| [ Index ] |
PHP Cross Reference of MediaWiki-1.24.0 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * This is a PHP library that handles calling reCAPTCHA. 4 * - Documentation and latest version 5 * http://recaptcha.net/plugins/php/ 6 * - Get a reCAPTCHA API Key 7 * https://www.google.com/recaptcha/admin/create 8 * - Discussion group 9 * http://groups.google.com/group/recaptcha 10 * 11 * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net 12 * AUTHORS: 13 * Mike Crawford 14 * Ben Maurer 15 * 16 * Permission is hereby granted, free of charge, to any person obtaining a copy 17 * of this software and associated documentation files (the "Software"), to deal 18 * in the Software without restriction, including without limitation the rights 19 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 20 * copies of the Software, and to permit persons to whom the Software is 21 * furnished to do so, subject to the following conditions: 22 * 23 * The above copyright notice and this permission notice shall be included in 24 * all copies or substantial portions of the Software. 25 * 26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 27 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 28 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 29 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 30 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 31 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 32 * THE SOFTWARE. 33 */ 34 35 /** 36 * The reCAPTCHA server URL's 37 */ 38 define( "RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api" ); 39 define( "RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api" ); 40 define( "RECAPTCHA_VERIFY_SERVER", "www.google.com" ); 41 42 /** 43 * Encodes the given data into a query string format 44 * @param $data - array of string elements to be encoded 45 * @return string - encoded request 46 */ 47 function _recaptcha_qsencode ( $data ) { 48 $req = ""; 49 foreach ( $data as $key => $value ) 50 $req .= $key . '=' . urlencode( stripslashes( $value ) ) . '&'; 51 52 // Cut the last '&' 53 $req = substr( $req, 0, strlen( $req ) -1 ); 54 return $req; 55 } 56 57 58 59 /** 60 * Submits an HTTP POST to a reCAPTCHA server 61 * @param string $host 62 * @param string $path 63 * @param array $data 64 * @param int port 65 * @return array response 66 */ 67 function _recaptcha_http_post( $host, $path, $data, $port = 80 ) { 68 69 $req = _recaptcha_qsencode ( $data ); 70 71 $http_request = "POST $path HTTP/1.0\r\n"; 72 $http_request .= "Host: $host\r\n"; 73 $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; 74 $http_request .= "Content-Length: " . strlen( $req ) . "\r\n"; 75 $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; 76 $http_request .= "\r\n"; 77 $http_request .= $req; 78 79 $response = ''; 80 if ( false == ( $fs = @fsockopen( $host, $port, $errno, $errstr, 10 ) ) ) { 81 die ( 'Could not open socket' ); 82 } 83 84 fwrite( $fs, $http_request ); 85 86 while ( !feof( $fs ) ) 87 $response .= fgets( $fs, 1160 ); // One TCP-IP packet 88 fclose( $fs ); 89 $response = explode( "\r\n\r\n", $response, 2 ); 90 91 return $response; 92 } 93 94 95 96 /** 97 * Gets the challenge HTML (javascript and non-javascript version). 98 * This is called from the browser, and the resulting reCAPTCHA HTML widget 99 * is embedded within the HTML form it was called from. 100 * @param string $pubkey A public key for reCAPTCHA 101 * @param string $error The error given by reCAPTCHA (optional, default is null) 102 * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false) 103 104 * @return string - The HTML to be embedded in the user's form. 105 */ 106 function recaptcha_get_html ( $pubkey, $error = null, $use_ssl = false ) 107 { 108 if ( $pubkey == null || $pubkey == '' ) { 109 die ( "To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>" ); 110 } 111 112 if ( $use_ssl ) { 113 $server = RECAPTCHA_API_SECURE_SERVER; 114 } else { 115 $server = RECAPTCHA_API_SERVER; 116 } 117 118 $errorpart = ""; 119 if ( $error ) { 120 $errorpart = "&error=" . $error; 121 } 122 return '<script type="text/javascript" src="' . $server . '/challenge?k=' . $pubkey . $errorpart . '"></script> 123 124 <noscript> 125 <iframe src="' . $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/> 126 <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea> 127 <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/> 128 </noscript>'; 129 } 130 131 132 133 134 /** 135 * A ReCaptchaResponse is returned from recaptcha_check_answer() 136 */ 137 class ReCaptchaResponse { 138 public $is_valid; 139 public $error; 140 } 141 142 143 /** 144 * Calls an HTTP POST function to verify if the user's guess