Skip to content

Q
question2answer
Commit 114f1696 by Scott
Options

Merge branch 'dev' (1.7.2) into 1.8

parents 1775bcdd 281619b4
Showing with 994 additions and 331 deletions
.gitignore
# Ignore config file in development
qa-config.php
# Other files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
.idea/
.travis.yml
sudo: false
language: php
php:
- 5.3
......@@ -17,7 +18,7 @@ before_script:
- curl -o phpcpd.phar https://phar.phpunit.de/phpcpd.phar
# PHP Mess Detector
- pear config-set preferred_state beta
- printf "\n" | pecl install imagick
- printf "\n\n" | pecl install imagick
- pear channel-discover pear.phpmd.org
- pear channel-discover pear.pdepend.org
- pear install --alldeps phpmd/PHP_PMD
......
VERSION.txt
1.7.1
\ No newline at end of file
1.7.2
\ No newline at end of file
qa-config-example.php
......@@ -29,6 +29,9 @@
For persistent connections, set the QA_PERSISTENT_CONN_DB at the bottom of this file; do NOT
prepend the hostname with 'p:'.
To use a non-default port, add the following line to the list of defines, with the appropriate port number:
define('QA_MYSQL_PORT', '3306');
*/
define('QA_MYSQL_HOSTNAME', '127.0.0.1');
......
qa-include/pages/question-post.php
......@@ -144,7 +144,7 @@
if ($question['commentbutton']) {
if (qa_clicked('q_docomment'))
qa_page_q_refresh($pagestart, 'comment-'.$questionid);
qa_page_q_refresh($pagestart, 'comment-'.$questionid, 'C', $questionid);
if (qa_clicked('c'.$questionid.'_doadd') || ($pagestate==('comment-'.$questionid)))
qa_page_q_do_comment($question, $question, $commentsfollows, $pagestart, $usecaptcha, $cnewin, $cnewerrors, $formtype, $formpostid, $pageerror);
......@@ -182,7 +182,7 @@
if ($answer['commentbutton']) {
if (qa_clicked($prefix.'docomment'))
qa_page_q_refresh($pagestart, 'comment-'.$answerid, 'A', $answerid);
qa_page_q_refresh($pagestart, 'comment-'.$answerid, 'C', $answerid);
if (qa_clicked('c'.$answerid.'_doadd') || ($pagestate==('comment-'.$answerid)))
qa_page_q_do_comment($question, $answer, $commentsfollows, $pagestart, $usecaptcha, $cnewin, $cnewerrors, $formtype, $formpostid, $pageerror);
......@@ -858,7 +858,7 @@
$commentid=qa_page_q_add_c_submit($question, $parent, $commentsfollows, $usecaptcha, $cnewin[$parentid], $cnewerrors[$parentid]);
if (isset($commentid))
qa_page_q_refresh($pagestart, null, $parent['basetype'], $parentid);
qa_page_q_refresh($pagestart, null, 'C', $commentid);
else {
$formtype='c_add';
......
qa-include/plugins/qa-filter-basic.php
......@@ -43,6 +43,9 @@ class qa_filter_basic
if (!strlen($handle)) {
return qa_lang('users/handle_empty');
}
if (in_array($handle, array('.', '..'))) {
return qa_lang_sub('users/handle_has_bad', '. ..');
}
if (preg_match('/[\\@\\+\\/]/', $handle)) {
return qa_lang_sub('users/handle_has_bad', '@ + /');
}
......
qa-include/qa-base.php
......@@ -21,8 +21,8 @@
*/
define('QA_VERSION', '1.7.1'); // also used as suffix for .js and .css requests
define('QA_BUILD_DATE', '2015-07-27');
define('QA_VERSION', '1.7.2'); // also used as suffix for .js and .css requests
define('QA_BUILD_DATE', '2015-11-05');
/**
......@@ -262,6 +262,10 @@
define('QA_FINAL_EXTERNAL_USERS', QA_EXTERNAL_USERS);
}
if (defined('QA_MYSQL_PORT')) {
define('QA_FINAL_MYSQL_PORT', QA_MYSQL_PORT);
}
// Possible URL schemes for Q2A and the string used for url scheme testing
define('QA_URL_FORMAT_INDEX', 0); // http://...../index.php/123/why-is-the-sky-blue
......@@ -270,7 +274,7 @@
define('QA_URL_FORMAT_PARAMS', 4); // http://...../?qa=123&qa_1=why-is-the-sky-blue
define('QA_URL_FORMAT_SAFEST', 5); // http://...../index.php?qa=123&qa_1=why-is-the-sky-blue
define('QA_URL_TEST_STRING', '$&-_~#%\\@^*()=!()][`\';:|".{},<>?# π§½Жש'); // tests escaping, spaces, quote slashing and unicode - but not + and /
define('QA_URL_TEST_STRING', '$&-_~#%\\@^*()][`\';=:|".{},!<>?# π§½Жש'); // tests escaping, spaces, quote slashing and unicode - but not + and /
}
......
qa-include/qa-blob.php
......@@ -23,32 +23,35 @@
// Ensure no PHP errors are shown in the blob response
@ini_set('display_errors', 0);
@ini_set('display_errors', 0);
function qa_blob_db_fail_handler()
{
function qa_blob_db_fail_handler()
{
header('HTTP/1.1 500 Internal Server Error');
qa_exit('error');
}
}
// Load the Q2A base file which sets up a bunch of crucial stuff
require 'qa-base.php';
require 'qa-base.php';
qa_report_process_stage('init_blob');
qa_report_process_stage('init_blob');
// Output the blob in question
require_once QA_INCLUDE_DIR.'app/blobs.php';
require_once QA_INCLUDE_DIR.'app/blobs.php';
qa_db_connect('qa_blob_db_fail_handler');
qa_db_connect('qa_blob_db_fail_handler');
$blob = qa_read_blob(qa_get('qa_blobid'));
$blob=qa_read_blob(qa_get('qa_blobid'));
if (isset($blob)) {
// allows browsers and proxies to cache the blob (30 days)
header('Cache-Control: max-age=2592000, public');
if (isset($blob)) {
header('Cache-Control: max-age=2592000, public'); // allows browsers and proxies to cache the blob
$disposition = 'inline';
switch ($blob['format']) {
case 'jpeg':
......@@ -64,27 +67,28 @@
header('Content-Type: image/png');
break;
case 'pdf':
header('Content-Type: application/pdf');
break;
case 'swf':
header('Content-Type: application/x-shockwave-flash');
break;
default:
$filename=preg_replace('/[^A-Za-z0-9 \\._-]/', '-', $blob['filename']); // for compatibility with HTTP headers and all browsers
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.$filename.'"');
$disposition = 'attachment';
break;
}
// for compatibility with HTTP headers and all browsers
$filename = preg_replace('/[^A-Za-z0-9 \\._-]+/', '', $blob['filename']);
header('Content-Disposition: '.$disposition.'; filename="'.$filename.'"');
echo $blob['content'];
} else
} else {
header('HTTP/1.0 404 Not Found');
}
qa_db_disconnect();
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
qa_db_disconnect();
qa-include/qa-db.php
......@@ -60,10 +60,11 @@
return;
// in mysqli we connect and select database in constructor
if (QA_PERSISTENT_CONN_DB)
$db = new mysqli('p:'.QA_FINAL_MYSQL_HOSTNAME, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE);
$host = QA_PERSISTENT_CONN_DB ? 'p:'.QA_FINAL_MYSQL_HOSTNAME : QA_FINAL_MYSQL_HOSTNAME;
if (defined('QA_FINAL_MYSQL_PORT'))
$db = new mysqli($host, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE, QA_FINAL_MYSQL_PORT);
else
$db = new mysqli(QA_FINAL_MYSQL_HOSTNAME, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE);
$db = new mysqli($host, QA_FINAL_MYSQL_USERNAME, QA_FINAL_MYSQL_PASSWORD, QA_FINAL_MYSQL_DATABASE);
// must use procedural `mysqli_connect_error` here prior to 5.2.9
$conn_error = mysqli_connect_error();
......
qa-include/vendor/PHPMailer/PHPMailerAutoload.php
<?php
/**
* PHPMailer SPL autoloader.
