[ Index ]

PHP Cross Reference of phpBB-3.3.2-deutsch

title

Body

[close]

/phpbb/captcha/plugins/ -> recaptcha_v3.php (source)

   1  <?php
   2  /**
   3   *
   4   * This file is part of the phpBB Forum Software package.
   5   *
   6   * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7   * @license GNU General Public License, version 2 (GPL-2.0)
   8   *
   9   * For full copyright and license information, please see
  10   * the docs/CREDITS.txt file.
  11   *
  12   */
  13  
  14  namespace phpbb\captcha\plugins;
  15  
  16  /**
  17   * Google reCAPTCHA v3 plugin.
  18   */
  19  class recaptcha_v3 extends captcha_abstract
  20  {
  21      /**
  22       * Possible request methods to verify the token.
  23       */
  24      const CURL   = 'curl';
  25      const POST   = 'post';
  26      const SOCKET = 'socket';
  27  
  28      /**
  29       * Possible domain names to load the script and verify the token.
  30       */
  31      const GOOGLE    = 'google.com';
  32      const RECAPTCHA = 'recaptcha.net';
  33  
  34      /** @var array CAPTCHA types mapped to their action */
  35      static protected $actions = [
  36          0                => 'default',
  37          CONFIRM_REG        => 'register',
  38          CONFIRM_LOGIN    => 'login',
  39          CONFIRM_POST    => 'post',
  40          CONFIRM_REPORT    => 'report',
  41      ];
  42  
  43      /**
  44       * Get CAPTCHA types mapped to their action.
  45       *
  46       * @static
  47       * @return array
  48       */
  49  	static public function get_actions()
  50      {
  51          return self::$actions;
  52      }
  53  
  54      /**
  55       * Execute.
  56       *
  57       * Not needed by this CAPTCHA plugin.
  58       *
  59       * @return void
  60       */
  61  	public function execute()
  62      {
  63      }
  64  
  65      /**
  66       * Execute demo.
  67       *
  68       * Not needed by this CAPTCHA plugin.
  69       *
  70       * @return void
  71       */
  72  	public function execute_demo()
  73      {
  74      }
  75  
  76      /**
  77       * Get generator class.
  78       *
  79       * Not needed by this CAPTCHA plugin.
  80       *
  81       * @throws \Exception
  82       * @return void
  83       */
  84  	public function get_generator_class()
  85      {
  86          throw new \Exception('No generator class given.');
  87      }
  88  
  89      /**
  90       * Get CAPTCHA plugin name.
  91       *
  92       * @return string
  93       */
  94  	public function get_name()
  95      {
  96          return 'CAPTCHA_RECAPTCHA_V3';
  97      }
  98  
  99      /**
 100       * Indicator that this CAPTCHA plugin requires configuration.
 101       *
 102       * @return bool
 103       */
 104  	public function has_config()
 105      {
 106          return true;
 107      }
 108  
 109      /**
 110       * Initialize this CAPTCHA plugin.
 111       *
 112       * @param int    $type    The CAPTCHA type
 113       * @return void
 114       */
 115  	public function init($type)
 116      {
 117          /**
 118           * @var \phpbb\language\language    $language    Language object
 119           */
 120          global $language;
 121  
 122          $language->add_lang('captcha_recaptcha');
 123  
 124          parent::init($type);
 125      }
 126  
 127      /**
 128       * Whether or not this CAPTCHA plugin is available and setup.
 129       *
 130       * @return bool
 131       */
 132  	public function is_available()
 133      {
 134          /**
 135           * @var \phpbb\config\config        $config        Config object
 136           * @var \phpbb\language\language    $language    Language object
 137           */
 138          global $config, $language;
 139  
 140          $language->add_lang('captcha_recaptcha');
 141  
 142          return ($config->offsetGet('recaptcha_v3_key') ?? false)
 143              && ($config->offsetGet('recaptcha_v3_secret') ?? false);
 144      }
 145  
 146      /**
 147       * Create the ACP page for configuring this CAPTCHA plugin.
 148       *
 149       * @param string        $id            The ACP module identifier
 150       * @param \acp_captcha    $module        The ACP module basename
 151       * @return void
 152       */
 153  	public function acp_page($id, $module)
