Skip to content

Q
question2answer
Commit 26f80b27 by Scott
Options

Update Google reCAPTCHA plugin 

Switch to new “no CAPTCHA”
parent 54dedd00
Showing with 76 additions and 53 deletions
qa-plugin/recaptcha-captcha/qa-recaptcha-captcha.php
......@@ -23,39 +23,56 @@
class qa_recaptcha_captcha
{
private $directory;
private $errorCodeMessages;
public function load_module($directory, $urltoroot)
{
$this->directory=$directory;
$this->directory = $directory;
// human-readable error messages (though these are not currently displayed anywhere)
$this->errorCodeMessages = array(
'missing-input-secret' => 'The secret parameter is missing.',
'invalid-input-secret' => 'The secret parameter is invalid or malformed.',
'missing-input-response' => 'The response parameter is missing.',
'invalid-input-response' => 'The response parameter is invalid or malformed.',
);
}
public function admin_form()
{
$saved=false;
$saved = false;
if (qa_clicked('recaptcha_save_button')) {
qa_opt('recaptcha_public_key', qa_post_text('recaptcha_public_key_field'));
qa_opt('recaptcha_private_key', qa_post_text('recaptcha_private_key_field'));
$saved=true;
$saved = true;
}
$form=array(
$pub = trim(qa_opt('recaptcha_public_key'));
$pri = trim(qa_opt('recaptcha_private_key'));
$error = null;
if (!strlen($pub) || !strlen($pri)) {
require_once $this->directory.'recaptchalib.php';
$error = 'To use reCAPTCHA, you must <a href="'.qa_html(ReCaptcha::getSignupUrl()).'" target="_blank">sign up</a> to get these keys.';
}
$form = array(
'ok' => $saved ? 'reCAPTCHA settings saved' : null,
'fields' => array(
'public' => array(
'label' => 'reCAPTCHA public key:',
'value' => qa_opt('recaptcha_public_key'),
'value' => $pub,
'tags' => 'name="recaptcha_public_key_field"',
),
'private' => array(
'label' => 'reCAPTCHA private key:',
'value' => qa_opt('recaptcha_private_key'),
'value' => $pri,
'tags' => 'name="recaptcha_private_key_field"',
'error' => $this->recaptcha_error_html(),
'error' => $error,
),
),
......@@ -70,67 +87,73 @@ class qa_recaptcha_captcha
return $form;
}
public function recaptcha_error_html()
{
if (!function_exists('fsockopen'))
return 'To use reCAPTCHA, the fsockopen() PHP function must be enabled on your server. Please check with your system administrator.';
elseif ( (!strlen(trim(qa_opt('recaptcha_public_key')))) || (!strlen(trim(qa_opt('recaptcha_private_key')))) ) {
require_once $this->directory.'recaptchalib.php';
$url=recaptcha_get_signup_url(@$_SERVER['HTTP_HOST'], qa_opt('site_title'));
return 'To use reCAPTCHA, you must <a href="'.qa_html($url).'">sign up</a> to get these keys.';
}
return null;
}
/**
* Only allow reCAPTCHA if the keys are set up (new reCAPTCHA has no special requirements)
*/
public function allow_captcha()
{
return function_exists('fsockopen') && strlen(trim(qa_opt('recaptcha_public_key'))) && strlen(trim(qa_opt('recaptcha_private_key')));
}
$pub = trim(qa_opt('recaptcha_public_key'));
$pri = trim(qa_opt('recaptcha_private_key'));
return strlen($pub) && strlen($pri);
}
/**
* Return HTML for reCAPTCHA, including non-JS fallback. New reCAPTCHA auto-detects the user's language.
*/
public function form_html(&$qa_content, $error)
{
require_once $this->directory.'recaptchalib.php';
$language=qa_opt('site_language');
if (strpos('|en|nl|fr|de|pt|ru|es|tr|', '|'.$language.'|')===false) // supported as of 3/2010
$language='en';
$qa_content['script_lines'][]=array(
"var RecaptchaOptions={",
"\ttheme:'white',",
"\tlang:".qa_js($language),
"};",
$pub = qa_opt('recaptcha_public_key');
$htmlLines = array(
// currently we cannot add async/defer attributes via $qa_content so we insert script here
'<script src="https://www.google.com/recaptcha/api.js" async defer></script>',
'<div class="g-recaptcha" data-sitekey="'.$pub.'"></div>',
// non-JS falback
'<noscript>',
' <div style="width: 302px; height: 352px;">',
' <div style="width: 302px; height: 352px; position: relative;">',
' <div style="width: 302px; height: 352px; position: absolute;">',
' <iframe src="https://www.google.com/recaptcha/api/fallback?k='.$pub.'"',
' frameborder="0" scrolling="no"',
' style="width: 302px; height:352px; border-style: none;">',
' </iframe>',
' </div>',
' <div style="width: 250px; height: 80px; position: absolute; border-style: none;',
' bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">',
' <textarea id="g-recaptcha-response" name="g-recaptcha-response"',
' class="g-recaptcha-response"',
' style="width: 250px; height: 80px; border: 1px solid #c1c1c1;',
' margin: 0px; padding: 0px; resize: none;" value=""></textarea>',
' </div>',
' </div>',
' </div>',
'</noscript>',
);
return recaptcha_get_html(qa_opt('recaptcha_public_key'), $error, qa_is_https_probably());
return implode("\n", $htmlLines);
}
/**
* Check that the CAPTCHA was entered correctly. reCAPTCHA sets a long string in 'g-recaptcha-response'
* when the CAPTCHA is completed; we check that with the reCAPTCHA API.
*/
public function validate_post(&$error)
{
if ( (!empty($_POST['recaptcha_challenge_field'])) && (!empty($_POST['recaptcha_response_field'])) ) {
require_once $this->directory.'recaptchalib.php';
require_once $this->directory.'recaptchalib.php';
$answer=recaptcha_check_answer(
qa_opt('recaptcha_private_key'),
qa_remote_ip_address(),
$_POST['recaptcha_challenge_field'],
$_POST['recaptcha_response_field']
);
$recaptcha = new ReCaptcha(qa_opt('recaptcha_private_key'));
$remoteIp = qa_remote_ip_address();
$userResponse = qa_post_text('g-recaptcha-response');
if ($answer->is_valid)
return true;
$recResponse = $recaptcha->verifyResponse($remoteIp, $userResponse);
$error=@$answer->error;
foreach ($recResponse->errorCodes as $code) {
if (isset($this->errorCodeMessages[$code]))
$error .= $this->errorCodeMessages[$code] . "\n";
}
return false;
return $recResponse->success;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment