From fef0de218e9485ea3db394f3e173b3c64a0463a8 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Thu, 22 Sep 2011 18:20:47 -0400
Subject: Add an ugly hacky-hacked reCaptcha to new user registration.

---
 src/controllers/Users.class.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index d799760..ed6f739 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -128,8 +128,12 @@ class Users extends Controller {
 		@$vars['username' ] = $_POST['auth_name'];
 		@$vars['password1'] = $_POST['auth_password'       ];
 		@$vars['password2'] = $_POST['auth_password_verify'];
+		@$recaptcha_response = $_POST['recaptcha_response_field'];
+		@$recaptcha_challenge = $_POST['recaptcha_challenge_field'];
 		
 		global $mm; $db = $mm->database();
+		$publickey  = $db->getPluginConf('ReCaptcha', 'public_key');
+		$privatekey = $db->getPluginConf('ReCaptcha', 'private_key');
 		
 		$vars['errors'] = array();
 		if ($db->getUID($vars['username'])!==false)
@@ -143,6 +147,15 @@ class Users extends Controller {
 		if ($matches && $vars['password2'] == '') {
 			$vars['errors'][] = 'no pw';
 		}
+		require_once('recaptchalib.php');
+		$resp = recaptcha_check_answer($privatekey,
+		                               $_SERVER['REMOTE_ADDR'],
+		                               $recaptcha_challenge,
+		                               $recaptcha_response);
+		if (!$resp->is_valid) {
+			$vars['errors'][] = 'recaptcha';
+			$vars['recaptcha_error'] = $resp->error;
+		}
 		
 		if (count($vars['errors']) > 0) {
 			$this->new_user($routed, $vars);
-- 
cgit v1.2.3