summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2009-06-10 22:49:37 +0200
committerPierre Schmitz <pierre@archlinux.de>2009-06-10 22:49:37 +0200
commit28e0141d1be2df023bd0544886189aaf07508188 (patch)
tree0d6e517fe26ed35d48796f6da2b74ee470af942b
parent37d7a76457d6fe20680c2eeaf0c79fd2343908bb (diff)
Update FunnyDot Captcha to version 2
-rw-r--r--extensions/FunnyDot.php194
1 files changed, 136 insertions, 58 deletions
diff --git a/extensions/FunnyDot.php b/extensions/FunnyDot.php
index db62b148..3a4cabc8 100644
--- a/extensions/FunnyDot.php
+++ b/extensions/FunnyDot.php
@@ -1,80 +1,158 @@
<?php
-$wgHooks['EditPage::showEditForm:fields'][] = 'FunnyDot::addAntiSpamCheck';
-$wgHooks['EditFilter'][] = 'FunnyDot::checkAntiSpamHash';
-
$wgExtensionCredits['other'][] = array(
- 'name' => 'FunnyDot',
- 'description' => 'Schutz vor Spam-Bots',
- 'author' => 'Pierre Schmitz',
- 'url' => 'http://www.archlinux.de',
+ 'name' => 'FunnyDot',
+ 'version' => '2.0',
+ 'description' => 'Automated CAPTCHA',
+ 'author' => 'Pierre Schmitz',
+ 'url' => 'http://www.archlinux.de'
);
+if ($wgGroupPermissions['*']['edit']) {
+ $wgHooks['EditPage::showEditForm:fields'][] = 'FunnyDot::addFunnyDotToEditPage';
+ $wgHooks['EditFilter'][] = 'FunnyDot::checkFunnyDotOnEditPage';
+}
+
+if (empty($wgAuth)) {
+ $wgHooks['UserLoginForm'][] = 'FunnyDot::addFunnyDotToUserLoginForm';
+ $wgHooks['AbortLogin'][] = 'FunnyDot::checkFunnyDotOnAbortLogin';
+}
+
+if ($wgGroupPermissions['*']['createaccount'] && (empty($wgAuth) || $wgAuth->canCreateAccounts())) {
+ $wgHooks['UserCreateForm'][] = 'FunnyDot::addFunnyDotToUserCreateForm';
+ $wgHooks['AbortNewAccount'][] = 'FunnyDot::checkFunnyDotOnAbortNewAccount';
+}
+
+$wgSpecialPages['FunnyDotImage'] = 'SpecialFunnyDotImage';
+
+
class FunnyDot {
-public static function addAntiSpamCheck($editpage, $outputpage)
- {
- global $wgAntiSpamHash, $wgUser;
+private static function getFunnyDot() {
+ global $wgFunnyDotHash, $wgScript;
- if (!$wgUser->isLoggedIn())
- {
- $outputpage->addHTML('<div style="background-image:url(FunnyDotImage.php);background-repeat:no-repeat;visibility:hidden;width:1px;height:1px;">&nbsp;</div>');
+ !isset($wgFunnyDotHash) && $wgFunnyDotHash = '';
+ $time = time();
+ $hash = substr(sha1($time.$wgFunnyDotHash), 0, 4);
+ setCookie('FunnyDotTime', $time);
- $time = time();
- $hash = sha1($time.$wgAntiSpamHash);
- setCookie('AlternateAntiSpamTime', $time);
- setCookie('AlternateAntiSpamHashTail', substr($hash, 4));
+ return '<div style="background-image:url('.$wgScript.'?title=Special:FunnyDotImage);visibility:hidden;position:absolute;z-index:-1">
+ <label for="FunnyDotHashField">Please type in the following code: <strong>'.$hash.'</strong></label>
+ <input id="FunnyDotHashField" type="text" name="FunnyDotHash" size="4" value="" />
+ </div>';
+}
+
+private static function checkFunnyDot() {
+ global $wgFunnyDotHash, $wgFunnyDotTimeout, $wgFunnyDotWait;
- $outputpage->addHTML('<div style="display:none;"><label for="AlternateAntiSpamHashHeadField">Sicherheitscode bestätigen: <strong>'.substr($hash, 0, 4).'</strong></label>&nbsp;<input id="AlternateAntiSpamHashHeadField" type="text" name="AlternateAntiSpamHashHead" size="4" value="" /></div>');
- }
+ # set some sane defaults
+ # can be overridden in LocalSettings.php
+ !isset($wgFunnyDotHash) && $wgFunnyDotHash = '';
+ !isset($wgFunnyDotTimeout) && $wgFunnyDotTimeout = 3600;
+ !isset($wgFunnyDotWait) && $wgFunnyDotWait = 2;
+ if (!empty($_COOKIE['FunnyDotTime']) && (!empty($_COOKIE['FunnyDotHash']) || !empty($_POST['FunnyDotHash']))) {
+ $now = time();
+ $time = $_COOKIE['FunnyDotTime'];
+ $hash = !empty($_POST['FunnyDotHash']) ? $_POST['FunnyDotHash'] : $_COOKIE['FunnyDotHash'];
+ } else {
+ return false;
+ }
+
+ if ($hash != substr(sha1($time.$wgFunnyDotHash), 0, 4)) {
+ return false;
+ } elseif ($now - $time > $wgFunnyDotTimeout) {
+ return false;
+ } elseif ($now - $time < $wgFunnyDotWait) {
+ return false;
+ } else {
+ return true;
+ }
+}
+
+
+public static function addFunnyDotToEditPage($editpage, $output) {
+ global $wgUser;
+
+ if (!$wgUser->isLoggedIn()) {
+ $editpage->editFormTextAfterWarn .= self::getFunnyDot();
+ }
return true;
+}
+
+public static function checkFunnyDotOnEditPage($editpage, $text, $section, $error) {
+ global $wgUser;
+
+ if (!$wgUser->isLoggedIn() && !self::checkFunnyDot()) {
+ $error = '<div class="errorbox">Please type in the correct code!</div><br clear="all" />';
}
+ return true;
+}
-public static function checkAntiSpamHash($editpage, $text, $section, $error)
- {
- global $wgAntiSpamHash, $wgAntiSpamTimeout, $wgAntiSpamWait, $wgUser;
-
- if (!$wgUser->isLoggedIn())
- {
- if (!empty($_COOKIE['AntiSpamTime']) && !empty($_COOKIE['AntiSpamHash']))
- {
- $time = $_COOKIE['AntiSpamTime'];
- $hash = $_COOKIE['AntiSpamHash'];
- }
- elseif (!empty($_COOKIE['AlternateAntiSpamTime']) && !empty($_COOKIE['AlternateAntiSpamHashTail']) && !empty($_POST['AlternateAntiSpamHashHead']))
- {
- $time = $_COOKIE['AlternateAntiSpamTime'];
- $hash = $_POST['AlternateAntiSpamHashHead'].$_COOKIE['AlternateAntiSpamHashTail'];
- }
- else
- {
- sleep($wgAntiSpamWait);
- $error = '<div class="mw-warning error">Ungültige Formulardaten empfangen. Stelle sicher, daß Cookies für diese Domain angenommen werden.</div>';
- return true;
- }
- $now = time();
+public static function addFunnyDotToUserLoginForm($template) {
+ $template->set('header', self::getFunnyDot());
+ return true;
+}
+
+public static function checkFunnyDotOnAbortLogin($user, $password, $retval) {
+ # LoginForm::ABBORT is not yet supported by MediaWiki
+ $retval = LoginForm::ILLEGAL;
+ return self::checkFunnyDot();
+}
- if ($hash != sha1($time.$wgAntiSpamHash))
- {
- sleep($wgAntiSpamWait);
- $error = '<div class="mw-warning error">Fehlerhafte Formulardaten empfangen. Überprüfe den Sicherheitscode!</div>';
- }
- elseif ($now - $time > $wgAntiSpamTimeout)
- {
- $error = '<div class="mw-warning error">Deine Zeit ist abgelaufen. Schicke das Formular bitte erneut ab, und zwar innherlab der nächsten '.$wgAntiSpamTimeout.' Sekunden.</div>';
- }
- elseif ($now - $time < $wgAntiSpamWait)
- {
- sleep($wgAntiSpamWait);
- $error = '<div class="mw-warning error">Du warst zu schnell. Schicke das Formular bitte erneut ab. Laße Dir diesmal mindestens '.$wgAntiSpamWait.' Sekunden Zeit.</div>';
- }
- }
+public static function addFunnyDotToUserCreateForm($template) {
+ $template->set('header', self::getFunnyDot());
return true;
+}
+
+public static function checkFunnyDotOnAbortNewAccount($user, $message) {
+ if (!self::checkFunnyDot()) {
+ $message = '<div class="errorbox">Please type in the correct code!</div><br clear="all" />';
+ return false;
+ } else {
+ return true;
}
+}
+
+}
+
+
+class SpecialFunnyDotImage extends UnlistedSpecialPage {
+
+function __construct() {
+ parent::__construct('FunnyDotImage');
+}
+
+function execute($par) {
+ global $wgFunnyDotHash, $wgOut;
+
+ # I will handle the output myself
+ $wgOut->disable();
+
+ !isset($wgFunnyDotHash) && $wgFunnyDotHash = '';
+
+ # FunnyDotTime should be set in the Form
+ # if not just set a new value
+ if (!empty($_COOKIE['FunnyDotTime'])) {
+ $time = $_COOKIE['FunnyDotTime'];
+ } else {
+ $time = time();
+ setCookie('FunnyDotTime', $time);
+ }
+
+ setCookie('FunnyDotHash', substr(sha1($time.$wgFunnyDotHash), 0, 4));
+
+ header('HTTP/1.1 200 OK');
+ header("Cache-Control: no-cache, must-revalidate");
+ header('Content-Type: image/png');
+ header('Content-Length: 135');
+
+ # transparent png (1px*1px)
+ echo base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9gLFxMRGNZyzLoAAAACYktHRAD/h4/MvwAAAAtJREFUCB1j+M8AAAIBAQDFXxteAAAAAElFTkSuQmCC');
+}
}
-?> \ No newline at end of file
+?>