 154      {
 155          /**
 156           * @var \phpbb\config\config        $config        Config object
 157           * @var \phpbb\language\language    $language    Language object
 158           * @var \phpbb\log\log                $phpbb_log    Log object
 159           * @var \phpbb\request\request        $request    Request object
 160           * @var \phpbb\template\template    $template    Template object
 161           * @var \phpbb\user                    $user        User object
 162           */
 163          global $config, $language, $phpbb_log, $request, $template, $user;
 164  
 165          $module->tpl_name = 'captcha_recaptcha_v3_acp';
 166          $module->page_title = 'ACP_VC_SETTINGS';
 167  
 168          $form_key = 'acp_captcha';
 169          add_form_key($form_key);
 170  
 171          if ($request->is_set_post('submit'))
 172          {
 173              if (!check_form_key($form_key))
 174              {
 175                  trigger_error($language->lang('FORM_INVALID') . adm_back_link($module->u_action), E_USER_WARNING);
 176              }
 177  
 178              $config->set('recaptcha_v3_key', $request->variable('recaptcha_v3_key', '', true));
 179              $config->set('recaptcha_v3_secret', $request->variable('recaptcha_v3_secret', '', true));
 180              $config->set('recaptcha_v3_domain', $request->variable('recaptcha_v3_domain', '', true));
 181              $config->set('recaptcha_v3_method', $request->variable('recaptcha_v3_method', '', true));
 182  
 183              foreach (self::$actions as $action)
 184              {
 185                  $config->set("recaptcha_v3_threshold_{$action}", $request->variable("recaptcha_v3_threshold_{$action}", 0.50));
 186              }
 187  
 188              $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');
 189  
 190              trigger_error($language->lang('CONFIG_UPDATED') . adm_back_link($module->u_action));
 191          }
 192  
 193          foreach (self::$actions as $action)
 194          {
 195              $template->assign_block_vars('thresholds', [
 196                  'key'    => "recaptcha_v3_threshold_{$action}",
 197                  'value'    => $config["recaptcha_v3_threshold_{$action}"] ?? 0.5,
 198              ]);
 199          }
 200  
 201          $template->assign_vars([
 202              'CAPTCHA_NAME'                => $this->get_service_name(),
 203              'CAPTCHA_PREVIEW'            => $this->get_demo_template($id),
 204  
 205              'RECAPTCHA_V3_KEY'            => $config['recaptcha_v3_key'] ?? '',
 206              'RECAPTCHA_V3_SECRET'        => $config['recaptcha_v3_secret'] ?? '',
 207  
 208              'RECAPTCHA_V3_DOMAIN'        => $config['recaptcha_v3_domain'] ?? self::GOOGLE,
 209              'RECAPTCHA_V3_DOMAINS'        => [self::GOOGLE, self::RECAPTCHA],
 210  
 211              'RECAPTCHA_V3_METHOD'        => $config['recaptcha_v3_method'] ?? self::POST,
 212              'RECAPTCHA_V3_METHODS'        => [
 213                  self::POST        => ini_get('allow_url_fopen') && function_exists('file_get_contents'),
 214                  self::CURL        => extension_loaded('curl') && function_exists('curl_init'),
 215                  self::SOCKET    => function_exists('fsockopen'),
 216              ],
 217  
 218              'U_ACTION'                    => $module->u_action,
 219          ]);
 220      }
 221  
 222      /**
 223       * Create the ACP page for previewing this CAPTCHA plugin.
 224       *
 225       * @param string    $id        The module identifier
 226       * @return bool|string
 227       */
 228  	public function get_demo_template($id)
 229      {
 230          return $this->get_template();
 231      }
 232  
 233      /**
 234       * Get the template for this CAPTCHA plugin.
 235       *
 236       * @return bool|string        False if CAPTCHA is already solved, template file name otherwise
 237       */
 238  	public function get_template()
 239      {
 240          /**
 241           * @var \phpbb\config\config        $config                Config object
 242           * @var \phpbb\language\language    $language            Language object
 243           * @var \phpbb\template\template    $template            Template object
