1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-30 18:24:29 +01:00
Also improve CAPTCHA portability into other parrts of the software by removing weird CAPTCHA-specific config file
This commit is contained in:
Fredrick Brennan 2015-04-25 19:50:07 +08:00
parent 55792e3c95
commit 691bc1c3fa
9 changed files with 45 additions and 39 deletions

View File

@ -1,15 +0,0 @@
<?php
// We are using a custom path here to connect to the database.
// Why? Performance reasons.
$pdo = new PDO("mysql:dbname=8chan;host=localhost", "user", "pass", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
// Captcha expiration:
$expires_in = 120; // 120 seconds
// Captcha dimensions:
$width = 300;
$height = 80;
// Captcha length:
$length = 6;

View File

@ -31,7 +31,7 @@ class SimpleCaptcha {
* directory to another location outise the web server
*
*/
public $resourcesPath = 'cool-php-captcha-0.3.1/resources';
public $resourcesPath = '8chan-captcha/cool-php-captcha-0.3.1/resources';
/** Min word length (for non-dictionary random text generation) */
public $minWordLength = 5;

View File

@ -3,8 +3,8 @@ header('Access-Control-Allow-Origin: *');
$mode = @$_GET['mode'];
require_once("config.php");
require_once("functions.php");
chdir('..'); // for "cool PHP CAPTCHA"'s resourcesPath
include "inc/functions.php"; // general 8chan functions
switch ($mode) {
// Request: GET entrypoint.php?mode=get&extra=1234567890
@ -26,7 +26,7 @@ case "get":
echo "<html><body>You do not have JavaScript enabled. To fill out the CAPTCHA, please copy the ID to the post form in the ID field, and write the answer in the answer field.<br><br>CAPTCHA ID: $cookie<br>CAPTCHA image: $html</body></html>";
} else {
header("Content-type: application/json");
echo json_encode(["cookie" => $cookie, "captchahtml" => $html, "expires_in" => $expires_in]);
echo json_encode(["cookie" => $cookie, "captchahtml" => $html, "expires_in" => $config['captcha']['expires_in']]);
}
break;
@ -41,18 +41,17 @@ case "check":
die();
}
cleanup($pdo, $expires_in);
cleanup();
$query = $pdo->prepare("SELECT * FROM `captchas` WHERE `cookie` = ? AND `extra` = ?");
$query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ? AND `extra` = ?");
$query->execute([$_GET['cookie'], $_GET['extra']]);
$ary = $query->fetchAll();
if (!$ary) {
echo "0";
}
else {
$query = $pdo->prepare("DELETE FROM `captchas` WHERE `cookie` = ? AND `extra` = ?");
$query = prepare("DELETE FROM `captchas` WHERE `cookie` = ? AND `extra` = ?");
$query->execute([$_GET['cookie'], $_GET['extra']]);
if ($ary[0]['text'] !== $_GET['text']) {

View File

@ -1,12 +1,9 @@
<?php
if (strpos(getcwd(), '8chan-captcha') === false) chdir('8chan-captcha');
require_once("config.php");
require_once("cool-php-captcha-0.3.1/captcha.php");
require_once 'cool-php-captcha-0.3.1/captcha.php';
function generate_captcha($extra = '1234567890') {
global $length, $pdo;
global $config;
$text = rand_string($length, $extra);
$text = rand_string($config['captcha']['length'], $extra);
$captcha = new SimpleCaptcha();
@ -18,7 +15,7 @@ function generate_captcha($extra = '1234567890') {
ob_end_clean();
$html = '<image src="data:image/png;base64,'.base64_encode($image).'">';
$query = $pdo->prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)");
$query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)");
$query->execute( [$cookie, $extra, $text, time()]);
return array("cookie" => $cookie, "html" => $html);
@ -32,7 +29,8 @@ function rand_string($length, $charset) {
return $ret;
}
function cleanup ($pdo, $expires_in) {
$pdo->prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]);
function cleanup () {
global $config;
prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $config['captcha']['expires_in']]);
}

View File

@ -308,14 +308,22 @@
// Enable custom captcha provider
$config['captcha']['enabled'] = false;
// Custom CAPTCHA provider general settings
// Captcha expiration:
$config['captcha']['expires_in'] = 120; // 120 seconds
// Captcha length:
$config['captcha']['length'] = 6;
/*
* Custom captcha provider path (You will need to change these depending on your configuration! It cannot be
* automatically determined because provider_check requires curl which needs to know the domain of your site.)
*
* Specify yourimageboard.com/$config['root']/8chan-captcha/entrypoint.php for the default provider or write your own
*/
$config['captcha']['provider_get'] = 'http://localhost/infinity/8chan-captcha/entrypoint.php';
$config['captcha']['provider_check'] = 'http://localhost/infinity/8chan-captcha/entrypoint.php';
$config['captcha']['provider_get'] = 'http://localhost/8chan-captcha/entrypoint.php';
$config['captcha']['provider_check'] = 'http://localhost/8chan-captcha/entrypoint.php';
// Custom captcha extra field (eg. charset)
$config['captcha']['extra'] = 'abcdefghijklmnopqrstuvwxyz';

View File

@ -24,6 +24,7 @@ if (!extension_loaded('gettext')) {
}
require_once 'inc/lib/parsedown/Parsedown.php'; // todo: option for parsedown instead of Tinyboard/STI markup
require_once 'inc/mod/auth.php';
require_once '8chan-captcha/functions.php';
// the user is not currently logged in as a moderator
$mod = false;

View File

@ -148,10 +148,22 @@ if (isset($_POST['delete'])) {
]));
if ($resp !== '1') {
error($config['error']['captcha']);
$error = $config['error']['captcha'];
}
}
if (isset($error)) {
if ($config['report_captcha']) {
$captcha = generate_captcha($config['captcha']['extra']);
} else {
$captcha = null;
}
$body = Element('report.html', array('board' => $board, 'config' => $config, 'error' => $error, 'reason_prefill' => $_POST['reason'], 'post' => 'delete_'.$report[0], 'captcha' => $captcha));
echo Element('page.html', ['config' => $config, 'body' => $body]);
die();
}
$reason = escape_markup_modifiers($_POST['reason']);
markup($reason);

View File

@ -10,8 +10,6 @@ if (!$post || !preg_match('/^delete_\d+$/', $post) || !$board || !openBoard($boa
}
if ($config['report_captcha']) {
include '8chan-captcha/functions.php';
$captcha = generate_captcha($config['captcha']['extra']);
} else {
$captcha = null;

View File

@ -1,4 +1,9 @@
<form action="{{ config.post_url }}" method="post" id="report_form">
{% if error %}
<div class="error">
<strong>{{ error|e }}</strong>
</div>
{% endif %}
<input type="hidden" name="board" value="{{ board.uri }}">
<input type="hidden" name="{{ post|e }}" value="1">
{% if global %}
@ -6,11 +11,11 @@
<div><h1>Attention!</h1><p>This form is only for reporting <strong>child pornography</strong>, <strong>bot spam</strong> and <strong>credit card numbers, social security numbers or banking information</strong>. DMCA requests and all other deletion requests <em>MUST</em> be sent via email to admin@8chan.co.</p><p>8chan is unmoderated and allows posts without collecting <em>ANY</em> information from the poster less the details of their post. Furthermore, all boards on 8chan are user created and not actively monitored by anyone but the board creator.</p><p>8chan has a small volunteer staff to handle this queue, please do not waste their time by filling it with nonsense! <em>If you made a report with this tool and the post was not deleted, <strong>do not make the report again!</strong> Email admin@8chan.co instead.</em> Abuse of the global report system could lead to address blocks against your IP from 8chan.</p><p>Again, 8chan's global volunteers <em>do not</em> handle board specific issues. You most likely want to click "Report" instead to reach the creator and volunteers he assigned to this board.</p>
{% endif %}
<p>{% trans %}Enter reason below...{% endtrans %}</p>
<input type="text" id="reason" name="reason">
<input type="text" id="reason" name="reason" value="{{ reason_prefill|e|addslashes }}">
{% if config.report_captcha %}
<p>{% trans %}To submit your report, please fill out the CAPTCHA below.{% endtrans %}</p>
{{ captcha['html'] }}<br/>
<input class="captcha_text" name="captcha_text" size="25" maxlength="6" autocomplete="off" type="text">
<input class="captcha_text" name="captcha_text" size="25" maxlength="6" autocomplete="off" type="text" value="">
<input class="captcha_cookie" name="captcha_cookie" type="hidden" autocomplete="off" value="{{ captcha['cookie']|e }}"><br/>
{% endif %}
<input name="report" value="{% trans %}Submit{% endtrans %}" type="submit">