execute([time() - $expires_in]); } // Checks captcha and returns a code // 1 = success // 2 = incorrect // 3 = expired function captcha_check($cookie, $extra, $text) { cleanup(); $query = prepare("SELECT * FROM `captchas` WHERE `cookie` = ? AND `extra` = ?"); $query->execute([$cookie, $extra]); $ary = $query->fetchAll(); if (!$ary) { return 3; } else { $query = prepare("DELETE FROM `captchas` WHERE `cookie` = ? AND `extra` = ?"); $query->execute([$cookie, $extra]); } return ($ary[0]['text'] === $text ? 1 : 2); } $mode = @$_GET['mode']; switch ($mode) { case 'get': if (!isset ($_GET['extra'])) { $_GET['extra'] = $config['captcha']['extra']; } header("Content-type: application/json"); $extra = $_GET['extra']; $cookie = rand_string(20, "abcdefghijklmnopqrstuvwxyz"); $i = new Securimage($config['captcha']['securimage_options']); $i->createCode(); ob_start(); $i->show(); $rawimg = ob_get_contents(); $b64img = 'data:image/png;base64,'.base64_encode($rawimg); $html = ''; ob_end_clean(); $cdata = $i->getCode(); $query = prepare("INSERT INTO `captchas` (`cookie`, `extra`, `text`, `created_at`) VALUES (?, ?, ?, ?)"); $query->execute([$cookie, $extra, $cdata->code_display, $cdata->creationTime]); if (isset($_GET['raw'])) { $_SESSION['captcha_cookie'] = $cookie; header('Content-Type: image/png'); echo $rawimg; } else { echo json_encode(["cookie" => $cookie, "captchahtml" => $html, "expires_in" => $expires_in]); } break; case 'check': if (!isset ($_GET['mode']) || !isset ($_GET['cookie']) || !isset ($_GET['extra']) || !isset ($_GET['text'])) { die(); } echo strval(captcha_check($_GET['cookie'], $_GET['extra'], $_GET['text'])); break; }