From fbb526f29f493424119af08a80afd19bc86b3c7b Mon Sep 17 00:00:00 2001 From: Matthias Schmidt Date: Thu, 26 Jun 2014 14:25:48 +0200 Subject: [PATCH] Update captcha implementation --- com.woltlab.wcf/option.xml | 68 ++++++------------- .../files/lib/acp/form/LoginForm.class.php | 9 ++- .../lib/action/FacebookAuthAction.class.php | 2 +- .../lib/action/GithubAuthAction.class.php | 2 +- .../lib/action/GoogleAuthAction.class.php | 2 +- .../lib/action/TwitterAuthAction.class.php | 2 +- .../lib/data/comment/CommentAction.class.php | 12 ++-- .../lib/form/AbstractCaptchaForm.class.php | 50 ++------------ .../files/lib/form/LostPasswordForm.class.php | 4 +- .../files/lib/form/RegisterForm.class.php | 15 ++-- .../files/lib/form/SearchForm.class.php | 4 +- wcfsetup/install/lang/de.xml | 10 +-- wcfsetup/install/lang/en.xml | 10 +-- 13 files changed, 61 insertions(+), 129 deletions(-) diff --git a/com.woltlab.wcf/option.xml b/com.woltlab.wcf/option.xml index 8bad41e550..a0f74755cd 100644 --- a/com.woltlab.wcf/option.xml +++ b/com.woltlab.wcf/option.xml @@ -571,41 +571,40 @@ imagick:wcf.acp.option.image_adapter_type.imagick]]> - - - - - - - + + + - - - - - - - diff --git a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php index 0b8588b4e3..06ff0e04f2 100755 --- a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php +++ b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php @@ -53,8 +53,7 @@ class LoginForm extends AbstractCaptchaForm { public $url = null; /** - * @todo - * @var unknown + * @see \wcf\form\AbstractCaptchaForm::$useCaptcha */ public $useCaptcha = false; @@ -82,7 +81,7 @@ class LoginForm extends AbstractCaptchaForm { if (!empty($_REQUEST['url'])) { $this->url = StringUtil::trim($_REQUEST['url']); - + // discard URL if it is not an absolute URL of local content if (!ApplicationHandler::getInstance()->isInternalURL($this->url)) { $this->url = ''; @@ -96,7 +95,7 @@ class LoginForm extends AbstractCaptchaForm { throw new NamedUserException(WCF::getLanguage()->getDynamicVariable('wcf.user.login.blocked')); } if (USER_AUTHENTICATION_FAILURE_IP_CAPTCHA && $failures >= USER_AUTHENTICATION_FAILURE_IP_CAPTCHA) { - $this->captchaObjectTypeName = REGISTER_CAPTCHA_TYPE; + $this->useCaptcha = true; } else if (USER_AUTHENTICATION_FAILURE_USER_CAPTCHA) { if (isset($_POST['username'])) { @@ -106,7 +105,7 @@ class LoginForm extends AbstractCaptchaForm { if ($user->userID) { $failures = UserAuthenticationFailure::countUserFailures($user->userID); if (USER_AUTHENTICATION_FAILURE_USER_CAPTCHA && $failures >= USER_AUTHENTICATION_FAILURE_USER_CAPTCHA) { - $this->captchaObjectTypeName = REGISTER_CAPTCHA_TYPE; + $this->useCaptcha = true; } } } diff --git a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php index 9db5426320..41da886c8b 100644 --- a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php +++ b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php @@ -117,7 +117,7 @@ class FacebookAuthAction extends AbstractAction { // we assume that bots won't register on facebook first // thus no need for a captcha - if (REGISTER_CAPTCHA_TYPE) { + if (REGISTER_USE_CAPTCHA) { WCF::getSession()->register('noRegistrationCaptcha', true); } diff --git a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php index 1801fb3147..6bc2808a6c 100644 --- a/wcfsetup/install/files/lib/action/GithubAuthAction.class.php +++ b/wcfsetup/install/files/lib/action/GithubAuthAction.class.php @@ -149,7 +149,7 @@ class GithubAuthAction extends AbstractAction { // we assume that bots won't register on github first // thus no need for a captcha - if (REGISTER_CAPTCHA_TYPE) { + if (REGISTER_USE_CAPTCHA) { WCF::getSession()->register('noRegistrationCaptcha', true); } diff --git a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php index 88e54aedb8..253764cac7 100644 --- a/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php +++ b/wcfsetup/install/files/lib/action/GoogleAuthAction.class.php @@ -130,7 +130,7 @@ class GoogleAuthAction extends AbstractAction { // we assume that bots won't register on google first // thus no need for a captcha - if (REGISTER_CAPTCHA_TYPE) { + if (REGISTER_USE_CAPTCHA) { WCF::getSession()->register('noRegistrationCaptcha', true); } diff --git a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php index 8500b5dea9..6f5afb6f33 100644 --- a/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php +++ b/wcfsetup/install/files/lib/action/TwitterAuthAction.class.php @@ -129,7 +129,7 @@ class TwitterAuthAction extends AbstractAction { // we assume that bots won't register on twitter first // thus no need for a captcha - if (REGISTER_CAPTCHA_TYPE) { + if (REGISTER_USE_CAPTCHA) { WCF::getSession()->register('noRegistrationCaptcha', true); } diff --git a/wcfsetup/install/files/lib/data/comment/CommentAction.class.php b/wcfsetup/install/files/lib/data/comment/CommentAction.class.php index 04f3ddb683..4e36131ffe 100644 --- a/wcfsetup/install/files/lib/data/comment/CommentAction.class.php +++ b/wcfsetup/install/files/lib/data/comment/CommentAction.class.php @@ -578,10 +578,10 @@ class CommentAction extends AbstractDatabaseObjectAction { * @return array */ public function getGuestDialog() { - if (MESSAGE_CAPTCHA_TYPE) { - $captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName(MESSAGE_CAPTCHA_TYPE); + if (CAPTCHA_TYPE) { + $captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName(CAPTCHA_TYPE); if ($captchaObjectType === null) { - throw new SystemException("Unknown captcha object type with name '".MESSAGE_CAPTCHA_TYPE."'"); + throw new SystemException("Unknown captcha object type with name '".CAPTCHA_TYPE."'"); } if (!$captchaObjectType->getProcessor()->isAvailable()) { @@ -726,10 +726,10 @@ class CommentAction extends AbstractDatabaseObjectAction { protected function validateCaptcha() { if (WCF::getUser()->userID) return; - if (MESSAGE_CAPTCHA_TYPE) { - $this->captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName(MESSAGE_CAPTCHA_TYPE); + if (CAPTCHA_TYPE) { + $this->captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName(CAPTCHA_TYPE); if ($this->captchaObjectType === null) { - throw new SystemException("Unknown captcha object type with name '".MESSAGE_CAPTCHA_TYPE."'"); + throw new SystemException("Unknown captcha object type with name '".CAPTCHA_TYPE."'"); } if (!$this->captchaObjectType->getProcessor()->isAvailable()) { diff --git a/wcfsetup/install/files/lib/form/AbstractCaptchaForm.class.php b/wcfsetup/install/files/lib/form/AbstractCaptchaForm.class.php index 1dcb83326c..205fd46269 100644 --- a/wcfsetup/install/files/lib/form/AbstractCaptchaForm.class.php +++ b/wcfsetup/install/files/lib/form/AbstractCaptchaForm.class.php @@ -27,22 +27,10 @@ abstract class AbstractCaptchaForm extends AbstractForm { * name of the captcha object type; if empty, captcha is disabled * @var string */ - public $captchaObjectTypeName = ''; + public $captchaObjectTypeName = CAPTCHA_TYPE; /** - * challenge (legacy property from RecaptchaForm, do not use!) - * @var string - */ - public $challenge = ''; - - /** - * response (legacy property from RecaptchaForm, do not use!) - * @var string - */ - public $response = ''; - - /** - * true if recaptcha is used (legacy property from RecaptchaForm, do not use!) + * true if recaptcha is used * @var boolean */ public $useCaptcha = true; @@ -54,22 +42,16 @@ abstract class AbstractCaptchaForm extends AbstractForm { parent::assignVariables(); WCF::getTPL()->assign(array( - 'captchaObjectType' => $this->captchaObjectType + 'captchaObjectType' => $this->captchaObjectType, + 'useCaptcha' => $this->useCaptcha )); - - if (!$this->captchaObjectType) { - RecaptchaHandler::getInstance()->assignVariables(); - WCF::getTPL()->assign(array( - 'useCaptcha' => $this->useCaptcha - )); - } } /** * @see \wcf\page\IPage::readData() */ public function readData() { - if (!WCF::getUser()->userID && $this->captchaObjectTypeName) { + if (!WCF::getUser()->userID && $this->useCaptcha && $this->captchaObjectTypeName) { $this->captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName($this->captchaObjectTypeName); if ($this->captchaObjectType === null) { throw new SystemException("Unknown captcha object type with name '".$this->captchaObjectTypeName."'"); @@ -92,21 +74,6 @@ abstract class AbstractCaptchaForm extends AbstractForm { if ($this->captchaObjectType) { $this->captchaObjectType->getProcessor()->readFormParameters(); } - else if ($this->useCaptcha) { - if (isset($_POST['recaptcha_challenge_field'])) $this->challenge = StringUtil::trim($_POST['recaptcha_challenge_field']); - if (isset($_POST['recaptcha_response_field'])) $this->response = StringUtil::trim($_POST['recaptcha_response_field']); - } - } - - /** - * @see \wcf\page\IPage::readParameters() - */ - public function readParameters() { - parent::readParameters(); - - if ($this->captchaObjectType === null && (!MODULE_SYSTEM_RECAPTCHA || WCF::getUser()->userID || WCF::getSession()->getVar('recaptchaDone'))) { - $this->useCaptcha = false; - } } /** @@ -118,9 +85,6 @@ abstract class AbstractCaptchaForm extends AbstractForm { if ($this->captchaObjectType) { $this->captchaObjectType->getProcessor()->reset(); } - else { - WCF::getSession()->unregister('recaptchaDone'); - } } /** @@ -139,9 +103,5 @@ abstract class AbstractCaptchaForm extends AbstractForm { if ($this->captchaObjectType) { $this->captchaObjectType->getProcessor()->validate(); } - else if ($this->useCaptcha) { - RecaptchaHandler::getInstance()->validate($this->challenge, $this->response); - $this->useCaptcha = false; - } } } diff --git a/wcfsetup/install/files/lib/form/LostPasswordForm.class.php b/wcfsetup/install/files/lib/form/LostPasswordForm.class.php index f0eec4d85f..77380a9ffe 100644 --- a/wcfsetup/install/files/lib/form/LostPasswordForm.class.php +++ b/wcfsetup/install/files/lib/form/LostPasswordForm.class.php @@ -47,9 +47,9 @@ class LostPasswordForm extends AbstractCaptchaForm { public $user; /** - * @see \wcf\form\CaptchaForm::$captchaObjectTypeName + * @see \wcf\form\AbstractCaptchaForm::$useCaptcha */ - public $captchaObjectTypeName = LOST_PASSWORD_CAPTCHA_TYPE; + public $useCaptcha = LOST_PASSWORD_USE_CAPTCHA; /** * @see \wcf\form\IForm::readFormParameters() diff --git a/wcfsetup/install/files/lib/form/RegisterForm.class.php b/wcfsetup/install/files/lib/form/RegisterForm.class.php index c5b7e4a0ab..50523370d2 100644 --- a/wcfsetup/install/files/lib/form/RegisterForm.class.php +++ b/wcfsetup/install/files/lib/form/RegisterForm.class.php @@ -58,16 +58,19 @@ class RegisterForm extends UserAddForm { public $message = ''; /** - * captcha object type object - * @var \wcf\data\object\type\ObjectType + * @see \wcf\form\AbstractCaptchaForm::$captchaObjectType */ public $captchaObjectType = null; /** - * name of the captcha object type; if empty, captcha is disabled - * @var string + * @see \wcf\form\AbstractCaptchaForm::$useCaptcha + */ + public $captchaObjectTypeName = CAPTCHA_TYPE; + + /** + * @see \wcf\form\AbstractCaptchaForm::$useCaptcha */ - public $captchaObjectTypeName = REGISTER_CAPTCHA_TYPE; + public $useCaptcha = REGISTER_USE_CAPTCHA; /** * field names @@ -163,7 +166,7 @@ class RegisterForm extends UserAddForm { * @see \wcf\page\IPage::readData() */ public function readData() { - if ($this->captchaObjectTypeName) { + if ($this->useCaptcha && $this->captchaObjectTypeName) { $this->captchaObjectType = CaptchaHandler::getInstance()->getObjectTypeByName($this->captchaObjectTypeName); if ($this->captchaObjectType === null) { throw new SystemException("Unknown captcha object type with id '".$this->captchaObjectTypeName."'"); diff --git a/wcfsetup/install/files/lib/form/SearchForm.class.php b/wcfsetup/install/files/lib/form/SearchForm.class.php index e5dc4d836d..eaf456ca92 100644 --- a/wcfsetup/install/files/lib/form/SearchForm.class.php +++ b/wcfsetup/install/files/lib/form/SearchForm.class.php @@ -93,9 +93,9 @@ class SearchForm extends AbstractCaptchaForm { public $username = ''; /** - * @see \wcf\form\AbstractCaptchaForm::$captchaObjectTypeName + * @see \wcf\form\AbstractCaptchaForm::$useCaptcha */ - public $captchaObjectTypeName = SEARCH_CAPTCHA_TYPE; + public $useCaptcha = SEARCH_USE_CAPTCHA; /** * parameters used for previous search diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml index e61af85e2b..020f3a14be 100644 --- a/wcfsetup/install/lang/de.xml +++ b/wcfsetup/install/lang/de.xml @@ -989,11 +989,11 @@ GmbH=Gesellschaft mit beschränkter Haftung]]> - - - - - + + + + + diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml index d8d6bada2f..246f9fd258 100644 --- a/wcfsetup/install/lang/en.xml +++ b/wcfsetup/install/lang/en.xml @@ -989,11 +989,11 @@ GmbH=Gesellschaft mit beschränkter Haftung]]> - - - - - + + + + + -- 2.20.1