* PHP Version 5.0.0
* PHP Version 5
* @package PHPMailer
* @link https://github.com/PHPMailer/PHPMailer/
* @author Marcus Bointon (coolbru) <phpmailer@synchromedia.co.uk>
* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2013 Marcus Bointon
* @copyright 2012 - 2014 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
......
qa-include/vendor/PHPMailer/class.phpmailer.php
This source diff could not be displayed because it is too large. You can view the blob instead.
qa-include/vendor/PHPMailer/class.smtp.php
<?php
/**
* PHPMailer RFC821 SMTP email transport class.
* Version 5.2.7
* PHP version 5.0.0
* @category PHP
* PHP Version 5
* @package PHPMailer
* @link https://github.com/PHPMailer/PHPMailer/
* @author Marcus Bointon (coolbru) <phpmailer@synchromedia.co.uk>
* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @copyright 2013 Marcus Bointon
* @copyright 2004 - 2008 Andy Prevost
* @author Brent R. Matzelle (original founder)
* @copyright 2014 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @license http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL)
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*/
/**
* PHPMailer RFC821 SMTP email transport class.
*
* Implements RFC 821 SMTP commands
* and provides some utility methods for sending mail to an SMTP server.
*
* PHP Version 5.0.0
*
* @category PHP
* Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
* @package PHPMailer
* @link https://github.com/PHPMailer/PHPMailer/blob/master/class.smtp.php
* @author Chris Ryan <unknown@example.com>
* @author Chris Ryan
* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
* @license http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL)
*/
class SMTP
{
/**
* The PHPMailer SMTP Version number.
* The PHPMailer SMTP version number.
* @type string
*/
const VERSION = '5.2.7';
const VERSION = '5.2.13';
/**
* SMTP line break constant.
* @type string
*/
const CRLF = "\r\n";
/**
* The SMTP port to use if one is not specified.
* @type integer
*/
const DEFAULT_SMTP_PORT = 25;
/**
* The maximum line length allowed by RFC 2822 section 2.1.1
* @type integer
*/
const MAX_LINE_LENGTH = 998;
/**
* Debug level for no output
*/
const DEBUG_OFF = 0;
/**
* Debug level to show client -> server messages
*/
const DEBUG_CLIENT = 1;
/**
* Debug level to show client -> server and server -> client messages
*/
const DEBUG_SERVER = 2;
/**
* Debug level to show connection status, client -> server and server -> client messages
*/
const DEBUG_CONNECTION = 3;
/**
* Debug level to show all messages
*/
const DEBUG_LOWLEVEL = 4;
/**
* The PHPMailer SMTP Version number.
* @type string
* @deprecated This should be a constant
* @deprecated Use the `VERSION` constant instead
* @see SMTP::VERSION
*/
public $Version = '5.2.7';
public $Version = '5.2.13';
/**
* SMTP server port number.
* @type int
* @deprecated This is only ever ued as default value, so should be a constant
* @type integer
* @deprecated This is only ever used as a default value, so use the `DEFAULT_SMTP_PORT` constant instead
* @see SMTP::DEFAULT_SMTP_PORT
*/
public $SMTP_PORT = 25;
/**
* SMTP reply line ending
* SMTP reply line ending.
* @type string
* @deprecated Use the class constant instead
* @deprecated Use the `CRLF` constant instead
* @see SMTP::CRLF
*/
public $CRLF = "\r\n";
......@@ -80,40 +102,53 @@ class SMTP
/**
* Debug output level.
* Options:
* 0: no output
* 1: commands
* 2: data and commands
* 3: as 2 plus connection status
* 4: low level data output
* @type int
* * self::DEBUG_OFF (`0`) No debug output, default
* * self::DEBUG_CLIENT (`1`) Client commands
* * self::DEBUG_SERVER (`2`) Client commands and server responses
* * self::DEBUG_CONNECTION (`3`) As DEBUG_SERVER plus connection status
* * self::DEBUG_LOWLEVEL (`4`) Low-level data output, all messages
* @type integer
*/
public $do_debug = 0;
public $do_debug = self::DEBUG_OFF;
/**
* The function/method to use for debugging output.
* Options: 'echo', 'html' or 'error_log'
* @type string
* How to handle debug output.
* Options:
* * `echo` Output plain-text as-is, appropriate for CLI
* * `html` Output escaped, line breaks converted to `<br>`, appropriate for browser output
* * `error_log` Output to error log as configured in php.ini
*
* Alternatively, you can provide a callable expecting two params: a message string and the debug level:
* <code>
* $smtp->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";};
* </code>
* @type string|callable
*/
public $Debugoutput = 'echo';
/**
* Whether to use VERP.
* @type bool
* @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
* @link http://www.postfix.org/VERP_README.html Info on VERP
* @type boolean
*/
public $do_verp = false;
/**
* The timeout value for connection, in seconds.
* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
* @type int
* This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure.
* @link http://tools.ietf.org/html/rfc2821#section-4.5.3.2
* @type integer
*/
public $Timeout = 300;
/**
* The SMTP timelimit value for reads, in seconds.
* @type int
* How long to wait for commands to complete, in seconds.
* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
* @type integer
*/
public $Timelimit = 30;
public $Timelimit = 300;
/**
* The socket for the server connection.
......@@ -122,43 +157,58 @@ class SMTP
protected $smtp_conn;
/**
* Error message, if any, for the last call.
* @type string
* Error information, if any, for the last SMTP command.
* @type array
*/
protected $error = '';
protected $error = array(
'error' => '',
'detail' => '',
'smtp_code' => '',
'smtp_code_ex' => ''
);
/**
* The reply the server sent to us for HELO.
* @type string
* If null, no HELO string has yet been received.
* @type string|null
*/
protected $helo_rply = '';
protected $helo_rply = null;
/**
* The most recent reply received from the server.
* @type string
* The set of SMTP extensions sent in reply to EHLO command.
* Indexes of the array are extension names.
* Value at index 'HELO' or 'EHLO' (according to command that was sent)
* represents the server name. In case of HELO it is the only element of the array.
* Other values can be boolean TRUE or an array containing extension options.
* If null, no HELO/EHLO string has yet been received.
* @type array|null
*/
protected $last_reply = '';
protected $server_caps = null;
/**
* Constructor.
* @access public
* The most recent reply received from the server.
* @type string
*/
public function __construct()
{
$this->smtp_conn = 0;
$this->error = null;
$this->helo_rply = null;
$this->do_debug = 0;
}
protected $last_reply = '';
/**
* Output debugging info via a user-selected method.
* @see SMTP::$Debugoutput
* @see SMTP::$do_debug
* @param string $str Debug string to output
* @param integer $level The debug level of this message; see DEBUG_* constants
* @return void
*/
protected function edebug($str)
protected function edebug($str, $level = 0)
{
if ($level > $this->do_debug) {
return;
}
//Avoid clash with built-in function names
if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) {
call_user_func($this->Debugoutput, $str, $this->do_debug);
return;
}
switch ($this->Debugoutput) {
case 'error_log':
//Don't output, just log
......@@ -175,38 +225,52 @@ class SMTP
break;
case 'echo':
default:
echo gmdate('Y-m-d H:i:s')."\t".trim($str)."\n";
//Normalize line breaks
$str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str);
echo gmdate('Y-m-d H:i:s') . "\t" . str_replace(
"\n",
"\n \t ",
trim($str)
)."\n";
}
}
/**
* Connect to an SMTP server.
