[ Index ]

PHP Cross Reference of phpBB-3.2.8-deutsch

title

Body

[close]

/phpbb/captcha/plugins/ -> captcha_abstract.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  namespace phpbb\captcha\plugins;
  15  
  16  /**
  17  * This class holds the code shared by the two default 3.0.x CAPTCHAs.
  18  */
  19  abstract class captcha_abstract
  20  {
  21      var $confirm_id;
  22      var $confirm_code;
  23      var $code;
  24      var $seed;
  25      var $attempts = 0;
  26      var $type;
  27      var $solved = 0;
  28      var $captcha_vars = false;
  29  
  30      /**
  31      * @var string name of the service.
  32      */
  33      protected $service_name;
  34  
  35  	function init($type)
  36      {
  37          global $config, $request;
  38  
  39          // read input
  40          $this->confirm_id = $request->variable('confirm_id', '');
  41          $this->confirm_code = $request->variable('confirm_code', '');
  42          $refresh = $request->variable('refresh_vc', false) && $config['confirm_refresh'];
  43  
  44          $this->type = (int) $type;
  45  
  46          if (!strlen($this->confirm_id) || !$this->load_code())
  47          {
  48              // we have no confirm ID, better get ready to display something
  49              $this->generate_code();
  50          }
  51          else if ($refresh)
  52          {
  53              $this->regenerate_code();
  54          }
  55      }
  56  
  57  	function execute_demo()
  58      {
  59          $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
  60          $this->seed = hexdec(substr(unique_id(), 4, 10));
  61  
  62          // compute $seed % 0x7fffffff
  63          $this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
  64  
  65          $generator = $this->get_generator_class();
  66          $captcha = new $generator();
  67          define('IMAGE_OUTPUT', 1);
  68          $captcha->execute($this->code, $this->seed);
  69      }
  70  
  71  	function execute()
  72      {
  73          if (empty($this->code))
  74          {
  75              if (!$this->load_code())
  76              {
  77                  // invalid request, bail out
  78                  return false;
  79              }
  80          }
  81          $generator = $this->get_generator_class();
  82          $captcha = new $generator();
  83          define('IMAGE_OUTPUT', 1);
  84          $captcha->execute($this->code, $this->seed);
  85      }
  86  
  87  	function get_template()
  88      {
  89          global $config, $user, $template, $phpEx, $phpbb_root_path;
  90  
  91          if ($this->is_solved())
  92          {
  93              return false;
  94          }
  95          else
  96          {
  97              $link = append_sid($phpbb_root_path . 'ucp.' . $phpEx,  'mode=confirm&amp;confirm_id=' . $this->confirm_id . '&amp;type=' . $this->type);
  98              $contact_link = phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx);
  99              $explain = $user->lang(($this->type != CONFIRM_POST) ? 'CONFIRM_EXPLAIN' : 'POST_CONFIRM_EXPLAIN', '<a href="' . $contact_link . '">', '</a>');
 100  
 101              $template->assign_vars(array(
 102                  'CONFIRM_IMAGE_LINK'        => $link,
 103                  'CONFIRM_IMAGE'                => '<img src="' . $link . '" />',
 104                  'CONFIRM_IMG'                => '<img src="' . $link . '" />',
 105                  'CONFIRM_ID'                => $this->confirm_id,
 106                  'S_CONFIRM_CODE'            => true,
 107                  'S_TYPE'                    => $this->type,
 108                  'S_CONFIRM_REFRESH'            => ($config['enable_confirm'] && $config['confirm_refresh'] && $this->type == CONFIRM_REG) ? true : false,
 109                  'L_CONFIRM_EXPLAIN'            => $explain,
 110              ));
 111  
 112              return 'captcha_default.html';
 113          }
 114      }
 115  
 116  	function get_demo_template($id)
 117      {
 118          global $config, $template, $request, $phpbb_admin_path, $phpEx;
 119  
 120          $variables = '';
 121  
 122          if (is_array($this->captcha_vars))
 123          {
 124              foreach ($this->captcha_vars as $captcha_var => $template_var)
 125              {
 126                  $variables .= '&amp;' . rawurlencode($captcha_var) . '=' . $request->variable($captcha_var, (int) $config[$captcha_var]);
