Vergleich inc/class_captcha.php - 1.8.1 - 1.8.25

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 39Zeile 39
	 * Type of CAPTCHA.
*
* 1 = Default CAPTCHA

	 * Type of CAPTCHA.
*
* 1 = Default CAPTCHA

	 * 2 = reCAPTCHA
* 3 = Are You a Human




	 * 4 = NoCATPCHA reCAPTCHA
* 5 = reCAPTCHA invisible
* 6 = hCaptcha
* 7 = hCaptcha invisible
* 8 = reCAPTCHA v3

	 *
* @var int
*/

	 *
* @var int
*/

Zeile 51Zeile 54
	 *
* @var string
*/

	 *
* @var string
*/

	 public $captch_template = '';

	 public $captcha_template = '';


/**
* CAPTCHA Server URL


/**
* CAPTCHA Server URL

Zeile 61Zeile 64
	public $server = '';

/**

	public $server = '';

/**

	 * CAPTCHA Secure Server URL
*
* @var string
*/
public $secure_server = '';

/**
* CAPTCHA Verify Server

	 * CAPTCHA Verify Server








	 *
* @var string
*/
public $verify_server = '';

	 *
* @var string
*/
public $verify_server = '';


/**
* Are You a Human configuration
*
* @var string
*/
public $ayah_web_service_host = '';
public $ayah_publisher_key = '';
public $ayah_scoring_key = '';
public $ayah_debug_mode = '';
public $ayah_use_curl = '';

 

/**
* HTML of the built CAPTCHA
*
* @var string


/**
* HTML of the built CAPTCHA
*
* @var string

	 */

	 */

	public $html = '';

/**

	public $html = '';

/**

Zeile 98Zeile 83
	 * @var array
*/
public $errors = array();

	 * @var array
*/
public $errors = array();








/**
* @param bool $build
* @param string $template
*/

	function __construct($build = false, $template = "")
{

	function __construct($build = false, $template = "")
{

		global $mybb;

		global $mybb, $plugins;


$this->type = $mybb->settings['captchaimage'];


$this->type = $mybb->settings['captchaimage'];

 

$args = array(
'this' => &$this,
'build' => &$build,
'template' => &$template,
);

$plugins->run_hooks('captcha_build_start', $args);


// Prepare the build template
if($template)
{
$this->captcha_template = $template;



// Prepare the build template
if($template)
{
$this->captcha_template = $template;


			if($this->type == 2)

			if($this->type == 4)

			{

			{

				$this->captcha_template .= "_recaptcha";

				$this->captcha_template .= "_nocaptcha";

			}

			}

			else if($this->type == 3)

			elseif($this->type == 5)

			{

			{

				$this->captcha_template .= "_ayah";













				$this->captcha_template .= "_recaptcha_invisible";
}
elseif($this->type == 6)
{
$this->captcha_template .= "_hcaptcha";
}
elseif($this->type == 7)
{
$this->captcha_template .= "_hcaptcha_invisible";
}
elseif($this->type == 8)
{
$this->captcha_template .= "_recaptcha_invisible";

			}
}

// Work on which CAPTCHA we've got installed

			}
}

// Work on which CAPTCHA we've got installed

		if($this->type == 3 && $mybb->settings['ayahpublisherkey'] && $mybb->settings['ayahscoringkey'])
{
// We want to use Are You a Human, set configuration options
$this->ayah_web_service_host = "ws.areyouahuman.com";
$this->ayah_publisher_key = $mybb->settings['ayahpublisherkey'];
$this->ayah_scoring_key = $mybb->settings['ayahscoringkey'];
$this->ayah_debug_mode = false;
$this->ayah_use_curl = true;









		if(in_array($this->type, array(4, 5, 8)) && $mybb->settings['recaptchapublickey'] && $mybb->settings['recaptchaprivatekey'])
{
// We want to use noCAPTCHA or reCAPTCHA invisible, set the server options
$this->server = "//www.google.com/recaptcha/api.js";
$this->verify_server = "https://www.google.com/recaptcha/api/siteverify";

if($build == true)
{
$this->build_recaptcha();
}
}
elseif(in_array($this->type, array(6, 7)) && $mybb->settings['hcaptchapublickey'] && $mybb->settings['hcaptchaprivatekey'])
{
// We want to use hCaptcha or hCaptcha invisible, set the server options
$this->server = "//www.hcaptcha.com/1/api.js";
$this->verify_server = "https://hcaptcha.com/siteverify";


if($build == true)


if($build == true)

