diff options
author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-05-08 13:32:23 +0000 |
---|---|---|
committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-05-08 13:32:23 +0000 |
commit | aca444f564e83fc1a7112412bf5ce558ca355e5f (patch) | |
tree | efe056a2b6470dc1708abff468b7a0352ea4615f | |
parent | 17d97908d3e6d1c8a141364f9b4088d54d686394 (diff) | |
download | elgg-aca444f564e83fc1a7112412bf5ce558ca355e5f.tar.gz elgg-aca444f564e83fc1a7112412bf5ce558ca355e5f.tar.bz2 |
Closes #1011: Added basic captcha support.
git-svn-id: https://code.elgg.org/elgg/trunk@3270 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r-- | actions/systemsettings/install.php | 3 | ||||
-rw-r--r-- | engine/lib/upgrades/2009050801.php | 10 | ||||
-rw-r--r-- | mod/captcha/backgrounds/bg1.jpg | bin | 0 -> 2542 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg2.jpg | bin | 0 -> 2561 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg3.jpg | bin | 0 -> 2494 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg4.jpg | bin | 0 -> 2277 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg5.jpg | bin | 0 -> 2338 bytes | |||
-rw-r--r-- | mod/captcha/captcha.php | 41 | ||||
-rw-r--r-- | mod/captcha/fonts/1.ttf | bin | 0 -> 100392 bytes | |||
-rw-r--r-- | mod/captcha/languages/en.php | 20 | ||||
-rw-r--r-- | mod/captcha/manifest.xml | 10 | ||||
-rw-r--r-- | mod/captcha/start.php | 112 | ||||
-rw-r--r-- | mod/captcha/views/default/captcha/css.php | 6 | ||||
-rw-r--r-- | mod/captcha/views/default/input/captcha.php | 34 | ||||
-rw-r--r-- | version.php | 2 |
15 files changed, 236 insertions, 2 deletions
diff --git a/actions/systemsettings/install.php b/actions/systemsettings/install.php index 69d321477..48d672552 100644 --- a/actions/systemsettings/install.php +++ b/actions/systemsettings/install.php @@ -105,7 +105,8 @@ enable_plugin('logbrowser', $site->getGUID());
enable_plugin('diagnostics', $site->getGUID());
enable_plugin('uservalidationbyemail', $site->getGUID()); - enable_plugin('kses', $site->getGUID());
+ enable_plugin('kses', $site->getGUID()); + enable_plugin('captcha', $site->getGUID());
}
// Now ping home
diff --git a/engine/lib/upgrades/2009050801.php b/engine/lib/upgrades/2009050801.php new file mode 100644 index 000000000..17fb9a18c --- /dev/null +++ b/engine/lib/upgrades/2009050801.php @@ -0,0 +1,10 @@ +<?php + + global $CONFIG; + + /// Activate captcha + /** + * Elgg now has a basic captcha service built in, enable it by default + */ + enable_plugin('captcha', $CONFIG->site->guid); +?>
\ No newline at end of file diff --git a/mod/captcha/backgrounds/bg1.jpg b/mod/captcha/backgrounds/bg1.jpg Binary files differnew file mode 100644 index 000000000..0e16b2265 --- /dev/null +++ b/mod/captcha/backgrounds/bg1.jpg diff --git a/mod/captcha/backgrounds/bg2.jpg b/mod/captcha/backgrounds/bg2.jpg Binary files differnew file mode 100644 index 000000000..3357164a6 --- /dev/null +++ b/mod/captcha/backgrounds/bg2.jpg diff --git a/mod/captcha/backgrounds/bg3.jpg b/mod/captcha/backgrounds/bg3.jpg Binary files differnew file mode 100644 index 000000000..96610abf4 --- /dev/null +++ b/mod/captcha/backgrounds/bg3.jpg diff --git a/mod/captcha/backgrounds/bg4.jpg b/mod/captcha/backgrounds/bg4.jpg Binary files differnew file mode 100644 index 000000000..5123ed70e --- /dev/null +++ b/mod/captcha/backgrounds/bg4.jpg diff --git a/mod/captcha/backgrounds/bg5.jpg b/mod/captcha/backgrounds/bg5.jpg Binary files differnew file mode 100644 index 000000000..7ae7e6c22 --- /dev/null +++ b/mod/captcha/backgrounds/bg5.jpg diff --git a/mod/captcha/captcha.php b/mod/captcha/captcha.php new file mode 100644 index 