was correct 145 * @param string $privkey 146 * @param string $remoteip 147 * @param string $challenge 148 * @param string $response 149 * @param array $extra_params an array of extra variables to post to the server 150 * @return ReCaptchaResponse 151 */ 152 function recaptcha_check_answer ( $privkey, $remoteip, $challenge, $response, $extra_params = array() ) 153 { 154 if ( $privkey == null || $privkey == '' ) { 155 die ( "To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>" ); 156 } 157 158 if ( $remoteip == null || $remoteip == '' ) { 159 die ( "For security reasons, you must pass the remote ip to reCAPTCHA" ); 160 } 161 162 163 164 // discard spam submissions 165 if ( $challenge == null || strlen( $challenge ) == 0 || $response == null || strlen( $response ) == 0 ) { 166 $recaptcha_response = new ReCaptchaResponse(); 167 $recaptcha_response->is_valid = false; 168 $recaptcha_response->error = 'incorrect-captcha-sol'; 169 return $recaptcha_response; 170 } 171 172 $response = _recaptcha_http_post ( RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify", 173 array ( 174 'privatekey' => $privkey, 175 'remoteip' => $remoteip, 176 'challenge' => $challenge, 177 'response' => $response 178 ) + $extra_params 179 ); 180 181 $answers = explode ( "\n", $response [1] ); 182 $recaptcha_response = new ReCaptchaResponse(); 183 184 if ( trim ( $answers [0] ) == 'true' ) { 185 $recaptcha_response->is_valid = true; 186 } 187 else { 188 $recaptcha_response->is_valid = false; 189 $recaptcha_response->error = $answers [1]; 190 } 191 return $recaptcha_response; 192 193 } 194 195 /** 196 * gets a URL where the user can sign up for reCAPTCHA. If your application 197 * has a configuration page where you enter a key, you should provide a link 198 * using this function. 199 * @param string $domain The domain where the page is hosted 200 * @param string $appname The name of your application 201 */ 202 function recaptcha_get_signup_url ( $domain = null, $appname = null ) { 203 return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode ( array ( 'domains' => $domain, 'app' => $appname ) ); 204 } 205 206 function _recaptcha_aes_pad( $val ) { 207 $block_size = 16; 208 $numpad = $block_size - ( strlen ( $val ) % $block_size ); 209 return str_pad( $val, strlen ( $val ) + $numpad, chr( $numpad ) ); 210 } 211 212 /* Mailhide related code */ 213 214 function _recaptcha_aes_encrypt( $val, $ky ) { 215 if ( ! function_exists ( "mcrypt_encrypt" ) ) { 216 die ( "To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed." ); 217 } 218 $mode = MCRYPT_MODE_CBC; 219 $enc = MCRYPT_RIJNDAEL_128; 220 $val = _recaptcha_aes_pad( $val ); 221 return mcrypt_encrypt( $enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" ); 222 } 223 224 225 function _recaptcha_mailhide_urlbase64 ( $x ) { 226 return strtr( base64_encode ( $x ), '+/', '-_' ); 227 } 228 229 /* gets the reCAPTCHA Mailhide url for a given email, public key and private key */ 230 function recaptcha_mailhide_url( $pubkey, $privkey, $email ) { 231 if ( $pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null ) { 232 die ( "To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " . 233 "you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>" ); 234 } 235 236 237 $ky = pack( 'H*', $privkey ); 238 $cryptmail = _recaptcha_aes_encrypt ( $email, $ky ); 239 240 return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ( $cryptmail ); 241 } 242 243 /** 244 * gets the parts of the email to expose to the user. 245 * eg, given johndoe@example,com return ["john", "example.com"]. 246 * the email is then displayed as [email protected] 247 */ 248 function _recaptcha_mailhide_email_parts ( $email ) { 249 $arr = preg_split( "/@/", $email ); 250 251 if ( strlen ( $arr[0] ) <= 4 ) { 252 $arr[0] = substr ( $arr[0], 0, 1 ); 253 } elseif ( strlen ( $arr[0] ) <= 6 ) { 254 $arr[0] = substr ( $arr[0], 0, 3 ); 255 } else { 256 $arr[0] = substr ( $arr[0], 0, 4 ); 257 } 258 return $arr; 259 } 260 261 /** 262 * Gets html to display an email address given a public an private key. 263 * to get a key, go to: 264 * 265 * http://www.google.com/recaptcha/mailhide/apikey 266 */ 267 function recaptcha_mailhide_html( $pubkey, $privkey, $email ) { 268 $emailparts = _recaptcha_mailhide_email_parts ( $email ); 269 $url = recaptcha_mailhide_url ( $pubkey, $privkey, $email ); 270 271 return htmlentities( $emailparts[0] ) . "<a href='" . htmlentities ( $url ) . 272 "' onclick=\"window.open('" . htmlentities ( $url ) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ( $emailparts [1] ); 273 274 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 14:03:12 2014 | Cross-referenced by PHPXref 0.7.1 |