/**
* Validate the class instance.
* This overrides the default invocation to provide additional rules after the controller is setup.
*
* @return void
*/
public function validate()
{
$board = $this->board;
$user = $this->user;
if (is_null($board) || is_null($user)) {
return parent::validate();
}
$validator = $this->getValidatorInstance();
$messages = $validator->errors();
// Check global flood.
$lastPost = Post::where('author_ip', inet_pton($this->ip()))->where('created_at', '>', \Carbon\Carbon::now()->subSeconds(30))->op()->first();
if ($lastPost instanceof Post) {
$timeDiff = 30 - $lastPost->created_at->diffInSeconds();
$messages = $validator->errors();
$messages->add("flood", trans_choice("validation.custom.thread_flood", $timeDiff, ['time_left' => $timeDiff]));
$this->failedValidation($validator);
return;
}
// Ban check.
$ban = Ban::getBan($this->ip(), $board->board_uri);
if ($ban) {
$messages = $validator->errors();
$messages->add("body", trans("validation.custom.banned"));
$this->ban = $ban;
$this->failedValidation($validator);
return;
}
// Board-level setting validaiton.
$validator->sometimes('captcha', "required|captcha", function ($input) use($board) {
return !$board->canPostWithoutCaptcha($this->user);
});
if (!$validator->passes()) {
$this->failedValidation($validator);
} else {
if (!$this->user->canAdminConfig() && $board->canPostWithoutCaptcha($this->user)) {
// Check last post time for flood.
$floodTime = site_setting('postFloodTime');
if ($floodTime > 0) {
$lastPost = Post::getLastPostForIP();
if ($lastPost) {
$floodTimer = clone $lastPost->created_at;
$floodTimer->addSeconds($floodTime);
if ($floodTimer->isFuture()) {
$messages->add("body", trans("validation.custom.post_flood", ['time_left' => $floodTimer->diffInSeconds()]));
}
}
}
}
// Validate individual files.
$input = $this->all();
// Process uploads.
if (isset($input['files'])) {
$uploads = $input['files'];
if (count($uploads) > 0) {
foreach ($uploads as $uploadIndex => $upload) {
// If a file is uploaded that has a specific filename, it breaks the process.
if (method_exists($upload, "getPathname") && !file_exists($upload->getPathname())) {
$messages->add("files.{$uploadIndex}", trans("validation.custom.file_corrupt", ["filename" => $upload->getClientOriginalName()]));
}
}
}
}
}
if (count($validator->errors())) {
$this->failedValidation($validator);
}
}
/**
* Validate the class instance.
* This overrides the default invocation to provide additional rules after the controller is setup.
*
* @return void
*/
public function validate()
{
$board = $this->board;
$thread = $this->thread;
$user = $this->user;
$validator = $this->getValidatorInstance();
$messages = $validator->errors();
$isReply = $this->thread instanceof Post;
if ($isReply) {
$floodTime = site_setting('postFloodTime');
// Check global flood.
$lastPost = Post::select('created_at')->whereAuthorIP($this->ip())->where('created_at', '>=', \Carbon\Carbon::now()->subSeconds($floodTime))->first();
if ($lastPost instanceof Post) {
$timeDiff = $floodTime - $lastPost->created_at->diffInSeconds() + 1;
$messages->add("flood", trans_choice("validation.custom.post_flood", $timeDiff, ['time_left' => $timeDiff]));
$this->failedValidation($validator);
return;
}
} else {
$floodTime = site_setting('threadFloodTime');
// Check global flood.
$lastThread = Post::select('created_at')->whereAuthorIP($this->ip())->where('created_at', '>=', \Carbon\Carbon::now()->subSeconds($floodTime))->op()->first();
if ($lastThread instanceof Post) {
$timeDiff = $floodTime - $lastThread->created_at->diffInSeconds() + 1;
$messages->add("flood", trans_choice("validation.custom.thread_flood", $timeDiff, ['time_left' => $timeDiff]));
$this->failedValidation($validator);
return;
}
}
// Board-level setting validaiton.
