aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PDF rausgenommen

Browse Source
This commit is contained in:
aschwarz
2023-01-23 11:03:31 +01:00
parent 82d562a322
commit a6523903eb
28078 changed files with 4247552 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

390
msd2/phpBB3/phpbb/captcha/plugins/captcha_abstract.php Normal file
View File

@ -0,0 +1,390 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
/**
* This class holds the code shared by the two default 3.0.x CAPTCHAs.
*/
abstract class captcha_abstract
{
var $confirm_id;
var $confirm_code;
var $code;
var $seed;
var $attempts = 0;
var $type;
var $solved = 0;
var $captcha_vars = false;
/**
* @var string name of the service.
*/
protected $service_name;
function init($type)
{
global $config, $request;
// read input
$this->confirm_id = $request->variable('confirm_id', '');
$this->confirm_code = $request->variable('confirm_code', '');
$refresh = $request->variable('refresh_vc', false) && $config['confirm_refresh'];
$this->type = (int) $type;
if (!strlen($this->confirm_id) || !$this->load_code())
{
// we have no confirm ID, better get ready to display something
$this->generate_code();
}
else if ($refresh)
{
$this->regenerate_code();
}
}
function execute_demo()
{
$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
$this->seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
$generator = $this->get_generator_class();
$captcha = new $generator();
define('IMAGE_OUTPUT', 1);
$captcha->execute($this->code, $this->seed);
}
function execute()
{
if (empty($this->code))
{
if (!$this->load_code())
{
// invalid request, bail out
return false;
}
}
$generator = $this->get_generator_class();
$captcha = new $generator();
define('IMAGE_OUTPUT', 1);
$captcha->execute($this->code, $this->seed);
}
function get_template()
{
global $config, $user, $template, $phpEx, $phpbb_root_path;
if ($this->is_solved())
{
return false;
}
else
{
$link = append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=confirm&amp;confirm_id=' . $this->confirm_id . '&amp;type=' . $this->type);
$contact_link = phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx);
$explain = $user->lang(($this->type != CONFIRM_POST) ? 'CONFIRM_EXPLAIN' : 'POST_CONFIRM_EXPLAIN', '<a href="' . $contact_link . '">', '</a>');
$template->assign_vars(array(
'CONFIRM_IMAGE_LINK' => $link,
'CONFIRM_IMAGE' => '<img src="' . $link . '" />',
'CONFIRM_IMG' => '<img src="' . $link . '" />',
'CONFIRM_ID' => $this->confirm_id,
'S_CONFIRM_CODE' => true,
'S_TYPE' => $this->type,
'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh'] && $this->type == CONFIRM_REG) ? true : false,
'L_CONFIRM_EXPLAIN' => $explain,
));
return 'captcha_default.html';
}
}
function get_demo_template($id)
{
global $config, $template, $request, $phpbb_admin_path, $phpEx;
$variables = '';
if (is_array($this->captcha_vars))
{
foreach ($this->captcha_vars as $captcha_var => $template_var)
{
$variables .= '&amp;' . rawurlencode($captcha_var) . '=' . $request->variable($captcha_var, (int) $config[$captcha_var]);
}
}
// acp_captcha has a delivery function; let's use it
$template->assign_vars(array(
'CONFIRM_IMAGE' => append_sid($phpbb_admin_path . 'index.' . $phpEx, 'captcha_demo=1&amp;mode=visual&amp;i=' . $id . '&amp;select_captcha=' . $this->get_service_name()) . $variables,
'CONFIRM_ID' => $this->confirm_id,
));
return 'captcha_default_acp_demo.html';
}
function get_hidden_fields()
{
$hidden_fields = array();
// this is required for posting.php - otherwise we would forget about the captcha being already solved
if ($this->solved)
{
$hidden_fields['confirm_code'] = $this->confirm_code;
}
$hidden_fields['confirm_id'] = $this->confirm_id;
return $hidden_fields;
}
function garbage_collect($type)
{
global $db;
$sql = 'SELECT DISTINCT c.session_id
FROM ' . CONFIRM_TABLE . ' c
LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id)
WHERE s.session_id IS NULL' .
((empty($type)) ? '' : ' AND c.confirm_type = ' . (int) $type);
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$sql_in = array();