			{
$this->build_ayah();

			{
$this->build_hcaptcha();

			}
}

			}
}

		else if($this->type == 2 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])
{
// We want to use reCAPTCHA, set the server options
$this->server = "http://www.google.com/recaptcha/api";
$this->secure_server = "https://www.google.com/recaptcha/api";
$this->verify_server = "www.google.com";

if($build == true)
{
$this->build_recaptcha();
}
}
else if($this->type == 1)

		elseif($this->type == 1)













		{
if(!function_exists("imagecreatefrompng"))
{
// We want to use the default CAPTCHA, but it's not installed

		{
if(!function_exists("imagecreatefrompng"))
{
// We want to use the default CAPTCHA, but it's not installed

				return false;

				return;

			}

			}

			else if($build == true)

			elseif($build == true)

			{
$this->build_captcha();

			{
$this->build_captcha();

			}
}

// Plugin hook
}





			}
}

$plugins->run_hooks('captcha_build_end', $args);
}

/**
* @param bool $return Not used
*/

	function build_captcha($return = false)

	function build_captcha($return = false)

	{

	{

		global $db, $lang, $templates, $theme, $mybb;

// This will build a MyBB CAPTCHA

		global $db, $lang, $templates, $theme, $mybb;

// This will build a MyBB CAPTCHA

Zeile 188Zeile 196

// This will build a reCAPTCHA
$server = $this->server;


// This will build a reCAPTCHA
$server = $this->server;

		$public_key = $mybb->settings['captchapublickey'];

if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
{
// Use secure server if HTTPS
$server = $this->secure_server;
}

		$public_key = $mybb->settings['recaptchapublickey'];








eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");


eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");

	}

function build_ayah()
{
global $lang, $mybb, $templates;

define('AYAH_PUBLISHER_KEY', $this->ayah_publisher_key);
define('AYAH_SCORING_KEY', $this->ayah_scoring_key);
define('AYAH_USE_CURL', $this->ayah_use_curl);
define('AYAH_DEBUG_MODE', $this->ayah_debug_mode);
define('AYAH_WEB_SERVICE_HOST', $this->ayah_web_service_host);

require_once MYBB_ROOT."inc/3rdparty/ayah/ayah.php";
$ayah = new AYAH();
$output = $ayah->getPublisherHTML();

if(!empty($output))
{
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_ayah")."\";");
}
}

	}

function build_hcaptcha()
{
global $lang, $mybb, $templates;

// This will build a hCaptcha
$server = $this->server;
$public_key = $mybb->settings['hcaptchapublickey'];
$captcha_theme = $mybb->settings['hcaptchatheme'];
$captcha_size = $mybb->settings['hcaptchasize'];

eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
}













 
	/**
* @return string
*/

	function build_hidden_captcha()
{

	function build_hidden_captcha()
{

		global $db, $mybb, $templates;


		global $db, $mybb, $templates;


		$field = array();

if($this->type == 1)

		$field = array();

if($this->type == 1)

		{

		{

			// Names
$hash = "imagehash";
$string = "imagestring";

			// Names
$hash = "imagehash";
$string = "imagestring";





			// Values
$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);

			// Values
$field['hash'] = $db->escape_string($mybb->input['imagehash']);
$field['string'] = $db->escape_string($mybb->input['imagestring']);

		}
else if($this->type == 2)
{
// Names
$hash = "recaptcha_challenge_field";
$string = "recaptcha_response_field";

// Values
$field['hash'] = $mybb->input['recaptcha_challenge_field'];
$field['string'] = $mybb->input['recaptcha_response_field'];
}
else if($this->type == 3)

		}
elseif($this->type == 3)