 244           * @var string                        $phpbb_root_path    phpBB root path
 245           * @var string                        $phpEx                php File extensions
 246           */
 247          global $config, $language, $template, $phpbb_root_path, $phpEx;
 248  
 249          if ($this->is_solved())
 250          {
 251              return false;
 252          }
 253  
 254          $contact = phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx);
 255          $explain = $this->type !== CONFIRM_POST ? 'CONFIRM_EXPLAIN' : 'POST_CONFIRM_EXPLAIN';
 256  
 257          $domain = $config['recaptcha_v3_domain'] ?? self::GOOGLE;
 258          $render = $config['recaptcha_v3_key'] ?? '';
 259  
 260          $template->assign_vars([
 261              'CONFIRM_EXPLAIN'        => $language->lang($explain, '<a href="' . $contact . '">', '</a>'),
 262  
 263              'RECAPTCHA_ACTION'        => self::$actions[$this->type] ?? reset(self::$actions),
 264              'RECAPTCHA_KEY'            => $config['recaptcha_v3_key'] ?? '',
 265              'U_RECAPTCHA_SCRIPT'    => sprintf('//%1$s/recaptcha/api.js?render=%2$s', $domain, $render),
 266  
 267              'S_CONFIRM_CODE'        => true,
 268              'S_RECAPTCHA_AVAILABLE'    => $this->is_available(),
 269              'S_TYPE'                => $this->type,
 270          ]);
 271  
 272          return 'captcha_recaptcha_v3.html';
 273      }
 274  
 275      /**
 276       * Validate the user's input.
 277       *
 278       * @return bool|string
 279       */
 280  	public function validate()
 281      {
 282          if (!parent::validate())
 283          {
 284              return false;
 285          }
 286  
 287          return $this->recaptcha_verify_token();
 288      }
 289  
 290      /**
 291       * Validate the token returned by Google reCAPTCHA v3.
 292       *
 293       * @return bool|string        False on success, string containing the error otherwise
 294       */
 295  	protected function recaptcha_verify_token()
 296      {
 297          /**
 298           * @var \phpbb\config\config        $config        Config object
 299           * @var \phpbb\language\language    $language    Language object
 300           * @var \phpbb\request\request        $request    Request object
 301           * @var \phpbb\user                    $user        User object
 302           */
 303          global $config, $language, $request, $user;
 304  
 305          $token        = $request->variable('recaptcha_token', '', true);
 306          $action        = $request->variable('recaptcha_action', '', true);
 307          $action        = in_array($action, self::$actions) ? $action : reset(self::$actions);
 308          $threshold    = (double) $config["recaptcha_v3_threshold_{$action}"] ?? 0.5;
 309  
 310          // No token was provided, discard spam submissions
 311          if (empty($token))
 312          {
 313              return $language->lang('RECAPTCHA_INCORRECT');
 314          }
 315  
 316          // Create the request method that should be used
 317          switch ($config['recaptcha_v3_method'] ?? '')
 318          {
 319              case self::CURL:
 320                  $method = new \ReCaptcha\RequestMethod\CurlPost();
 321              break;
 322  
 323              case self::SOCKET:
 324                  $method = new \ReCaptcha\RequestMethod\SocketPost();
 325              break;
 326  
 327              case self::POST:
 328              default:
 329                  $method = new \ReCaptcha\RequestMethod\Post();
 330              break;
 331          }
 332  
 333          // Create the recaptcha instance
 334          $recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_v3_secret'], $method);
 335  
 336          // Set the expected action and threshold, and verify the token
 337          $result = $recaptcha->setExpectedAction($action)
 338                              ->setScoreThreshold($threshold)
 339                              ->verify($token, $user->ip);
 340  
 341          if ($result->isSuccess())
 342          {
 343              $this->solved = true;
 344  
 345              return false;
 346          }
 347  
 348          return $language->lang('RECAPTCHA_INCORRECT');
 349      }
 350  }


Generated: Wed Nov 11 20:28:18 2020 Cross-referenced by PHPXref 0.7.1