Changeset 1313 in ExiteCMS

Timestamp:

02/27/08 12:37:15 (4 years ago)

Author:

root

Message:

replaced the internal captcha routine by SecureImaga

Location:

trunk

Files:

• administration/upgrade/rev01311.php (added)
• contact.php (modified) (3 diffs)
• includes/captcha.php (deleted)
• includes/comments_include.php (modified) (2 diffs)
• includes/core_functions.php (modified) (1 diff)
• includes/secureimage-1.0.3 (added)
• includes/secureimage-1.0.3/LICENSE.txt (added)
• includes/secureimage-1.0.3/audio (added)
• includes/secureimage-1.0.3/audio/en (added)
• includes/secureimage-1.0.3/audio/en/0.wav (added)
• includes/secureimage-1.0.3/audio/en/1.wav (added)
• includes/secureimage-1.0.3/audio/en/2.wav (added)
• includes/secureimage-1.0.3/audio/en/3.wav (added)
• includes/secureimage-1.0.3/audio/en/4.wav (added)
• includes/secureimage-1.0.3/audio/en/5.wav (added)
• includes/secureimage-1.0.3/audio/en/6.wav (added)
• includes/secureimage-1.0.3/audio/en/7.wav (added)
• includes/secureimage-1.0.3/audio/en/8.wav (added)
• includes/secureimage-1.0.3/audio/en/9.wav (added)
• includes/secureimage-1.0.3/audio/en/A.wav (added)
• includes/secureimage-1.0.3/audio/en/B.wav (added)
• includes/secureimage-1.0.3/audio/en/C.wav (added)
• includes/secureimage-1.0.3/audio/en/D.wav (added)
• includes/secureimage-1.0.3/audio/en/E.wav (added)
• includes/secureimage-1.0.3/audio/en/F.wav (added)
• includes/secureimage-1.0.3/audio/en/G.wav (added)
• includes/secureimage-1.0.3/audio/en/H.wav (added)
• includes/secureimage-1.0.3/audio/en/I.wav (added)
• includes/secureimage-1.0.3/audio/en/J.wav (added)
• includes/secureimage-1.0.3/audio/en/K.wav (added)
• includes/secureimage-1.0.3/audio/en/L.wav (added)
• includes/secureimage-1.0.3/audio/en/M.wav (added)
• includes/secureimage-1.0.3/audio/en/N.wav (added)
• includes/secureimage-1.0.3/audio/en/O.wav (added)
• includes/secureimage-1.0.3/audio/en/P.wav (added)
• includes/secureimage-1.0.3/audio/en/Q.wav (added)
• includes/secureimage-1.0.3/audio/en/R.wav (added)
• includes/secureimage-1.0.3/audio/en/S.wav (added)
• includes/secureimage-1.0.3/audio/en/T.wav (added)
• includes/secureimage-1.0.3/audio/en/U.wav (added)
• includes/secureimage-1.0.3/audio/en/V.wav (added)
• includes/secureimage-1.0.3/audio/en/W.wav (added)
• includes/secureimage-1.0.3/audio/en/X.wav (added)
• includes/secureimage-1.0.3/audio/en/Y.wav (added)
• includes/secureimage-1.0.3/audio/en/Z.wav (added)
• includes/secureimage-1.0.3/elephant.ttf (added)
• includes/secureimage-1.0.3/gdfonts (added)
• includes/secureimage-1.0.3/gdfonts/automatic.gdf (added)
• includes/secureimage-1.0.3/gdfonts/bubblebath.gdf (added)
• includes/secureimage-1.0.3/gdfonts/caveman.gdf (added)
• includes/secureimage-1.0.3/gdfonts/crass.gdf (added)
• includes/secureimage-1.0.3/images (added)
• includes/secureimage-1.0.3/images/reload.gif (added)
• includes/secureimage-1.0.3/images/sound.gif (added)
• includes/secureimage-1.0.3/securimage.php (added)
• includes/secureimage-1.0.3/securimage_play.php (added)
• includes/secureimage-1.0.3/securimage_show.php (added)
• includes/template-plugins/function.make_captcha.php (deleted)
• includes/templates/include.comments.tpl (modified) (1 diff)
• includes/templates/main.contact.tpl (modified) (1 diff)
• includes/templates/main.register.tpl (modified) (1 diff)
• includes/theme_functions.php (modified) (1 diff)
• register.php (modified) (2 diffs)

trunk/contact.php

@@ -15 +15 @@
 require_once dirname(__FILE__)."/includes/core_functions.php";
 require_once PATH_ROOT."/includes/theme_functions.php";
+
+// include the secureimage class
+require_once PATH_INCLUDES."secureimage-1.0.3/secureimage.php";
 
 // temp storage for template variables
@@ -34 +37 @@
 
 // captcha check
-$cic = (isset($_POST['captcha_encode']) && !check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) ? "&cic=1" : "";
+$cic = "";
+$securimage = new Securimage();
+if ($securimage->check($_POST['captcha_code']) == false) {
+    $cic = "&cic=1";
+}
 $variables['cic'] = $cic;
 
@@ -52 +59 @@
 // captcha check ok and message posted?
 if ($cic == "" && isset($_POST['sendmessage'])) {
-    $result = dbquery("DELETE FROM ".$db_prefix."captcha WHERE captcha_datestamp<'".(time()-900)."'");
     $errors = array();
     if ($mailname == "") {

trunk/includes/comments_include.php

@@ -28 +28 @@
     if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
 
-        $result = dbquery("DELETE FROM ".$db_prefix."captcha WHERE captcha_datestamp<'".(time()-900)."'");
-
         $flood = false;
         if (dbrows(dbquery("SELECT $ccol FROM ".$db_prefix."$cdb WHERE $ccol='$comment_id'"))==0) {
@@ -43 +41 @@
         
         // captcha check for guest posts
-        $cic = (iGUEST && !check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) ? "&cic=1" : "";
+        $cic = "";
+        if (iGUEST) {
+            // load the secureimage include
+            require_once PATH_INCLUDES."secureimage-1.0.3/secureimage.php";
+            $securimage = new Securimage();
+            if ($securimage->check($_POST['captcha_code']) == false) {
+                $cic = "&cic=1";
+            }
+        }
 
         $comment_message = trim(stripinput(censorwords($_POST['comment_message'])));

trunk/includes/core_functions.php

@@ -631 +631 @@
 }
 
-// check captcha
-function check_captcha($captchs_encode, $captcha_string) {
-    global $db_prefix;
-
-    if (preg_match("/^[0-9a-z]+$/", $captchs_encode) && preg_match("/^[0-9a-z]+$/", $captcha_string)) {
-        $result = dbquery("SELECT * FROM ".$db_prefix."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
-        if (dbrows($result)) {
-            $result = dbquery("DELETE FROM ".$db_prefix."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
-            return true;
-        } else {
-            return false;
-        }
-    } else {
-        return false;
-    }
-}
-
 // Replace offensive words with the defined replacement word
 function censorwords($text) {

trunk/includes/templates/include.comments.tpl

@@ -107 +107 @@
                 </td>
                 <td align='left' width='50%' class='tbl1'>
-                    {make_captcha}
+                    <img id="captcha" src="{$smarty.const.INCLUDES}securimage-1.0.3/securimage_show.php" alt="CAPTCHA Image" />
                 </td>
             </tr>

trunk/includes/templates/main.contact.tpl

@@ -60 +60 @@
                 {$locale.411}
                 <br /><br />
-                {$locale.412} {make_captcha}
+                {$locale.412} <img id="captcha" src="{$smarty.const.INCLUDES}securimage-1.0.3/securimage_show.php" alt="CAPTCHA Image" />
                 {$locale.413} <input type='text' name='captcha_code' class='textbox' style='vertical-align:top;width:100px' />
                 <br /><br />

trunk/includes/templates/main.register.tpl

@@ -103 +103 @@
                 </td>
                 <td class='tbl'>
-                    {make_captcha}
+                    <img id="captcha" src="{$smarty.const.INCLUDES}securimage-1.0.3/securimage_show.php" alt="CAPTCHA Image" />
                 </td>
             </tr>

trunk/includes/theme_functions.php

@@ -455 +455 @@
         // thread notifies: set to 14 days
         $result = dbquery("DELETE FROM ".$db_prefix."thread_notify WHERE notify_datestamp < '".(time() - $day * 14)."'");
-        // captcha images: set to 6 minutes
-        $result = dbquery("DELETE FROM ".$db_prefix."captcha WHERE captcha_datestamp < '".(time() - $minute * 6)."'");
         // new registered users: set to 3 days
         $result = dbquery("DELETE FROM ".$db_prefix."new_users WHERE user_datestamp < '".(time() - $day * 3)."'");

trunk/register.php

@@ -23 +23 @@
 
 // include the DNS functions include
-include PATH_INCLUDES."dns_functions.php";
+require_once PATH_INCLUDES."dns_functions.php";
 
 // load the locales for this module
@@ -134 +134 @@
 
         if ($settings['display_validation'] == "1") {
-            if (!isset($_POST['captcha_encode']) || !isset($_POST['captcha_code']) || !check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) {
+            // include the secureimage class
+            require_once PATH_INCLUDES."secureimage-1.0.3/secureimage.php";
+            $securimage = new Securimage();
+            if ($securimage->check($_POST['captcha_code']) == false) {
+                // the code was incorrect
                 $error .= $locale['410']."<br />\n";
-            }
+            }           
         }