diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2014-03-15 14:53:35 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2014-03-15 14:53:35 -0300 |
commit | e10b0bd1f9403d38568173d76a93f93a484d9646 (patch) | |
tree | 9f0e5fb09d4a6281810a1d54928f6308bdce0672 /mod/captcha | |
parent | 75d2225cd98feafd5e5e75df5505914295f569ff (diff) | |
parent | cb346ff43a63f93ff5275502638c51a4653fac7d (diff) | |
download | elgg-e10b0bd1f9403d38568173d76a93f93a484d9646.tar.gz elgg-e10b0bd1f9403d38568173d76a93f93a484d9646.tar.bz2 |
Merge commit 'cb346ff43a63f93ff5275502638c51a4653fac7d' as 'mod/captcha'
Diffstat (limited to 'mod/captcha')
-rw-r--r-- | mod/captcha/backgrounds/bg1.jpg | bin | 0 -> 2542 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg2.jpg | bin | 0 -> 2561 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg3.jpg | bin | 0 -> 2494 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg4.jpg | bin | 0 -> 2277 bytes | |||
-rw-r--r-- | mod/captcha/backgrounds/bg5.jpg | bin | 0 -> 2338 bytes | |||
-rw-r--r-- | mod/captcha/captcha.php | 34 | ||||
-rw-r--r-- | mod/captcha/fonts/1.ttf | bin | 0 -> 100392 bytes | |||
-rw-r--r-- | mod/captcha/fonts/Liberation_serif_License.txt | 77 | ||||
-rw-r--r-- | mod/captcha/languages/ca.php | 13 | ||||
-rw-r--r-- | mod/captcha/languages/en.php | 13 | ||||
-rw-r--r-- | mod/captcha/languages/es.php | 13 | ||||
-rw-r--r-- | mod/captcha/manifest.xml | 19 | ||||
-rw-r--r-- | mod/captcha/start.php | 101 | ||||
-rw-r--r-- | mod/captcha/views/default/captcha/css.php | 4 | ||||
-rw-r--r-- | mod/captcha/views/default/input/captcha.php | 19 |
15 files changed, 293 insertions, 0 deletions
diff --git a/mod/captcha/backgrounds/bg1.jpg b/mod/captcha/backgrounds/bg1.jpg Binary files differnew file mode 100644 index 000000000..0e16b2265 --- /dev/null +++ b/mod/captcha/backgrounds/bg1.jpg diff --git a/mod/captcha/backgrounds/bg2.jpg b/mod/captcha/backgrounds/bg2.jpg Binary files differnew file mode 100644 index 000000000..3357164a6 --- /dev/null +++ b/mod/captcha/backgrounds/bg2.jpg diff --git a/mod/captcha/backgrounds/bg3.jpg b/mod/captcha/backgrounds/bg3.jpg Binary files differnew file mode 100644 index 000000000..96610abf4 --- /dev/null +++ b/mod/captcha/backgrounds/bg3.jpg diff --git a/mod/captcha/backgrounds/bg4.jpg b/mod/captcha/backgrounds/bg4.jpg Binary files differnew file mode 100644 index 000000000..5123ed70e --- /dev/null +++ b/mod/captcha/backgrounds/bg4.jpg diff --git a/mod/captcha/backgrounds/bg5.jpg b/mod/captcha/backgrounds/bg5.jpg Binary files differnew file mode 100644 index 000000000..7ae7e6c22 --- /dev/null +++ b/mod/captcha/backgrounds/bg5.jpg diff --git a/mod/captcha/captcha.php b/mod/captcha/captcha.php new file mode 100644 index 000000000..085641c79 --- /dev/null +++ b/mod/captcha/captcha.php @@ -0,0 +1,34 @@ +<?php +/** + * Elgg captcha plugin graphics file generator + * + * @package ElggCaptcha + */ + +$token = get_input('captcha_token'); + +// Output captcha +if ($token) { + // Set correct header + header("Content-type: image/jpeg"); + + // Generate captcha + $captcha = captcha_generate_captcha($token); + + // Pick a random background image + $n = rand(1, elgg_get_config('captcha_num_bg')); + $image = imagecreatefromjpeg(elgg_get_plugins_path() . "captcha/backgrounds/bg$n.jpg"); + + // Create a colour (black so its not a simple matter of masking out one colour and ocring the rest) + $colour = imagecolorallocate($image, 0,0,0); + + // Write captcha to image + //imagestring($image, 5, 30, 4, $captcha, $black); + imagettftext($image, 30, 0, 10, 30, $colour, elgg_get_plugins_path() . "captcha/fonts/1.ttf", $captcha); + + // Output image + imagejpeg($image); + + // Free memory + imagedestroy($image); +} diff --git a/mod/captcha/fonts/1.ttf b/mod/captcha/fonts/1.ttf Binary files differnew file mode 100644 index 000000000..f5534f943 --- /dev/null +++ b/mod/captcha/fonts/1.ttf diff --git a/mod/captcha/fonts/Liberation_serif_License.txt b/mod/captcha/fonts/Liberation_serif_License.txt new file mode 100644 index 000000000..41751f278 --- /dev/null +++ b/mod/captcha/fonts/Liberation_serif_License.txt @@ -0,0 +1,77 @@ +LICENSE AGREEMENT AND LIMITED PRODUCT WARRANTY LIBERATION FONT SOFTWARE +This agreement governs the use of the Software and any updates to the +Software, regardless of the delivery mechanism. Subject to the following +terms, Red Hat, Inc. ("Red Hat") grants to the user ("Client") a license to +this collective work pursuant to the GNU General Public License v.2 with the +exceptions set forth below and such other terms as our set forth in this End +User License Agreement. +1. The Software and License Exception. LIBERATION font software (the +"Software") consists of TrueType-OpenType formatted font software for +rendering LIBERATION typefaces in sans serif, serif, and monospaced character +styles. You are licensed to use, modify, copy, and distribute the Software +pursuant to the GNU General Public License v.2 with the following exceptions: +1) As a special exception, if you create a document which uses this font, and +embed this font or unaltered portions of this font into the document, this +font does not by itself cause the resulting document to be covered by the GNU +General Public License. This exception does not however invalidate any other +reasons why the document might be covered by the GNU General Public License. +If you modify this font, you may extend this exception to your version of the +font, but you are not obligated to do so. If you do not wish to do so, delete +this exception statement from your version. + +2) As a further exception, any distribution of the object code of the Software +in a physical product must provide you the right to access and modify the +source code for the Software and to reinstall that modified version of the +Software in object code form on the same physical product on which you +received it. +2. Intellectual Property Rights. The Software and each of its components, +including the source code, documentation, appearance, structure and +organization are owned by Red Hat and others and are protected under copyright +and other laws. Title to the Software and any component, or to any copy, +modification, or merged portion shall remain with the aforementioned, subject +to the applicable license. The "LIBERATION" trademark is a trademark of Red +Hat, Inc. in the U.S. and other countries. This agreement does not permit +Client to distribute modified versions of the Software using Red Hat's +trademarks. If Client makes a redistribution of a modified version of the +Software, then Client must modify the files names to remove any reference to +the Red Hat trademarks and must not use the Red Hat trademarks in any way to +reference or promote the modified Software. +3. Limited Warranty. To the maximum extent permitted under applicable law, the +Software is provided and licensed "as is" without warranty of any kind, +expressed or implied, including the implied warranties of merchantability, +non-infringement or fitness for a particular purpose. Red Hat does not warrant +that the functions contained in the Software will meet Client's requirements +or that the operation of the Software will be entirely error free or appear +precisely as described in the accompanying documentation. +4. Limitation of Remedies and Liability. To the maximum extent permitted by +applicable law, Red Hat or any Red Hat authorized dealer will not be liable to +Client for any incidental or consequential damages, including lost profits or +lost savings arising out of the use or inability to use the Software, even if +Red Hat or such dealer has been advised of the possibility of such damages. +5. Export Control. As required by U.S. law, Client represents and warrants +that it: (a) understands that the Software is subject to export controls under +the U.S. Commerce Department's Export Administration Regulations ("EAR"); (b) +is not located in a prohibited destination