Esempio n. 1
0
                 } else {
                     $cmtx_captcha = trim($_POST['recaptcha_response_field']);
                     //get and trim entered captcha value
                     if (empty($cmtx_captcha)) {
                         //if no captcha value entered
                         cmtx_error(CMTX_ERROR_MESSAGE_NO_CAPTCHA);
                         //reject user for entering no captcha value
                     } else {
                         //if captcha value entered
                         require_once $cmtx_path . 'includes/external/recaptcha/recaptchalib.php';
                         //load captcha script
                         $cmtx_recaptcha_private_key = cmtx_setting('recaptcha_private_key');
                         $cmtx_recaptcha_response = recaptcha_check_answer($cmtx_recaptcha_private_key, $cmtx_ip_address, $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
                         if (!$cmtx_recaptcha_response->is_valid) {
                             //if entered captcha value invalid
                             cmtx_error(CMTX_ERROR_MESSAGE_WRONG_CAPTCHA);
                             //reject user for entering wrong captcha value
                         } else {
                             if (cmtx_session_set()) {
                                 //if there's a session
                                 $_SESSION['cmtx_captcha'] = cmtx_setting('session_key');
                                 //add captcha completion to session
                             }
                         }
                     }
                 }
             }
         }
     }
 }
 /* Akismet */
Esempio n. 2
0
function cmtx_flood_control_maximum()
{
    //check amount of comments does not exceed set maximum within set period
    global $cmtx_mysql_table_prefix, $cmtx_page_id;
    //globalise variables
    $ip_address = cmtx_get_ip_address();
    $now = strtotime(date('Y-m-d H:i:s'));
    //get current time
    $earlier = $now - 3600 * cmtx_setting('flood_control_maximum_period');
    //subtract time period from current time
    $earlier = date('Y-m-d H:is', $earlier);
    //convert to normal date
    //count number of comments (if any) within past period by current user
    if (cmtx_setting('flood_control_maximum_all_pages')) {
        //for all pages
        $query = cmtx_db_query("SELECT COUNT(*) as `amount` FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `ip_address` = '{$ip_address}' AND `dated` > '{$earlier}'");
    } else {
        //for current page
        $query = cmtx_db_query("SELECT COUNT(*) as `amount` FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `ip_address` = '{$ip_address}' AND `page_id` = '{$cmtx_page_id}' AND `dated` > '{$earlier}'");
    }
    $result = cmtx_db_fetch_assoc($query);
    $amount = $result['amount'];
    if ($amount >= cmtx_setting('flood_control_maximum_amount')) {
        //if comment amount exceeds allowed amount
        cmtx_error(CMTX_ERROR_MESSAGE_FLOOD_CONTROL_MAXIMUM);
        //reject user for too many comments within past period
    }
}