 127              }
 128          }
 129  
 130          // acp_captcha has a delivery function; let's use it
 131          $template->assign_vars(array(
 132              'CONFIRM_IMAGE'        => append_sid($phpbb_admin_path . 'index.' . $phpEx, 'captcha_demo=1&amp;mode=visual&amp;i=' . $id . '&amp;select_captcha=' . $this->get_service_name()) . $variables,
 133              'CONFIRM_ID'        => $this->confirm_id,
 134          ));
 135  
 136          return 'captcha_default_acp_demo.html';
 137      }
 138  
 139  	function get_hidden_fields()
 140      {
 141          $hidden_fields = array();
 142  
 143          // this is required for posting.php - otherwise we would forget about the captcha being already solved
 144          if ($this->solved)
 145          {
 146              $hidden_fields['confirm_code'] = $this->confirm_code;
 147          }
 148          $hidden_fields['confirm_id'] = $this->confirm_id;
 149          return $hidden_fields;
 150      }
 151  
 152  	function garbage_collect($type)
 153      {
 154          global $db;
 155  
 156          $sql = 'SELECT DISTINCT c.session_id
 157              FROM ' . CONFIRM_TABLE . ' c
 158              LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id)
 159              WHERE s.session_id IS NULL' .
 160                  ((empty($type)) ? '' : ' AND c.confirm_type = ' . (int) $type);
 161          $result = $db->sql_query($sql);
 162  
 163          if ($row = $db->sql_fetchrow($result))
 164          {
 165              $sql_in = array();
 166              do
 167              {
 168                  $sql_in[] = (string) $row['session_id'];
 169              }
 170              while ($row = $db->sql_fetchrow($result));
 171  
 172              if (count($sql_in))
 173              {
 174                  $sql = 'DELETE FROM ' . CONFIRM_TABLE . '
 175                      WHERE ' . $db->sql_in_set('session_id', $sql_in);
 176                  $db->sql_query($sql);
 177              }
 178          }
 179          $db->sql_freeresult($result);
 180      }
 181  
 182  	function uninstall()
 183      {
 184          $this->garbage_collect(0);
 185      }
 186  
 187  	function install()
 188      {
 189          return;
 190      }
 191  
 192  	function validate()
 193      {
 194          global $user;
 195  
 196          if (!$user->is_setup())
 197          {
 198              $user->setup();
 199          }
 200  
 201          $error = '';
 202          if (!$this->confirm_id)
 203          {
 204              $error = $user->lang['CONFIRM_CODE_WRONG'];
 205          }
 206          else
 207          {
 208              if ($this->check_code())
 209              {
 210                  $this->solved = true;
 211              }
 212              else
 213              {
 214                  $error = $user->lang['CONFIRM_CODE_WRONG'];
 215              }
 216          }
 217  
 218          if (strlen($error))
 219          {
 220              // okay, incorrect answer. Let's ask a new question.
 221              $this->new_attempt();
 222              return $error;
 223          }
 224          else
 225          {
 226              return false;
 227          }
 228      }
 229  
 230      /**
 231      * The old way to generate code, suitable for GD and non-GD. Resets the internal state.
 232      */
 233  	function generate_code()
 234      {
 235          global $db, $user;
 236  
 237          $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
 238          $this->confirm_id = md5(unique_id($user->ip));
 239          $this->seed = hexdec(substr(unique_id(), 4, 10));
 240          $this->solved = 0;
 241          // compute $seed % 0x7fffffff
 242          $this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
 243  
 244          $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 245                  'confirm_id'    => (string) $this->confirm_id,
 246                  'session_id'    => (string) $user->session_id,
 247                  'confirm_type'    => (int) $this->type,
 248                  'code'            => (string) $this->code,
 249                  'seed'            => (int) $this->seed)
 250          );
 251          $db->sql_query($sql);
 252      }
 253  
 254      /**
 255      * New Question, if desired.
 256      */
 257  	function regenerate_code()
 258      {
 259          global $db, $user;
 260  
