diff --git a/8chan-captcha/entrypoint.php b/8chan-captcha/entrypoint.php index b54600d3..d0edd3da 100644 --- a/8chan-captcha/entrypoint.php +++ b/8chan-captcha/entrypoint.php @@ -3,19 +3,8 @@ header('Access-Control-Allow-Origin: *'); $mode = @$_GET['mode']; -require_once("cool-php-captcha-0.3.1/captcha.php"); - -function rand_string($length, $charset) { - $ret = ""; - while ($length--) { - $ret .= mb_substr($charset, rand(0, mb_strlen($charset, 'utf-8')-1), 1, 'utf-8'); - } - return $ret; -} - -function cleanup ($pdo, $expires_in) { - $pdo->prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]); -} +require_once("config.php"); +require_once("functions.php"); switch ($mode) { // Request: GET entrypoint.php?mode=get&extra=1234567890 @@ -28,23 +17,9 @@ case "get": $extra = $_GET['extra']; $nojs = isset($_GET['nojs']); - require_once("config.php"); - - $text = rand_string($length, $extra); - - //$captcha = new SimpleCaptcha($text, $width, $height, $extra); - $captcha = new SimpleCaptcha(); - - $cookie = rand_string(20, "abcdefghijklmnopqrstuvwxyz"); - - ob_start(); - $captcha->CreateImage($text); - $image = ob_get_contents(); - ob_end_clean(); - $html = ''; - - $query = $pdo->prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)"); - $query->execute( [$cookie, $extra, $text, time()]); + $captcha = generate_captcha($extra); + $cookie = $captcha['cookie']; + $html = $captcha['html']; if ($nojs) { header("Content-type: text/html"); @@ -66,8 +41,6 @@ case "check": die(); } - require_once("config.php"); - cleanup($pdo, $expires_in); $query = $pdo->prepare("SELECT * FROM `captchas` WHERE `cookie` = ? AND `extra` = ?"); diff --git a/8chan-captcha/functions.php b/8chan-captcha/functions.php new file mode 100644 index 00000000..4a8248d1 --- /dev/null +++ b/8chan-captcha/functions.php @@ -0,0 +1,38 @@ +CreateImage($text); + $image = ob_get_contents(); + ob_end_clean(); + $html = ''; + + $query = $pdo->prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)"); + $query->execute( [$cookie, $extra, $text, time()]); + + return array("cookie" => $cookie, "html" => $html); +} + +function rand_string($length, $charset) { + $ret = ""; + while ($length--) { + $ret .= mb_substr($charset, rand(0, mb_strlen($charset, 'utf-8')-1), 1, 'utf-8'); + } + return $ret; +} + +function cleanup ($pdo, $expires_in) { + $pdo->prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]); +} + diff --git a/inc/config.php b/inc/config.php index e941d6df..35a2fdc7 100644 --- a/inc/config.php +++ b/inc/config.php @@ -302,9 +302,14 @@ // Enable custom captcha provider $config['captcha']['enabled'] = false; - // Custom captcha provider path - $config['captcha']['provider_get'] = 'http://8chan.vichan.net/captcha/entrypoint.php'; - $config['captcha']['provider_check'] = 'http://8chan.vichan.net/captcha/entrypoint.php'; + /* + * Custom captcha provider path (You will need to change these depending on your configuration! It cannot be + * automatically determined because provider_check requires curl which needs to know the domain of your site.) + * + * Specify yourimageboard.com/$config['root']/8chan-captcha/entrypoint.php for the default provider or write your own + */ + $config['captcha']['provider_get'] = 'http://localhost/infinity/8chan-captcha/entrypoint.php'; + $config['captcha']['provider_check'] = 'http://localhost/infinity/8chan-captcha/entrypoint.php'; // Custom captcha extra field (eg. charset) $config['captcha']['extra'] = 'abcdefghijklmnopqrstuvwxyz'; @@ -1718,3 +1723,6 @@ // Twig cache? $config['twig_cache'] = false; + + // Use CAPTCHA for reports? + $config['report_captcha'] = false; diff --git a/inc/instance-config.php b/inc/instance-config.php index 5cb25ffa..0a21ceea 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -214,6 +214,7 @@ $config['katex'] = false; $config['enable_antibot'] = false; $config['spam']['unicode'] = false; $config['twig_cache'] = false; +$config['report_captcha'] = true; // 8chan specific mod pages require '8chan-mod-pages.php'; diff --git a/js/fix-report-delete-submit.js b/js/fix-report-delete-submit.js index 71c97f74..0b1ff840 100644 --- a/js/fix-report-delete-submit.js +++ b/js/fix-report-delete-submit.js @@ -43,19 +43,12 @@ Menu.onclick(function(e, $buf) { var postId = $ele.find('.post_no').not('[id]').text(); $buf.find('#report_menu,#global_report_menu').click(function(e) { - $('#delete_'+postId).prop('checked', 'checked'); - if ($(this).attr('id') === 'global_report_menu') { - header = "

Attention!

This form is only for reporting child pornography, bot spam and credit card numbers, social security numbers or banking information. DMCA requests and all other deletion requests MUST be sent via email to admin@8chan.co.

8chan is unmoderated and allows posts without collecting ANY information from the poster less the details of their post. Furthermore, all boards on 8chan are user created and not actively monitored by anyone but the board creator.

8chan has a small volunteer staff to handle this queue, please do not waste their time by filling it with nonsense! If you made a report with this tool and the post was not deleted, do not make the report again! Email admin@8chan.co instead. Abuse of the global report system could lead to address blocks against your IP from 8chan.

Again, 8chan's global volunteers do not handle board specific issues. You most likely want to click \"Report\" instead to reach the creator and volunteers he assigned to this board.

"; - $('#global_report').prop('checked', 'checked'); + if ($(this).attr('id') === "global_report_menu") { + var global = '&global'; } else { - header = ""; - $('#global_report').prop('checked', ''); + var global = ''; } - alert(header+"Enter reason below...
", true, function(){ - $('#reason').val($('#alert_reason').val()); - $('input[name=report][type=submit]').click(); - }); - + window.open(configRoot+'report.php?board='+board_name+'&post=delete_'+postId+global, "", (global?"width=600, height=575":"width=500, height=275")); }); }); diff --git a/post.php b/post.php index 7e22612a..bf20c1c7 100644 --- a/post.php +++ b/post.php @@ -132,6 +132,23 @@ elseif (isset($_POST['report'])) { if (count($report) > $config['report_limit']) error($config['error']['toomanyreports']); + + if ($config['report_captcha'] && !isset($_POST['captcha_text'], $_POST['captcha_cookie'])) { + error($config['error']['bot']); + } + + if ($config['report_captcha']) { + $resp = file_get_contents($config['captcha']['provider_check'] . "?" . http_build_query([ + 'mode' => 'check', + 'text' => $_POST['captcha_text'], + 'extra' => $config['captcha']['extra'], + 'cookie' => $_POST['captcha_cookie'] + ])); + + if ($resp !== '1') { + error($config['error']['captcha']); + } + } $reason = escape_markup_modifiers($_POST['reason']); markup($reason); @@ -182,7 +199,8 @@ elseif (isset($_POST['report'])) { $root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; if (!isset($_POST['json_response'])) { - header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); + $index = $root . $board['dir'] . $config['file_index']; + echo Element('page.html', array('config' => $config, 'body' => '
[ ' . _('Close window') ." ] [ " . _('Return') . ' ]
', 'title' => _('Report submitted!'))); } else { header('Content-Type: text/json'); echo json_encode(array('success' => true)); diff --git a/templates/report.html b/templates/report.html new file mode 100644 index 00000000..291f9313 --- /dev/null +++ b/templates/report.html @@ -0,0 +1,17 @@ +
+ + + {% if global %} + +

Attention!

This form is only for reporting child pornography, bot spam and credit card numbers, social security numbers or banking information. DMCA requests and all other deletion requests MUST be sent via email to admin@8chan.co.

8chan is unmoderated and allows posts without collecting ANY information from the poster less the details of their post. Furthermore, all boards on 8chan are user created and not actively monitored by anyone but the board creator.

8chan has a small volunteer staff to handle this queue, please do not waste their time by filling it with nonsense! If you made a report with this tool and the post was not deleted, do not make the report again! Email admin@8chan.co instead. Abuse of the global report system could lead to address blocks against your IP from 8chan.

Again, 8chan's global volunteers do not handle board specific issues. You most likely want to click "Report" instead to reach the creator and volunteers he assigned to this board.

+ {% endif %} +

{% trans %}Enter reason below...{% endtrans %}

+ + {% if config.report_captcha %} +

{% trans %}To submit your report, please fill out the CAPTCHA below.{% endtrans %}

+ {{ captcha['html'] }}
+ +
+ {% endif %} + +