Vergleich inc/class_captcha.php - 1.8.15 - 1.8.30

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 39	Zeile 39
* Type of CAPTCHA. * * 1 = Default CAPTCHA	* Type of CAPTCHA. * * 1 = Default CAPTCHA
* 2 = reCAPTCHA
* 4 = NoCATPCHA reCAPTCHA	* 4 = NoCATPCHA reCAPTCHA
	* 5 = reCAPTCHA invisible * 6 = hCaptcha * 7 = hCaptcha invisible * 8 = reCAPTCHA v3
* * @var int / public $type = 0; /*	* * @var int / public $type = 0; /*
* The template to display the CAPTCHA in * * @var string	* CAPTCHA constants declaration * * @var int / const DEFAULT_CAPTCHA = 1; const NOCAPTCHA_RECAPTCHA = 4; const RECAPTCHA_INVISIBLE = 5; const HCAPTCHA = 6; const HCAPTCHA_INVISIBLE = 7; const RECAPTCHA_V3 = 8; /* * The template to display the CAPTCHA in * * @var string
*/ public $captcha_template = '';	*/ public $captcha_template = '';
Zeile 62	Zeile 77
/** * CAPTCHA Verify Server	/** * CAPTCHA Verify Server
*	*
* @var string */ public $verify_server = '';	* @var string */ public $verify_server = '';

/** * HTML of the built CAPTCHA *	/** * HTML of the built CAPTCHA *
Zeile 78	Zeile 93
* The errors that occurred when handling data. * * @var array	* The errors that occurred when handling data. * * @var array
*/	*/
public $errors = array(); /**	public $errors = array(); /**
Zeile 90	Zeile 105
global $mybb, $plugins; $this->type = $mybb->settings['captchaimage'];	global $mybb, $plugins; $this->type = $mybb->settings['captchaimage'];

$args = array( 'this' => &$this, 'build' => &$build,	$args = array( 'this' => &$this, 'build' => &$build,
Zeile 98	Zeile 113
); $plugins->run_hooks('captcha_build_start', $args);	); $plugins->run_hooks('captcha_build_start', $args);

// Prepare the build template if($template) { $this->captcha_template = $template;	// Prepare the build template if($template) { $this->captcha_template = $template;
if($this->type == 2)	if($this->type == captcha::NOCAPTCHA_RECAPTCHA)
{	{
$this->captcha_template .= "_recaptcha"; } elseif($this->type == 4){
$this->captcha_template .= "_nocaptcha"; }	$this->captcha_template .= "_nocaptcha"; }
elseif($this->type == 5){ $this->captcha_template .= "_recaptcha_invisible";	elseif($this->type == captcha::RECAPTCHA_INVISIBLE) { $this->captcha_template .= "_recaptcha_invisible"; } elseif($this->type == captcha::HCAPTCHA) { $this->captcha_template .= "_hcaptcha"; } elseif($this->type == captcha::HCAPTCHA_INVISIBLE) { $this->captcha_template .= "_hcaptcha_invisible";
}	}
}	elseif($this->type == captcha::RECAPTCHA_V3) { $this->captcha_template .= "_recaptcha_invisible"; } }
// Work on which CAPTCHA we've got installed	// Work on which CAPTCHA we've got installed
if($this->type == 2 && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey']) { // We want to use reCAPTCHA, set the server options $this->server = "//www.google.com/recaptcha/api"; $this->verify_server = "www.google.com"; if($build == true)	if(in_array($this->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3)) && $mybb->settings['recaptchapublickey'] && $mybb->settings['recaptchaprivatekey']) { // We want to use noCAPTCHA or reCAPTCHA invisible, set the server options $this->server = "//www.google.com/recaptcha/api.js"; $this->verify_server = "https://www.google.com/recaptcha/api/siteverify"; if($build == true)
{ $this->build_recaptcha(); } }	{ $this->build_recaptcha(); } }
elseif(in_array($this->type, array(4, 5)) && $mybb->settings['captchapublickey'] && $mybb->settings['captchaprivatekey'])	elseif(in_array($this->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE)) && $mybb->settings['hcaptchapublickey'] && $mybb->settings['hcaptchaprivatekey'])
{	{
// We want to use noCAPTCHA or reCAPTCHA invisible, set the server options $this->server = "//www.google.com/recaptcha/api.js"; $this->verify_server = "https://www.google.com/recaptcha/api/siteverify";	// We want to use hCaptcha or hCaptcha invisible, set the server options $this->server = "//www.hcaptcha.com/1/api.js"; $this->verify_server = "https://hcaptcha.com/siteverify";
if($build == true) {	if($build == true) {
$this->build_recaptcha();	$this->build_hcaptcha();
} }	} }
elseif($this->type == 1)	elseif($this->type == captcha::DEFAULT_CAPTCHA)
{ if(!function_exists("imagecreatefrompng")) {	{ if(!function_exists("imagecreatefrompng")) {
Zeile 183	Zeile 208
// This will build a reCAPTCHA $server = $this->server;	// This will build a reCAPTCHA $server = $this->server;
$public_key = $mybb->settings['captchapublickey'];	$public_key = $mybb->settings['recaptchapublickey'];
eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");	eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";");	//eval("\$this->html = \"".$templates->get("member_register_regimage_recaptcha")."\";"); } function build_hcaptcha() { global $lang, $mybb, $templates; // This will build a hCaptcha $server = $this->server; $public_key = $mybb->settings['hcaptchapublickey']; $captcha_theme = $mybb->settings['hcaptchatheme']; $captcha_size = $mybb->settings['hcaptchasize']; eval("\$this->html = \"".$templates->get($this->captcha_template, 1, 0)."\";");
}	}

/** * @return string */	/** * @return string */
Zeile 198	Zeile 236
$field = array();	$field = array();
if($this->type == 1) { // Names $hash = "imagehash"; $string = "imagestring"; // Values $field['hash'] = $db->escape_string($mybb->input['imagehash']); $field['string'] = $db->escape_string($mybb->input['imagestring']); } elseif($this->type == 2)	if($this->type == captcha::DEFAULT_CAPTCHA)
{ // Names	{ // Names
$hash = "recaptcha_challenge_field"; $string = "recaptcha_response_field";	$hash = "imagehash"; $string = "imagestring";
// Values	// Values
$field['hash'] = $mybb->input['recaptcha_challenge_field']; $field['string'] = $mybb->input['recaptcha_response_field'];	$field['hash'] = $db->escape_string($mybb->get_input('imagehash')); $field['string'] = $db->escape_string($mybb->get_input('imagestring'));
} elseif($this->type == 3) {	} elseif($this->type == 3) {
Zeile 237	Zeile 265
$plugins->run_hooks('captcha_validate_start', $this);	$plugins->run_hooks('captcha_validate_start', $this);
if($this->type == 1)	if($this->type == captcha::DEFAULT_CAPTCHA)
{ // We have a normal CAPTCHA to handle	{ // We have a normal CAPTCHA to handle
$imagehash = $db->escape_string($mybb->input['imagehash']); $imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));	$imagehash = $db->escape_string($mybb->get_input('imagehash')); $imagestring = $db->escape_string(my_strtolower($mybb->get_input('imagestring')));
switch($db->type) {	switch($db->type) {
Zeile 263	Zeile 291
$db->delete_query("captcha", "imagehash = '{$imagehash}'"); } }	$db->delete_query("captcha", "imagehash = '{$imagehash}'"); } }
elseif($this->type == 2)	elseif(in_array($this->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE)))
{	{
$challenge = $mybb->input['recaptcha_challenge_field']; $response = $mybb->input['recaptcha_response_field'];	$response = $mybb->get_input('g-recaptcha-response'); if(!$response \|\| strlen($response) == 0) { $this->set_error($lang->invalid_nocaptcha); } else { // We have a noCAPTCHA or reCAPTCHA invisible to handle // Contact Google and see if our reCAPTCHA was successful $response = fetch_remote_file($this->verify_server, array( 'secret' => $mybb->settings['recaptchaprivatekey'], 'remoteip' => $session->ipaddress, 'response' => $response )); if($response == false) { $this->set_error($lang->invalid_nocaptcha_transmit); } else { $answer = json_decode($response, true);

if(!$challenge \|\| strlen($challenge) == 0 \|\| !$response \|\| strlen($response) == 0)	if($answer['success'] != 'true') { // We got it wrong! Oh no... $this->set_error($lang->invalid_nocaptcha); } } } } elseif($this->type == captcha::RECAPTCHA_V3) { $response = $mybb->get_input('g-recaptcha-response'); if(!$response \|\| strlen($response) == 0)
{	{
$this->set_error($lang->invalid_captcha);	$this->set_error($lang->invalid_nocaptcha);
} else {	} else {
// We have a reCAPTCHA to handle $data = $this->_qsencode(array( 'privatekey' => $mybb->settings['captchaprivatekey'],	// We have a reCAPTCHA invisible to handle // Contact Google and see if our reCAPTCHA was successful $response = fetch_remote_file($this->verify_server, array( 'secret' => $mybb->settings['recaptchaprivatekey'], 'score' => $mybb->settings['recaptchascore'],
'remoteip' => $session->ipaddress,	'remoteip' => $session->ipaddress,
'challenge' => $challenge,
'response' => $response ));	'response' => $response ));
// Contact Google and see if our reCAPTCHA was successful $http_request = "POST /recaptcha/api/verify HTTP/1.0\r\n"; $http_request .= "Host: $this->verify_server\r\n"; $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; $http_request .= "Content-Length: ".strlen($data)."\r\n"; $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; $http_request .= "\r\n"; $http_request .= $data; $fs = @fsockopen($this->verify_server, 80, $errno, $errstr, 10); if($fs == false)	if($response === false)
{	{
$this->set_error($lang->invalid_captcha_transmit);	$this->set_error($lang->invalid_nocaptcha_transmit);
} else {	} else {
// We connected, but is it correct? fwrite($fs, $http_request);	$answer = json_decode($response, true);

while(!feof($fs))	if($answer['success'] != 'true' \|\| $answer['score'] < $mybb->settings['recaptchascore'])
{	{
$response .= fgets($fs, 1160); } fclose($fs); $response = explode("\r\n\r\n", $response, 2); $answer = explode("\n", $response[1]); if(trim($answer[0]) != 'true') { // We got it wrong! Oh no... $this->set_error($lang->invalid_captcha_verify); } } } } elseif(in_array($this->type, array(4, 5)))	// We got it wrong! Oh no... $this->set_error($lang->invalid_nocaptcha); } } } } elseif(in_array($this->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE)))
{	{
$response = $mybb->input['g-recaptcha-response'];	$response = $mybb->get_input('h-captcha-response');
if(!$response \|\| strlen($response) == 0) {	if(!$response \|\| strlen($response) == 0) {
$this->set_error($lang->invalid_nocaptcha);	$this->set_error($lang->invalid_hcaptcha);
} else {	} else {
// We have a noCAPTCHA or reCAPTCHA invisible to handle // Contact Google and see if our reCAPTCHA was successful	// We have an hCaptcha or hCaptcha invisible to handle // Contact hCaptcha and see if our hCaptcha was successful
$response = fetch_remote_file($this->verify_server, array(	$response = fetch_remote_file($this->verify_server, array(
'secret' => $mybb->settings['captchaprivatekey'],	'secret' => $mybb->settings['hcaptchaprivatekey'],
'remoteip' => $session->ipaddress, 'response' => $response )); if($response == false)	'remoteip' => $session->ipaddress, 'response' => $response )); if($response == false)
{ $this->set_error($lang->invalid_nocaptcha_transmit);	{ $this->set_error($lang->invalid_hcaptcha_transmit);
} else { $answer = json_decode($response, true);	} else { $answer = json_decode($response, true);

if($answer['success'] != 'true') { // We got it wrong! Oh no...	if($answer['success'] != 'true') { // We got it wrong! Oh no...
$this->set_error($lang->invalid_nocaptcha);	$this->set_error($lang->invalid_hcaptcha);
} } } }	} } } }

$plugins->run_hooks('captcha_validate_end', $this); if(count($this->errors) > 0)	$plugins->run_hooks('captcha_validate_end', $this); if(count($this->errors) > 0)
Zeile 370	Zeile 406
{ global $db, $mybb, $plugins;	{ global $db, $mybb, $plugins;
if($this->type == 1)	if($this->type == captcha::DEFAULT_CAPTCHA)
{ // We have a normal CAPTCHA to handle	{ // We have a normal CAPTCHA to handle
$imagehash = $db->escape_string($mybb->input['imagehash']);	$imagehash = $db->escape_string($mybb->get_input('imagehash'));
if($imagehash) { $db->delete_query("captcha", "imagehash = '{$imagehash}'");	if($imagehash) { $db->delete_query("captcha", "imagehash = '{$imagehash}'");