From 4bf0d12ffd08f5af82b037a42ba00cce4d5abfdb Mon Sep 17 00:00:00 2001 From: cash Date: Wed, 25 Aug 2010 12:02:07 +0000 Subject: standardized captcha plugin git-svn-id: http://code.elgg.org/elgg/trunk@6864 36083f99-b078-4883-b0ff-0f9b5a30f544 --- mod/captcha/captcha.php | 77 +++++---- mod/captcha/languages/en.php | 35 ++-- mod/captcha/manifest.xml | 2 +- mod/captcha/start.php | 251 ++++++++++++++-------------- mod/captcha/views/default/input/captcha.php | 24 +-- 5 files changed, 195 insertions(+), 194 deletions(-) diff --git a/mod/captcha/captcha.php b/mod/captcha/captcha.php index 1a2580f15..94716d973 100644 --- a/mod/captcha/captcha.php +++ b/mod/captcha/captcha.php @@ -1,40 +1,39 @@ captcha_num_bg); - $image = imagecreatefromjpeg($CONFIG->pluginspath . "captcha/backgrounds/bg$n.jpg"); - - // Create a colour (black so its not a simple matter of masking out one colour and ocring the rest) - $colour = imagecolorallocate($image, 0,0,0); - - // Write captcha to image - //imagestring($image, 5, 30, 4, $captcha, $black); - imagettftext($image, 30, 0, 10, 30, $colour, $CONFIG->pluginspath . "captcha/fonts/1.ttf", $captcha); - - // Output image - imagejpeg($image); - - // Free memory - imagedestroy($image); - } -?> \ No newline at end of file +/** + * Elgg captcha plugin graphics file generator + * + * @package ElggCaptcha + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2010 + * @link http://elgg.com/ + */ + +global $CONFIG; +$token = get_input('captcha_token'); + +// Output captcha +if ($token) { + // Set correct header + header("Content-type: image/jpeg"); + + // Generate captcha + $captcha = captcha_generate_captcha($token); + + // Pick a random background image + $n = rand(1, $CONFIG->captcha_num_bg); + $image = imagecreatefromjpeg($CONFIG->pluginspath . "captcha/backgrounds/bg$n.jpg"); + + // Create a colour (black so its not a simple matter of masking out one colour and ocring the rest) + $colour = imagecolorallocate($image, 0,0,0); + + // Write captcha to image + //imagestring($image, 5, 30, 4, $captcha, $black); + imagettftext($image, 30, 0, 10, 30, $colour, $CONFIG->pluginspath . "captcha/fonts/1.ttf", $captcha); + + // Output image + imagejpeg($image); + + // Free memory + imagedestroy($image); +} diff --git a/mod/captcha/languages/en.php b/mod/captcha/languages/en.php index a45515ce3..12775e42b 100644 --- a/mod/captcha/languages/en.php +++ b/mod/captcha/languages/en.php @@ -1,20 +1,19 @@ 'Enter text from image', - 'captcha:captchafail' => 'Sorry, the text that you entered didn\'t match the text in the image.', - - ); - - add_translation("en",$english); -?> \ No newline at end of file +$english = array( + + 'captcha:entercaptcha' => 'Enter text from image', + 'captcha:captchafail' => 'Sorry, the text that you entered didn\'t match the text in the image.', + +); + +add_translation("en", $english); diff --git a/mod/captcha/manifest.xml b/mod/captcha/manifest.xml index 60b7e2551..ba1b4571f 100644 --- a/mod/captcha/manifest.xml +++ b/mod/captcha/manifest.xml @@ -1,7 +1,7 @@ - + diff --git a/mod/captcha/start.php b/mod/captcha/start.php index 898d041b6..872bc9246 100644 --- a/mod/captcha/start.php +++ b/mod/captcha/start.php @@ -1,134 +1,137 @@ captcha_num_bg = 5; + + // Default length + $CONFIG->captcha_length = 5; + + // Register a function that provides some default override actions + register_plugin_hook('actionlist', 'captcha', 'captcha_actionlist_hook'); + + // Register actions to intercept + $actions = array(); + $actions = trigger_plugin_hook('actionlist', 'captcha', NULL, $actions); - function captcha_init() { - global $CONFIG; - - // Register page handler for captcha functionality - register_page_handler('captcha','captcha_page_handler'); - - // Extend CSS - elgg_extend_view('css','captcha/css'); - - // Number of background images - $CONFIG->captcha_num_bg = 5; - - // Default length - $CONFIG->captcha_length = 5; - - // Register a function that provides some default override actions - register_plugin_hook('actionlist', 'captcha', 'captcha_actionlist_hook'); - - // Register actions to intercept - $actions = array(); - $actions = trigger_plugin_hook('actionlist', 'captcha', null, $actions); - - if (($actions) && (is_array($actions))) - { - foreach ($actions as $action) - register_plugin_hook("action", $action, "captcha_verify_action_hook"); + if (($actions) && (is_array($actions))) { + foreach ($actions as $action) { + register_plugin_hook("action", $action, "captcha_verify_action_hook"); } } - - function captcha_page_handler($page) { - global $CONFIG; - - if (isset($page[0])) { - set_input('captcha_token',$page[0]); - } +} - include($CONFIG->pluginspath . "captcha/captcha.php"); - } - - /** - * Generate a token to act as a seed value for the captcha algorithm. - */ - function captcha_generate_token() { - return md5(generate_action_token(time()).rand()); // Use action token plus some random for uniqueness - } - - /** - * Generate a