1 | <?php |
||
2 | /* |
||
3 | You may not change or alter any portion of this comment or credits |
||
4 | of supporting developers from this source code or any supporting source code |
||
5 | which is considered copyrighted (c) material of the original comment or credit authors. |
||
6 | |||
7 | This program is distributed in the hope that it will be useful, |
||
8 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
9 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
10 | */ |
||
11 | |||
12 | use Xmf\Request; |
||
13 | use Xmf\IPAddress; |
||
14 | |||
15 | /** |
||
16 | * CAPTCHA for Recaptcha mode |
||
17 | * |
||
18 | * @package class |
||
19 | * @subpackage CAPTCHA |
||
20 | * @author Grégory Mage |
||
21 | * @copyright 2016 XOOPS Project (https://xoops.org) |
||
22 | * @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||
23 | * @link https://xoops.org |
||
24 | */ |
||
25 | |||
26 | defined('XOOPS_ROOT_PATH') || exit('Restricted access'); |
||
27 | |||
28 | /** |
||
29 | * Class XoopsCaptchaRecaptcha2 |
||
30 | */ |
||
31 | class XoopsCaptchaRecaptcha2 extends XoopsCaptchaMethod |
||
32 | { |
||
33 | /** |
||
34 | * XoopsCaptchaRecaptcha2::isActive() |
||
35 | * |
||
36 | * @return bool |
||
37 | */ |
||
38 | public function isActive() |
||
39 | { |
||
40 | return true; |
||
41 | } |
||
42 | |||
43 | /** |
||
44 | * XoopsCaptchaRecaptcha2::render() |
||
45 | * |
||
46 | * @return string |
||
47 | */ |
||
48 | public function render() |
||
49 | { |
||
50 | $form = '<script src="https://www.google.com/recaptcha/api.js"></script>'; |
||
51 | $form .= '<div class="form-group"><div class="g-recaptcha" data-sitekey="' |
||
52 | . $this->config['website_key'] . '"></div></div>'; |
||
53 | return $form; |
||
54 | } |
||
55 | |||
56 | /** |
||
57 | * XoopsCaptchaRecaptcha2::verify() |
||
58 | * |
||
59 | * @param string|null $sessionName unused for recaptcha |
||
60 | * |
||
61 | * @return bool |
||
62 | */ |
||
63 | public function verify($sessionName = null) |
||
64 | { |
||
65 | $isValid = false; |
||
66 | $recaptchaResponse = Request::getString('g-recaptcha-response', ''); |
||
67 | $recaptchaVerifyURL = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config['secret_key'] |
||
68 | . '&response=' . $recaptchaResponse . '&remoteip=' . IPAddress::fromRequest()->asReadable(); |
||
69 | $usedCurl = false; |
||
70 | if (function_exists('curl_init') && false !== ($curlHandle = curl_init())) { |
||
71 | curl_setopt($curlHandle, CURLOPT_URL, $recaptchaVerifyURL); |
||
72 | curl_setopt($curlHandle, CURLOPT_FAILONERROR, true); |
||
73 | curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1); |
||
74 | curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 5); |
||
75 | $curlReturn = curl_exec($curlHandle); |
||
76 | if (false === $curlReturn) { |
||
77 | trigger_error(curl_error($curlHandle)); |
||
78 | } else { |
||
79 | $usedCurl = true; |
||
80 | $recaptchaCheck = json_decode($curlReturn, true); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
81 | } |
||
82 | curl_close($curlHandle); |
||
83 | } |
||
84 | if (false === $usedCurl) { |
||
85 | $recaptchaCheck = file_get_contents($recaptchaVerifyURL); |
||
86 | $recaptchaCheck = json_decode($recaptchaCheck, true); |
||
87 | } |
||
88 | if (isset($recaptchaCheck['success']) && $recaptchaCheck['success'] === true) { |
||
89 | $isValid = true; |
||
90 | } else { |
||
91 | /** @var \XoopsCaptcha $captchaInstance */ |
||
92 | $captchaInstance = \XoopsCaptcha::getInstance(); |
||
93 | /** @var array $recaptchaCheck */ |
||
94 | foreach ($recaptchaCheck['error-codes'] as $msg) { |
||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||
95 | $captchaInstance->message[] = $msg; |
||
96 | } |
||
97 | } |
||
98 | |||
99 | return $isValid; |
||
100 | } |
||
101 | } |
||
102 |