Commit 2f36816d authored by Amin.MasterkinG's avatar Amin.MasterkinG
Browse files

Now project support HCaptcha and ReCaptcha.

parent c4257b9b
......@@ -29,9 +29,16 @@ If you got blank screen, You can enable `debug_mode` in config file.
6. Change Password (4/10/2019).
7. Restore Password (5/31/2019).
8. Vote System (4/03/2020).
9. Support HCaptcha/Recaptcha v2 (7/27/2020).
## Changelogs
**1.9.6 (7/27/2020):**
1. Support HCaptcha/Recaptcha/Image captcha.
2. Fixed page load speed!
3. Add more description for config file.
3. Update composer packages.
**1.9.5 (4/17/2020):**
1. Register/Restore Password via SOAP. (Support CMangos)
......
......@@ -188,4 +188,105 @@ function RemoteCommandWithSOAP($COMMAND)
} catch (Exception $e) {
return false;
}
}
function validate_hcaptcha($value)
{
global $config;
try {
$data = array(
'secret' => $config['captcha_secret'],
'response' => $_POST['h-captcha-response']
);
$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
curl_setopt($verify, CURLOPT_POST, true);
curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($verify);
$responseData = json_decode($response);
if ($responseData->success) {
return true;
}
} catch (Exception $e) {
}
return false;
}
function validate_recaptcha($value)
{
global $config;
try {
$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify?secret=" . $config['captcha_secret'] . "&response=" . $_POST['g-recaptcha-response']);
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($verify);
$responseData = json_decode($response, true);
if ($responseData["success"] == true) {
return true;
}
} catch (Exception $e) {
}
return false;
}
function captcha_validation()
{
global $config;
if (empty($config['captcha_type']) && !empty($_POST['captcha']) && !empty($_SESSION['captcha'])) {
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
return false;
}
unset($_SESSION['captcha']);
} else if (!empty($config['captcha_type']) && $config['captcha_type'] > 2) {
return true;
} elseif (!empty($config['captcha_type']) && $config['captcha_type'] == 1 && !empty($_POST['h-captcha-response'])) {
if (!validate_hcaptcha($_POST['h-captcha-response'])) {
error_msg('HCaptcha is not valid.');
return false;
}
} elseif (!empty($config['captcha_type']) && $config['captcha_type'] == 2 && !empty($_POST['g-recaptcha-response'])) {
if (!validate_recaptcha($_POST['g-recaptcha-response'])) {
error_msg('ReCaptcha is not valid.');
return false;
}
} else {
error_msg('Captcha is required.');
return false;
}
return true;
}
function getCaptchaJS()
{
global $config;
if (!empty($config['captcha_type'])) {
if ($config['captcha_type'] == 1) {
return '<script src="https://hcaptcha.com/1/api.js?hl=' . $config['captcha_language'] . '" async defer></script>';
} else if ($config['captcha_type'] == 2) {
return '<script src="https://www.google.com/recaptcha/api.js?hl=' . $config['captcha_language'] . '" async defer></script>';
}
}
return '';
}
function GetCaptchaHTML()
{
global $config;
if (!empty($config['captcha_type'])) {
if ($config['captcha_type'] == 1) {
return '<div class="row text-center"><div class="h-captcha" data-sitekey="' . $config['captcha_key'] . '" style=\'margin:10px auto\'></div></div>';
} else if ($config['captcha_type'] == 2) {
return '<div class="row text-centerxs-center"><div class="g-recaptcha" data-sitekey="' . $config['captcha_key'] . '" style=\'margin:10px auto\'></div></div>';
} else {
return '';
}
}
return '<div class="input-group"><span class="input-group">Captcha</span><input type="text" class="form-control" placeholder="Captcha" name="captcha"></div><p style="text-align: center;margin-top: 10px;"><img src="' . user::$captcha->inline() . '" style="border - radius: 5px;"/></p>';
}
\ No newline at end of file
......@@ -28,15 +28,19 @@ class user
self::normal_changepass();
}
self::restorepassword();
unset($_SESSION['captcha']);
self::$captcha = new CaptchaBuilder;
self::$captcha->build();
$_SESSION['captcha'] = self::$captcha->getPhrase();
if (empty($config['captcha_type'])) {
unset($_SESSION['captcha']);
self::$captcha = new CaptchaBuilder;
self::$captcha->build();
$_SESSION['captcha'] = self::$captcha->getPhrase();
}
} else {
unset($_SESSION['captcha']);
self::$captcha = new CaptchaBuilder;
self::$captcha->build();
$_SESSION['captcha'] = self::$captcha->getPhrase();
if (empty($config['captcha_type'])) {
unset($_SESSION['captcha']);
self::$captcha = new CaptchaBuilder;
self::$captcha->build();
$_SESSION['captcha'] = self::$captcha->getPhrase();
}
}
}
......@@ -47,17 +51,14 @@ class user
public static function bnet_register()
{
global $antiXss;
if (!($_POST['submit'] == 'register' && !empty($_POST['password']) && !empty($_POST['repassword']) && !empty($_POST['email']) && !empty($_POST['captcha']) && !empty($_SESSION['captcha']))) {
if (!($_POST['submit'] == 'register' && !empty($_POST['password']) && !empty($_POST['repassword']) && !empty($_POST['email']))) {
return false;
}
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
if (!captcha_validation()) {
return false;
}
unset($_SESSION['captcha']);
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
error_msg('Use valid email.');
return false;
......@@ -106,16 +107,14 @@ class user
public static function normal_register()
{
global $antiXss;
if (!($_POST['submit'] == 'register' && !empty($_POST['password']) && !empty($_POST['username']) && !empty($_POST['repassword']) && !empty($_POST['email']) && !empty($_POST['captcha']) && !empty($_SESSION['captcha']))) {
if (!($_POST['submit'] == 'register' && !empty($_POST['password']) && !empty($_POST['username']) && !empty($_POST['repassword']) && !empty($_POST['email']))) {
return false;
}
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
if (!captcha_validation()) {
return false;
}
unset($_SESSION['captcha']);
if (!preg_match('/^[0-9A-Z-_]+$/', strtoupper($_POST['username']))) {
error_msg('Use valid characters for username.');
return false;
......@@ -191,15 +190,13 @@ class user
return false;
}
if (!($_POST['submit'] == 'changepass' && !empty($_POST['password']) && !empty($_POST['old_password']) && !empty($_POST['repassword']) && !empty($_POST['email']) && !empty($_POST['captcha']) && !empty($_SESSION['captcha']))) {
if (!($_POST['submit'] == 'changepass' && !empty($_POST['password']) && !empty($_POST['old_password']) && !empty($_POST['repassword']) && !empty($_POST['email']))) {
return false;
}
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
if (!captcha_validation()) {
return false;
}
unset($_SESSION['captcha']);
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
error_msg('Use valid email.');
......@@ -264,18 +261,11 @@ class user
return false;
}
if (!($_POST['submit'] == 'changepass' && !empty($_POST['password']) && !empty($_POST['old_password']) && !empty($_POST['repassword']) && !empty($_POST['username']) && !empty($_POST['captcha']) && !empty($_SESSION['captcha']))) {
return false;
}
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
if (!($_POST['submit'] == 'changepass' && !empty($_POST['password']) && !empty($_POST['old_password']) && !empty($_POST['repassword']) && !empty($_POST['username']))) {
return false;
}
unset($_SESSION['captcha']);
if (!preg_match('/^[0-9A-Z-_]+$/', strtoupper($_POST['username']))) {
error_msg('Use valid characters for username.');
if (!captcha_validation()) {
return false;
}
......@@ -322,7 +312,7 @@ class user
public static function restorepassword()
{
global $antiXss;
if (!($_POST['submit'] == 'restorepassword' && !empty($_POST['captcha']) && !empty($_SESSION['captcha']))) {
if ($_POST['submit'] != 'restorepassword') {
return false;
}
......@@ -332,12 +322,10 @@ class user
return false;
}
if (strtolower($_SESSION['captcha']) != strtolower($_POST['captcha'])) {
error_msg('Captcha is not valid.');
if (!captcha_validation()) {
return false;
}
unset($_SESSION['captcha']);
if (get_config('battlenet_support')) {
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
error_msg('Use a valid email.');
......
<?php
require __DIR__ . '/../vendor/autoload.php';
$languages = \voku\helper\ASCII::getAllLanguages();
$languagesKeyLengths = [];
foreach ($languages as $language) {
$langSpecific = \voku\helper\ASCII::charsArrayWithOneLanguage($language, false, false);
$langSpecificKeyLength = \array_map('\mb_strlen', \array_keys($langSpecific));
if (count($langSpecificKeyLength) === 0) {
$languagesKeyLengths[$language] = 0;
} else {
$languagesKeyLengths[$language] = \max($langSpecificKeyLength);
}
}
//var_export($languagesKeyLengths);
......@@ -31,6 +31,7 @@
rel="stylesheet">
<link href="<?php echo $antiXss->xss_clean(get_config("baseurl")); ?>/template/<?php echo $antiXss->xss_clean(get_config("template")); ?>/assets/css/style.css"
rel="stylesheet">
<?php echo getCaptchaJS(); ?>
</head>
<body>
<section id="hero"
......
......@@ -45,13 +45,7 @@ require_once 'rules.php';
<input type="password" class="form-control" placeholder="Re-Password"
name="repassword">
</div>
<div class="input-group">
<span class="input-group">Captcha</span>
<input type="text" class="form-control" placeholder="Captcha" name="captcha">
</div>
<p style="text-align: center;margin-top: 10px;">
<img src="<?php echo user::$captcha->inline(); ?>" style="border-radius: 5px;"/>
</p>
<?php echo GetCaptchaHTML();?>
<input name="submit" type="hidden" value="register">
<div class="text-center" style="margin-top: 10px;"><input type="submit"
class="btn btn-success"
......@@ -146,16 +140,8 @@ require_once 'rules.php';
<input type="text" class="form-control" placeholder="Username"
name="username">
</div>
<?php } ?>
<div class="input-group">
<span class="input-group">Captcha</span>
<input type="text" class="form-control" placeholder="Captcha"
name="captcha">
</div>
<p style="text-align: center;margin-top: 10px;">
<img src="<?php echo user::$captcha->inline(); ?>"
style="border-radius: 5px;"/>
</p>
<?php }
echo GetCaptchaHTML();?>
<input name="submit" type="hidden" value="restorepassword">
<div class="text-center" style="margin-top: 10px;"><input
type="submit"
......@@ -213,15 +199,7 @@ require_once 'rules.php';
placeholder="Re-Password"
name="repassword">
</div>
<div class="input-group">
<span class="input-group">Captcha</span>
<input type="text" class="form-control" placeholder="Captcha"
name="captcha">
</div>
<p style="text-align: center;margin-top: 10px;">
<img src="<?php echo user::$captcha->inline(); ?>"
style="border-radius: 5px;"/>
</p>
<?php echo GetCaptchaHTML();?>
<input name="submit" type="hidden" value="changepass">
<div class="text-center" style="margin-top: 10px;"><input
type="submit"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment