/** * Validate the captcha value from the request and output an error if not valid * * @param string $value * * @return bool */ public function isValid($value) { $validCaptcha = true; $session = $this->objectManager->get(\Evoweb\SfRegister\Services\Session::class); $captchaWasValidPreviously = $session->get('captchaWasValidPreviously'); if ($this->captcha !== null && $captchaWasValidPreviously !== true) { /** @noinspection PhpUndefinedMethodInspection */ if (!$this->captcha->checkWord($value)) { $validCaptcha = false; $this->addError(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('error_captcha_notcorrect', 'SfRegister'), 1306910429); } } $session->set('captchaWasValidPreviously', $validCaptcha); return $validCaptcha; }
/** * Validates the submitted data. * * @param array $tipData * @param string $url * @return boolean */ protected function validate($tipData, $url) { // Remove any tags from url $url = strip_tags($url); // If the URL contains a '"', unset $url (suspecting XSS code) if (strstr($url, '"')) { $url = FALSE; } // Check if the host of the url is equal with current used one $urlParts = parse_url($url); if (empty($urlParts['host'])) { $url = FALSE; } elseif ($urlParts['host'] !== t3lib_div::getIndpEnv('TYPO3_HOST_ONLY')) { // Compare with registered domains $pidList = array(0); foreach ($GLOBALS['TSFE']->rootLine as $item) { $pidList[] = $item['uid']; } unset($item); $count = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows('*', 'sys_domain', 'domainName=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($urlParts['host'], 'sys_domain') . ' AND pid IN (' . implode(',', $pidList) . ') AND hidden=0'); if (!$count) { $url = FALSE; } } $ret = TRUE; if (trim($tipData['name'])) { if (preg_match('/[\\r\\n\\f\\e]/', $tipData['name']) > 0) { // Stop if there is a newline, carriage return, ... $tipData['name'] = ''; $ret = FALSE; } else { // Search for characters that don't belong to one of the classes decimal, whitespace or word $pattern = '/[^\\d\\s\\w]/'; // Strip the mentioned characters $tipData['name'] = trim(preg_replace($pattern, '', $tipData['name'])); } } if ($url && $ret && trim($tipData['name']) && $tipData['email'] && $tipData['recipient'] && (!is_object($this->freeCap) || $this->freeCap->checkWord($tipData['captcha_response']))) { return TRUE; } return FALSE; }