captcha based on the given seed value and length. - * - * @param string $seed_token - * @return string - */ - function captcha_generate_captcha($seed_token) { - global $CONFIG; - - /* - * We generate a token out of the random seed value + some session data, - * this means that solving via pr0n site or indian cube farm becomes - * significantly more tricky (we hope). - * - * We also add the site secret, which is unavailable to the client and so should - * make it very very hard to guess values before hand. - * - */ - - return strtolower(substr(md5(generate_action_token(0) . $seed_token), 0, $CONFIG->captcha_length)); +function captcha_page_handler($page) { + global $CONFIG; + + if (isset($page[0])) { + set_input('captcha_token', $page[0]); } - - /** - * Verify a captcha based on the input value entered by the user and the seed token passed. - * - * @param string $input_value - * @param string $seed_token - * @return bool + + include($CONFIG->pluginspath . "captcha/captcha.php"); +} + +/** + * Generate a token to act as a seed value for the captcha algorithm. + */ +function captcha_generate_token() { + // Use action token plus some random for uniqueness + return md5(generate_action_token(time()) . rand()); +} + +/** + * Generate a captcha based on the given seed value and length. + * + * @param string $seed_token + * @return string + */ +function captcha_generate_captcha($seed_token) { + global $CONFIG; + + /* + * We generate a token out of the random seed value + some session data, + * this means that solving via pr0n site or indian cube farm becomes + * significantly more tricky (we hope). + * + * We also add the site secret, which is unavailable to the client and so should + * make it very very hard to guess values before hand. + * */ - function captcha_verify_captcha($input_value, $seed_token) { - if (strcasecmp($input_value, captcha_generate_captcha($seed_token)) == 0) - return true; - - return false; + + return strtolower(substr(md5(generate_action_token(0) . $seed_token), 0, $CONFIG->captcha_length)); +} + +/** + * Verify a captcha based on the input value entered by the user and the seed token passed. + * + * @param string $input_value + * @param string $seed_token + * @return bool + */ +function captcha_verify_captcha($input_value, $seed_token) { + if (strcasecmp($input_value, captcha_generate_captcha($seed_token)) == 0) { + return TRUE; } - - /** - * Listen to the action plugin hook and check the captcha. - * - * @param unknown_type $hook - * @param unknown_type $entity_type - * @param unknown_type $returnvalue - * @param unknown_type $params - */ - function captcha_verify_action_hook($hook, $entity_type, $returnvalue, $params) { - $token = get_input('captcha_token'); - $input = get_input('captcha_input'); - - if (($token) && (captcha_verify_captcha($input, $token))) - return true; - - register_error(elgg_echo('captcha:captchafail')); - - return false; + + return FALSE; +} + +/** + * Listen to the action plugin hook and check the captcha. + * + * @param string $hook + * @param string $entity_type + * @param mixed $returnvalue + * @param array $params + */ +function captcha_verify_action_hook($hook, $entity_type, $returnvalue, $params) { + $token = get_input('captcha_token'); + $input = get_input('captcha_input'); + + if (($token) && (captcha_verify_captcha($input, $token))) { + return TRUE; } - - /** - * This function returns an array of actions the captcha will expect a captcha for, other plugins may - * add their own to this list thereby extending the use. - * - * @param unknown_type $hook - * @param unknown_type $entity_type - * @param unknown_type $returnvalue - * @param unknown_type $params - */ - function captcha_actionlist_hook($hook, $entity_type, $returnvalue, $params) { - if (!is_array($returnvalue)) - $returnvalue = array(); - - $returnvalue[] = 'register'; - $returnvalue[] = 'user/requestnewpassword'; - - return $returnvalue; + + register_error(elgg_echo('captcha:captchafail')); + + return FALSE; +} + +/** + * This function returns an array of actions the captcha will expect a captcha for. + * Other plugins may add their own to this list thereby extending the use. + * + * @param string $hook + * @param string $entity_type + * @param mixed $returnvalue + * @param array $params + */ +function captcha_actionlist_hook($hook, $entity_type, $returnvalue, $params) { + if (!is_array($returnvalue)) { + $returnvalue = array(); } - - register_elgg_event_handler('init','system','captcha_init'); -?> \ No newline at end of file + + $returnvalue[] = 'register'; + $returnvalue[] = 'user/requestnewpassword'; + + return $returnvalue; +} + +register_elgg_event_handler('init', 'system', 'captcha_init'); diff --git a/mod/captcha/views/default/input/captcha.php b/mod/captcha/views/default/input/captcha.php index 2c880eb0a..61b1abd0a 100644 --- a/mod/captcha/views/default/input/captcha.php +++ b/mod/captcha/views/default/input/captcha.php @@ -1,23 +1,23 @@