* @param string $host SMTP server IP or host name
* @param int $port The port number to connect to
* @param int $timeout How long to wait for the connection to open
* @param integer $port The port number to connect to
* @param integer $timeout How long to wait for the connection to open
* @param array $options An array of options for stream_context_create()
* @access public
* @return bool
* @return boolean
*/
public function connect($host, $port = null, $timeout = 30, $options = array())
{
static $streamok;
//This is enabled by default since 5.0.0 but some providers disable it
//Check this once and cache the result
if (is_null($streamok)) {
$streamok = function_exists('stream_socket_client');
}
// Clear errors to avoid confusion
$this->error = null;
$this->setError('');
// Make sure we are __not__ connected
if ($this->connected()) {
// Already connected, generate error
$this->error = array('error' => 'Already connected to a server');
$this->setError('Already connected to a server');
return false;
}
if (empty($port)) {
$port = self::DEFAULT_SMTP_PORT;
}
// Connect to the SMTP server
if ($this->do_debug >= 3) {
$this->edebug('Connection: opening');
}
$this->edebug(
"Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
self::DEBUG_CONNECTION
);
$errno = 0;
$errstr = '';
if ($streamok) {
$socket_context = stream_context_create($options);
//Suppress errors; connection failures are handled at a higher level
$this->smtp_conn = @stream_socket_client(
......@@ -217,45 +281,55 @@ class SMTP
STREAM_CLIENT_CONNECT,
$socket_context
);
} else {
//Fall back to fsockopen which should work in more places, but is missing some features
$this->edebug(
"Connection: stream_socket_client not available, falling back to fsockopen",
self::DEBUG_CONNECTION
);
$this->smtp_conn = fsockopen(
$host,
$port,
$errno,
$errstr,
$timeout
);
}
// Verify we connected properly
if (empty($this->smtp_conn)) {
$this->error = array(
'error' => 'Failed to connect to server',
'errno' => $errno,
'errstr' => $errstr
if (!is_resource($this->smtp_conn)) {
$this->setError(
'Failed to connect to server',
$errno,
$errstr
);
if ($this->do_debug >= 1) {
$this->edebug(
'SMTP ERROR: ' . $this->error['error']
. ": $errstr ($errno)"
. ": $errstr ($errno)",
self::DEBUG_CLIENT
);
}
return false;
}
if ($this->do_debug >= 3) {
$this->edebug('Connection: opened');
}
$this->edebug('Connection: opened', self::DEBUG_CONNECTION);
// SMTP server can take longer to respond, give longer timeout for first read
// Windows does not have support for this timeout function
if (substr(PHP_OS, 0, 3) != 'WIN') {
$max = ini_get('max_execution_time');
if ($max != 0 && $timeout > $max) { // Don't bother if unlimited
// Don't bother if unlimited
if ($max != 0 && $timeout > $max) {
@set_time_limit($timeout);
}
stream_set_timeout($this->smtp_conn, $timeout, 0);
}
// Get any announcement
$announce = $this->get_lines();
if ($this->do_debug >= 2) {
$this->edebug('SERVER -> CLIENT: ' . $announce);
}
$this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
return true;
}
/**
* Initiate a TLS (encrypted) session.
* @access public
* @return bool
* @return boolean
*/
public function startTLS()
{
......@@ -279,20 +353,60 @@ class SMTP
* @see hello()
* @param string $username The user name
* @param string $password The password
* @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
* @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5, XOAUTH2)
* @param string $realm The auth realm for NTLM
* @param string $workstation The auth workstation for NTLM
* @access public
* @return bool True if successfully authenticated.
* @param null|OAuth $OAuth An optional OAuth instance (@see PHPMailerOAuth)
* @return bool True if successfully authenticated.* @access public
*/
public function authenticate(
$username,
$password,
$authtype = 'LOGIN',
$authtype = null,
$realm = '',
$workstation = ''
$workstation = '',
$OAuth = null
) {
if (!$this->server_caps) {
$this->setError('Authentication is not allowed before HELO/EHLO');
return false;
}
if (array_key_exists('EHLO', $this->server_caps)) {
// SMTP extensions are available. Let's try to find a proper authentication method
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
// 'at this stage' means that auth may be allowed after the stage changes
// e.g. after STARTTLS
return false;
}
self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
self::edebug(
'Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']),
self::DEBUG_LOWLEVEL
);
if (empty($authtype)) {
foreach (array('LOGIN', 'CRAM-MD5', 'NTLM', 'PLAIN', 'XOAUTH2') as $method) {
if (in_array($method, $this->server_caps['AUTH'])) {
$authtype = $method;
break;
}
}
if (empty($authtype)) {
$this->setError('No supported authentication methods found');
return false;
}
self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
}
if (!in_array($authtype, $this->server_caps['AUTH'])) {
$this->setError("The requested authentication method \"$authtype\" is not supported by the server");
return false;
}
} elseif (empty($authtype)) {
$authtype = 'LOGIN';
}
switch ($authtype) {
......@@ -323,6 +437,19 @@ class SMTP
return false;
}
break;
case 'XOAUTH2':
//If the OAuth Instance is not set. Can be a case when PHPMailer is used
//instead of PHPMailerOAuth
if (is_null($OAuth)) {
return false;
}
$oauth = $OAuth->getOauth64();
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH XOAUTH2 ' . $oauth, 235)) {
return false;
}
break;
case 'NTLM':
/*
* ntlm_sasl_client.php
......@@ -333,17 +460,16 @@ class SMTP
* PROTOCOL Docs http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
*/
require_once 'extras/ntlm_sasl_client.php';
$temp = new stdClass();
$temp = new stdClass;
$ntlm_client = new ntlm_sasl_client_class;
//Check that functions are available
if (!$ntlm_client->Initialize($temp)) {
$this->error = array('error' => $temp->error);
if ($this->do_debug >= 1) {
$this->setError($temp->error);
$this->edebug(
'You need to enable some modules in your php.ini file: '
. $this->error['error']
. $this->error['error'],
self::DEBUG_CLIENT
);
}
return false;
}
//msg1
......@@ -374,7 +500,6 @@ class SMTP
);
// send encoded username
return $this->sendCommand('Username', base64_encode($msg3), 235);
break;
case 'CRAM-MD5':
// Start authentication
if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
......@@ -388,7 +513,9 @@ class SMTP
// send encoded credentials
return $this->sendCommand('Username', base64_encode($response), 235);
break;
default:
$this->setError("Authentication method \"$authtype\" is not supported");
return false;
}
return true;
}
......@@ -414,15 +541,15 @@ class SMTP
// RFC 2104 HMAC implementation for php.
// Creates an md5 HMAC.
// Eliminates the need to install mhash to compute a HMAC
// Hacked by Lance Rushing
// by Lance Rushing
$b = 64; // byte length for md5
if (strlen($key) > $b) {
$bytelen = 64; // byte length for md5
if (strlen($key) > $bytelen) {
$key = pack('H*', md5($key));
}
$key = str_pad($key, $b, chr(0x00));
$ipad = str_pad('', $b, chr(0x36));
$opad = str_pad('', $b, chr(0x5c));
$key = str_pad($key, $bytelen, chr(0x00));
$ipad = str_pad('', $bytelen, chr(0x36));
$opad = str_pad('', $bytelen, chr(0x5c));
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
......@@ -432,19 +559,18 @@ class SMTP
/**
* Check connection state.
* @access public
* @return bool True if connected.
* @return boolean True if connected.
*/
public function connected()
{
if (!empty($this->smtp_conn)) {
if (is_resource($this->smtp_conn)) {
$sock_status = stream_get_meta_data($this->smtp_conn);
if ($sock_status['eof']) {
// the socket is valid but we are not connected
if ($this->do_debug >= 1) {
// The socket is valid but we are not connected
$this->edebug(
'SMTP NOTICE: EOF caught while checking if connected'
'SMTP NOTICE: EOF caught while checking if connected',
self::DEBUG_CLIENT
);
}
$this->close();
return false;
}
......@@ -462,15 +588,14 @@ class SMTP
*/
public function close()
{
$this->error = null; // so there is no confusion
$this->setError('');
$this->server_caps = null;
$this->helo_rply = null;
if (!empty($this->smtp_conn)) {
if (is_resource($this->smtp_conn)) {
// close the connection and cleanup
fclose($this->smtp_conn);
if ($this->do_debug >= 3) {
$this->edebug('Connection: closed');
}
$this->smtp_conn = 0;
$this->smtp_conn = null; //Makes for cleaner serialization
$this->edebug('Connection: closed', self::DEBUG_CONNECTION);
}
}
......@@ -484,13 +609,15 @@ class SMTP
* Implements rfc 821: DATA <CRLF>
* @param string $msg_data Message data to send
* @access public
* @return bool
* @return boolean
*/
public function data($msg_data)
{
//This will use the standard timelimit
if (!$this->sendCommand('DATA', 'DATA', 354)) {
return false;
}
/* The server is ready to accept data!
* According to rfc821 we should not send more than 1000 characters on a single line (including the CRLF)
* so we will break the data up into lines by \r and/or \n then if needed we will break each of those into
......@@ -518,13 +645,14 @@ class SMTP
if ($in_headers and $line == '') {
$in_headers = false;
}
// ok we need to break this line up into several smaller lines
//This is a small micro-optimisation: isset($str[$len]) is equivalent to (strlen($str) > $len)
//Break this line up into several smaller lines if it's too long
//Micro-optimisation: isset($str[$len]) is faster than (strlen($str) > $len),
while (isset($line[self::MAX_LINE_LENGTH])) {
//Working backwards, try to find a space within the last MAX_LINE_LENGTH chars of the line to break on
//so as to avoid breaking in the middle of a word
$pos = strrpos(substr($line, 0, self::MAX_LINE_LENGTH), ' ');
if (!$pos) { //Deliberately matches both false and 0
//Deliberately matches both false and 0
if (!$pos) {
//No nice break found, add a hard break
$pos = self::MAX_LINE_LENGTH - 1;
$lines_out[] = substr($line, 0, $pos);
......@@ -535,16 +663,14 @@ class SMTP
//Move along by the amount we dealt with
$line = substr($line, $pos + 1);
}
/* If processing headers add a LWSP-char to the front of new line
* RFC822 section 3.1.1
*/
//If processing headers add a LWSP-char to the front of new line RFC822 section 3.1.1
if ($in_headers) {
$line = "\t" . $line;
}
}
$lines_out[] = $line;
// Send the lines to the server
//Send the lines to the server
foreach ($lines_out as $line_out) {
//RFC2821 section 4.5.2
if (!empty($line_out) and $line_out[0] == '.') {
......@@ -554,8 +680,14 @@ class SMTP
}
}
// Message data has been sent, complete the command
return $this->sendCommand('DATA END', '.', 250);
//Message data has been sent, complete the command
//Increase timelimit for end of DATA command
$savetimelimit = $this->Timelimit;
$this->Timelimit = $this->Timelimit * 2;
$result = $this->sendCommand('DATA END', '.', 250);
//Restore timelimit
$this->Timelimit = $savetimelimit;
return $result;
}
/**
......@@ -566,12 +698,12 @@ class SMTP
* and RFC 2821 EHLO.
* @param string $host The host name or IP to connect to
* @access public
* @return bool
* @return boolean
*/
public function hello($host = '')
{
// Try extended hello first (RFC 2821)
return (bool)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host));
//Try extended hello first (RFC 2821)
return (boolean)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host));
}
/**
......@@ -581,16 +713,63 @@ class SMTP
* @param string $hello The HELO string
* @param string $host The hostname to say we are
* @access protected
* @return bool
* @return boolean
*/
protected function sendHello($hello, $host)
{
$noerror = $this->sendCommand($hello, $hello . ' ' . $host, 250);
$this->helo_rply = $this->last_reply;
if ($noerror) {
$this->parseHelloFields($hello);
} else {
$this->server_caps = null;
}
return $noerror;
}
/**
* Parse a reply to HELO/EHLO command to discover server extensions.
* In case of HELO, the only parameter that can be discovered is a server name.
* @access protected
* @param string $type - 'HELO' or 'EHLO'
*/
protected function parseHelloFields($type)
{
$this->server_caps = array();
$lines = explode("\n", $this->last_reply);
foreach ($lines as $n => $s) {
//First 4 chars contain response code followed by - or space
$s = trim(substr($s, 4));
if (empty($s)) {
continue;
}
$fields = explode(' ', $s);
if (!empty($fields)) {
if (!$n) {
$name = $type;
$fields = $fields[0];
} else {
$name = array_shift($fields);
switch ($name) {
case 'SIZE':
$fields = ($fields ? $fields[0] : 0);
break;
case 'AUTH':
if (!is_array($fields)) {
$fields = array();
}
break;
default:
$fields = true;
}
}
$this->server_caps[$name] = $fields;
}
}
}
/**
* Send an SMTP MAIL command.
* Starts a mail transaction from the email address specified in
* $from. Returns true if successful or false otherwise. If True
......@@ -599,7 +778,7 @@ class SMTP
* Implements rfc 821: MAIL <SP> FROM:<reverse-path> <CRLF>
* @param string $from Source address of this message
* @access public
* @return bool
* @return boolean
*/
public function mail($from)
{
......@@ -615,35 +794,35 @@ class SMTP
* Send an SMTP QUIT command.
* Closes the socket if there is no error or the $close_on_error argument is true.
* Implements from rfc 821: QUIT <CRLF>
* @param bool $close_on_error Should the connection close if an error occurs?
* @param boolean $close_on_error Should the connection close if an error occurs?
* @access public
* @return bool
* @return boolean
*/
public function quit($close_on_error = true)
{
$noerror = $this->sendCommand('QUIT', 'QUIT', 221);
$e = $this->error; //Save any error
$err = $this->error; //Save any error
if ($noerror or $close_on_error) {
$this->close();
$this->error = $e; //Restore any error from the quit command
$this->error = $err; //Restore any error from the quit command
}
return $noerror;
}
/**
* Send an SMTP RCPT command.
* Sets the TO argument to $to.
* Sets the TO argument to $toaddr.
* Returns true if the recipient was accepted false if it was rejected.
* Implements from rfc 821: RCPT <SP> TO:<forward-path> <CRLF>
* @param string $to The address the message is being sent to
* @param string $toaddr The address the message is being sent to
* @access public
* @return bool
* @return boolean
*/
public function recipient($to)
public function recipient($toaddr)
{
return $this->sendCommand(
'RCPT TO',
'RCPT TO:<' . $to . '>',
'RCPT TO:<' . $toaddr . '>',
array(250, 251)
);
}
......@@ -653,7 +832,7 @@ class SMTP
* Abort any transaction that is currently in progress.
* Implements rfc 821: RSET <CRLF>
* @access public
* @return bool True on success.
* @return boolean True on success.
*/
public function reset()
{
......@@ -664,44 +843,54 @@ class SMTP
* Send a command to an SMTP server and check its return code.
* @param string $command The command name - not sent to the server
* @param string $commandstring The actual command to send
* @param int|array $expect One or more expected integer success codes
* @param integer|array $expect One or more expected integer success codes
* @access protected
* @return bool True on success.
* @return boolean True on success.
*/
protected function sendCommand($command, $commandstring, $expect)
{
if (!$this->connected()) {
$this->error = array(
'error' => "Called $command without being connected"
);
$this->setError("Called $command without being connected");
return false;
}
$this->client_send($commandstring . self::CRLF);
$reply = $this->get_lines();
$code = substr($reply, 0, 3);
if ($this->do_debug >= 2) {
$this->edebug('SERVER -> CLIENT: ' . $reply);
$this->last_reply = $this->get_lines();
// Fetch SMTP code and possible error code explanation
$matches = array();
if (preg_match("/^([0-9]{3})[ -](?:([0-9]\\.[0-9]\\.[0-9]) )?/", $this->last_reply, $matches)) {
$code = $matches[1];
$code_ex = (count($matches) > 2 ? $matches[2] : null);
// Cut off error code from each response line
$detail = preg_replace(
"/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m",
'',
$this->last_reply
);
} else {
// Fall back to simple parsing if regex fails
$code = substr($this->last_reply, 0, 3);
$code_ex = null;
$detail = substr($this->last_reply, 4);
}
$this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER);
if (!in_array($code, (array)$expect)) {
$this->last_reply = null;
$this->error = array(
'error' => "$command command failed",
'smtp_code' => $code,
'detail' => substr($reply, 4)
$this->setError(
"$command command failed",
$detail,
$code,
$code_ex
);
if ($this->do_debug >= 1) {
$this->edebug(
'SMTP ERROR: ' . $this->error['error'] . ': ' . $reply
'SMTP ERROR: ' . $this->error['error'] . ': ' . $this->last_reply,
self::DEBUG_CLIENT
);
}
return false;
}
$this->last_reply = $reply;
$this->error = null;
$this->setError('');
return true;
}
......@@ -716,7 +905,7 @@ class SMTP
* Implements rfc 821: SAML <SP> FROM:<reverse-path> <CRLF>
* @param string $from The address the message is from
* @access public
* @return bool
* @return boolean
*/
public function sendAndMail($from)
{
......@@ -727,7 +916,7 @@ class SMTP
* Send an SMTP VRFY command.
* @param string $name The name to verify
* @access public
* @return bool
* @return boolean
*/
public function verify($name)
{
......@@ -738,7 +927,7 @@ class SMTP
* Send an SMTP NOOP command.