$validator->sometimes('captcha', "required|captcha", function ($input) use($board) {
return !$board->canPostWithoutCaptcha($this->user);
});
if (!$validator->passes()) {
$this->failedValidation($validator);
} else {
if (!$this->user->canAdminConfig() && $board->canPostWithoutCaptcha($this->user)) {
// Check last post time for flood.
$floodTime = site_setting('postFloodTime');
if ($floodTime > 0) {
$lastPost = Post::getLastPostForIP();
if ($lastPost) {
$floodTimer = clone $lastPost->created_at;
$floodTimer->addSeconds($floodTime);
if ($floodTimer->isFuture()) {
$messages->add("body", trans("validation.custom.post_flood", ['time_left' => $floodTimer->diffInSeconds()]));
}
}
}
}
// Validate individual files being uploaded right now.
$this->validateOriginality();
}
if (count($validator->errors())) {
$this->failedValidation($validator);
} else {
if (!$this->passesAuthorization()) {
$this->failedAuthorization();
}
}
}
public function canPostWithoutCaptcha(PermissionUser $user)
{
// Check if site requires captchas.
if (!site_setting('captchaEnabled')) {
return true;
}
// Check if this user can bypass captchas.
if ($user->canPostWithoutCaptcha($this)) {
return true;
}
// Begin to check captchas for last answers.
$ip = new IP();
$lastCaptcha = Captcha::select('created_at', 'cracked_at')->where(function ($query) use($ip) {
// Find captchas answered by this user.
$query->where('client_ip', $ip);
// Pull the lifespan of a captcha.
// This is the number of minutes between successful entries.
$captchaLifespan = (int) site_setting('captchaLifespanTime', 0);
if ($captchaLifespan > 0) {
$query->whereNotNull('cracked_at');
$query->where('cracked_at', '>=', \Carbon\Carbon::now()->subMinutes($captchaLifespan));
}
})->orderBy('cracked_at', 'desc')->first();
$requireCaptcha = !$lastCaptcha instanceof Captcha;
if (!$requireCaptcha) {
$captchaLifespan = (int) site_setting('captchaLifespanPosts');
if ($captchaLifespan > 0) {
$postsWithCaptcha = Post::select('created_at')->where('author_ip', $ip)->where('created_at', '>=', $lastCaptcha->created_at)->count();
$requireCaptcha = $postsWithCaptcha >= $captchaLifespan;
}
}
return !$requireCaptcha;
}
/**
* Validate the class instance.
* This overrides the default invocation to provide additional rules after the controller is setup.
*
* @return void
*/
public function validate()
{
$board = $this->board;
$user = $this->user;
if (!$board || !$user) {
return parent::validate();
}
$validator = $this->getValidatorInstance();
$validator->sometimes('captcha', "required|captcha", function ($input) use($board) {
return !$board->canPostWithoutCaptcha($this->user);
});
if (!$validator->passes()) {
$this->failedValidation($validator);
} else {
if (!$this->user->canAdminConfig() && $board->canPostWithoutCaptcha($this->user)) {
// Check last post time for flood.
$floodTime = site_setting('postFloodTime');
if ($floodTime > 0) {
$lastPost = Post::getLastPostForIP();
if ($lastPost) {
$floodTimer = clone $lastPost->created_at;
$floodTimer->addSeconds($floodTime);
if ($floodTimer->isFuture()) {
$messages = $validator->errors();
$messages->add("body", trans("validation.custom.post_flood", ['time_left' => $floodTimer->diffInSeconds()]));
$this->failedValidation($validator);
}
}
}
}
// This is a hack, but ...
// If a file is uploaded that has a specific filename, it breaks the process.
$input = $this->all();
// Process uploads.
if (isset($inpput['files'])) {
$uploads = $input['files'];
if (count($uploads) > 0) {
foreach ($uploads as $uploadIndex => $upload) {
if (method_exists($upload, "getPathname") && !file_exists($upload->getPathname())) {
$messages = $validator->errors();
$messages->add("files.{$uploadIndex}", trans("validation.custom.file_corrupt", ["filename" => $upload->getClientOriginalName()]));
$this->failedValidation($validator);
break;
}
}
}
}
}
}
