harmacist/vichan
1
0
Fork 0
forked from GithubBackups/vichan
Code Pull Requests Activity

trying to make securimage less messy

Browse Source
This commit is contained in:
fowr 2025-01-09 15:13:50 -03:00
parent c6ade44962
commit 071de337eb
3 changed files with 77 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/Service/SecureimageCaptchaQuery.php
View File

@ -38,6 +38,8 @@ class SecureImageCaptchaQuery {
]; ];
$ret = $this->http->requestGet($this->domain . '/' . $this->provider_check, $data); $ret = $this->http->requestGet($this->domain . '/' . $this->provider_check, $data);
return $ret === '1'; $resp = \json_decode($ret, true, 16, \JSON_THROW_ON_ERROR);
return isset($resp['success']) && $resp['success'];
} }
} }

4
inc/config.php
View File

@ -393,7 +393,9 @@
'new_thread_capt' => false, 'new_thread_capt' => false,
// Securimage customization options // Securimage customization options
// https://github.com/dapphp/securimage/blob/nextgen/examples/securimage_show_example.php#L49 // https://github.com/dapphp/securimage/blob/nextgen/examples/securimage_show_example.php#L49
'securimage_options' => ['send_headers' => false, 'no_exit' => true] 'securimage_options' => ['send_headers' => false, 'no_exit' => true],
// Captcha expires (in seconds)
'expires_in' => 320
] ]
]; ];

123
securimage.php
View File

@ -1,69 +1,88 @@
<?php <?php
require_once('inc/bootstrap.php'); require_once('inc/bootstrap.php');
$expires_in = 120;
function rand_string($length, $charset) { function rand_string(int $length, string $charset): string {
$ret = ""; $ret = '';
while ($length--) { while ($length--) {
$ret .= mb_substr($charset, rand(0, mb_strlen($charset, 'utf-8')-1), 1, 'utf-8'); $ret .= mb_substr($charset, rand(0, mb_strlen($charset, 'utf-8')-1), 1, 'utf-8');
} }
return $ret; return $ret;
} }
function cleanup() { function cleanup(int $expires_in): void {
global $expires_in;
prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]); prepare("DELETE FROM `captchas` WHERE `created_at` < ?")->execute([time() - $expires_in]);
} }
function handleGetRequestCaptcha(array $config): void {
$extra = $config['captcha']['native']['extra'];
$cookie = rand_string(20, $extra);
$mode = @$_GET['mode']; $securimage = new Securimage($config['captcha']['native']['securimage_options']);
switch ($mode) { $securimage->createCode();
ob_start();
$securimage->show();
$rawImage = ob_get_clean();
$base64Image = 'data:image/png;base64,' . base64_encode($rawImage);
$html = '<img src="' . $base64Image . '">';
$captchaCode = $securimage->getCode();
prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)")
->execute([$cookie, $extra, $captchaCode->code_display, $captchaCode->creationTime]);
if (isset($_GET['raw'])) {
$_SESSION['captcha_cookie'] = $cookie;
header('Content-Type: image/png');
echo $rawImage;
} else {
header("Content-Type: application/json");
echo json_encode([
"cookie" => $cookie,
"captchahtml" => $html,
"expires_in" => $config['captcha']['native']['expires_in'],
]);
}
}
function handleCheckRequestCaptcha(int $expires_in): void {
cleanup($expires_in);
$cookie = $_GET['cookie'] ?? null;
$text = $_GET['text'] ?? null;
if (!$cookie || !$text) {
echo json_encode(["success" => false]);
return;
}
$query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ?");
$query->execute([$cookie]);
$captchaData = $query->fetchAll();
if (!$captchaData) {
echo json_encode(["success" => false]);
return;
}
prepare("DELETE FROM `captchas` WHERE `cookie` = ?")->execute([$cookie]);
$isSuccessful = $captchaData[0]['text'] === $text;
echo json_encode(["success" => $isSuccessful]);
}
$mode = $_GET['mode'] ?? null;
switch($mode) {
case 'get': case 'get':
header("Content-type: application/json"); handleGetRequestCaptcha($config);
$extra = $config['captcha']['native']['extra'];
$cookie = rand_string(20, $extra);
$i = new Securimage($config['captcha']['native']['securimage_options']);
$i->createCode();
ob_start();
$i->show();
$rawimg = ob_get_contents();
$b64img = 'data:image/png;base64,'.base64_encode($rawimg);
$html = '<img src="'.$b64img.'">';
ob_end_clean();
$cdata = $i->getCode();
$query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)");
$query->execute([$cookie, $extra, $cdata->code_display, $cdata->creationTime]);
if (isset($_GET['raw'])) {
$_SESSION['captcha_cookie'] = $cookie;
header('Content-Type: image/png');
echo $rawimg;
} else {
echo json_encode(["cookie" => $cookie, "captchahtml" => $html, "expires_in" => $expires_in]);
}
break; break;
case 'check': case 'check':
cleanup(); handleCheckRequestCaptcha($config['captcha']['native']['expires_in']);
if (!isset ($_GET['mode']) || !isset ($_GET['cookie']) || !isset ($_GET['text'])) {
die();
}
$query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ?");
$query->execute([$_GET['cookie']]);
$ary = $query->fetchAll();
if (!$ary) { // captcha expired
echo "0";
break;
} else {
$query = prepare("DELETE FROM `captchas` WHERE `cookie` = ?");
$query->execute([$_GET['cookie']]);
}
if ($ary[0]['text'] !== $_GET['text']) {
echo "0";
} else {
echo "1";
}
break; break;
} case '':
default:
http_response_code(400);
echo json_encode(["success" => false, "error" => "Invalid mode"]);
break;
}