle
// Contact hCaptcha and see if our hCaptcha was successful
|
$response = fetch_remote_file($this->verify_server, array(
|
$response = fetch_remote_file($this->verify_server, array(
|
'secret' => $mybb->settings['captchaprivatekey'],
| 'secret' => $mybb->settings['hcaptchaprivatekey'],
|
'remoteip' => $session->ipaddress,
'response' => $response
));
if($response == false)
{
|
'remoteip' => $session->ipaddress,
'response' => $response
));
if($response == false)
{
|
$this->set_error($lang->invalid_nocaptcha_transmit);
| $this->set_error($lang->invalid_hcaptcha_transmit);
|
}
else
{
$answer = json_decode($response, true);
|
}
else
{
$answer = json_decode($response, true);
|
| |
if($answer['success'] != 'true')
{
// We got it wrong! Oh no...
|
if($answer['success'] != 'true')
{
// We got it wrong! Oh no...
|
$this->set_error($lang->invalid_nocaptcha);
| $this->set_error($lang->invalid_hcaptcha);
|
}
}
}
}
|
}
}
}
}
|
elseif($this->type == 3)
{
define('AYAH_PUBLISHER_KEY', $this->ayah_publisher_key);
define('AYAH_SCORING_KEY', $this->ayah_scoring_key);
define('AYAH_USE_CURL', $this->ayah_use_curl);
define('AYAH_DEBUG_MODE', $this->ayah_debug_mode);
define('AYAH_WEB_SERVICE_HOST', $this->ayah_web_service_host);
require_once MYBB_ROOT."inc/3rdparty/ayah/ayah.php";
$ayah = new AYAH();
$result = $ayah->scoreResult();
if($result == false)
{
$this->set_error($lang->invalid_ayah_result);
}
}
| |
$plugins->run_hooks('captcha_validate_end', $this);
if(count($this->errors) > 0)
| $plugins->run_hooks('captcha_validate_end', $this);
if(count($this->errors) > 0)
|
| Zeile 454 | Zeile 410 |
|---|
/**
* Add an error to the error array.
|
/**
* Add an error to the error array.
|
| | *
* @param string $error
* @param string $data
|
*/
function set_error($error, $data='')
{
| */
function set_error($error, $data='')
{
|
| Zeile 467 | Zeile 426 |
|---|
* Returns the error(s) that occurred when handling data
* in a format that MyBB can handle.
*
|
* Returns the error(s) that occurred when handling data
* in a format that MyBB can handle.
*
|
* @return An array of errors in a MyBB format.
| * @return array An array of errors in a MyBB format.
|
*/
function get_errors()
{
global $lang;
|
*/
function get_errors()
{
global $lang;
|
| | $errors = array();
|
foreach($this->errors as $error)
{
$lang_string = $error['error_code'];
| foreach($this->errors as $error)
{
$lang_string = $error['error_code'];
|
| Zeile 514 | Zeile 474 |
|---|
return $errors;
}
|
return $errors;
}
|
| | /**
* @param array $data
*
* @return string
*/
|
private function _qsencode($data)
{
$req = '';
| private function _qsencode($data)
{
$req = '';
|