do
{
$sql_in[] = (string) $row['session_id'];
}
while ($row = $db->sql_fetchrow($result));
if (count($sql_in))
{
$sql = 'DELETE FROM ' . CONFIRM_TABLE . '
WHERE ' . $db->sql_in_set('session_id', $sql_in);
$db->sql_query($sql);
}
}
$db->sql_freeresult($result);
}
function uninstall()
{
$this->garbage_collect(0);
}
function install()
{
return;
}
function validate()
{
global $user;
if (!$user->is_setup())
{
$user->setup();
}
$error = '';
if (!$this->confirm_id)
{
$error = $user->lang['CONFIRM_CODE_WRONG'];
}
else
{
if ($this->check_code())
{
$this->solved = true;
}
else
{
$error = $user->lang['CONFIRM_CODE_WRONG'];
}
}
if (strlen($error))
{
// okay, incorrect answer. Let's ask a new question.
$this->new_attempt();
return $error;
}
else
{
return false;
}
}
/**
* The old way to generate code, suitable for GD and non-GD. Resets the internal state.
*/
function generate_code()
{
global $db, $user;
$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
$this->confirm_id = md5(unique_id($user->ip));
$this->seed = hexdec(substr(unique_id(), 4, 10));
$this->solved = 0;
// compute $seed % 0x7fffffff
$this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $this->confirm_id,
'session_id' => (string) $user->session_id,
'confirm_type' => (int) $this->type,
'code' => (string) $this->code,
'seed' => (int) $this->seed)
);
$db->sql_query($sql);
}
/**
* New Question, if desired.
*/
function regenerate_code()
{
global $db, $user;
$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
$this->seed = hexdec(substr(unique_id(), 4, 10));
$this->solved = 0;
// compute $seed % 0x7fffffff
$this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
$sql = 'UPDATE ' . CONFIRM_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
'code' => (string) $this->code,
'seed' => (int) $this->seed)) . '
WHERE
confirm_id = \'' . $db->sql_escape($this->confirm_id) . '\'
AND session_id = \'' . $db->sql_escape($user->session_id) . '\'';
$db->sql_query($sql);
}
/**
* New Question, if desired.
*/
function new_attempt()
{
global $db, $user;
$this->code = gen_rand_string_friendly(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS));
$this->seed = hexdec(substr(unique_id(), 4, 10));
$this->solved = 0;
// compute $seed % 0x7fffffff
$this->seed -= 0x7fffffff * floor($this->seed / 0x7fffffff);
$sql = 'UPDATE ' . CONFIRM_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
'code' => (string) $this->code,
'seed' => (int) $this->seed)) . '
, attempts = attempts + 1
WHERE
confirm_id = \'' . $db->sql_escape($this->confirm_id) . '\'
AND session_id = \'' . $db->sql_escape($user->session_id) . '\'';
$db->sql_query($sql);
}
/**
* Look up everything we need for painting&checking.
*/
function load_code()
{
global $db, $user;
$sql = 'SELECT code, seed, attempts
FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($this->confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . $this->type;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
$this->code = $row['code'];
$this->seed = $row['seed'];
$this->attempts = $row['attempts'];
return true;
}
return false;
}
function check_code()
{
return (strcasecmp($this->code, $this->confirm_code) === 0);
}
function get_attempt_count()
{
return $this->attempts;
}
function reset()
{
global $db, $user;
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . (int) $this->type;
$db->sql_query($sql);
// we leave the class usable by generating a new question
$this->generate_code();
}
function is_solved()
{
global $request;
if ($request->variable('confirm_code', false) && $this->solved === 0)
{
$this->validate();
}
return (bool) $this->solved;
}
/**
* API function
*/
function has_config()
{
return false;
}
/**
* @return string the name of the service corresponding to the plugin
*/
function get_service_name()
{
return $this->service_name;
}
/**
* Set the name of the plugin
*
* @param string $name
*/
public function set_name($name)
{
$this->service_name = $name;
}
/**
* @return string the name of the class used to generate the captcha
*/
abstract function get_generator_class();
}

123
msd2/phpBB3/phpbb/captcha/plugins/gd.php Normal file
View File

@ -0,0 +1,123 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
class gd extends captcha_abstract
{
var $captcha_vars = array(
'captcha_gd_x_grid' => 'CAPTCHA_GD_X_GRID',
'captcha_gd_y_grid' => 'CAPTCHA_GD_Y_GRID',
'captcha_gd_foreground_noise' => 'CAPTCHA_GD_FOREGROUND_NOISE',
// 'captcha_gd' => 'CAPTCHA_GD_PREVIEWED',
'captcha_gd_wave' => 'CAPTCHA_GD_WAVE',
'captcha_gd_3d_noise' => 'CAPTCHA_GD_3D_NOISE',
'captcha_gd_fonts' => 'CAPTCHA_GD_FONTS',
);
public function is_available()
{
return @extension_loaded('gd');
}
/**
* @return string the name of the class used to generate the captcha
*/
function get_generator_class()
{
return '\\phpbb\\captcha\\gd';
}
/**
* API function
*/
function has_config()
{
return true;
}
public function get_name()
{
return 'CAPTCHA_GD';
}
function acp_page($id, &$module)
{
global $user, $template, $phpbb_log, $request;
global $config;
$user->add_lang('acp/board');
$module->tpl_name = 'captcha_gd_acp';
$module->page_title = 'ACP_VC_SETTINGS';
$form_key = 'acp_captcha';
add_form_key($form_key);
$submit = $request->variable('submit', '');
if ($submit && check_form_key($form_key))
{
$captcha_vars = array_keys($this->captcha_vars);
foreach ($captcha_vars as $captcha_var)
{
$value = $request->variable($captcha_var, 0);
if ($value >= 0)
{
$config->set($captcha_var, $value);
}
}
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action));
}
else if ($submit)
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($module->u_action));
}
else
{
foreach ($this->captcha_vars as $captcha_var => $template_var)
{
$var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, 0) : $config[$captcha_var];
$template->assign_var($template_var, $var);
}
$template->assign_vars(array(
'CAPTCHA_PREVIEW' => $this->get_demo_template($id),
'CAPTCHA_NAME' => $this->get_service_name(),
'U_ACTION' => $module->u_action,
));
}
}
function execute_demo()
{
global $config, $request;
$config_old = $config;
$config = new \phpbb\config\config(array());
foreach ($config_old as $key => $value)
{
$config->set($key, $value);
}
foreach ($this->captcha_vars as $captcha_var => $template_var)
{
$config->set($captcha_var, $request->variable($captcha_var, (int) $config[$captcha_var]));
}
parent::execute_demo();
$config = $config_old;
}
}

42
msd2/phpBB3/phpbb/captcha/plugins/gd_wave.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
class gd_wave extends captcha_abstract
{
public function is_available()
{
return @extension_loaded('gd');
}
public function get_name()
{
return 'CAPTCHA_GD_3D';
}
/**
* @return string the name of the class used to generate the captcha
*/
function get_generator_class()
{
return '\\phpbb\\captcha\\gd_wave';
}
function acp_page($id, &$module)
{
global $user;
trigger_error($user->lang['CAPTCHA_NO_OPTIONS'] . adm_back_link($module->u_action));
}
}

42
msd2/phpBB3/phpbb/captcha/plugins/nogd.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
class nogd extends captcha_abstract
{
public function is_available()
{
return true;
}
public function get_name()
{
return 'CAPTCHA_NO_GD';
}
/**
* @return string the name of the class used to generate the captcha
*/
function get_generator_class()
{
return '\\phpbb\\captcha\\non_gd';
}
function acp_page($id, &$module)
{
global $user;
trigger_error($user->lang['CAPTCHA_NO_OPTIONS'] . adm_back_link($module->u_action));
}
}

