"gConfigureRecaptchaForm")); $group = $form->group("configure_recaptcha") ->label(t("Configure Recaptcha")); $group->hidden("orig_public_key") ->value(module::get_var()); $group->input("public_key") ->label(t("Public Key")) ->value(module::get_var("recaptcha", "public_key")) ->rules("required|length[40]"); $group->public_key->error_messages("invalid", t("The public key you provided is invalid.")); $group->input("private_key") ->label(t("Private Key")) ->value(module::get_var("recaptcha", "private_key")) ->rules("required|length[40]"); $group->private_key->error_messages("invalid", t("The private key you provided is invalid.")); $forms_list = self::_get_form_list(); $group->checklist("activated_forms") ->label(t("Recaptcha Activated on:")) ->options($forms_list); $group->submit("")->value(t("Save")); $site_domain = urlencode(stripslashes($_SERVER["HTTP_HOST"])); $form->recaptcha_site = self::API_SERVER; $form->recaptcha_ssl_site = self::API_SECURE_SERVER; $form->get_key_url = "http://recaptcha.net/api/getkey?domain=$site_domain&app=Gallery3"; return $form; } static function check_config() { $public_key = module::get_var("recaptcha", "public_key"); $private_key = module::get_var("recaptcha", "private_key"); if (empty($public_key) || empty($private_key)) { site_status::warning( t("Recaptcha is not quite ready! Please configure the Recaptcha Keys", array("url" => url::site("admin/recaptcha"))), "recaptcha_config"); } else { site_status::clear("recaptcha_config"); } } /** * Gets the challenge HTML (javascript and non-javascript version). * This is called from the browser, and the resulting reCAPTCHA HTML widget * is embedded within the HTML form it was called from. * @param string $pubkey The public key to use in the challenge * @param string $error The error given by reCAPTCHA (optional, default is null) * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false) * @param string $lang Any supported language code * @return string - The HTML to be embedded in the user"s form. */ static function get_challenge_html($pubkey, $error = NULL, $use_ssl = false) { if (empty($pubkey)) { throw new Exception("@todo NEED KEY " . "http://recaptcha.net/api/getkey"); } $lang = Kohana::config("locale.root_locale"); $server = $use_ssl ? self::API_SECURE_SERVER : self::API_SERVER; $errorpart = ""; if ($error) { $errorpart = "&error=". $error; } return (count(self::$options) > 0 ? "" : "") . "" . $noscript; } /** * Form validation call back for captcha validation * @param string $form * @return true if valid, false if not */ static function is_recaptcha_valid($form, $private_key=null) { $input = Input::instance(); if (empty($private_key)) { $private_key = module::get_var("recaptcha", "private_key"); } $remoteip = $_SERVER["REMOTE_ADDR"] ; $challenge = $input->post("recaptcha_challenge_field", "", true); $response = $input->post("recaptcha_response_field", "", true); //discard spam submissions if (empty($challenge) || empty($response)) { $form->captcha_error = "incorrect-captcha-sol"; return false; } $response = self::_http_post(self::VERIFY_SERVER, "/verify", array ("privatekey" => $private_key, "remoteip" => $remoteip, "challenge" => $challenge, "response" => $response)); $answers = explode ("\n", $response [1]); if (trim ($answers [0]) == "true") { return true; } else { $form->captcha_error = $answers[1]; Kohana::log("debug", print_r($answers, 1)); return false; } } /** * Encodes the given data into a query string format * @param $data - array of string elements to be encoded * @return string - encoded request */ private static function _encode(array $data){ $req = array(); foreach ($data as $key => $value){ $req[] = "$key=" . urlencode(stripslashes($value)); } return implode("&", $req); } /** * Submits an HTTP POST to a reCAPTCHA server * @param string $host * @param string $path * @param array $data * @param int port * @return array response */ private static function _http_post($host, $path, $data, $port = 80) { $req = self::_encode($data); $http_request = "POST $path HTTP/1.0\r\n"; $http_request .= "Host: $host\r\n"; $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; $http_request .= "Content-Length: " . strlen($req) . "\r\n"; $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; $http_request .= "\r\n"; $http_request .= $req; $response = ""; if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) { throw new Exception("@todo COULD NOT OPEN SOCKET"); } fwrite($fs, $http_request); while (!feof($fs)) { $response .= fgets($fs, 1160); // One TCP-IP packet } fclose($fs); $response = explode("\r\n\r\n", $response, 2); return $response; } function _get_form_list() { $forms = unserialize(module::get_var("recaptcha", "form_list", "a:0:{}")); Kohana::log("debug", print_r($forms, 1)); $form_list = array(); // @todo Ignore administrative forms foreach (array_merge(glob(APPPATH . "helpers/*"), glob(MODPATH . "*/helpers/*")) as $path) { if (preg_match("#.*/(.*)/helpers/(.*).*\.php$#", $path, $matches)) { Kohana::log("debug", "$path => $matches[1]"); if ("recaptcha" == $matches[1]) { continue; } $content = file_get_contents($path); $preg_match_all = preg_match_all("#.*\"(g([A-Za-z]*)Form)\"#m", $content, $matches, PREG_SET_ORDER); if ($preg_match_all !== false) { foreach ($matches as $match) { $label = trim(preg_replace("/([A-Z])/", " $1", $match[2])); $form_id = $match[1]; $form_list[$form_id] = array($label, !empty($forms[$form_id])); } } } } return $form_list; } }