* Used to keep keep-alives alive, doesn't actually do anything
* @access public
* @return bool
* @return boolean
*/
public function noop()
{
......@@ -752,16 +941,12 @@ class SMTP
* and _may_ be implemented in future
* Implements from rfc 821: TURN <CRLF>
* @access public
* @return bool
* @return boolean
*/
public function turn()
{
$this->error = array(
'error' => 'The SMTP TURN command is not implemented'
);
if ($this->do_debug >= 1) {
$this->edebug('SMTP NOTICE: ' . $this->error['error']);
}
$this->setError('The SMTP TURN command is not implemented');
$this->edebug('SMTP NOTICE: ' . $this->error['error'], self::DEBUG_CLIENT);
return false;
}
......@@ -769,13 +954,11 @@ class SMTP
* Send raw data to the server.
* @param string $data The data to send
* @access public
* @return int|bool The number of bytes sent to the server or false on error
* @return integer|boolean The number of bytes sent to the server or false on error
*/
public function client_send($data)
{
if ($this->do_debug >= 1) {
$this->edebug("CLIENT -> SERVER: $data");
}
$this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
return fwrite($this->smtp_conn, $data);
}
......@@ -790,6 +973,57 @@ class SMTP
}
/**
* Get SMTP extensions available on the server
* @access public
* @return array|null
*/
public function getServerExtList()
{
return $this->server_caps;
}
/**
* A multipurpose method
* The method works in three ways, dependent on argument value and current state
* 1. HELO/EHLO was not sent - returns null and set up $this->error
* 2. HELO was sent
* $name = 'HELO': returns server name
* $name = 'EHLO': returns boolean false
* $name = any string: returns null and set up $this->error
* 3. EHLO was sent
* $name = 'HELO'|'EHLO': returns server name
* $name = any string: if extension $name exists, returns boolean True
* or its options. Otherwise returns boolean False
* In other words, one can use this method to detect 3 conditions:
* - null returned: handshake was not or we don't know about ext (refer to $this->error)
* - false returned: the requested feature exactly not exists
* - positive value returned: the requested feature exists
* @param string $name Name of SMTP extension or 'HELO'|'EHLO'
* @return mixed
*/
public function getServerExt($name)
{
if (!$this->server_caps) {
$this->setError('No HELO/EHLO was sent');
return null;
}
// the tight logic knot ;)
if (!array_key_exists($name, $this->server_caps)) {
if ($name == 'HELO') {
return $this->server_caps['EHLO'];
}
if ($name == 'EHLO' || array_key_exists('EHLO', $this->server_caps)) {
return false;
}
$this->setError('HELO handshake was used. Client knows nothing about server extensions');
return null;
}
return $this->server_caps[$name];
}
/**
* Get the last reply from the server.
* @access public
* @return string
......@@ -822,14 +1056,9 @@ class SMTP
}
while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) {
$str = @fgets($this->smtp_conn, 515);
if ($this->do_debug >= 4) {
$this->edebug("SMTP -> get_lines(): \$data was \"$data\"");
$this->edebug("SMTP -> get_lines(): \$str is \"$str\"");
}
$this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
$this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL);
$data .= $str;
if ($this->do_debug >= 4) {
$this->edebug("SMTP -> get_lines(): \$data is \"$data\"");
}
// If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
if ((isset($str[3]) and $str[3] == ' ')) {
break;
......@@ -837,21 +1066,19 @@ class SMTP
// Timed-out? Log and break
$info = stream_get_meta_data($this->smtp_conn);
if ($info['timed_out']) {
if ($this->do_debug >= 4) {
$this->edebug(
'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)'
'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)',
self::DEBUG_LOWLEVEL
);
}
break;
}
// Now check if reads took too long
if ($endtime and time() > $endtime) {
if ($this->do_debug >= 4) {
$this->edebug(
'SMTP -> get_lines(): timelimit reached ('.
$this->Timelimit . ' sec)'
$this->Timelimit . ' sec)',
self::DEBUG_LOWLEVEL
);
}
break;
}
}
......@@ -860,7 +1087,7 @@ class SMTP
/**
* Enable or disable VERP address generation.
* @param bool $enabled
* @param boolean $enabled
*/
public function setVerp($enabled = false)
{
......@@ -869,7 +1096,7 @@ class SMTP
/**
* Get VERP address generation mode.
* @return bool
* @return boolean
*/
public function getVerp()
{
......@@ -877,8 +1104,25 @@ class SMTP
}
/**
* Set error messages and codes.
* @param string $message The error message
* @param string $detail Further detail on the error
* @param string $smtp_code An associated SMTP error code
* @param string $smtp_code_ex Extended SMTP code
*/
protected function setError($message, $detail = '', $smtp_code = '', $smtp_code_ex = '')
{
$this->error = array(
'error' => $message,
'detail' => $detail,
'smtp_code' => $smtp_code,
'smtp_code_ex' => $smtp_code_ex
);
}
/**
* Set debug output method.
* @param string $method The function/method to use for debugging output.
* @param string|callable $method The name of the mechanism to use for debugging output, or a callable to handle it.
*/
public function setDebugOutput($method = 'echo')
{
......@@ -896,7 +1140,7 @@ class SMTP
/**
* Set debug output level.
* @param int $level
* @param integer $level
*/
public function setDebugLevel($level = 0)
{
......@@ -905,7 +1149,7 @@ class SMTP
/**
* Get debug output level.
* @return int
* @return integer
*/
public function getDebugLevel()
{
......@@ -914,7 +1158,7 @@ class SMTP
/**
* Set SMTP timeout.
* @param int $timeout
* @param integer $timeout
*/
public function setTimeout($timeout = 0)
{
......@@ -923,7 +1167,7 @@ class SMTP
/**
* Get SMTP timeout.
* @return int
* @return integer
*/
public function getTimeout()
{
......
qa-plugin/recaptcha-captcha/qa-recaptcha-captcha.php
......@@ -133,7 +133,11 @@ class qa_recaptcha_captcha
{
require_once $this->directory.'recaptchalib.php';
if (ini_get('allow_url_fopen'))
$recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key'));
else
$recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key') , new ReCaptchaSocketPostRequestMethod());
$remoteIp = qa_remote_ip_address();
$userResponse = qa_post_text('g-recaptcha-response');
......
qa-plugin/recaptcha-captcha/recaptchalib.php
......@@ -39,58 +39,269 @@ class ReCaptchaResponse
public $errorCodes = array();
}
class ReCaptcha
/**
* Stores and formats the parameters for the request to the reCAPTCHA service.
*/
class ReCaptchaRequestParameters
{
private static $_signupUrl = 'https://www.google.com/recaptcha/admin';
private static $_siteVerifyUrl = 'https://www.google.com/recaptcha/api/siteverify?';
private $_secret;
private static $_version = 'php_1.0';
private $secret;
private $response;
private $remoteIp;
private $version;
/**
* Constructor.
* Initialise parameters.
*
* @param string $secret shared secret between site and ReCAPTCHA server.
* @param string $secret Site secret.
* @param string $response Value from g-captcha-response form field.
* @param string $remoteIp User's IP address.
* @param string $version Version of this client library.
*/
public function __construct($secret)
public function __construct($secret, $response, $remoteIp = null, $version = null)
{
if ($secret == null || $secret == '') {
die('To use reCAPTCHA you must get an API key from <a href="' . self::$_signupUrl . '">' . self::$_signupUrl . '</a>');
$this->secret = $secret;
$this->response = $response;
$this->remoteIp = $remoteIp;
$this->version = $version;
}
/**
* Array representation.
*
* @return array Array formatted parameters.
*/
public function toArray()
{
$params = array('secret' => $this->secret, 'response' => $this->response);
if (!is_null($this->remoteIp)) {
$params['remoteip'] = $this->remoteIp;
}
$this->_secret = $secret;
if (!is_null($this->version)) {
$params['version'] = $this->version;
}
return $params;
}
/**
* Encodes the given data into a query string format.
* Query string representation for HTTP request.
*
* @param array $data array of string elements to be encoded.
* @return string Query string formatted parameters.
*/
public function toQueryString()
{
return http_build_query($this->toArray(), '', '&');
}
}
/**
* Defines certain rules for a RequestMethod
* Interface ReCaptchaRequestMethod
*/
interface ReCaptchaRequestMethod
{
/**
* Submit the request with the specified parameters.
*
* @return string - encoded request.