		{
// Are You a Human can't be built as a hidden captcha

		{
// Are You a Human can't be built as a hidden captcha

			continue;

			return '';

		}

		}





		eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;
}


		eval("\$this->html = \"".$templates->get("post_captcha_hidden")."\";");
return $this->html;
}


 
	/**
* @return bool
*/

	function validate_captcha()
{

	function validate_captcha()
{

		global $db, $lang, $mybb;

		global $db, $lang, $mybb, $session, $plugins;





		// Plugin hook

		$plugins->run_hooks('captcha_validate_start', $this);


if($this->type == 1)
{


if($this->type == 1)
{

Zeile 269Zeile 259
			$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));


			$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));


			$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND LOWER(imagestring) = '{$imagestring}'");












			switch($db->type)
{
case 'mysql':
case 'mysqli':
$field = 'imagestring';
break;
default:
$field = 'LOWER(imagestring)';
break;
}

$query = $db->simple_select("captcha", "*", "imagehash = '{$imagehash}' AND {$field} = '{$imagestring}'");

			$imgcheck = $db->fetch_array($query);

if(!$imgcheck)

			$imgcheck = $db->fetch_array($query);

if(!$imgcheck)

			{

			{

				$this->set_error($lang->invalid_captcha_verify);
$db->delete_query("captcha", "imagehash = '{$imagehash}'");

				$this->set_error($lang->invalid_captcha_verify);
$db->delete_query("captcha", "imagehash = '{$imagehash}'");

			}




































































			}
}
elseif(in_array($this->type, array(4, 5)))
{
$response = $mybb->input['g-recaptcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_nocaptcha);
}
else
{
// We have a noCAPTCHA or reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'remoteip' => $session->ipaddress,
'response' => $response
));

if($response == false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);
}
else
{
$answer = json_decode($response, true);

if($answer['success'] != 'true')
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);
}
}
}
}
elseif($this->type == 8)
{
$response = $mybb->input['g-recaptcha-response'];
if(!$response || strlen($response) == 0)
{
$this->set_error($lang->invalid_nocaptcha);
}
else
{
// We have a reCAPTCHA invisible to handle
// Contact Google and see if our reCAPTCHA was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['recaptchaprivatekey'],
'score' => $mybb->settings['recaptchascore'],
'remoteip' => $session->ipaddress,
'response' => $response
));

if($response === false)
{
$this->set_error($lang->invalid_nocaptcha_transmit);
}
else
{
$answer = json_decode($response, true);

if($answer['success'] != 'true' || $answer['score'] < $mybb->settings['recaptchascore'])
{
// We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);
}
}
}

		}

		}

		elseif($this->type == 2)

		elseif(in_array($this->type, array(6, 7)))

		{

		{

			$challenge = $mybb->input['recaptcha_challenge_field'];
$response = $mybb->input['recaptcha_response_field'];

if(!$challenge || strlen($challenge) == 0 || !$response || strlen($response) == 0)

			$response = $mybb->input['h-captcha-response'];
if(!$response || strlen($response) == 0)



			{

			{

				$this->set_error($lang->invalid_captcha);

				$this->set_error($lang->invalid_hcaptcha);

			}
else
{

			}
else
{

				// We have a reCAPTCHA to handle
$data = $this->_qsencode(array(
'privatekey' => $mybb->settings['captchaprivatekey'],


				// We have an hCaptcha or hCaptcha invisible to handle
// Contact hCaptcha and see if our hCaptcha was successful
$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['hcaptchaprivatekey'],

					'remoteip' => $session->ipaddress,

					'remoteip' => $session->ipaddress,

					'challenge' => $challenge,

 
					'response' => $response
));


					'response' => $response
));


				// Contact Google and see if our reCAPTCHA was successful
$http_request = "POST /recaptcha/api/verify HTTP/1.0\r\n";
$http_request .= "Host: $this->verify_server\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: ".strlen($data)."\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $data;

$fs = @fsockopen($this->verify_server, 80, $errno, $errstr, 10);

if($fs == false)

				if($response == false)












				{

				{

					$this->set_error($lang->invalid_captcha_transmit);

					$this->set_error($lang->invalid_hcaptcha_transmit);

				}
else
{

				}
else
{

					// We connected, but is it correct?
fwrite($fs, $http_request);

while(!feof($fs))
{
$response .= fgets($fs, 1160);
}

fclose($fs);

$response = explode("\r\n\r\n", $response, 2);
$answer = explode("\n", $response[1]);

if(trim($answer[0]) != 'true')

					$answer = json_decode($response, true);
if($answer['success'] != 'true')













					{
// We got it wrong! Oh no...

