-
Notifications
You must be signed in to change notification settings - Fork 0
/
start.php
110 lines (86 loc) · 3.09 KB
/
start.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?php
require_once(dirname(__FILE__) . "/../../vendor/autoload.php");
elgg_register_event_handler('init' , 'system', 'recaptcha_init');
function recaptcha_init() {
if (!is_recaptcha_enabled()) {
return;
}
elgg_register_js('recaptcha', 'https://www.google.com/recaptcha/api.js?hl=' . get_current_language());
elgg_register_plugin_hook_handler('actionlist', 'captcha', 'image_captcha_actionlist_hook');
$actions = array(
'register',
'user/requestnewpassword'
);
foreach ($actions as $action) {
elgg_register_plugin_hook_handler('action', $action, 'recaptcha_action_hook');
}
}
function is_recaptcha_enabled() {
$key = elgg_get_plugin_setting('site_key', 'recaptcha');
$secret = elgg_get_plugin_setting('secret_key', 'recaptcha');
if ($key && $secret) {
return true;
}
return false;
}
function recaptcha_action_hook($hook, $entity_type, $returnvalue, $params) {
$response = get_input('g-recaptcha-response');
if (!recaptcha_validate_location()) {
register_error(elgg_echo('recaptcha:invalid_request'));
forward(REFERER);
}
if (!$response || !recaptcha_validate_code($response)) {
register_error(elgg_echo('recaptcha:could_not_validate'));
forward(REFERER);
}
}
function recaptcha_validate_code($response) {
$client = new GuzzleHttp\Client();
try {
$response = $client->post('https://www.google.com/recaptcha/api/siteverify', array(
'body' => array(
'secret' => elgg_get_plugin_setting('secret_key', 'recaptcha'),
'response' => $response,
'remoteip' => recaptcha_get_user_ip()
)
));
$data = $response->json();
if (isset($data['success']) && $data['success'] === true) {
return true;
} else {
return false;
}
} catch (RequestException $e) {
return false;
}
}
function recaptcha_validate_location() {
$limit_registration = elgg_get_plugin_setting("limit_registration", "recaptcha");
if ($limit_registration !== "yes") {
return true;
}
$valid_countries = ["EU", "AD", "AL", "AT", "BA", "BE", "BG", "BY", "CH", "CS", "CZ", "DE", "DK", "EE", "ES", "FI", "FO", "FR", "FX", "GB", "GI", "GR", "HR", "HU", "IE", "IS", "IT", "LI", "LT", "LU", "LV", "MC", "MD", "MK", "MT", "NL", "NO", "PL", "PT", "RO", "SE", "SI", "SJ", "SK", "SM", "UA", "VA"];
$ip = filter_var(recaptcha_get_user_ip(), FILTER_VALIDATE_IP);
if (!$ip) {
return true;
}
$client = new GuzzleHttp\Client();
try {
$response = $client->get("https://freegeoip.net/json/" . $ip);
$data = $response->json();
if (!$data["country_code"]) {
return false;
}
if (in_array($data["country_code"], $valid_countries)) {
return true;
}
} catch (RequestException $e) {
return true;
}
}
function recaptcha_get_user_ip() {
if (isset($_SERVER['HTTP_X_REAL_IP'])) {
return $_SERVER['HTTP_X_REAL_IP'];
}
return $_SERVER['REMOTE_ADDR'];
}