* @param ReCaptchaRequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
private function _encodeQS($data)
public function submit(ReCaptchaRequestParameters $params);
}
/**
* Sends GET requests to the reCAPTCHA service.
*/
class ReCaptchaGetRequestMethod implements ReCaptchaRequestMethod{
const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify?';
/**
* Submit the request with the specified parameters.
*
* @param ReCaptchaRequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
public function submit(ReCaptchaRequestParameters $params){
return file_get_contents(self::SITE_VERIFY_URL . $params->toQueryString());
}
}
/**
* Convenience wrapper around native socket and file functions to allow for
* mocking.
*/
class ReCaptchaSocket
{
private $handle = null;
/**
* fsockopen
*
* @see http://php.net/fsockopen
* @param string $hostname
* @param int $port
* @param int $errno
* @param string $errstr
* @param float $timeout
* @return resource
*/
public function fsockopen($hostname, $port = -1, &$errno = 0, &$errstr = '', $timeout = null)
{
$req = "";
foreach ($data as $key => $value) {
$req .= $key . '=' . urlencode(stripslashes($value)) . '&';
$this->handle = fsockopen($hostname, $port, $errno, $errstr, (is_null($timeout) ? ini_get("default_socket_timeout") : $timeout));
if ($this->handle != false && $errno === 0 && $errstr === '') {
return $this->handle;
}
return false;
}
// Cut the last '&'
$req = substr($req, 0, strlen($req)-1);
return $req;
/**
* fwrite
*
* @see http://php.net/fwrite
* @param string $string
* @param int $length
* @return int | bool
*/
public function fwrite($string, $length = null)
{
return fwrite($this->handle, $string, (is_null($length) ? strlen($string) : $length));
}
/**
* Submits an HTTP GET to a reCAPTCHA server.
* fgets
*
* @param string $path url path to recaptcha server.
* @param array $data array of parameters to be sent.
* @see http://php.net/fgets
* @param int $length
* @return string
*/
public function fgets($length = null)
{
return fgets($this->handle, $length);
}
/**
* feof
*
* @return array response
* @see http://php.net/feof
* @return bool
*/
private function _submitHTTPGet($path, $data)
public function feof()
{
$req = $this->_encodeQS($data);
$response = file_get_contents($path . $req);
return $response;
return feof($this->handle);
}
/**
* fclose
*
* @see http://php.net/fclose
* @return bool
*/
public function fclose()
{
return fclose($this->handle);
}
}
/**
* Sends a POST request to the reCAPTCHA service, but makes use of fsockopen()
* instead of get_file_contents(). This is to account for people who may be on
* servers where allow_furl_open is disabled.
*/
class ReCaptchaSocketPostRequestMethod implements ReCaptchaRequestMethod
{
const RECAPTCHA_HOST = 'www.google.com';
const SITE_VERIFY_PATH = '/recaptcha/api/siteverify';
const BAD_REQUEST = '{"success": false, "error-codes": ["invalid-request"]}';
const BAD_RESPONSE = '{"success": false, "error-codes": ["invalid-response"]}';
private $socket;
public function __construct(ReCaptchaSocket $socket = null)
{
if (!is_null($socket)) {
$this->socket = $socket;
} else {
$this->socket = new ReCaptchaSocket();
}
}
/**
* Submit the POST request with the specified parameters.
*
* @param ReCaptchaRequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
public function submit(ReCaptchaRequestParameters $params)
{
$errno = 0;
$errstr = '';
if (false === $this->socket->fsockopen('ssl://' . self::RECAPTCHA_HOST, 443, $errno, $errstr, 30)) {
return self::BAD_REQUEST;
}
$content = $params->toQueryString();
$request = "POST " . self::SITE_VERIFY_PATH . " HTTP/1.1\r\n";
$request .= "Host: " . self::RECAPTCHA_HOST . "\r\n";
$request .= "Content-Type: application/x-www-form-urlencoded\r\n";
$request .= "Content-length: " . strlen($content) . "\r\n";
$request .= "Connection: close\r\n\r\n";
$request .= $content . "\r\n\r\n";
$this->socket->fwrite($request);
$response = '';
while (!$this->socket->feof()) {
$response .= $this->socket->fgets(4096);
}
$this->socket->fclose();
if (0 !== strpos($response, 'HTTP/1.1 200 OK')) {
return self::BAD_RESPONSE;
}
$parts = preg_split("#\n\s*\n#Uis", $response);
return $parts[1];
}
}
class ReCaptcha
{
private static $_signupUrl = 'https://www.google.com/recaptcha/admin';
const VERSION = 'php_1.1.2';
private $secret;
private $requestMethod;
/**
* Constructor.
*
* @param string $secret shared secret between site and ReCAPTCHA server.
*/
public function __construct($secret , ReCaptchaRequestMethod $requestMethod = null)
{
if ($secret == null || $secret == '') {
die('To use reCAPTCHA you must get an API key from <a href="' . self::$_signupUrl . '">' . self::$_signupUrl . '</a>');
}
if (!is_string($secret)) {
die('The provided secret must be a string');
}
$this->secret = $secret;
if (!is_null($requestMethod)) {
$this->requestMethod = $requestMethod;
} else {
$this->requestMethod = new ReCaptchaGetRequestMethod();
}
}
/**
......@@ -112,16 +323,11 @@ class ReCaptcha
return $recaptchaResponse;
}
$getResponse = $this->_submitHttpGet(
self::$_siteVerifyUrl,
array(
'secret' => $this->_secret,
'remoteip' => $remoteIp,
'v' => self::$_version,
'response' => $response
)
);
$answers = json_decode($getResponse, true);
$params = new ReCaptchaRequestParameters($this->secret, $response, $remoteIp, self::VERSION);
$rawResponse = $this->requestMethod->submit($params);
$answers = json_decode($rawResponse, true);
$recaptchaResponse = new ReCaptchaResponse();
if (trim($answers['success']) == true) {
......
qa-theme/Candy/qa-styles.css
......@@ -308,6 +308,7 @@ h2 {font-size:22px; color:#c659ab; padding-top:12px; clear:both;}
/* Question view */
.qa-q-view-content, .qa-a-item-content, .qa-c-item-content {word-break: break-word;}
.qa-q-view {padding-left:10px; padding-top:10px;}
.qa-q-view-main {float:left; width:550px; padding-left:10px;}
.qa-q-view-content {font-size:16px; margin-bottom:16px;}
......@@ -445,10 +446,11 @@ h2 {font-size:22px; color:#c659ab; padding-top:12px; clear:both;}
.qa-nav-cat-favorited {margin-left:-20px;}
.qa-tag-favorited, .qa-cat-favorited, .qa-cat-parent-favorited, .qa-user-favorited {background-position: left center; padding-left:19px;}
/* Plugins */
/* Miscellaneous */
[class^="qa-part-form-plugin"] {margin-top: 10px;}
.qa-part-form-plugin-0, .qa-part-form-plugin-options {margin-top: 0;}
.qa-part-form-profile .qa-form-wide-data {word-break: break-word;}
/* IE6 friendly versions of icons with binary alpha channel */
......
