| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * This class is based from reCAPTCHA's PHP library, adapted for use in MyBB. 10 * 11 * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net 12 * AUTHORS: 13 * Mike Crawford 14 * Ben Maurer 15 * 16 * Permission is hereby granted, free of charge, to any person obtaining a copy 17 * of this software and associated documentation files (the "Software"), to deal 18 * in the Software without restriction, including without limitation the rights 19 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 20 * copies of the Software, and to permit persons to whom the Software is 21 * furnished to do so, subject to the following conditions: 22 * 23 * The above copyright notice and this permission notice shall be included in 24 * all copies or substantial portions of the Software. 25 * 26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 27 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 28 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 29 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 30 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 31 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 32 * THE SOFTWARE. 33 * 34 * $Id$ 35 */ 36 37 class captcha 38 { 39 /** 40 * Type of CAPTCHA. 41 * 42 * 1 = Default CAPTCHA 43 * 2 = reCAPTCHA 44 * 45 * @var int 46 */ 47 public $type = 0; 48 49 /** 50 * The template to display the CAPTCHA in 51 * 52 * @var string 53 */ 54 public $captch_template = ''; 55 56 /** 57 * CAPTCHA Server URL 58 * 59 * @var string 60 */ 61 public $server = ''; 62 63 /** 64 * CAPTCHA Secure Server URL 65 * 66 * @var string 67 */ 68 public $secure_server = ''; 69 70 /** 71 * CAPTCHA Verify Server 72 * 73 * @var string 74 */ 75 public $verify_server = ''; 76 77 /** 78 * HTML of the built CAPTCHA 79 * 80 * @var string 81 */ 82 public $html = ''; 83 84 /** 85 * The errors that occurred when handling data. 86 * 87 * @var array 88 */ 89 public $errors = array(); 90 91 function __construct($build = false, $template = "") 92 { 93 global $mybb; 94 95 $this->type = $mybb->settings['captchaimage']; 96 97 // Prepare the build template 98 if($template) 99 { 100 $this->captcha_template = $template; 101 102 if($this->type == 2) 103 { 104 $this->captcha_template .= "_recaptcha"; 105 } 106 } 107 108 // Work on which CAPTCHA we've got installed 109 if($this->type == 2 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey']) 110 { 111 // We want to use reCAPTCHA, set the server options 112 $this->server = "http://www.google.com/recaptcha/api"; 113 $this->secure_server = "https://www.google.com/recaptcha/api"; 114 $this->verify_server = "www.google.com"; 115 116 if($build == true) 117 { 118 $this->build_recaptcha(); 119 } 120 } 121 else if($this->type == 1) 122 { 123 if(!function_exists("imagecreatefrompng")) 124 { 125 // We want to use the default CAPTCHA, but it's not installed 126 return false; 127 } 128 else if($build == true) 129 { 130 $this->build_captcha(); 131 } 132 } 133 134 // Plugin hook 135 } 136 137 function build_captcha($return = false) 138 { 139 global $db, $lang, $templates; 140 141 // This will build a MyBB CAPTCHA 142 $randomstr = random_str(5); 143 $imagehash = md5(random_str(12)); 144 145 $insert_array = array( 146 "imagehash" => $imagehash, 147 "imagestring" => $randomstr, 148 "dateline" => TIME_NOW 149 ); 150 151 $db->insert_query("captcha", $insert_array); 152 eval("\$this->html = \"".$templates->get($this->captcha_template)."\";"); 153 //eval("\$this->html = \"".$templates->get("member_register_regimage")."\";"); 154 } 155 156 function build_recaptcha() 157 { 158 global $lang, $mybb, $templates; 159 160 // This will build a reCAPTCHA 161 $server = $this->server; 162 $public_key = $mybb->settings['captchapublickey']; 163 164 if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') 165 { 166 // Use secure server if HTTPS 167 $server = $this->secure_server; 168 } 169 170 eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";"); 171 //eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";"); 172 } 173 174 function build_hidden_captcha() 175 { 176 global $db, $mybb, $templates; 177 178 $field = array(); 179 180 if($this->type == 1) 181 { 182 // Names 183 $hash = "imagehash"; 184 $string = "imagestring"; 185 186 // Values 187 $field['hash'] = $db->escape_string($mybb->input['imagehash']); 188 $field['string'] = $db->escape_string($mybb->input['imagestring']); 