 261          $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
 262          $this->seed = hexdec(substr(unique_id(), 4, 10));
 263          $this->solved = 0;
 264          // compute $seed % 0x7fffffff
 265          $this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
 266  
 267          $sql = 'UPDATE ' . CONFIRM_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
 268                  'code'            => (string) $this->code,
 269                  'seed'            => (int) $this->seed)) . '
 270                  WHERE
 271                  confirm_id = \'' . $db->sql_escape($this->confirm_id) . '\'
 272                      AND session_id = \'' . $db->sql_escape($user->session_id) . '\'';
 273          $db->sql_query($sql);
 274      }
 275  
 276      /**
 277      * New Question, if desired.
 278      */
 279  	function new_attempt()
 280      {
 281          global $db, $user;
 282  
 283          $this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
 284          $this->seed = hexdec(substr(unique_id(), 4, 10));
 285          $this->solved = 0;
 286          // compute $seed % 0x7fffffff
 287          $this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
 288  
 289          $sql = 'UPDATE ' . CONFIRM_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
 290                  'code'            => (string) $this->code,
 291                  'seed'            => (int) $this->seed)) . '
 292                  , attempts = attempts + 1
 293                  WHERE
 294                  confirm_id = \'' . $db->sql_escape($this->confirm_id) . '\'
 295                      AND session_id = \'' . $db->sql_escape($user->session_id) . '\'';
 296          $db->sql_query($sql);
 297      }
 298  
 299      /**
 300      * Look up everything we need for painting&checking.
 301      */
 302  	function load_code()
 303      {
 304          global $db, $user;
 305  
 306          $sql = 'SELECT code, seed, attempts
 307              FROM ' . CONFIRM_TABLE . "
 308              WHERE confirm_id = '" . $db->sql_escape($this->confirm_id) . "'
 309                  AND session_id = '" . $db->sql_escape($user->session_id) . "'
 310                  AND confirm_type = " . $this->type;
 311          $result = $db->sql_query($sql);
 312          $row = $db->sql_fetchrow($result);
 313          $db->sql_freeresult($result);
 314  
 315          if ($row)
 316          {
 317              $this->code = $row['code'];
 318              $this->seed = $row['seed'];
 319              $this->attempts = $row['attempts'];
 320              return true;
 321          }
 322  
 323          return false;
 324      }
 325  
 326  	function check_code()
 327      {
 328          return (strcasecmp($this->code, $this->confirm_code) === 0);
 329      }
 330  
 331  	function get_attempt_count()
 332      {
 333          return $this->attempts;
 334      }
 335  
 336  	function reset()
 337      {
 338          global $db, $user;
 339  
 340          $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
 341              WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
 342                  AND confirm_type = " . (int) $this->type;
 343          $db->sql_query($sql);
 344  
 345          // we leave the class usable by generating a new question
 346          $this->generate_code();
 347      }
 348  
 349  	function is_solved()
 350      {
 351          global $request;
 352  
 353          if ($request->variable('confirm_code', false) && $this->solved === 0)
 354          {
 355              $this->validate();
 356          }
 357          return (bool) $this->solved;
 358      }
 359  
 360      /**
 361      *  API function
 362      */
 363  	function has_config()
 364      {
 365          return false;
 366      }
 367  
 368      /**
 369      * @return string the name of the service corresponding to the plugin
 370      */
 371  	function get_service_name()
 372      {
 373          return $this->service_name;
 374      }
 375  
 376      /**
 377      * Set the name of the plugin
 378      *
 379      * @param string $name
 380      */
 381  	public function set_name($name)
 382      {
 383          $this->service_name = $name;
 384      }
 385  
 386      /**
 387      * @return string the name of the class used to generate the captcha
 388      */
 389      abstract function get_generator_class();
 390  }


Generated: Sat Oct 26 11:28:42 2019 Cross-referenced by PHPXref 0.7.1