qa-theme/Classic/qa-styles.css
......@@ -284,6 +284,7 @@ h2 {font-size:16px; padding-top:12px; clear:both;}
/* Question view */
.qa-q-view-content, .qa-a-item-content, .qa-c-item-content {word-break: break-word;}
.qa-q-view-stats {float:left;}
.qa-q-view-main {float:left; width:600px;}
.qa-q-view-content {font-size:14px; margin-bottom:16px;}
......@@ -316,6 +317,7 @@ h2 {font-size:16px; padding-top:12px; clear:both;}
/* Answer view */
.qa-a-list-item {margin-bottom:40px; zoom:1; padding-bottom:1px;} /* zoom for IE, padding for early FF */
.qa-a-list-item:target{-webkit-animation: highlight 2s ease-in-out; animation: highlight 2s ease-in-out;}
.qa-a-list-item-hidden {}
.qa-a-list-item-hidden .qa-voting {background:#FFF; border:1px solid #ccc; color:#ccc;}
.qa-a-list-item-hidden .qa-a-item-content {color:#999;}
......@@ -354,6 +356,7 @@ h2 {font-size:16px; padding-top:12px; clear:both;}
/* Comments */
.qa-c-list-item {border-bottom:1px dotted #666; padding:6px; padding-right:0;}
.qa-c-list-item:target {-webkit-animation: highlight 2s ease-in-out; animation: highlight 2s ease-in-out;}
.qa-c-item-hidden {}
.qa-c-item-hidden .qa-c-item-content {color:#bbb;}
.qa-c-item-hidden .qa-c-item-link {color:#aaf;}
......@@ -418,8 +421,18 @@ h2 {font-size:16px; padding-top:12px; clear:both;}
.qa-cat-favorited, .qa-cat-parent-favorited, .qa-user-favorited {background-position: left center; padding-left:17px;}
.qa-nav-cat-favorited {margin-left:-18px;}
/* Plugins */
/* Miscellaneous */
[class^="qa-part-form-plugin"] {margin-top: 10px;}
.qa-part-form-plugin-0 {margin-top: 0;}
.qa-part-form-plugin-options {margin-top: -1px;}
.qa-part-form-profile .qa-form-wide-data {word-break: break-word;}
@-webkit-keyframes highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
@keyframes highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
qa-theme/Snow/qa-styles.css
......@@ -1770,6 +1770,13 @@ a.qa-browse-cat-link:visited {
}
/* Question view */
.qa-q-view-content,
.qa-a-item-content,
.qa-c-item-content {
word-break: break-word;
}
.qa-q-view {
padding-left: 10px;
padding-top: 10px;
......@@ -1904,6 +1911,10 @@ a.qa-browse-cat-link:visited {
border-bottom: 1px solid #ccc;
min-height: 108px; /* prevent tick icon being hidden */
}
.qa-a-list-item:target {
-webkit-animation: highlight 2s ease-in-out;
animation: highlight 2s ease-in-out;
}
/* zoom for IE, padding for early FF */
.qa-a-list-item-selected {
......@@ -2050,6 +2061,10 @@ a.qa-browse-cat-link:visited {
border-bottom: 1px solid #ccc;
padding: 8px 0 8px 8px;
}
.qa-c-list-item:target {
-webkit-animation: highlight 2s ease-in-out;
animation: highlight 2s ease-in-out;
}
.qa-c-list-item:nth-child(odd) {
background: #fafafa;
......@@ -2511,6 +2526,9 @@ a.qa-browse-cat-link:visited {
-moz-box-sizing: border-box;
box-sizing: border-box;
}
.qa-template-user .qa-part-form-profile .qa-form-wide-data {
word-break: break-word;
}
.qa-template-user .qa-part-form-activity td .qa-uf-user-points,
.qa-template-user .qa-part-form-activity td .qa-uf-user-q-posts,
......@@ -2538,3 +2556,12 @@ a.qa-browse-cat-link:visited {
padding-top: 0;
border-top: 0;
}
@-webkit-keyframes highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
@keyframes highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
qa-theme/SnowFlat/fonts/LICENSE-Ubuntu.txt 0 → 100755
-------------------------------
UBUNTU FONT LICENCE Version 1.0
-------------------------------
PREAMBLE
This licence allows the licensed fonts to be used, studied, modified and
redistributed freely. The fonts, including any derivative works, can be
bundled, embedded, and redistributed provided the terms of this licence
are met. The fonts and derivatives, however, cannot be released under
any other licence. The requirement for fonts to remain under this
licence does not require any document created using the fonts or their
derivatives to be published under this licence, as long as the primary
purpose of the document is not to be a vehicle for the distribution of
the fonts.
DEFINITIONS
"Font Software" refers to the set of files released by the Copyright
Holder(s) under this licence and clearly marked as such. This may
include source files, build scripts and documentation.
"Original Version" refers to the collection of Font Software components
as received under this licence.
"Modified Version" refers to any derivative made by adding to, deleting,
or substituting -- in part or in whole -- any of the components of the
Original Version, by changing formats or by porting the Font Software to
a new environment.
"Copyright Holder(s)" refers to all individuals and companies who have a
copyright ownership of the Font Software.
"Substantially Changed" refers to Modified Versions which can be easily
identified as dissimilar to the Font Software by users of the Font
Software comparing the Original Version with the Modified Version.
To "Propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification and with or without charging
a redistribution fee), making available to the public, and in some
countries other activities as well.
PERMISSION & CONDITIONS
This licence does not grant any rights under trademark law and all such
rights are reserved.
Permission is hereby granted, free of charge, to any person obtaining a
copy of the Font Software, to propagate the Font Software, subject to
the below conditions:
1) Each copy of the Font Software must contain the above copyright
notice and this licence. These can be included either as stand-alone
text files, human-readable headers or in the appropriate machine-
readable metadata fields within text or binary files as long as those
fields can be easily viewed by the user.
2) The font name complies with the following:
(a) The Original Version must retain its name, unmodified.
(b) Modified Versions which are Substantially Changed must be renamed to
avoid use of the name of the Original Version or similar names entirely.
(c) Modified Versions which are not Substantially Changed must be
renamed to both (i) retain the name of the Original Version and (ii) add
additional naming elements to distinguish the Modified Version from the
Original Version. The name of such Modified Versions must be the name of
the Original Version, with "derivative X" where X represents the name of
the new work, appended to that name.
3) The name(s) of the Copyright Holder(s) and any contributor to the
Font Software shall not be used to promote, endorse or advertise any
Modified Version, except (i) as required by this licence, (ii) to
acknowledge the contribution(s) of the Copyright Holder(s) or (iii) with
their explicit written permission.
4) The Font Software, modified or unmodified, in part or in whole, must
be distributed entirely under this licence, and must not be distributed
under any other licence. The requirement for fonts to remain under this
licence does not affect any document created using the Font Software,
except any version of the Font Software extracted from a document
created using the Font Software may only be distributed under this
licence.
TERMINATION
This licence becomes null and void if any of the above conditions are
not met.
DISCLAIMER
THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF
COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT. IN NO EVENT SHALL THE
COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL
DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM OTHER
DEALINGS IN THE FONT SOFTWARE.
qa-theme/SnowFlat/fonts/ubuntu.css 0 → 100644
@font-face {
font-family: 'Ubuntu'; font-weight: 400; font-style: normal;
src: local('Ubuntu'), local('Ubuntu-regular'),
url('Ubuntu-regular.woff') format('woff');
}
@font-face {
font-family: 'Ubuntu'; font-weight: 700; font-style: normal;
src: local('Ubuntu Bold'), local('Ubuntu-700'),
url('Ubuntu-700.woff') format('woff');
}
@font-face {
font-family: 'Ubuntu'; font-weight: 400; font-style: italic;
src: local('Ubuntu Italic'), local('Ubuntu-italic'),
url('Ubuntu-italic.woff') format('woff');
}
@font-face {
font-family: 'Ubuntu'; font-weight: 700; font-style: italic;
src: local('Ubuntu Bold Italic'), local('Ubuntu-700italic'),
url('Ubuntu-700italic.woff') format('woff');
