From f48a763a8fcfc4a4dc29d4f9c44a1af32b03f22f Mon Sep 17 00:00:00 2001
From: RealAngeleno <angeleno@screamer.wiki>
Date: Sat, 16 Sep 2023 01:27:20 -0700
Subject: [PATCH] add hCaptcha support

---
 post.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/post.php b/post.php
index 39d15644..869fba42 100644
--- a/post.php
+++ b/post.php
@@ -453,6 +453,31 @@ if (isset($_POST['delete'])) {
 				error($config['error']['captcha']);
 			}
 		}
+		// hCaptcha
+		if ($config['hcaptcha']) {
+			if (!isset($_POST['h-captcha-response'])) {
+				error($config['error']['bot']);
+			}
+
+			$data = array(
+				'secret' => $config['hcaptcha_private'],
+				'response' => $_POST['h-captcha-response'],
+				'remoteip' => $_SERVER['REMOTE_ADDR']
+			);
+
+			$hcaptchaverify = curl_init();
+			curl_setopt($hcaptchaverify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
+			curl_setopt($hcaptchaverify, CURLOPT_POST, true);
+			curl_setopt($hcaptchaverify, CURLOPT_POSTFIELDS, http_build_query($data));
+			curl_setopt($hcaptchaverify, CURLOPT_RETURNTRANSFER, true);
+			$hcaptcharesponse = curl_exec($hcaptchaverify);
+
+			$resp = json_decode($hcaptcharesponse, true); // Decoding $hcaptcharesponse instead of $response
+
+			if (!$resp['success']) {
+				error($config['error']['captcha']);
+			}
+		}
 		// Same, but now with our custom captcha provider
  		if (($config['captcha']['enabled']) || (($post['op']) && ($config['new_thread_capt'])) ) {
  			if ($config['captcha']['local']) {