Browse Source

Add basic captcha

pull/40/head
discomrade 3 years ago
parent
commit
a1bdba3770
  1. 32
      captcha.php
  2. 90
      inc/captchaconfig.php
  3. 10
      inc/config.php
  4. 5
      inc/instance-config.php
  5. BIN
      inc/lib/securimage/AHGBold.ttf
  6. 3771
      inc/lib/securimage/securimage.php
  7. 16
      post.php
  8. 11
      templates/post_form.html

32
captcha.php

@ -0,0 +1,32 @@
<?php
require_once 'inc/functions.php';
require_once 'inc/lib/securimage/securimage.php';
if(!isset($config['securimage']) || !$config['securimage']){
error('Securimage captcha not enabled.'); //TODO error image
}
$image=new Securimage(array('config_file'=>__DIR__ . '/inc/captchaconfig.php'));
$image->show();
$code=$image->getCode(false, true);
$ip=$_SERVER['REMOTE_ADDR'];
$query=prepare('INSERT INTO captchas(ip, code, time) VALUES(:ip, :code, NOW())');
$query->bindValue(':ip', $ip);
$query->bindValue(':code', $code);
$query->execute() or error(db_error($query));
$query=prepare('SELECT count(*) from captchas where ip=:ip');
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
$count=$query->fetch()[0];
if($count>10){
$query=prepare('DELETE from captchas where ip=:ip ORDER BY time asc LIMIT 1');
$query->bindValue(':ip', $ip);
$query->execute()or error(db_error($query));
}

90
inc/captchaconfig.php

@ -0,0 +1,90 @@
<?php
/**
Securimage sample config file (rename to config.inc.php to activate)
Place your custom configuration in this file to make settings global so they
are applied to the captcha image, audio playback, and validation.
Using this file is optional but makes settings managing settings easier,
especially when upgrading to a new version.
When a new Securimage object is created, if config.inc.php is found in the
Securimage directory, these settings will be applied *before* any settings
passed to the constructor (so options passed in will override these).
This file is especially useful if you use a custom database or session
configuration and is easier than modifying securimage.php directly.
Any class property from securimage.php can be used here.
*/
return array(
/**** CAPTCHA Appearance Options ****/
'image_width' => 275, // width of captcha image in pixels
'image_height' => 100, // height of captcha image in pixels
'code_length' => 6, // # of characters for captcha code
'image_bg_color' => '#770000', // hex color for image background
'text_color' => '#DDDD64', // hex color for captcha text
'line_color' => '#DDDD64', // hex color for lines over text
'noise_color' => '#DDDD64', // color of random noise to draw under text
'num_lines' => 5, // # of lines to draw over text
'noise_level' => 0.5, // how much random noise to add (0-10)
'perturbation' => 0.75, // distoration level
'use_random_spaces' => true,
'use_random_baseline' => true,
'use_text_angles' => true,
'use_random_boxes' => false,
'use_transparent_text' => false,
'wordlist_file' => 'words/words.txt', // text file for word captcha
'use_wordlist' => false, // true to use word list
'wordlist_file_encoding' => null, // character encoding of word file if other than ASCII (e.g. UTF-8, GB2312)
// example UTF-8 charset (TTF file must support symbols being used
// 'charset' => "абвгдeжзийклмнопрстуфхцчшщъьюяАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЬЮЯ",
'charset' => "2345689abdfgkmnpqsuwxyz", // capitals are more effort to type, removed confusable characters like o,O,0,1,l
// 'ttf_file' => './AHGBold.ttf', // TTF file for captcha text
//'captcha_type' => Securimage::SI_CAPTCHA_WORDS, // Securimage::SI_CAPTCHA_STRING || Securimage:: SI_CAPTCHA_MATHEMATIC || Securimage::SI_CAPTCHA_WORDS
//'display_value' => 'ABC 123', // Draws custom text on captcha
/**** Code Storage & Database Options ****/
// true if you *DO NOT* want to use PHP sessions at all, false to use PHP sessions
'no_session' => true,
// the PHP session name to use (null for default PHP session name)
// do not change unless you know what you are doing
'session_name' => null,
// change to true to store codes in a database
'use_database' => false,
// database engine to use for storing codes. must have the PDO extension loaded
// Values choices are:
// Securimage::SI_DRIVER_MYSQL, Securimage::SI_DRIVER_SQLITE3, Securimage::SI_DRIVER_PGSQL
'database_driver' => Securimage::SI_DRIVER_MYSQL,
'database_host' => 'localhost', // database server host to connect to
'database_user' => 'lainchan', // database user to connect as
'database_pass' => '', // database user password
'database_name' => 'lainchan', // name of database to select (you must create this first or use an existing database)
'database_table' => 'captcha_codes', // database table for storing codes, will be created automatically
// Securimage will automatically create the database table if it is not found
// change to true for performance reasons once database table is up and running
'skip_table_check' => false,
/**** Audio Options ****/
//'audio_path' => __DIR__ . '/audio/en/',
//'audio_use_noise' => true,
//'audio_noise_path' => __DIR__ . '/audio/noise/',
//'degrade_audio' => true,
'no_exit'=>true,
'log_file'=>'/dev/null', //This should be placed somewhere sensible.
);

10
inc/config.php

@ -1779,6 +1779,16 @@
* ====================
*/
//Securimage captcha
//Note from lainchan PR: "TODO move a bunch of things here"
$config['spam']['valid_inputs'][]='captcha';
$config['error']['securimage']=array(
'missing'=>'The captcha field was missing. Please try again',
'empty'=>'Please fill out the captcha',
'bad'=>'Incorrect captcha',
);
// Meta keywords. It's probably best to include these in per-board configurations.
// $config['meta_keywords'] = 'chan,anonymous discussion,imageboard,tinyboard';

5
inc/instance-config.php

@ -117,6 +117,11 @@ $config['url_banner'] = '/banners.php';
*/
$config['spam']['enabled'] = false;
/*
* Basic captcha. See also: captchaconfig.php
*/
$config['securimage'] = false;
/*
* Permissions
*/

BIN
inc/lib/securimage/AHGBold.ttf

Binary file not shown.

3771
inc/lib/securimage/securimage.php

File diff suppressed because it is too large

16
post.php

@ -491,6 +491,22 @@ function handle_post(){
}
}
if(isset($config['securimage']) && $config['securimage']){
if(!isset($_POST['captcha'])){
error($config['error']['securimage']['missing']);
}
if(empty($_POST['captcha'])){
error($config['error']['securimage']['empty']);
}
$query=prepare('DELETE FROM captchas WHERE time<DATE_SUB(NOW(), INTERVAL 30 MINUTE)');
$query=prepare('DELETE FROM captchas WHERE ip=:ip AND code=:code LIMIT 1');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':code', $_POST['captcha']);
$query->execute();
if($query->rowCount()==0){
error($config['error']['securimage']['bad']);
}
}
if (!(($post['op'] && $_POST['post'] == $config['button_newtopic']) ||
(!$post['op'] && $_POST['post'] == $config['button_reply']))) {

11
templates/post_form.html

@ -96,6 +96,17 @@
</td>
</tr>
{% endif %}
{% if config.securimage %}
<tr>
<th>
Captcha
</th>
<td>
<img src="{{ config.root }}/captcha.php"><br />
<input type="text" name="captcha" size="25" maxlength="10" autocomplete="off">
</td>
</tr>
{% endif %}
{% if config.user_flag %}
<tr>
<th>{% trans %}Flag{% endtrans %}</th>

Loading…
Cancel
Save