					{
// We got it wrong! Oh no...

						$this->set_error($lang->invalid_captcha_verify);

						$this->set_error($lang->invalid_hcaptcha);

					}
}
}
}

					}
}
}
}

		elseif($this->type == 3)
{
define('AYAH_PUBLISHER_KEY', $this->ayah_publisher_key);
define('AYAH_SCORING_KEY', $this->ayah_scoring_key);
define('AYAH_USE_CURL', $this->ayah_use_curl);
define('AYAH_DEBUG_MODE', $this->ayah_debug_mode);
define('AYAH_WEB_SERVICE_HOST', $this->ayah_web_service_host);

require_once MYBB_ROOT."inc/3rdparty/ayah/ayah.php";
$ayah = new AYAH();

$result = $ayah->scoreResult();

if($result == false)
{
$this->set_error($lang->invalid_ayah_result);
}
}

// Plugin hook

		$plugins->run_hooks('captcha_validate_end', $this);





















if(count($this->errors) > 0)
{


if(count($this->errors) > 0)
{

Zeile 368Zeile 392

function invalidate_captcha()
{


function invalidate_captcha()
{

		global $db, $mybb;

		global $db, $mybb, $plugins;


if($this->type == 1)
{


if($this->type == 1)
{

Zeile 381Zeile 405
		}
// Not necessary for reCAPTCHA or Are You a Human


		}
// Not necessary for reCAPTCHA or Are You a Human


		// Plugin hook

		$plugins->run_hooks('captcha_invalidate_end', $this);

	}

/**
* Add an error to the error array.

	}

/**
* Add an error to the error array.

 
	 *
* @param string $error
* @param string $data

	 */
function set_error($error, $data='')

	 */
function set_error($error, $data='')

	{

	{

		$this->errors[$error] = array(
"error_code" => $error,
"data" => $data
);
}

		$this->errors[$error] = array(
"error_code" => $error,
"data" => $data
);
}





	/**
* Returns the error(s) that occurred when handling data
* in a format that MyBB can handle.
*

	/**
* Returns the error(s) that occurred when handling data
* in a format that MyBB can handle.
*

	 * @return An array of errors in a MyBB format.

	 * @return array An array of errors in a MyBB format.

	 */
function get_errors()
{
global $lang;

	 */
function get_errors()
{
global $lang;





$errors = array();

		foreach($this->errors as $error)
{
$lang_string = $error['error_code'];

if(!$lang_string)

		foreach($this->errors as $error)
{
$lang_string = $error['error_code'];

if(!$lang_string)

			{

			{

				if($lang->invalid_captcha_verify)
{
$lang_string = 'invalid_captcha_verify';

				if($lang->invalid_captcha_verify)
{
$lang_string = 'invalid_captcha_verify';

Zeile 419Zeile 447
				{
$lang_string = 'unknown_error';
}

				{
$lang_string = 'unknown_error';
}

			}

			}


if(!isset($lang->$lang_string))
{


if(!isset($lang->$lang_string))
{

Zeile 428Zeile 456
			}

if(!empty($error['data']) && !is_array($error['data']))

			}

if(!empty($error['data']) && !is_array($error['data']))

			{

			{

				$error['data'] = array($error['data']);
}


				$error['data'] = array($error['data']);
}


Zeile 446Zeile 474
		return $errors;
}


		return $errors;
}


 
	/**
* @param array $data
*
* @return string
*/

	private function _qsencode($data)
{
$req = '';

	private function _qsencode($data)
{
$req = '';