Simplify the recaptcha admin page. It's not guaranteed to verify your

recaptcha private key properly anymore, but it's more intuitive to configure in the admin UI.
author: Bharat Mediratta <bharat@menalto.com> 2009-01-28 08:15:56 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2009-01-28 08:15:56 +0000
commit: 6220db47b3e23c8d14cbecbdda34be83d47889ae (patch)
tree: 85f76e622fb90c1dd7de187af8dce2858333cc42 /modules/recaptcha
parent: 66fae635580890a2c25820b76f680baad11669af (diff)
4 files changed, 73 insertions, 139 deletions
diff --git a/modules/recaptcha/controllers/admin_recaptcha.php b/modules/recaptcha/controllers/admin_recaptcha.php
index 23fd8ad3..2a3a1721 100644
--- a/modules/recaptcha/controllers/admin_recaptcha.php
+++ b/modules/recaptcha/controllers/admin_recaptcha.php
@@ -20,90 +20,45 @@
 class Admin_Recaptcha_Controller extends Admin_Controller {
   public function index() {
     $form = recaptcha::get_configure_form();
+    if (request::method() == "post") {
     $old_public_key = module::get_var("recaptcha", "public_key");
     $old_private_key = module::get_var("recaptcha", "private_key");
-    if (request::method() == "post") {
-
-      $valid_key = $form->validate();
-      if ($valid_key) {
-        $input = Input::instance();
-        $challenge = $input->post("recaptcha_challenge_field", "", true);
-        $response = $input->post("recaptcha_response_field", "", true);
-        $valid_key = recaptcha::is_recaptcha_valid($challenge, $response,
-                                                   $form->configure_recaptcha->private_key->value);
-        if (empty($valid_key) && $form->captcha_error == "invalid-site-private-key") {
-          $form->configure_recaptcha->private_key->add_error("invalid", 1);
-          unset($form->captcha_error);
-        }
-      }
-      if ($valid_key) {
-        $new_public_key = $form->configure_recaptcha->public_key->value;
-        $new_private_key = $form->configure_recaptcha->private_key->value;
-
-        $update = $this->_update_key("public_key", $old_public_key, $new_public_key);
-        $update |= $this->_update_key("private_key", $old_private_key, $new_private_key);
+      if ($form->validate()) {
+        $public_key = $form->configure_recaptcha->public_key->value;
+        $private_key = $form->configure_recaptcha->private_key->value;
 
-        if ($update) {
-          message::success(t("Recaptcha Configured"));
+        if ($public_key && $private_key) {
+          module::set_var("recaptcha", "public_key", $public_key);
+          module::set_var("recaptcha", "private_key", $private_key);
+          message::success(t("Recaptcha configured!"));
+          log::success(t("Recaptcha public and private keys set"));
+          url::redirect("admin/recaptcha");
+        } else if ($public_key && !$private_key) {
+          $form->configure_recaptcha->private_key->add_error("invalid");
+        } else if ($private_key && !$public_key) {
+          $form->configure_recaptcha->public_key->add_error("invalid");
+        } else {
+          module::set_var("recaptcha", "public_key", "");
+          module::set_var("recaptcha", "private_key", "");
+          message::success(t("Recaptcha disabled!"));
+          log::success(t("Recaptcha public and private keys cleared"));
+          url::redirect("admin/recaptcha");
         }
-        recaptcha::check_config();
       }
-    } else {
-      $valid_key = !empty($old_public_key) && !empty($old_private_key);
     }
 
     recaptcha::check_config();
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_recaptcha.html");
-    $view->content->valid_key = $valid_key;
+    $view->content->public_key = module::get_var("recaptcha", "public_key");
+    $view->content->private_key = module::get_var("recaptcha", "private_key");
     $view->content->form = $form;
     print $view;
   }
 
-  private function _update_key($type, $old_key, $new_key) {
-    $changed = true;
-    if ($old_key && !$new_key) {
-      log::success(sprintf(t("Your Recaptcha %s has been cleared."), strtr($type, "_", " ")));
-    } else if ($old_key && $new_key && $old_key != $new_key) {
-      log::success(sprintf(t("Your Recaptcha %s has been changed."), strtr($type, "_", " ")));
-    } else if (!$old_key && $new_key) {
-      log::success(sprintf(t("Your Recaptcha %s has been saved."), strtr($type, "_", " ")));
-    } else {
-      $changed = false;
-    }
-    if ($changed) {
-      module::set_var("recaptcha", $type, $new_key);
-    }
-    return $changed;
-  }
-
-  public function gethtml($public_key, $error=null) {
-    $http_request  = "GET /challenge?k=$public_key HTTP/1.0\r\n"; 
-    $response = ""; 
-    if( false == ( $fs = @fsockopen("api.recaptcha.net", 80, $errno, $errstr, 10) ) ) { 
-      throw new Exception("@todo COULD NOT OPEN SOCKET"); 
-    }
-    $errorpart = empty($error) ? "" : "&error=$error";
-    fputs($fs, "GET /challenge?k=$public_key&ajax=1$errorpart HTTP/1.0\r\n");
-    fputs($fs, "Host: api.recaptcha.net\r\n");
-    fputs($fs, "Connection: Close\r\n\r\n");
-    while (!feof($fs)) { 
-      $response .= fgets($fs, 1160); // One TCP-IP packet
-    }
-    fclose($fs);
-    $response = explode("\r\n\r\n", $response, 2); 
-
-    if (strpos($response[1], "document.write") === 0) {
-      header("HTTP/1.1 400 BAD REQUEST");
-      if (preg_match("#.*\'(.*)\'#", $response[1], $matches)) {
-        $msg = $matches[1];
-      } else {
-        $msg = _t("Unable to determine error message");
-      }
-      print $msg;
-    } else {
-      header("HTTP/1.1 200 OK");
-      print json_encode(array("result" => "success", "script" => $response[1]));
-    }
+  public function test() {
+    $view = new View("admin_recaptcha_test.html");
+    $view->public_key = module::get_var("recaptcha", "public_key");
+    print $view;
   }
 }
diff --git a/modules/recaptcha/helpers/recaptcha.php b/modules/recaptcha/helpers/recaptcha.php
index 662b98d7..74601250 100644
--- a/modules/recaptcha/helpers/recaptcha.php
+++ b/modules/recaptcha/helpers/recaptcha.php
@@ -26,13 +26,11 @@ class recaptcha_Core {
       ->value(module::get_var());
     $group->input("public_key")
       ->label(t("Public Key"))
-      ->value(module::get_var("recaptcha", "public_key"))
-      ->rules("required|length[40]");
+      ->value(module::get_var("recaptcha", "public_key"));
     $group->public_key->error_messages("invalid", t("The public key you provided is invalid."));
     $group->input("private_key")
       ->label(t("Private Key"))
-      ->value(module::get_var("recaptcha", "private_key"))
-      ->rules("required|length[40]");
+      ->value(module::get_var("recaptcha", "private_key"));
     $group->private_key->error_messages("invalid", t("The private key you provided is invalid."));
 
     $group->submit("")->value(t("Save"));
@@ -55,14 +53,24 @@ class recaptcha_Core {
   }
 
   /** 
-   * Gets the challenge HTML (javascript and non-javascript version). 
-   * This is called from the browser, and the resulting reCAPTCHA HTML widget 
-   * is embedded within the HTML form it was called from. 
-   * @param string $error The error given by reCAPTCHA (optional, default is null) 
-   * @param string $pubkey The public key to use in the challenge (optional, default is null)
-   * @return string - The HTML to be embedded in the user"s form. 
+   * Verify that the recaptcha key is valid.
+   * @param string $private_key
+   * @return boolean
    */ 
-  static function get_challenge_html($id, $error=null, $public_key=null ) {
+  static function verify_key($private_key) {
+    $remote_ip = Input::instance()->server("REMOTE_ADDR");
+    $response = self::_http_post("api-verify.recaptcha.net", "/verify",
+                                 array("privatekey" => $private_key,
+                                       "remoteip" => $remote_ip,
+                                       "challenge" => "right",
+                                       "response" => "wrong"));
+
+    $answers = explode("\n", $response[1]);
+    if (trim($answers[0]) == "true") {
+      return null;
+    } else {
+      return $answers[1];
+    }
   }
   
   /** 
@@ -70,29 +78,21 @@ class recaptcha_Core {
    * @param string $form
    * @return string error message or null
    */ 
-  static function is_recaptcha_valid($challenge, $response, $private_key=null) { 
-    if (!module::installed("recaptcha")) {
-      return null;
-    }
+  static function is_recaptcha_valid($challenge, $response, $private_key) {
     $input = Input::instance();
-
-    if (empty($private_key)) {
-      $private_key = module::get_var("recaptcha", "private_key");
-    }
-    $remoteip = $input->server("REMOTE_ADDR");
+    $remote_ip = $input->server("REMOTE_ADDR");
 
     //discard spam submissions 
     if (empty($challenge) || empty($response)) { 
       return  "incorrect-captcha-sol";
     } 
+
     $response = self::_http_post("api-verify.recaptcha.net", "/verify", 
                               array ("privatekey" => $private_key, 
-                                     "remoteip" => $remoteip, 
+                                        "remoteip" => $remote_ip,
                                      "challenge" => $challenge, 
                                      "response" => $response)); 
 
-    Kohana::log("debug", print_r($response, 1));
-    Kohana::log("debug", print_r(debug_backtrace(), 1));
     $answers = explode ("\n", $response [1]); 
     if (trim ($answers [0]) == "true") { 
       return null; 
diff --git a/modules/recaptcha/libraries/Form_Recaptcha.php b/modules/recaptcha/libraries/Form_Recaptcha.php
index 271045c2..307b4ef5 100644
--- a/modules/recaptcha/libraries/Form_Recaptcha.php
+++ b/modules/recaptcha/libraries/Form_Recaptcha.php
@@ -65,7 +65,8 @@ class Form_Recaptcha_Core extends Form_Input {
     $challenge = $input->post("recaptcha_challenge_field", "", true);
     $response = $input->post("recaptcha_response_field", "", true);
     if (!empty($challenge)) {
-      $this->_error = recaptcha::is_recaptcha_valid($challenge, $response);
+      $this->_error = recaptcha::is_recaptcha_valid(
+        $challenge, $response, module::get_var("recaptcha", "private_key"));
       if (!empty($this->_error)) {
         $this->add_error($this->_error, 1);
       }
diff --git a/modules/recaptcha/views/admin_recaptcha.html.php b/modules/recaptcha/views/admin_recaptcha.html.php
index e4f00e00..ed90aea9 100644
--- a/modules/recaptcha/views/admin_recaptcha.html.php
+++ b/modules/recaptcha/views/admin_recaptcha.html.php
@@ -1,52 +1,30 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
-<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
-<script>
-var RecaptchaOptions = {lang: 'en', theme: "white"};
-
-$("#gConfigureRecaptchaForm").ready(function() {
-  $("#gConfigureRecaptchaForm :submit").before("<ul><li id=recaptcha_div /></ul>");
-  $("#public_key").change(function() {
-    showRecaptcha($(this).val());
-  });
-  var original = $("#public_key").val();
-  if (original != "") {
-    showRecaptcha(original);
-  }
-});
-
-function showRecaptcha(public_key) {
-  if (public_key != "") {
-    Recaptcha.widget = document.getElementById("recaptcha_div");
-    $.ajax({url: "<?= url::site("admin/recaptcha/gethtml") ?>/" + public_key <? if (!empty($form->captcha_error)): ?> + "/<?= $form->captcha_error ?>" <? endif ?> ,
-          dataType: "json",
-          cache: false,
-          error: function(request, textStatus, errorThrown) {
-            var public_key = $("#gConfigureRecaptchaForm ul li:first-child");
-            public_key.addClass("gError");
-            $("#gConfigureRecaptchaForm ul li:first-child p").replaceWith("");
-            public_key.append('<p class="gError">' + request.responseText + "</p>");
-          },
-          success: function(data, textStatus) {
-            var public_key = $("#gConfigureRecaptchaForm ul li:first-child");
-            public_key.removeClass("gError");
-            $("#gConfigureRecaptchaForm ul li:first-child p").replaceWith("");
-            $("#recaptcha_div").html("<script type='text/javascript'>" + data.script + "</script" + ">");
-          }
-    });
-  } else {
-    if (Recaptcha.widget != undefined) {
-      Recaptcha.destroy();
-    }
-  }
-}
-
-</script>
-   
 <div id="gAdminRecaptcha">
   <h1> <?= t("ReCaptcha Challenge Filtering") ?> </h1>
   <p>
-    <?= t("Recaptcha is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. automated spam filtering service.  In order to use it, you need to sign up for a <a href=\"{$form->get_key_url}\">ReCaptcha Public/Private Key pair</a>, which is also free.  Once registered, the the challenge and response strings are evaluated at <a href=\"http://recaptcha.net\">recaptcha.net</a> to determine if the form content has been entered by a bot.") ?>
+    <?= t("Recaptcha is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. automated spam filtering service.  In order to use it, you need to sign up for a <a href=\"{$form->get_key_url}\">ReCaptcha Public/Private Key pair</a>, which is also free.  Once registered, the the challenge and response strings are evaluated at <a href=\"%url\">recaptcha.net</a> to determine if the form content has been entered by a bot.", array("url" => "http://recaptcha.net")) ?>
   </p>
 
      <?= $form ?>
 </div>
+
+<? if ($public_key && $private_key): ?>
+<div id="gAdminRecaptchaTest" class="gBlock">
+  <h2> <?= t("Recaptcha Test") ?> </h2>
+  <p>
+    <?= t("If you see a captcha form below, then Recaptcha is functioning properly.") ?>
+  </p>
+
+  <div id="gRecaptcha"/>
+  <script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
+  <script type="text/javascript">
+    Recaptcha.create("<?= $public_key ?>", "gRecaptcha", {
+      callback: Recaptcha.focus_response_field,
+      lang: "en",
+      theme: "white"
+    });
+  </script>
+  </div>
+</div>
+<? endif ?>
+
author	Bharat Mediratta <bharat@menalto.com>	2009-01-28 08:15:56 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2009-01-28 08:15:56 +0000
commit	6220db47b3e23c8d14cbecbdda34be83d47889ae (patch)
tree	85f76e622fb90c1dd7de187af8dce2858333cc42 /modules/recaptcha
parent	66fae635580890a2c25820b76f680baad11669af (diff)