public function Draw()
{
$jsession = JFactory::getSession();
$cid = $mid = 0;
switch (JFactory::getApplication()->input->get("owner", NULL)) {
case "component":
$cid = JFactory::getApplication()->input->get("id", NULL);
break;
case "module":
$mid = JFactory::getApplication()->input->get("id", NULL);
}
$fsession = new FSession($jsession->getId(), $cid, $mid);
// Store the answer in the session
if ($fsession->Save($this->Answer, "captcha_answer")) {
$this->DebugLog->Write("Answer saved into session");
} else {
$this->DebugLog->Write("Database query failed");
}
// White background
imagefill($this->Image['data'], 0, 0, $this->Colors['Background']);
// Background grid
$this->DrawGrid();
$len = strlen($this->Question);
// Space available for one single char. It is based on image width and number of characters to display
$space = $this->Image['width'] / $len;
// Single disturb characters rendering. Doubles the characters and halves the space
for ($p = 0; $p < 2 * $len; ++$p) {
// render a random character from ascii 33 and ascii 126
$this->Render(chr(rand(33, 126)), $p, $space / 2, $this->Colors['Disturb']);
}
// Single characters rendering
for ($p = 0; $p < $len; ++$p) {
$this->Render($this->Question[$p], $p, $space, $this->Colors['Text']);
}
$this->DebugLog->Write("Render done");
// Debug with &noimage=1
if (JFactory::getApplication()->input->get("noimage", NULL)) {
return;
}
// http://stackoverflow.com/questions/9884513/avoid-caching-of-the-http-responses
// Must not be cached neither by client browsers or proxies
$now = gmdate("D, d M Y H:i:s") . " GMT";
header("Expires: " . $now);
header("Last-Modified: " . $now);
// no-cache: cacheable, but mustn't use the response without first checking with the originating server
// private: is intended for a single user and MUST NOT be cached by a shared cache
// must-revalidate: MUST NOT use the entry after it becomes stale without first revalidating it with the origin server. In all circumstances an HTTP/1.1 cache MUST obey the must-revalidate directive; in particular, if the cache cannot reach the origin server for any reason, it MUST generate a 504 (Gateway Timeout) response.
// max-age=0: The content is stale and should be validated before use.
header("Cache-Control: no-cache, private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Content-Type: image/jpeg");
header("Content-Disposition: inline; filename=\"foxcaptcha.jpg\"");
// Send the stream to the client browser
imagejpeg($this->Image['data']);
imagedestroy($this->Image['data']);
$this->DebugLog->Write("Image sent to client");
}
public function Draw()
{
$jsession = JFactory::getSession();
$fsession = new FSession($jsession->getId(), JRequest::getVar("cid", NULL, 'GET'), JRequest::getVar("mid", NULL, 'GET'));
// Store the answer in the session
if ($fsession->Save($this->Answer, "captcha_answer")) {
$this->DebugLog->Write("Answer saved into session");
} else {
$this->DebugLog->Write("Database query failed");
}
// White background
imagefill($this->Image['data'], 0, 0, $this->Colors['Background']);
// Background grid
$this->DrawGrid();
$len = strlen($this->Question);
// Space available for one single char. It is based on image width and number of characters to display
$space = $this->Image['width'] / $len;
// Single disturb characters rendering. Doubles the characters and halves the space
for ($p = 0; $p < 2 * $len; ++$p) {
// render a random character from ascii 33 and ascii 126
$this->Render(chr(rand(33, 126)), $p, $space / 2, $this->Colors['Disturb']);
}
// Single characters rendering
for ($p = 0; $p < $len; ++$p) {
$this->Render($this->Question[$p], $p, $space, $this->Colors['Text']);
}
$this->DebugLog->Write("Render done");
// Debug with ?cid=xxx&noimage=1
if (JRequest::getVar("noimage", NULL, 'GET')) {
return;
}
// Prepare some useful headers
header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// must not be cached by the client browser or any proxy
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Content-type:image/jpeg");
header("Content-Disposition:inline ; filename=fcaptcha.jpg");
// Send the stream to the client browser
imagejpeg($this->Image['data']);
imagedestroy($this->Image['data']);
$this->DebugLog->Write("Image sent to client");
}
protected function DoUpload()
{
//Retrieve file details from uploaded file, sent from upload form
$file = JRequest::getVar('foxstdupload', NULL, 'files', 'array');
// $file is null when a browser with javascipt didn't send $_FILES at all
// $file['error'] is UPLOAD_ERR_NO_FILE when a browser without javascipt sent $_FILES empty
if (!$this->Submitted || !$file || $file['error'] == UPLOAD_ERR_NO_FILE) {
return true;
}
$upload_directory = JPATH_SITE . "/components/" . $GLOBALS["com_name"] . "/uploads/";
if (!is_writable($upload_directory)) {
$this->MessageBoard->Add(JText::_($GLOBALS["COM_NAME"] . '_ERR_DIR_NOT_WRITABLE'), FoxMessageBoard::error);
return false;
}
// Check for http $_FILES upload errors
if ($file['error']) {
// case 1 UPLOAD_ERR_INI_SIZE: 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
// case 2 UPLOAD_ERR_FORM_SIZE: 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
