forked from GithubBackups/vichan
trying to make securimage less messy
This commit is contained in:
fowr
parent
c6ade44962
commit
071de337eb
@ -38,6 +38,8 @@ class SecureImageCaptchaQuery {
|
||||
];
|
||||
|
||||
$ret = $this->http->requestGet($this->domain . '/' . $this->provider_check, $data);
|
||||
return $ret === '1';
|
||||
$resp = \json_decode($ret, true, 16, \JSON_THROW_ON_ERROR);
|
||||
|
||||
return isset($resp['success']) && $resp['success'];
|
||||
}
|
||||
}
|
||||
|
||||
@ -393,7 +393,9 @@
|
||||
'new_thread_capt' => false,
|
||||
// Securimage customization options
|
||||
// https://github.com/dapphp/securimage/blob/nextgen/examples/securimage_show_example.php#L49
|
||||
'securimage_options' => ['send_headers' => false, 'no_exit' => true]
|
||||
'securimage_options' => ['send_headers' => false, 'no_exit' => true],
|
||||
// Captcha expires (in seconds)
|
||||
'expires_in' => 320
|
||||
]
|
||||
];
|
||||
|
||||
|
||||
123
securimage.php
123
securimage.php
@ -1,69 +1,88 @@
|
||||
<?php
|
||||
require_once('inc/bootstrap.php');
|
||||
$expires_in = 120;
|
||||
|
||||
function rand_string($length, $charset) {
|
||||
$ret = "";
|
||||
function rand_string(int $length, string $charset): string {
|
||||
$ret = '';
|
||||
while ($length--) {
|
||||
$ret .= mb_substr($charset, rand(0, mb_strlen($charset, 'utf-8')-1), 1, 'utf-8');
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function cleanup() {
|
||||
global $expires_in;
|
||||
function cleanup(int $expires_in): void {
|
||||
prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]);
|
||||
}
|
||||
|
||||
function handleGetRequestCaptcha(array $config): void {
|
||||
$extra = $config['captcha']['native']['extra'];
|
||||
$cookie = rand_string(20, $extra);
|
||||
|
||||
$mode = @$_GET['mode'];
|
||||
switch ($mode) {
|
||||
$securimage = new Securimage($config['captcha']['native']['securimage_options']);
|
||||
$securimage->createCode();
|
||||
|
||||
ob_start();
|
||||
$securimage->show();
|
||||
$rawImage = ob_get_clean();
|
||||
|
||||
$base64Image = 'data:image/png;base64,' . base64_encode($rawImage);
|
||||
$html = '<img src="' . $base64Image . '">';
|
||||
$captchaCode = $securimage->getCode();
|
||||
|
||||
prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)")
|
||||
->execute([$cookie, $extra, $captchaCode->code_display, $captchaCode->creationTime]);
|
||||
|
||||
if (isset($_GET['raw'])) {
|
||||
$_SESSION['captcha_cookie'] = $cookie;
|
||||
header('Content-Type: image/png');
|
||||
echo $rawImage;
|
||||
} else {
|
||||
header("Content-Type: application/json");
|
||||
echo json_encode([
|
||||
"cookie" => $cookie,
|
||||
"captchahtml" => $html,
|
||||
"expires_in" => $config['captcha']['native']['expires_in'],
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
function handleCheckRequestCaptcha(int $expires_in): void {
|
||||
cleanup($expires_in);
|
||||
|
||||
$cookie = $_GET['cookie'] ?? null;
|
||||
$text = $_GET['text'] ?? null;
|
||||
|
||||
if (!$cookie || !$text) {
|
||||
echo json_encode(["success" => false]);
|
||||
return;
|
||||
}
|
||||
|
||||
$query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ?");
|
||||
$query->execute([$cookie]);
|
||||
$captchaData = $query->fetchAll();
|
||||
|
||||
if (!$captchaData) {
|
||||
echo json_encode(["success" => false]);
|
||||
return;
|
||||
}
|
||||
|
||||
prepare("DELETE FROM `captchas` WHERE `cookie` = ?")->execute([$cookie]);
|
||||
|
||||
$isSuccessful = $captchaData[0]['text'] === $text;
|
||||
echo json_encode(["success" => $isSuccessful]);
|
||||
}
|
||||
|
||||
$mode = $_GET['mode'] ?? null;
|
||||
|
||||
switch($mode) {
|
||||
case 'get':
|
||||
header("Content-type: application/json");
|
||||
$extra = $config['captcha']['native']['extra'];
|
||||
$cookie = rand_string(20, $extra);
|
||||
$i = new Securimage($config['captcha']['native']['securimage_options']);
|
||||
$i->createCode();
|
||||
ob_start();
|
||||
$i->show();
|
||||
$rawimg = ob_get_contents();
|
||||
$b64img = 'data:image/png;base64,'.base64_encode($rawimg);
|
||||
$html = '<img src="'.$b64img.'">';
|
||||
ob_end_clean();
|
||||
$cdata = $i->getCode();
|
||||
$query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)");
|
||||
$query->execute([$cookie, $extra, $cdata->code_display, $cdata->creationTime]);
|
||||
if (isset($_GET['raw'])) {
|
||||
$_SESSION['captcha_cookie'] = $cookie;
|
||||
header('Content-Type: image/png');
|
||||
echo $rawimg;
|
||||
} else {
|
||||
echo json_encode(["cookie" => $cookie, "captchahtml" => $html, "expires_in" => $expires_in]);
|
||||
}
|
||||
handleGetRequestCaptcha($config);
|
||||
break;
|
||||
case 'check':
|
||||
cleanup();
|
||||
if (!isset ($_GET['mode']) || !isset ($_GET['cookie']) || !isset ($_GET['text'])) {
|
||||
die();
|
||||
}
|
||||
|
||||
$query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ?");
|
||||
$query->execute([$_GET['cookie']]);
|
||||
|
||||
$ary = $query->fetchAll();
|
||||
|
||||
if (!$ary) { // captcha expired
|
||||
echo "0";
|
||||
break;
|
||||
} else {
|
||||
$query = prepare("DELETE FROM `captchas` WHERE `cookie` = ?");
|
||||
$query->execute([$_GET['cookie']]);
|
||||
}
|
||||
|
||||
if ($ary[0]['text'] !== $_GET['text']) {
|
||||
echo "0";
|
||||
} else {
|
||||
echo "1";
|
||||
}
|
||||
handleCheckRequestCaptcha($config['captcha']['native']['expires_in']);
|
||||
break;
|
||||
}
|
||||
case '':
|
||||
default:
|
||||
http_response_code(400);
|
||||
echo json_encode(["success" => false, "error" => "Invalid mode"]);
|
||||
break;
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user