189 } 190 else if($this->type == 2) 191 { 192 // reCAPTCHA doesn't support hidden Captchas 193 return false; 194 } 195 196 eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";"); 197 return $this->html; 198 } 199 200 function validate_captcha() 201 { 202 global $db, $lang, $mybb; 203 204 // Plugin hook 205 206 if($this->type == 1) 207 { 208 // We have a normal CAPTCHA to handle 209 $imagehash = $db->escape_string($mybb->input['imagehash']); 210 $imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring'])); 211 212 $query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND LOWER(imagestring) = '{$imagestring}'"); 213 $imgcheck = $db->fetch_array($query); 214 215 if(!$imgcheck) 216 { 217 $this->set_error($lang->invalid_captcha_verify); 218 $db->delete_query("captcha", "imagehash = '{$imagehash}'"); 219 } 220 } 221 elseif($this->type == 2) 222 { 223 $challenge = $mybb->input['recaptcha_challenge_field']; 224 $response = $mybb->input['recaptcha_response_field']; 225 226 if(!$challenge || strlen($challenge) == 0 || !$response || strlen($response) == 0) 227 { 228 $this->set_error($lang->invalid_captcha); 229 } 230 else 231 { 232 // We have a reCAPTCHA to handle 233 $data = $this->_qsencode(array( 234 'privatekey' => $mybb->settings['captchaprivatekey'], 235 'remoteip' => $mybb->session->ipaddress, 236 'challenge' => $challenge, 237 'response' => $response 238 )); 239 240 // Contact Google and see if our reCAPTCHA was successful 241 $http_request = "POST /recaptcha/api/verify HTTP/1.0\r\n"; 242 $http_request .= "Host: $this->verify_server\r\n"; 243 $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; 244 $http_request .= "Content-Length: ".strlen($data)."\r\n"; 245 $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; 246 $http_request .= "\r\n"; 247 $http_request .= $data; 248 249 $fs = @fsockopen($this->verify_server, 80, $errno, $errstr, 10); 250 251 if($fs == false) 252 { 253 $this->set_error($lang->invalid_captcha_transmit); 254 } 255 else 256 { 257 // We connected, but is it correct? 258 fwrite($fs, $http_request); 259 260 while(!feof($fs)) 261 { 262 $response .= fgets($fs, 1160); 263 } 264 265 fclose($fs); 266 267 $response = explode("\r\n\r\n", $response, 2); 268 $answer = explode("\n", $response[1]); 269 270 if(trim($answer[0]) != 'true') 271 { 272 // We got it wrong! Oh no... 273 $this->set_error($lang->invalid_captcha_verify); 274 } 275 } 276 } 277 } 278 279 // Plugin hook 280 281 if(count($this->errors) > 0) 282 { 283 return false; 284 } 285 else 286 { 287 return true; 288 } 289 } 290 291 function invalidate_captcha() 292 { 293 global $db, $mybb; 294 295 if($this->type == 1) 296 { 297 // We have a normal CAPTCHA to handle 298 $imagehash = $db->escape_string($mybb->input['imagehash']); 299 if($imagehash) 300 { 301 $db->delete_query("captcha", "imagehash = '{$imagehash}'"); 302 } 303 } 304 // Not necessary for reCAPTCHA 305 306 // Plugin hook 307 } 308 309 /** 310 * Add an error to the error array. 311 */ 312 function set_error($error, $data='') 313 { 314 $this->errors[$error] = array( 315 "error_code" => $error, 316 "data" => $data 317 ); 318 } 319 320 /** 321 * Returns the error(s) that occurred when handling data 322 * in a format that MyBB can handle. 323 * 324 * @return An array of errors in a MyBB format. 325 */ 326 function get_errors() 327 { 328 global $lang; 329 330 foreach($this->errors as $error) 331 { 332 $lang_string = $error['error_code']; 333 334 if(!$lang_string) 335 { 336 if($lang->invalid_captcha_verify) 337 { 338 $lang_string = 'invalid_captcha_verify'; 339 } 340 else 341 { 342 $lang_string = 'unknown_error'; 343 } 344 } 345 346 if(!$lang->$lang_string) 347 { 348 $errors[] = $error['error_code']; 349 continue; 350 } 351 352 if(!empty($error['data']) && !is_array($error['data'])) 353 { 354 $error['data'] = array($error['data']); 355 } 356 357 if(is_array($error['data'])) 358 { 359 array_unshift($error['data'], $lang->$lang_string); 360 $errors[] = call_user_func_array(array($lang, "sprintf"), $error['data']); 361 } 362 else 363 { 364 $errors[] = $lang->$lang_string; 365 } 366 } 367 368 return $errors; 369 } 370 371 private function _qsencode($data) 372 { 373 $req = ''; 374 foreach($data as $key => $value) 375 { 376 $req .= $key.'='.urlencode(stripslashes($value)).'&'; 377 } 378 379 $req = substr($req, 0, (strlen($req) - 1)); 380 381 return $req; 382 } 383 } 384 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |