shimmie2/core/captcha.php

<?php declare(strict_types=1);
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\
* CAPTCHA abstraction                                                       *
\* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */

use ReCaptcha\ReCaptcha;

function captcha_get_html(): string
{
    global $config, $user;

    if (DEBUG && ip_in_range($_SERVER['REMOTE_ADDR'], "127.0.0.0/8")) {
        return "";
    }

    $captcha = "";
    if ($user->is_anonymous() && $config->get_bool("comment_captcha")) {
        $r_publickey = $config->get_string("api_recaptcha_pubkey");
        if (!empty($r_publickey)) {
            $captcha = "
				<div class=\"g-recaptcha\" data-sitekey=\"{$r_publickey}\"></div>
				<script type=\"text/javascript\" src=\"https://www.google.com/recaptcha/api.js\"></script>";
        } else {
            session_start();
            $captcha = Securimage::getCaptchaHtml(['securimage_path' => './vendor/dapphp/securimage/']);
        }
    }
    return $captcha;
}

function captcha_check(): bool
{
    global $config, $user;

    if (DEBUG && ip_in_range($_SERVER['REMOTE_ADDR'], "127.0.0.0/8")) {
        return true;
    }

    if ($user->is_anonymous() && $config->get_bool("comment_captcha")) {
        $r_privatekey = $config->get_string('api_recaptcha_privkey');
        if (!empty($r_privatekey)) {
            $recaptcha = new ReCaptcha($r_privatekey);
            $resp = $recaptcha->verify($_POST['g-recaptcha-response'] ?? "", $_SERVER['REMOTE_ADDR']);

            if (!$resp->isSuccess()) {
                log_info("core", "Captcha failed (ReCaptcha): " . implode("", $resp->getErrorCodes()));
                return false;
            }
        } else {
            session_start();
            $securimg = new Securimage();
            if ($securimg->check($_POST['captcha_code']) === false) {
                log_info("core", "Captcha failed (Securimage)");
                return false;
            }
        }
    }

    return true;
}
use strict types 2020-01-26 13:19:35 +00:00			`<?php declare(strict_types=1);`
split up files in core/ for saner management 2018-11-05 22:30:18 +00:00			`/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\`
			`* CAPTCHA abstraction *`
			`\* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */`

lint fixing 2020-03-13 09:23:54 +00:00			`use ReCaptcha\ReCaptcha;`

PSR-2. I'm not a huge fan, but ugly consistency beats no consistency... 2019-05-28 16:59:38 +00:00			`function captcha_get_html(): string`
			`{`
			`global $config, $user;`

			`if (DEBUG && ip_in_range($_SERVER['REMOTE_ADDR'], "127.0.0.0/8")) {`
			`return "";`
			`}`

			`$captcha = "";`
			`if ($user->is_anonymous() && $config->get_bool("comment_captcha")) {`
			`$r_publickey = $config->get_string("api_recaptcha_pubkey");`
			`if (!empty($r_publickey)) {`
			`$captcha = "`
split up files in core/ for saner management 2018-11-05 22:30:18 +00:00			`<div class=\"g-recaptcha\" data-sitekey=\"{$r_publickey}\"></div>`
			`<script type=\"text/javascript\" src=\"https://www.google.com/recaptcha/api.js\"></script>";`
PSR-2. I'm not a huge fan, but ugly consistency beats no consistency... 2019-05-28 16:59:38 +00:00			`} else {`
			`session_start();`
			`$captcha = Securimage::getCaptchaHtml(['securimage_path' => './vendor/dapphp/securimage/']);`
			`}`
			`}`
			`return $captcha;`
split up files in core/ for saner management 2018-11-05 22:30:18 +00:00			`}`

PSR-2. I'm not a huge fan, but ugly consistency beats no consistency... 2019-05-28 16:59:38 +00:00			`function captcha_check(): bool`
			`{`
			`global $config, $user;`

			`if (DEBUG && ip_in_range($_SERVER['REMOTE_ADDR'], "127.0.0.0/8")) {`
			`return true;`
			`}`

			`if ($user->is_anonymous() && $config->get_bool("comment_captcha")) {`
			`$r_privatekey = $config->get_string('api_recaptcha_privkey');`
			`if (!empty($r_privatekey)) {`
lint fixing 2020-03-13 09:23:54 +00:00			`$recaptcha = new ReCaptcha($r_privatekey);`
don't crash if recaptcha repsonse is empty 2021-11-06 16:17:38 +00:00			`$resp = $recaptcha->verify($_POST['g-recaptcha-response'] ?? "", $_SERVER['REMOTE_ADDR']);`
PSR-2. I'm not a huge fan, but ugly consistency beats no consistency... 2019-05-28 16:59:38 +00:00
			`if (!$resp->isSuccess()) {`
			`log_info("core", "Captcha failed (ReCaptcha): " . implode("", $resp->getErrorCodes()));`
			`return false;`
			`}`
			`} else {`
			`session_start();`
			`$securimg = new Securimage();`
			`if ($securimg->check($_POST['captcha_code']) === false) {`
			`log_info("core", "Captcha failed (Securimage)");`
			`return false;`
			`}`
			`}`
			`}`

			`return true;`
split up files in core/ for saner management 2018-11-05 22:30:18 +00:00			`}`