}
qa-theme/SnowFlat/qa-styles.css
......@@ -15,7 +15,7 @@
.qa-template-admin .qa-message-buttons,
.qa-q-item-avatar-meta, .qa-message-item,
.qa-q-view, .qa-part-q-view, .qa-q-view-content, .qa-q-view-buttons, .qa-part-form-q-edit,
.qa-a-list-item, .qa-a-item-buttons,
.qa-a-list-item, .qa-a-item-buttons, .qa-a-item-content,
.qa-c-item-buttons, .qa-c-item-clear,
.qam-footer-row, .qam-qa-list-meta-box,
.qa-nav-footer-list, .qa-footer-clear {
......@@ -28,7 +28,7 @@
.qa-template-admin .qa-message-buttons:after,
.qa-q-item-avatar-meta:after, .qa-message-item:after,
.qa-q-view:after, .qa-part-q-view:after, .qa-q-view-content:after, .qa-q-view-buttons:after, .qa-part-form-q-edit:after,
.qa-a-list-item:after, .qa-a-item-buttons:after,
.qa-a-list-item:after, .qa-a-item-buttons:after, .qa-a-item-content:after,
.qa-c-item-buttons:after, .qa-c-item-clear:after,
.qam-footer-row:after, .qam-qa-list-meta-box:after,
.qa-nav-footer-list:after, .qa-footer-clear:after {
......@@ -37,10 +37,17 @@
clear: both;
}
/*------[ web fonts ]------*/
@font-face {
font-family: "fontello";
src: url("font/fontello.eot?2559038") format("embedded-opentype"), url("font/fontello.eot?2559038#iefix") format("embedded-opentype"), url("font/fontello.woff?2559038") format("woff"), url("font/fontello.ttf?2559038") format("truetype"), url("font/fontello.svg?2559038#fontello") format("svg");
src: url("fonts/fontello.eot?2559038") format("embedded-opentype"),
url("fonts/fontello.eot?2559038#iefix") format("embedded-opentype"),
url("fonts/fontello.woff?2559038") format("woff"),
url("fonts/fontello.ttf?2559038") format("truetype"),
url("fonts/fontello.svg?2559038#fontello") format("svg");
}
/*------[ base css ]------*/
html {
font-size: 16px;
......@@ -704,6 +711,8 @@ blockquote p {
display: block;
cursor: pointer;
min-width: 60px;
min-height: 55px;
max-width: 80px;
padding: 2px;
background-color: #34495e;
text-align: center;
......@@ -735,6 +744,8 @@ blockquote p {
.qam-account-handle {
font-size: 12px;
line-height: 1.8;
overflow: hidden;
text-overflow: ellipsis;
}
.qam-account-items .qa-form-tall-button-login {
......@@ -895,9 +906,6 @@ blockquote p {
}
}
.qam-title-rss {
float: right;
color: #ecf0f1;
......@@ -909,69 +917,44 @@ blockquote p {
width: auto !important;
}
.entry-content table, .qa-c-item-content table {
.qa-q-view-content,
.qa-a-item-content,
.qa-c-item-content {
word-break: break-word;
}
.qa-q-view-content table, .qa-a-item-content table, .qa-c-item-content table {
width: 100%;
border-collapse: collapse;
border: 1px solid #ecf0f1;
font-size: 14px;
margin-bottom: 20px;
}
.entry-content tr:hover, .qa-c-item-content tr:hover {
.qa-q-view-content tr:hover, .qa-a-item-content tr:hover, .qa-c-item-content tr:hover {
background-color: #ecf0f1;
}
.entry-content th, .entry-content td, .qa-c-item-content th, .qa-c-item-content td {
.qa-q-view-content th, .qa-a-item-content th, .qa-c-item-content th,
.qa-q-view-content td, .qa-a-item-content td, .qa-c-item-content td {
padding: 10px;
border-width: 1px;
border-style: solid;
text-align: left;
}
.entry-content th, .qa-c-item-content th {
.qa-q-view-content th, .qa-a-item-content th, .qa-c-item-content th {
background-color: #bdc3c7;
border-color: #95a5a6;
font-weight: 700;
}
.entry-content td, .qa-c-item-content td {
.qa-q-view-content td, .qa-a-item-content td, .qa-c-item-content td {
border-color: #ecf0f1;
}
.entry-content ul, .qa-c-item-content ul {
margin: 20px 0 20px 20px;
padding: 0;
}
.entry-content ul > li, .qa-c-item-content ul > li {
list-style: none;
margin: .4em 0;
position: relative;
}
.entry-content ul > li:before, .qa-c-item-content ul > li:before {
font-family: "fontello";
font-style: normal;
font-weight: normal;
content: '\e82c';
position: absolute;
left: -1.6em;
top: 4px;
display: inline-block;
text-decoration: inherit;
width: 1em;
margin: 0 .2em;
text-align: center;
font-variant: normal;
text-transform: none;
line-height: 1em;
}
.entry-content ul > li > ul, .qa-c-item-content ul > li > ul {
margin: 0 0 0 20px;
}
.entry-content ol, .qa-c-item-content ol {
margin: 20px 0 20px 20px;
.qa-q-view-content ul, .qa-a-item-content ul, .qa-c-item-content ul,
.qa-q-view-content ol, .qa-a-item-content ol, .qa-c-item-content ol {
margin-left: 20px;
padding: 0;
}
.entry-content ol > li, .qa-c-item-content ol > li {
margin: .4em 0;
}
.entry-content ol > li > ol, .qa-c-item-content ol > li > ol {
margin: 0 0 0 20px;
}
.qa-waiting {
background: url('images/spinner-icon-14x14.gif?1410117644') no-repeat center;
......@@ -1467,7 +1450,8 @@ blockquote p {
}
.qa-template-admin .qa-q-item-content {
font-size: 0.75em;
line-height: 2em;
max-height: 150px;
overflow-y: auto;
}
.qa-template-admin .qa-q-item-avatar-meta {
border-top: 1px solid #ecf0f1;
......@@ -1995,6 +1979,9 @@ input[type="submit"], button {
width: auto;
}
.qa-part-form-profile .qa-form-wide-data {
word-break: break-word;
}
.qa-part-form-profile .qa-form-tall-image {
text-align: center;
}
......@@ -2485,6 +2472,11 @@ input[type="submit"], button {
position: relative;
min-height: 190px;
}
/* highlight selected answer */
.qa-a-list-item:target{
-webkit-animation: answer-highlight 2s ease-in-out;
animation: answer-highlight 2s ease-in-out;
}
.qa-a-item-avatar-meta {
font-size: 12px;
......@@ -2617,6 +2609,12 @@ input[type="submit"], button {
background-color: #f4f4f4;
position: relative;
}
/* highlight selected comment */
.qa-c-list-item:target {
-webkit-animation: comment-highlight 2s ease-in-out;
animation: comment-highlight 2s ease-in-out;
}
.qa-c-list-item .qa-form-light-button {
padding: 10px 15px;
background: #bdc3c7 none center no-repeat;
......@@ -3614,3 +3612,21 @@ input[type="submit"], button {
.icon-reply:before {
content: '\e82e';
}
@-webkit-keyframes answer-highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
@keyframes answer-highlight {
0% { background-color: #ffffaa; }
100% { background-color: #fff; }
}
@-webkit-keyframes comment-highlight {
0% { background-color: #ffffaa; }
100% { background-color: #f4f4f4; }
}
@keyframes comment-highlight {
0% { background-color: #ffffaa; }
100% { background-color: #f4f4f4; }
}
qa-theme/SnowFlat/qa-theme.php
......@@ -36,6 +36,9 @@ class qa_html_theme extends qa_html_theme_base
{
protected $theme = 'snowflat';
// use local font files instead of Google Fonts
private $localfonts = true;
// theme subdirectories
private $js_dir = 'js';
private $icon_url = 'images/icons';
......@@ -44,7 +47,7 @@ class qa_html_theme extends qa_html_theme_base
private $welcome_widget_class = 'wet-asphalt';
private $ask_search_box_class = 'turquoise';
// Size of the user avatar in the navigation bar
private $nav_bar_avatar_size = 32;
private $nav_bar_avatar_size = 52;
/**
* Adding aditional meta for responsive design
......@@ -68,8 +71,11 @@ class qa_html_theme extends qa_html_theme_base
if ($this->isRTL)
$this->content['css_src'][] = $this->rooturl . 'qa-styles-rtl.css?' . QA_VERSION;
// add Ubuntu font CSS file
$this->content['css_src'][] = 'http://fonts.googleapis.com/css?family=Ubuntu:400,700,400italic,700italic';
// add Ubuntu font CSS file from Google Fonts
if ($this->localfonts)
$this->content['css_src'][] = $this->rooturl . 'fonts/ubuntu.css?' . QA_VERSION;
else
$this->content['css_src'][] = '//fonts.googleapis.com/css?family=Ubuntu:400,700,400italic,700italic';
parent::head_css();
......@@ -567,20 +573,23 @@ class qa_html_theme extends qa_html_theme_base
);
}
$auth_icon = strip_tags($tobar_avatar, '<img>');
$avatar = strip_tags($tobar_avatar, '<img>');
if (!empty($avatar))
$handle = '';
}
else {
// display login icon and label
$handle = $this->content['navigation']['user']['login']['label'];
$toggleClass = 'qam-logged-out';
$auth_icon = '<i class="icon-key qam-auth-key"></i>';
$avatar = '<i class="icon-key qam-auth-key"></i>';
}
// finally output avatar with div tag
$handleBlock = empty($handle) ? '' : '<div class="qam-account-handle">' . qa_html($handle) . '</div>';
$this->output(
'<div id="qam-account-toggle" class="' . $toggleClass . '">',
$auth_icon,
'<div class="qam-account-handle">' . qa_html($handle) . '</div>',
$avatar,
$handleBlock,
'</div>'
);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment