Merge pull request #629 from vichan-devel/hcaptcha

Add hCaptcha support
2024-11-23 23:20:57 +01:00 · 2023-09-16 10:35:59 -07:00 · 2023-09-16 10:35:59 -07:00 · e5d6960e4a
commit e5d6960e4a
parent cca659bd1f 5e26d5f09e
3 changed files with 42 additions and 0 deletions
--- a/inc/config.php
+++ b/inc/config.php
@ -295,6 +295,7 @@
 		'raw',
 		'embed',
 		'g-recaptcha-response',
+		'h-captcha-response',
 		'captcha_cookie',
 		'captcha_text',
 		'spoiler',
@ -313,6 +314,10 @@
 	$config['recaptcha_public'] = '6LcXTcUSAAAAAKBxyFWIt2SO8jwx4W7wcSMRoN3f';
 	$config['recaptcha_private'] = '6LcXTcUSAAAAAOGVbVdhmEM1_SyRF4xTKe8jbzf_';

+	// Public and private key pair for using hCaptcha.
+	$config['hcaptcha_public'] = '7a4b21e0-dc53-46f2-a9f8-91d2e74b63a0';
+	$config['hcaptcha_private'] = '0x4e9A01bE637b51dC41a7Ea9865C3fDe4aB72Cf17';
+
 	// Enable Custom Captcha you need to change a couple of settings 
 	//Read more at: /inc/captcha/readme.md
 	$config['captcha'] = array();
--- a/post.php
+++ b/post.php
@ -410,6 +410,31 @@ if (isset($_POST['delete'])) {
 				error($config['error']['captcha']);
 			}
 		}
+		// hCaptcha
+		if ($config['hcaptcha']) {
+			if (!isset($_POST['h-captcha-response'])) {
+				error($config['error']['bot']);
+			}
+
+			$data = array(
+				'secret' => $config['hcaptcha_private'],
+				'response' => $_POST['h-captcha-response'],
+				'remoteip' => $_SERVER['REMOTE_ADDR']
+			);
+
+			$hcaptchaverify = curl_init();
+			curl_setopt($hcaptchaverify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
+			curl_setopt($hcaptchaverify, CURLOPT_POST, true);
+			curl_setopt($hcaptchaverify, CURLOPT_POSTFIELDS, http_build_query($data));
+			curl_setopt($hcaptchaverify, CURLOPT_RETURNTRANSFER, true);
+			$hcaptcharesponse = curl_exec($hcaptchaverify);
+
+			$resp = json_decode($hcaptcharesponse, true); // Decoding $hcaptcharesponse instead of $response
+
+			if (!$resp['success']) {
+				error($config['error']['captcha']);
+			}
+		}
 		// Same, but now with our custom captcha provider
 		if (($config['captcha']['enabled']) || (($post['op']) && ($config['new_thread_capt'])) ) {
 		$ch = curl_init($config['domain'].'/'.$config['captcha']['provider_check'] . "?" . http_build_query([
--- a/templates/post_form.html
+++ b/templates/post_form.html
@ -84,6 +84,18 @@
 			</td>
 		</tr>
 		{% endif %}
+		{% if config.hcaptcha %}
+		<tr>
+			<th>
+				{% trans %}Verification{% endtrans %}
+				{{ antibot.html() }}
+			</th>
+			<td>
+				<div class="h-captcha" data-sitekey="{{ config.hcaptcha_public }}"></div>
+				{{ antibot.html() }}
+			</td>
+		</tr>
+		{% endif %}
 		{% if config.captcha.enabled %}
 		<tr class='captcha'>
 			<th>