From aca444f564e83fc1a7112412bf5ce558ca355e5f Mon Sep 17 00:00:00 2001 From: marcus Date: Fri, 8 May 2009 13:32:23 +0000 Subject: Closes #1011: Added basic captcha support. git-svn-id: https://code.elgg.org/elgg/trunk@3270 36083f99-b078-4883-b0ff-0f9b5a30f544 --- actions/systemsettings/install.php | 3 +- engine/lib/upgrades/2009050801.php | 10 +++ mod/captcha/backgrounds/bg1.jpg | Bin 0 -> 2542 bytes mod/captcha/backgrounds/bg2.jpg | Bin 0 -> 2561 bytes mod/captcha/backgrounds/bg3.jpg | Bin 0 -> 2494 bytes mod/captcha/backgrounds/bg4.jpg | Bin 0 -> 2277 bytes mod/captcha/backgrounds/bg5.jpg | Bin 0 -> 2338 bytes mod/captcha/captcha.php | 41 ++++++++++ mod/captcha/fonts/1.ttf | Bin 0 -> 100392 bytes mod/captcha/languages/en.php | 20 +++++ mod/captcha/manifest.xml | 10 +++ mod/captcha/start.php | 112 ++++++++++++++++++++++++++++ mod/captcha/views/default/captcha/css.php | 6 ++ mod/captcha/views/default/input/captcha.php | 34 +++++++++ version.php | 2 +- 15 files changed, 236 insertions(+), 2 deletions(-) create mode 100644 engine/lib/upgrades/2009050801.php create mode 100644 mod/captcha/backgrounds/bg1.jpg create mode 100644 mod/captcha/backgrounds/bg2.jpg create mode 100644 mod/captcha/backgrounds/bg3.jpg create mode 100644 mod/captcha/backgrounds/bg4.jpg create mode 100644 mod/captcha/backgrounds/bg5.jpg create mode 100644 mod/captcha/captcha.php create mode 100644 mod/captcha/fonts/1.ttf create mode 100644 mod/captcha/languages/en.php create mode 100644 mod/captcha/manifest.xml create mode 100644 mod/captcha/start.php create mode 100644 mod/captcha/views/default/captcha/css.php create mode 100644 mod/captcha/views/default/input/captcha.php diff --git a/actions/systemsettings/install.php b/actions/systemsettings/install.php index 69d321477..48d672552 100644 --- a/actions/systemsettings/install.php +++ b/actions/systemsettings/install.php @@ -105,7 +105,8 @@ enable_plugin('logbrowser', $site->getGUID()); enable_plugin('diagnostics', $site->getGUID()); enable_plugin('uservalidationbyemail', $site->getGUID()); - enable_plugin('kses', $site->getGUID()); + enable_plugin('kses', $site->getGUID()); + enable_plugin('captcha', $site->getGUID()); } // Now ping home diff --git a/engine/lib/upgrades/2009050801.php b/engine/lib/upgrades/2009050801.php new file mode 100644 index 000000000..17fb9a18c --- /dev/null +++ b/engine/lib/upgrades/2009050801.php @@ -0,0 +1,10 @@ +site->guid); +?> \ No newline at end of file diff --git a/mod/captcha/backgrounds/bg1.jpg b/mod/captcha/backgrounds/bg1.jpg new file mode 100644 index 000000000..0e16b2265 Binary files /dev/null and b/mod/captcha/backgrounds/bg1.jpg differ diff --git a/mod/captcha/backgrounds/bg2.jpg b/mod/captcha/backgrounds/bg2.jpg new file mode 100644 index 000000000..3357164a6 Binary files /dev/null and b/mod/captcha/backgrounds/bg2.jpg differ diff --git a/mod/captcha/backgrounds/bg3.jpg b/mod/captcha/backgrounds/bg3.jpg new file mode 100644 index 000000000..96610abf4 Binary files /dev/null and b/mod/captcha/backgrounds/bg3.jpg differ diff --git a/mod/captcha/backgrounds/bg4.jpg b/mod/captcha/backgrounds/bg4.jpg new file mode 100644 index 000000000..5123ed70e Binary files /dev/null and b/mod/captcha/backgrounds/bg4.jpg differ diff --git a/mod/captcha/backgrounds/bg5.jpg b/mod/captcha/backgrounds/bg5.jpg new file mode 100644 index 000000000..7ae7e6c22 Binary files /dev/null and b/mod/captcha/backgrounds/bg5.jpg differ diff --git a/mod/captcha/captcha.php b/mod/captcha/captcha.php new file mode 100644 index 000000000..5693b89ac --- /dev/null +++ b/mod/captcha/captcha.php @@ -0,0 +1,41 @@ +captcha_num_bg); + $image = imagecreatefromjpeg($CONFIG->pluginspath . "captcha/backgrounds/bg$n.jpg"); + + // Create a colour (black so its not a simple matter of masking out one colour and ocring the rest) + $colour = imagecolorallocate($image, 0,0,0); + + // Write captcha to image + //imagestring($image, 5, 30, 4, $captcha, $black); + imagettftext($image, 30, 0, 10, 30, $colour, $CONFIG->pluginspath . "captcha/fonts/1.ttf", $captcha); + + // Output image + imagejpeg($image); + + // Free memory + imagedestroy($image); + } +?> \ No newline at end of file diff --git a/mod/captcha/fonts/1.ttf b/mod/captcha/fonts/1.ttf new file mode 100644 index 000000000..f5534f943 Binary files /dev/null and b/mod/captcha/fonts/1.ttf differ diff --git a/mod/captcha/languages/en.php b/mod/captcha/languages/en.php new file mode 100644 index 000000000..c7b91d1d3 --- /dev/null +++ b/mod/captcha/languages/en.php @@ -0,0 +1,20 @@ + 'Enter text from image', + 'captcha:captchafail' => 'Sorry, the text that you entered didn\'t match the text in the image.', + + ); + + add_translation("en",$english); +?> \ No newline at end of file diff --git a/mod/captcha/manifest.xml b/mod/captcha/manifest.xml new file mode 100644 index 000000000..191941c30 --- /dev/null +++ b/mod/captcha/manifest.xml @@ -0,0 +1,10 @@ + + + + + + + + + + \ No newline at end of file diff --git a/mod/captcha/start.php b/mod/captcha/start.php new file mode 100644 index 000000000..26e8671d2 --- /dev/null +++ b/mod/captcha/start.php @@ -0,0 +1,112 @@ +captcha_num_bg = 5; + + // Default length + $CONFIG->captcha_length = 5; + + // Right, these actions require captcha validation TODO: Put this in config somehow + register_plugin_hook("action", "register", "captcha_verify_action_hook"); + register_plugin_hook("action", "user/requestnewpassword", "captcha_verify_action_hook"); + } + + function captcha_page_handler($page) + { + global $CONFIG; + + if (isset($page[0])) { + set_input('captcha_token',$page[0]); + } + + include($CONFIG->pluginspath . "captcha/captcha.php"); + } + + /** + * Generate a token to act as a seed value for the captcha algorithm. + */ + function captcha_generate_token() + { + return md5(generate_action_token(time()).rand()); // Use action token plus some random for uniqueness + } + + /** + * Generate a captcha based on the given seed value and length. + * + * @param string $seed_token + * @return string + */ + function captcha_generate_captcha($seed_token) + { + global $CONFIG; + + /* + * We generate a token out of the random seed value + some session data, + * this means that solving via pr0n site or indian cube farm becomes + * significantly more tricky (we hope). + * + * We also add the site secret, which is unavailable to the client and so should + * make it very very hard to guess values before hand. + * + */ + + return strtolower(substr(md5(generate_action_token(0) . $seed_token), 0, $CONFIG->captcha_length)); + } + + /** + * Verify a captcha based on the input value entered by the user and the seed token passed. + * + * @param string $input_value + * @param string $seed_token + * @return bool + */ + function captcha_verify_captcha($input_value, $seed_token) + { + if (strcasecmp($input_value, captcha_generate_captcha($seed_token)) == 0) + return true; + + return false; + } + + /** + * Listen to the action plugin hook and check the captcha. + * + * @param unknown_type $hook + * @param unknown_type $entity_type + * @param unknown_type $returnvalue + * @param unknown_type $params + */ + function captcha_verify_action_hook($hook, $entity_type, $returnvalue, $params) + { + $token = get_input('captcha_token'); + $input = get_input('captcha_input'); + + if (($token) && (captcha_verify_captcha($input, $token))) + return true; + + register_error(elgg_echo('captcha:captchafail')); + + return false; + } + + register_elgg_event_handler('init','system','captcha_init'); +?> \ No newline at end of file diff --git a/mod/captcha/views/default/captcha/css.php b/mod/captcha/views/default/captcha/css.php new file mode 100644 index 000000000..c0e1fab07 --- /dev/null +++ b/mod/captcha/views/default/captcha/css.php @@ -0,0 +1,6 @@ + +.captcha-input-image { + align: center; + margin: auto; +} + diff --git a/mod/captcha/views/default/input/captcha.php b/mod/captcha/views/default/input/captcha.php new file mode 100644 index 000000000..982b23181 --- /dev/null +++ b/mod/captcha/views/default/input/captcha.php @@ -0,0 +1,34 @@ + +
+ + +
\ No newline at end of file diff --git a/version.php b/version.php index 2f32f2ee4..105e270bb 100644 --- a/version.php +++ b/version.php @@ -13,7 +13,7 @@ * @link http://elgg.org/ */ - $version = 2009040701; // YYYYMMDD = Elgg Date + $version = 2009050801; // YYYYMMDD = Elgg Date // XX = Interim incrementer $release = '1.5'; // Human-friendly version name -- cgit v1.2.3