000000000..5693b89ac --- /dev/null +++ b/mod/captcha/captcha.php @@ -0,0 +1,41 @@ +<?php + /** + * Elgg captcha plugin graphics file generator + * + * @package ElggCaptcha + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2009 + * @link http://elgg.com/ + */ + + global $CONFIG; + $token = get_input('captcha_token'); + + // Output captcha + if ($token) + { + // Set correct header + header("Content-type: image/jpeg"); + + // Generate captcha + $captcha = captcha_generate_captcha($token); + + // Pick a random background image + $n = rand(1, $CONFIG->captcha_num_bg); + $image = imagecreatefromjpeg($CONFIG->pluginspath . "captcha/backgrounds/bg$n.jpg"); + + // Create a colour (black so its not a simple matter of masking out one colour and ocring the rest) + $colour = imagecolorallocate($image, 0,0,0); + + // Write captcha to image + //imagestring($image, 5, 30, 4, $captcha, $black); + imagettftext($image, 30, 0, 10, 30, $colour, $CONFIG->pluginspath . "captcha/fonts/1.ttf", $captcha); + + // Output image + imagejpeg($image); + + // Free memory + imagedestroy($image); + } +?>
\ No newline at end of file diff --git a/mod/captcha/fonts/1.ttf b/mod/captcha/fonts/1.ttf Binary files differnew file mode 100644 index 000000000..f5534f943 --- /dev/null +++ b/mod/captcha/fonts/1.ttf diff --git a/mod/captcha/languages/en.php b/mod/captcha/languages/en.php new file mode 100644 index 000000000..c7b91d1d3 --- /dev/null +++ b/mod/captcha/languages/en.php @@ -0,0 +1,20 @@ +<?php + /** + * Elgg diagnostics language pack. + * + * @package ElggDiagnostics + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2009 + * @link http://elgg.com/ + */ + + $english = array( + + 'captcha:entercaptcha' => 'Enter text from image', + 'captcha:captchafail' => 'Sorry, the text that you entered didn\'t match the text in the image.', + + ); + + add_translation("en",$english); +?>
\ No newline at end of file diff --git a/mod/captcha/manifest.xml b/mod/captcha/manifest.xml new file mode 100644 index 000000000..191941c30 --- /dev/null +++ b/mod/captcha/manifest.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<plugin_manifest> + <field key="author" value="Curverider Ltd" /> + <field key="version" value="1.0" /> + <field key="description" value="Provides captcha support." /> + <field key="website" value="http://www.elgg.org/" /> + <field key="copyright" value="(C) Curverider 2008-2009" /> + <field key="licence" value="GNU Public License version 2" /> + <field key="elgg_version" value="2009050801" /> +</plugin_manifest>
\ No newline at end of file diff --git a/mod/captcha/start.php b/mod/captcha/start.php new file mode 100644 index 000000000..26e8671d2 --- /dev/null +++ b/mod/captcha/start.php @@ -0,0 +1,112 @@ +<?php + /** + * Elgg captcha plugin + * + * @package ElggCaptcha + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2009 + * @link http://elgg.com/ + */ + + function captcha_init() + { + global $CONFIG; + + // Register page handler for captcha functionality + register_page_handler('captcha','captcha_page_handler'); + + // Extend CSS + extend_view('css','captcha/css'); + + // Number of background images + $CONFIG->captcha_num_bg = 5; + + // Default length + $CONFIG->captcha_length = 5; + + // Right, these actions require captcha validation TODO: Put this in config somehow + register_plugin_hook("action", "register", "captcha_verify_action_hook"); + register_plugin_hook("action", "user/requestnewpassword", "captcha_verify_action_hook"); + } + + function captcha_page_handler($page) + { + global $CONFIG; + + if (isset($page[0])) { + set_input('captcha_token',$page[0]); + } + + include($CONFIG->pluginspath . "captcha/captcha.php"); + } + + /** + * Generate a token to act as a seed value for the captcha algorithm. + */ + function captcha_generate_token() + { + return md5(generate_action_token(time()).rand()); // Use action token plus some random for uniqueness + } + + /** + * Generate a captcha based on the given seed value and length. + * + * @param string $seed_token + * @return string + */ + function captcha_generate_captcha($seed_token) + { + global $CONFIG; + + /* + * We generate a token out of the random seed value + some session data, + * this means that solving via pr0n site or indian cube farm becomes + * significantly more tricky (we hope). + * + * We also add the site secret, which is unavailable to the client and so should + * make it very very hard to guess values before hand. + * + */ + + return strtolower(substr(md5(generate_action_token(0) . $seed_token), 0, $CONFIG->captcha_length)); + } + + /** + * Verify a captcha based on the input value entered by the user and the seed token passed. + * + * @param string $input_value + * @param string $seed_token + * @return bool + */ + function captcha_verify_captcha($input_value, $seed_token) + { + if (strcasecmp($input_value, captcha_generate_captcha($seed_token)) == 0) + return true; + + return false; + } + + /** + * Listen to the action plugin hook and check the captcha. + * + * @param unknown_type $hook + * @param unknown_type $entity_type + * @param unknown_type $returnvalue + * @param unknown_type $params + */ + function captcha_verify_action_hook($hook, $entity_type, $returnvalue, $params) + { + $token = get_input('captcha_token'); + $input = get_input('captcha_input'); + + if (($token) && (captcha_verify_captcha($input, $token))) + return true; + + register_error(elgg_echo('captcha:captchafail')); + + return false; + } + + register_elgg_event_handler('init','system','captcha_init'); +?>
\ No newline at end of file diff --git a/mod/captcha/views/default/captcha/css.php b/mod/captcha/views/default/captcha/css.php new file mode 100644 index 000000000..c0e1fab07 --- /dev/null +++ b/mod/captcha/views/default/captcha/css.php @@ -0,0 +1,6 @@ + +.captcha-input-image { + align: center; + margin: auto; +} + diff --git a/mod/captcha/views/default/input/captcha.php b/mod/captcha/views/default/input/captcha.php new file mode 100644 index 000000000..982b23181 --- /dev/null +++ b/mod/captcha/views/default/input/captcha.php @@ -0,0 +1,34 @@ +<?php + /** + * Elgg captcha plugin captcha hook view override. + * + * @package ElggCaptcha + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2009 + * @link http://elgg.com/ + */ + + // Generate a token which is then passed into the captcha algorithm for verification + $token = captcha_generate_token(); +?> +<div class="captcha"> + <input type="hidden" name="captcha_token" value="<?php echo $token; ?>" /> + <label> + <?php echo elgg_echo('captcha:entercaptcha'); ?><br /> + + <table> + <tr> + <td> + <div class="captcha-left"> + <?php echo elgg_view('input/text', array('internalname' => 'captcha_input', 'class' => 'captcha-input-text')); ?> + </div> + </td> + <td width="125"> + <div class="captcha-right"> + <img class="captcha-input-image" src="<?php echo $vars['url'] . "pg/captcha/$token"; ?>" /><br /> + </div> + </td> + </table> + </label> +</div>
\ No newline at end of file diff --git a/version.php b/version.php index 2f32f2ee4..105e270bb 100644 --- a/version.php +++ b/version.php @@ -13,7 +13,7 @@ * @link http://elgg.org/
*/
- $version = 2009040701; // YYYYMMDD = Elgg Date + $version = 2009050801; // YYYYMMDD = Elgg Date // XX = Interim incrementer
$release = '1.5'; // Human-friendly version name
|