From 6220db47b3e23c8d14cbecbdda34be83d47889ae Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 28 Jan 2009 08:15:56 +0000 Subject: Simplify the recaptcha admin page. It's not guaranteed to verify your recaptcha private key properly anymore, but it's more intuitive to configure in the admin UI. --- modules/recaptcha/controllers/admin_recaptcha.php | 97 ++++++----------------- modules/recaptcha/helpers/recaptcha.php | 46 +++++------ modules/recaptcha/libraries/Form_Recaptcha.php | 3 +- modules/recaptcha/views/admin_recaptcha.html.php | 66 +++++---------- 4 files changed, 73 insertions(+), 139 deletions(-) (limited to 'modules') diff --git a/modules/recaptcha/controllers/admin_recaptcha.php b/modules/recaptcha/controllers/admin_recaptcha.php index 23fd8ad3..2a3a1721 100644 --- a/modules/recaptcha/controllers/admin_recaptcha.php +++ b/modules/recaptcha/controllers/admin_recaptcha.php @@ -20,90 +20,45 @@ class Admin_Recaptcha_Controller extends Admin_Controller { public function index() { $form = recaptcha::get_configure_form(); + if (request::method() == "post") { $old_public_key = module::get_var("recaptcha", "public_key"); $old_private_key = module::get_var("recaptcha", "private_key"); - if (request::method() == "post") { - - $valid_key = $form->validate(); - if ($valid_key) { - $input = Input::instance(); - $challenge = $input->post("recaptcha_challenge_field", "", true); - $response = $input->post("recaptcha_response_field", "", true); - $valid_key = recaptcha::is_recaptcha_valid($challenge, $response, - $form->configure_recaptcha->private_key->value); - if (empty($valid_key) && $form->captcha_error == "invalid-site-private-key") { - $form->configure_recaptcha->private_key->add_error("invalid", 1); - unset($form->captcha_error); - } - } - if ($valid_key) { - $new_public_key = $form->configure_recaptcha->public_key->value; - $new_private_key = $form->configure_recaptcha->private_key->value; - - $update = $this->_update_key("public_key", $old_public_key, $new_public_key); - $update |= $this->_update_key("private_key", $old_private_key, $new_private_key); + if ($form->validate()) { + $public_key = $form->configure_recaptcha->public_key->value; + $private_key = $form->configure_recaptcha->private_key->value; - if ($update) { - message::success(t("Recaptcha Configured")); + if ($public_key && $private_key) { + module::set_var("recaptcha", "public_key", $public_key); + module::set_var("recaptcha", "private_key", $private_key); + message::success(t("Recaptcha configured!")); + log::success(t("Recaptcha public and private keys set")); + url::redirect("admin/recaptcha"); + } else if ($public_key && !$private_key) { + $form->configure_recaptcha->private_key->add_error("invalid"); + } else if ($private_key && !$public_key) { + $form->configure_recaptcha->public_key->add_error("invalid"); + } else { + module::set_var("recaptcha", "public_key", ""); + module::set_var("recaptcha", "private_key", ""); + message::success(t("Recaptcha disabled!")); + log::success(t("Recaptcha public and private keys cleared")); + url::redirect("admin/recaptcha"); } - recaptcha::check_config(); } - } else { - $valid_key = !empty($old_public_key) && !empty($old_private_key); } recaptcha::check_config(); $view = new Admin_View("admin.html"); $view->content = new View("admin_recaptcha.html"); - $view->content->valid_key = $valid_key; + $view->content->public_key = module::get_var("recaptcha", "public_key"); + $view->content->private_key = module::get_var("recaptcha", "private_key"); $view->content->form = $form; print $view; } - private function _update_key($type, $old_key, $new_key) { - $changed = true; - if ($old_key && !$new_key) { - log::success(sprintf(t("Your Recaptcha %s has been cleared."), strtr($type, "_", " "))); - } else if ($old_key && $new_key && $old_key != $new_key) { - log::success(sprintf(t("Your Recaptcha %s has been changed."), strtr($type, "_", " "))); - } else if (!$old_key && $new_key) { - log::success(sprintf(t("Your Recaptcha %s has been saved."), strtr($type, "_", " "))); - } else { - $changed = false; - } - if ($changed) { - module::set_var("recaptcha", $type, $new_key); - } - return $changed; - } - - public function gethtml($public_key, $error=null) { - $http_request = "GET /challenge?k=$public_key HTTP/1.0\r\n"; - $response = ""; - if( false == ( $fs = @fsockopen("api.recaptcha.net", 80, $errno, $errstr, 10) ) ) { - throw new Exception("@todo COULD NOT OPEN SOCKET"); - } - $errorpart = empty($error) ? "" : "&error=$error"; - fputs($fs, "GET /challenge?k=$public_key&ajax=1$errorpart HTTP/1.0\r\n"); - fputs($fs, "Host: api.recaptcha.net\r\n"); - fputs($fs, "Connection: Close\r\n\r\n"); - while (!feof($fs)) { - $response .= fgets($fs, 1160); // One TCP-IP packet - } - fclose($fs); - $response = explode("\r\n\r\n", $response, 2); - - if (strpos($response[1], "document.write") === 0) { - header("HTTP/1.1 400 BAD REQUEST"); - if (preg_match("#.*\'(.*)\'#", $response[1], $matches)) { - $msg = $matches[1]; - } else { - $msg = _t("Unable to determine error message"); - } - print $msg; - } else { - header("HTTP/1.1 200 OK"); - print json_encode(array("result" => "success", "script" => $response[1])); - } + public function test() { + $view = new View("admin_recaptcha_test.html"); + $view->public_key = module::get_var("recaptcha", "public_key"); + print $view; } } diff --git a/modules/recaptcha/helpers/recaptcha.php b/modules/recaptcha/helpers/recaptcha.php index 662b98d7..74601250 100644 --- a/modules/recaptcha/helpers/recaptcha.php +++ b/modules/recaptcha/helpers/recaptcha.php @@ -26,13 +26,11 @@ class recaptcha_Core { ->value(module::get_var()); $group->input("public_key") ->label(t("Public Key")) - ->value(module::get_var("recaptcha", "public_key")) - ->rules("required|length[40]"); + ->value(module::get_var("recaptcha", "public_key")); $group->public_key->error_messages("invalid", t("The public key you provided is invalid.")); $group->input("private_key") ->label(t("Private Key")) - ->value(module::get_var("recaptcha", "private_key")) - ->rules("required|length[40]"); + ->value(module::get_var("recaptcha", "private_key")); $group->private_key->error_messages("invalid", t("The private key you provided is invalid.")); $group->submit("")->value(t("Save")); @@ -55,14 +53,24 @@ class recaptcha_Core { } /** - * Gets the challenge HTML (javascript and non-javascript version). - * This is called from the browser, and the resulting reCAPTCHA HTML widget - * is embedded within the HTML form it was called from. - * @param string $error The error given by reCAPTCHA (optional, default is null) - * @param string $pubkey The public key to use in the challenge (optional, default is null) - * @return string - The HTML to be embedded in the user"s form. + * Verify that the recaptcha key is valid. + * @param string $private_key + * @return boolean */ - static function get_challenge_html($id, $error=null, $public_key=null ) { + static function verify_key($private_key) { + $remote_ip = Input::instance()->server("REMOTE_ADDR"); + $response = self::_http_post("api-verify.recaptcha.net", "/verify", + array("privatekey" => $private_key, + "remoteip" => $remote_ip, + "challenge" => "right", + "response" => "wrong")); + + $answers = explode("\n", $response[1]); + if (trim($answers[0]) == "true") { + return null; + } else { + return $answers[1]; + } } /** @@ -70,29 +78,21 @@ class recaptcha_Core { * @param string $form * @return string error message or null */ - static function is_recaptcha_valid($challenge, $response, $private_key=null) { - if (!module::installed("recaptcha")) { - return null; - } + static function is_recaptcha_valid($challenge, $response, $private_key) { $input = Input::instance(); - - if (empty($private_key)) { - $private_key = module::get_var("recaptcha", "private_key"); - } - $remoteip = $input->server("REMOTE_ADDR"); + $remote_ip = $input->server("REMOTE_ADDR"); //discard spam submissions if (empty($challenge) || empty($response)) { return "incorrect-captcha-sol"; } + $response = self::_http_post("api-verify.recaptcha.net", "/verify", array ("privatekey" => $private_key, - "remoteip" => $remoteip, + "remoteip" => $remote_ip, "challenge" => $challenge, "response" => $response)); - Kohana::log("debug", print_r($response, 1)); - Kohana::log("debug", print_r(debug_backtrace(), 1)); $answers = explode ("\n", $response [1]); if (trim ($answers [0]) == "true") { return null; diff --git a/modules/recaptcha/libraries/Form_Recaptcha.php b/modules/recaptcha/libraries/Form_Recaptcha.php index 271045c2..307b4ef5 100644 --- a/modules/recaptcha/libraries/Form_Recaptcha.php +++ b/modules/recaptcha/libraries/Form_Recaptcha.php @@ -65,7 +65,8 @@ class Form_Recaptcha_Core extends Form_Input { $challenge = $input->post("recaptcha_challenge_field", "", true); $response = $input->post("recaptcha_response_field", "", true); if (!empty($challenge)) { - $this->_error = recaptcha::is_recaptcha_valid($challenge, $response); + $this->_error = recaptcha::is_recaptcha_valid( + $challenge, $response, module::get_var("recaptcha", "private_key")); if (!empty($this->_error)) { $this->add_error($this->_error, 1); } diff --git a/modules/recaptcha/views/admin_recaptcha.html.php b/modules/recaptcha/views/admin_recaptcha.html.php index e4f00e00..ed90aea9 100644 --- a/modules/recaptcha/views/admin_recaptcha.html.php +++ b/modules/recaptcha/views/admin_recaptcha.html.php @@ -1,52 +1,30 @@ - - -

- get_key_url}\">ReCaptcha Public/Private Key pair, which is also free. Once registered, the the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.") ?> + get_key_url}\">ReCaptcha Public/Private Key pair, which is also free. Once registered, the the challenge and response strings are evaluated at recaptcha.net to determine if the form content has been entered by a bot.", array("url" => "http://recaptcha.net")) ?>

+ + +
+

+

+ +

+ +
+ + +
+
+ + -- cgit v1.2.3