// case 3 UPLOAD_ERR_PARTIAL: 'The uploaded file was only partially uploaded';
// case 4 UPLOAD_ERR_NO_FILE: 'No file was uploaded';
// case 6 UPLOAD_ERR_NO_TMP_DIR: 'Missing a temporary folder';
// case 7 UPLOAD_ERR_CANT_WRITE: 'Failed to write file to disk';
// case 8 UPLOAD_ERR_EXTENSION: 'File upload stopped by extension';
$this->MessageBoard->Add(JText::sprintf($GLOBALS["COM_NAME"] . '_ERR_UPLOAD', $file['error']), FoxMessageBoard::error);
return false;
}
// Check file size
$size = $file['size'];
if ($size == 0) {
$this->MessageBoard->Add(JText::_($GLOBALS["COM_NAME"] . '_ERR_FILE_EMPTY'), FoxMessageBoard::error);
return false;
}
$max_filesize = intval($this->Params->get("uploadmax_file_size", "0")) * KB;
if ($size > $max_filesize) {
$this->MessageBoard->Add(JText::_($GLOBALS["COM_NAME"] . '_ERR_FILE_TOO_LARGE'), FoxMessageBoard::error);
return false;
}
$mimetype = new FMimeType();
if (!$mimetype->Check($file['tmp_name'], $this->Params)) {
// Noo need to delete the file uploaded
//unlink($file['tmp_name']);
$this->MessageBoard->Add(JText::_($GLOBALS["COM_NAME"] . '_ERR_MIME') . " [" . $mimetype->Mimetype . "]", FoxMessageBoard::error);
return false;
}
//Import filesystem libraries. Perhaps not necessary, but does not hurt
jimport('joomla.filesystem.file');
//Clean up filename to get rid of strange characters like spaces and others
$filename = JFile::makeSafe($file['name']);
// Assign a random unique id to the file name, to avoid that lamers can force the server to execute their uploaded shit
$filename = uniqid() . "-" . $filename;
$dest = $upload_directory . $filename;
// Todo: This attempt doesn't intercept the exception
/*
try
{
JFile::upload($file['tmp_name'], $dest);
}
catch (Exception $e)
{
//$e->getMessage()
return false;
}
*/
if (!JFile::upload($file['tmp_name'], $dest)) {
return false;
}
// Upload successful. Add an element to the uploads list
$jsession =& JFactory::getSession();
$fsession = new FSession($jsession->getId(), $this->Application->cid, $this->Application->mid);
// session_id, cid, mid
// Store the answer in the session
$data = $fsession->Load('filelist');
// Read the list from the session
if ($data) {
$filelist = explode("|", $data);
} else {
$filelist = array();
}
$filelist[] = $filename;
// Append this file to the list
$data = implode("|", $filelist);
$fsession->Save($data, "filelist");
return true;
}
public function HandleUpload($uploadDirectory)
{
$this->DebugLog->Write("HandleUpload() started");
if (!is_writable($uploadDirectory)) {
$this->DebugLog->Write("Directory " . $uploadDirectory . " is not writable");
return array('error' => JFactory::getLanguage()->_($GLOBALS["COM_NAME"] . '_ERR_DIR_NOT_WRITABLE'));
}
$this->DebugLog->Write("Directory " . $uploadDirectory . " is ok");
// Check file size
$size = $this->get_file_size();
if ($size == 0) {
$this->DebugLog->Write("File size is 0");
return array('error' => JFactory::getLanguage()->_($GLOBALS["COM_NAME"] . '_ERR_FILE_EMPTY'));
}
$this->DebugLog->Write("File size is > 0");
// uploadmax_file_size defaults to 0 to prevent hack attempts
$max = $this->Params->get("uploadmax_file_size", 0) * KB;
// and < max limit
if ($size > $max) {
$this->DebugLog->Write("File size too large ({$size} > {$max})");
return array('error' => JFactory::getLanguage()->_($GLOBALS["COM_NAME"] . '_ERR_FILE_TOO_LARGE'));
}
$this->DebugLog->Write("File size ({$size} / {$max}) is ok");
// Clean file name
$filename = preg_replace("/[^\\w\\.-_]/", "_", $this->get_file_name());
// Assign a random unique id to the file name, to avoid that lamers can force the server to execute their uploaded shit
$filename = uniqid() . "-" . $filename;
$full_filename = $uploadDirectory . $filename;
if (!$this->save_file($full_filename)) {
$this->DebugLog->Write("Error saving file");
return array('error' => JFactory::getLanguage()->_($GLOBALS["COM_NAME"] . '_ERR_SAVE_FILE'));
}
$this->DebugLog->Write("File saved");
$mimetype = new FMimeType();
if (!$mimetype->Check($full_filename, $this->Params)) {
// Delete the file uploaded
unlink($full_filename);
$this->DebugLog->Write("File type [" . $mimetype->Mimetype . "] is not allowed. Allowed types are:" . PHP_EOL . print_r($mimetype->Allowed, true));
return array('error' => JFactory::getLanguage()->_($GLOBALS["COM_NAME"] . '_ERR_MIME') . " [" . $mimetype->Mimetype . "]");
}
$this->DebugLog->Write("File type [" . $mimetype->Mimetype . "] is allowed");
$cid = JFactory::getApplication()->input->get("cid", NULL);
$mid = JFactory::getApplication()->input->get("mid", NULL);
$owner = JFactory::getApplication()->input->get("owner", NULL);
$id = JFactory::getApplication()->input->get("id", NULL);
$jsession = JFactory::getSession();
$fsession = new FSession($jsession->getId(), $cid, $mid);
// Store the answer in the session
$data = $fsession->Load('filelist');
// Read the list from the session
if ($data) {
$filelist = explode("|", $data);
} else {
$filelist = array();
}
$filelist[] = $filename;
// Append this file to the list
$data = implode("|", $filelist);
$fsession->Save($data, "filelist");
$this->Log->Write("File " . $filename . " uploaded succesful.");
$this->DebugLog->Write("File uploaded succesful.");
return array("success" => true);
}