country under the EAR or U.S. +sanctions regulations (currently Cuba, Iran, Iraq, Libya, North Korea, Sudan +and Syria); (c) will not export, re-export, or transfer the Software to any +prohibited destination, entity, or individual without the necessary export +license(s) or authorizations(s) from the U.S. Government; (d) will not use or +transfer the Software for use in any sensitive nuclear, chemical or biological +weapons, or missile technology end-uses unless authorized by the U.S. +Government by regulation or specific license; (e) understands and agrees that +if it is in the United States and exports or transfers the Software to +eligible end users, it will, as required by EAR Section 740.17(e), submit +semi-annual reports to the Commerce Department's Bureau of Industry & Security +(BIS), which include the name and address (including country) of each +transferee; and (f) understands that countries other than the United States +may restrict the import, use, or export of encryption products and that it +shall be solely responsible for compliance with any such import, use, or +export restrictions. +6. General. If any provision of this agreement is held to be unenforceable, +that shall not affect the enforceability of the remaining provisions. This +agreement shall be governed by the laws of the State of North Carolina and of +the United States, without regard to any conflict of laws provisions, except +that the United Nations Convention on the International Sale of Goods shall +not apply. +Copyright © 2007 Red Hat, Inc. All rights reserved. LIBERATION is a trademark +of Red Hat, Inc. diff --git a/mod/captcha/languages/ca.php b/mod/captcha/languages/ca.php new file mode 100644 index 000000000..75b5fea5e --- /dev/null +++ b/mod/captcha/languages/ca.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg captcha language pack. + * + * @package ElggCaptcha + */ + +$catalan = array( + 'captcha:entercaptcha' => 'Introdueix el text de la imatge', + 'captcha:captchafail' => 'Perdona, el text que has introduĂ¯t no correspon al text de la imatge.', +); + +add_translation("ca", $catalan); diff --git a/mod/captcha/languages/en.php b/mod/captcha/languages/en.php new file mode 100644 index 000000000..2fdb564a3 --- /dev/null +++ b/mod/captcha/languages/en.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg captcha language pack. + * + * @package ElggCaptcha + */ + +$english = array( + 'captcha:entercaptcha' => 'Enter text from image', + 'captcha:captchafail' => 'Sorry, the text that you entered didn\'t match the text in the image.', +); + +add_translation("en", $english); diff --git a/mod/captcha/languages/es.php b/mod/captcha/languages/es.php new file mode 100644 index 000000000..34257e908 --- /dev/null +++ b/mod/captcha/languages/es.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg captcha language pack. + * + * @package ElggCaptcha + */ + +$spanish = array( + 'captcha:entercaptcha' => 'Introduce el texto de la imagen', + 'captcha:captchafail' => 'Perdona, el texto que has introducido no corresponde con el texto de la imagen.', +); + +add_translation("es", $spanish); diff --git a/mod/captcha/manifest.xml b/mod/captcha/manifest.xml new file mode 100644 index 000000000..079d877db --- /dev/null +++ b/mod/captcha/manifest.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<plugin_manifest xmlns="http://www.elgg.org/plugin_manifest/1.8"> + <name>Captcha</name> + <author>Core developers, Lorea developers</author> + <version>1.8</version> + <blurb>Add site-wide categories</blurb> + <description>Provides captcha support.</description> + <website>https://lorea.org/</website> + <copyright>(C) Curverider 2008-2010, Lorea 2012</copyright> + <license>GNU General Public License version 2 or higher</license> + <requires> + <type>elgg_release</type> + <version>1.8</version> + </requires> + <requires> + <type>php_extension</type> + <name>gd</name> + </requires> +</plugin_manifest> diff --git a/mod/captcha/start.php b/mod/captcha/start.php new file mode 100644 index 000000000..f451ffcc6 --- /dev/null +++ b/mod/captcha/start.php @@ -0,0 +1,101 @@ +<?php +/** + * Elgg captcha plugin + * + * @package ElggCaptcha + */ + + +register_elgg_event_handler('init','system','captcha_init'); + +function captcha_init() { + + // Register page handler for captcha functionality + elgg_register_page_handler('captcha', 'captcha_page_handler'); + + // Extend CSS + elgg_extend_view('css', 'captcha/css'); + + // Number of background images + elgg_set_config('captcha_num_bg', 5); + + // Default length + elgg_set_config('captcha_length', 5); + + elgg_register_plugin_hook_handler('register', 'user', 'captcha_verify_action_hook'); + elgg_register_plugin_hook_handler('action', 'user/requestnewpassword', 'captcha_verify_action_hook'); +} + +function captcha_page_handler($page) { + + if (isset($page[0])) { + set_input('captcha_token', $page[0]); + } + + include(elgg_get_plugins_path() . "captcha/captcha.php"); +} + +/** + * Generate a token to act as a seed value for the captcha algorithm. + */ +function captcha_generate_token() { + return md5(generate_action_token(time()).rand()); // Use action token plus some random for uniqueness +} + +/** + * Generate a captcha based on the given seed value and length. + * + * @param string $seed_token + * @return string + */ +function captcha_generate_captcha($seed_token) { + /* + * We generate a token out of the random seed value + some session data, + * this means that solving via pr0n site or indian cube farm becomes + * significantly more tricky (we hope). + * + * We also add the site secret, which is unavailable to the client and so should + * make it very very hard to guess values before hand. + * + */ + + return strtolower(substr(md5(generate_action_token(0) . $seed_token), 0, elgg_get_config('captcha_length'))); +} + +/** + * Verify a captcha based on the input value entered by the user and the seed token passed. + * + * @param string $input_value + * @param string $seed_token + * @return bool + */ +function captcha_verify_captcha($input_value, $seed_token) { + if (strcasecmp($input_value, captcha_generate_captcha($seed_token)) == 0) { + return true; + } + return false; +} + +/** + * Listen to the action plugin hook and check the captcha. + * + * @param unknown_type $hook + * @param unknown_type $entity_type + * @param unknown_type $returnvalue + * @param unknown_type $params + */ +function captcha_verify_action_hook($hook, $entity_type, $returnvalue, $params) { + $token = get_input('captcha_token'); + $input = get_input('captcha_input'); + + if (($token) && (captcha_verify_captcha($input, $token))) { + return true; + } + + register_error(elgg_echo('captcha:captchafail')); + + // forward to referrer or else action code sends to front page + forward(REFERER); + + return false; +} diff --git a/mod/captcha/views/default/captcha/css.php b/mod/captcha/views/default/captcha/css.php new file mode 100644 index 000000000..d06a26d7d --- /dev/null +++ b/mod/captcha/views/default/captcha/css.php @@ -0,0 +1,4 @@ +.captcha-input-image { + text-align: center; + margin: auto; +} diff --git a/mod/captcha/views/default/input/captcha.php b/mod/captcha/views/default/input/captcha.php new file mode 100644 index 000000000..cc78ffb08 --- /dev/null +++ b/mod/captcha/views/default/input/captcha.php @@ -0,0 +1,19 @@ +<?php +/** + * Elgg captcha plugin captcha hook view override. + * + * @package ElggCaptcha + */ + +// Generate a token which is then passed into the captcha algorithm for verification +$token = captcha_generate_token(); +?> +<div> + <label><?php echo elgg_echo('captcha:entercaptcha'); ?></label> + <br /> + <?php + echo elgg_view('input/hidden', array('name' => "captcha_token", 'value' => $token)); + echo elgg_view('output/img', array('src'=> elgg_get_site_url() . "captcha/$token", 'class' => 'captcha-input-image')); + echo elgg_view('input/text', array('name' => 'captcha_input', 'class' => 'captcha-input-text')); + ?> +</div> |