1 | <?php |
||||
2 | |||||
3 | namespace MVC; |
||||
4 | |||||
5 | class captcha extends router |
||||
6 | { |
||||
7 | public $key = null; |
||||
8 | private $request_headers = []; |
||||
9 | private $cors = null; |
||||
10 | |||||
11 | public function __construct() |
||||
12 | { |
||||
13 | $_SESSION['md5-useragent'] = md5($_SERVER['HTTP_USER_AGENT']); |
||||
14 | $this->key = 'captcha' . md5(\MVC\helper::get_client_ip() . $_SERVER['HTTP_USER_AGENT']); |
||||
15 | $this->cors = \MVC\helper::cors(); |
||||
16 | |||||
17 | if (!function_exists('getallheaders')) { |
||||
18 | foreach ($_SERVER as $name => $value) { |
||||
19 | /* RFC2616 (HTTP/1.1) defines header fields as case-insensitive entities. */ |
||||
20 | if ('http_' == strtolower(substr($name, 0, 5))) { |
||||
21 | $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value; |
||||
22 | } |
||||
23 | } |
||||
24 | $this->request_headers = $headers; |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
![]() |
|||||
25 | } else { |
||||
26 | $this->request_headers = getallheaders(); |
||||
27 | } |
||||
28 | } |
||||
29 | |||||
30 | /** |
||||
31 | * Receiver (Create captcha). |
||||
32 | * |
||||
33 | * @param string $header_name javascript function name in header format |
||||
34 | * |
||||
35 | * @return void |
||||
36 | */ |
||||
37 | public function receiver(string $header_name = 'hname') |
||||
38 | { |
||||
39 | return $this->receiver2($header_name); |
||||
0 ignored issues
–
show
Are you sure the usage of
$this->receiver2($header_name) targeting MVC\captcha::receiver2() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. ![]() |
|||||
40 | } |
||||
41 | |||||
42 | public function receiver2(string $header_name = null) |
||||
43 | { |
||||
44 | if (!$this->cors) { |
||||
45 | return; |
||||
46 | } |
||||
47 | if (!$header_name) { |
||||
48 | $header_name = str_rot13(\MVC\helper::getRequestIP()); |
||||
49 | } |
||||
50 | $allow = isset($this->request_headers[$header_name]); |
||||
51 | |||||
52 | if ($allow) { |
||||
53 | $header = $this->request_headers[$header_name]; |
||||
54 | $header_match = str_rot13($header) == $_SESSION['md5-useragent']; |
||||
55 | if ($header_match) { |
||||
56 | if (isset($_REQUEST['callback'])) { |
||||
57 | header('Content-Type: application/javascript'); |
||||
58 | $create = $this->create(); |
||||
0 ignored issues
–
show
Are you sure the assignment to
$create is correct as $this->create() targeting MVC\captcha::create() seems to always return null.
This check looks for function or method calls that always return null and whose return value is assigned to a variable. class A
{
function getObject()
{
return null;
}
}
$a = new A();
$object = $a->getObject();
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. ![]() |
|||||
59 | $gen = json_encode(['captcha' => str_rot13($create)]); |
||||
0 ignored issues
–
show
$create of type void is incompatible with the type string expected by parameter $string of str_rot13() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
![]() |
|||||
60 | echo "{$_REQUEST['callback']}($gen)"; |
||||
61 | exit; |
||||
0 ignored issues
–
show
|
|||||
62 | } |
||||
63 | } |
||||
64 | } |
||||
65 | } |
||||
66 | |||||
67 | private function delete_headers(int $http_code = 200) |
||||
0 ignored issues
–
show
|
|||||
68 | { |
||||
69 | if (ob_get_level()) { |
||||
70 | ob_end_clean(); |
||||
71 | ob_start(); |
||||
72 | } |
||||
73 | http_response_code($http_code); |
||||
74 | } |
||||
75 | |||||
76 | /** |
||||
77 | * Create captcha ids. |
||||
78 | * |
||||
79 | * @return void |
||||
80 | */ |
||||
81 | public function create() |
||||
82 | { |
||||
83 | $random_alpha = md5(rand()); |
||||
84 | $captcha_code = (string) substr($random_alpha, 0, 6); |
||||
85 | \Cookie\helper::mins($this->key, $captcha_code, 1, '/'); |
||||
86 | |||||
87 | return $captcha_code; |
||||
0 ignored issues
–
show
|
|||||
88 | } |
||||
89 | |||||
90 | /** |
||||
91 | * Validate coupon codes. |
||||
92 | * |
||||
93 | * @param string $captcha |
||||
94 | * |
||||
95 | * @return void |
||||
96 | */ |
||||
97 | public function validate(string $captcha) |
||||
98 | { |
||||
99 | if (\Cookie\helper::has($this->key)) { |
||||
100 | return \Cookie\helper::get($this->key) == $captcha; |
||||
0 ignored issues
–
show
|
|||||
101 | } else { |
||||
102 | if (\MVC\helper::cors()) { |
||||
103 | exit(\JSON\json::json(['message' => "Session {$this->key} not exists", 'error' => true])); |
||||
0 ignored issues
–
show
Are you sure the usage of
JSON\json::json(array('m...sts', 'error' => true)) targeting JSON\json::json() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. ![]() |
|||||
104 | } else { |
||||
105 | throw new Exception("Session {$this->key} not exists", 1); |
||||
106 | } |
||||
107 | } |
||||
108 | } |
||||
109 | |||||
110 | public function jpeg(string $captcha_code) |
||||
111 | { |
||||
112 | $target_layer = imagecreatetruecolor(70, 30); |
||||
113 | $captcha_background = imagecolorallocate($target_layer, 255, 160, 119); |
||||
114 | imagefill($target_layer, 0, 0, $captcha_background); |
||||
115 | $captcha_text_color = imagecolorallocate($target_layer, 0, 0, 0); |
||||
116 | imagestring($target_layer, 5, 5, 5, str_rot13($captcha_code), $captcha_text_color); |
||||
117 | header('Content-type: image/jpeg'); |
||||
118 | imagejpeg($target_layer); |
||||
119 | } |
||||
120 | } |
||||
121 |