1041
msd2/phpBB3/phpbb/captcha/plugins/qa.php Normal file
View File

File diff suppressed because it is too large Load Diff

225
msd2/phpBB3/phpbb/captcha/plugins/recaptcha.php Normal file
View File

@ -0,0 +1,225 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
class recaptcha extends captcha_abstract
{
var $recaptcha_server = 'http://www.google.com/recaptcha/api';
var $recaptcha_server_secure = 'https://www.google.com/recaptcha/api'; // class constants :(
var $response;
/**
* Constructor
*/
public function __construct()
{
global $request;
$this->recaptcha_server = $request->is_secure() ? $this->recaptcha_server_secure : $this->recaptcha_server;
}
function init($type)
{
global $user, $request;
$user->add_lang('captcha_recaptcha');
parent::init($type);
$this->response = $request->variable('g-recaptcha-response', '');
}
public function is_available()
{
global $config, $user;
$user->add_lang('captcha_recaptcha');
return (isset($config['recaptcha_pubkey']) && !empty($config['recaptcha_pubkey']));
}
/**
* API function
*/
function has_config()
{
return true;
}
static public function get_name()
{
return 'CAPTCHA_RECAPTCHA';
}
/**
* This function is implemented because required by the upper class, but is never used for reCaptcha.
*/
function get_generator_class()
{
throw new \Exception('No generator class given.');
}
function acp_page($id, &$module)
{
global $config, $template, $user, $phpbb_log, $request;
$captcha_vars = array(
'recaptcha_pubkey' => 'RECAPTCHA_PUBKEY',
'recaptcha_privkey' => 'RECAPTCHA_PRIVKEY',
);
$module->tpl_name = 'captcha_recaptcha_acp';
$module->page_title = 'ACP_VC_SETTINGS';
$form_key = 'acp_captcha';
add_form_key($form_key);
$submit = $request->variable('submit', '');
if ($submit && check_form_key($form_key))
{
$captcha_vars = array_keys($captcha_vars);
foreach ($captcha_vars as $captcha_var)
{
$value = $request->variable($captcha_var, '');
if ($value)
{
$config->set($captcha_var, $value);
}
}
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($module->u_action));
}
else if ($submit)
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($module->u_action));
}
else
{
foreach ($captcha_vars as $captcha_var => $template_var)
{
$var = (isset($_REQUEST[$captcha_var])) ? $request->variable($captcha_var, '') : ((isset($config[$captcha_var])) ? $config[$captcha_var] : '');
$template->assign_var($template_var, $var);
}
$template->assign_vars(array(
'CAPTCHA_PREVIEW' => $this->get_demo_template($id),
'CAPTCHA_NAME' => $this->get_service_name(),
'U_ACTION' => $module->u_action,
));
}
}
// not needed
function execute_demo()
{
}
// not needed
function execute()
{
}
function get_template()
{
global $config, $user, $template, $phpbb_root_path, $phpEx;
if ($this->is_solved())
{
return false;
}
else
{
$contact_link = phpbb_get_board_contact_link($config, $phpbb_root_path, $phpEx);
$explain = $user->lang(($this->type != CONFIRM_POST) ? 'CONFIRM_EXPLAIN' : 'POST_CONFIRM_EXPLAIN', '<a href="' . $contact_link . '">', '</a>');
$template->assign_vars(array(
'RECAPTCHA_SERVER' => $this->recaptcha_server,
'RECAPTCHA_PUBKEY' => isset($config['recaptcha_pubkey']) ? $config['recaptcha_pubkey'] : '',
'S_RECAPTCHA_AVAILABLE' => self::is_available(),
'S_CONFIRM_CODE' => true,
'S_TYPE' => $this->type,
'L_CONFIRM_EXPLAIN' => $explain,
));
return 'captcha_recaptcha.html';
}
}
function get_demo_template($id)
{
return $this->get_template();
}
function get_hidden_fields()
{
$hidden_fields = array();
// this is required for posting.php - otherwise we would forget about the captcha being already solved
if ($this->solved)
{
$hidden_fields['confirm_code'] = $this->code;
}
$hidden_fields['confirm_id'] = $this->confirm_id;
return $hidden_fields;
}
function uninstall()
{
$this->garbage_collect(0);
}
function install()
{
return;
}
function validate()
{
if (!parent::validate())
{
return false;
}
else
{
return $this->recaptcha_check_answer();
}
}
/**
* Calls an HTTP POST function to verify if the user's guess was correct
*
* @return bool|string Returns false on success or error string on failure.
*/
function recaptcha_check_answer()
{
global $config, $user;
//discard spam submissions
if ($this->response == null || strlen($this->response) == 0)
{
return $user->lang['RECAPTCHA_INCORRECT'];
}
$recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_privkey']);
$result = $recaptcha->verify($this->response, $user->ip);
if ($result->isSuccess())
{
$this->solved = true;
return false;
}
else
{
return $user->lang['RECAPTCHA_INCORRECT'];
}
}
}