コード例 #1
0
ファイル: xcaptcha.php プロジェクト: ming-hai/XoopsCore
 public function __construct()
 {
     $this->captchaHandler = XoopsCaptcha::getInstance();
     $this->config = $this->loadConfig();
     $this->plugin_List = $this->getPluginList();
     $this->plugin_config = $this->loadConfigPlugin();
     $this->xcaptcha_path_plugin = \XoopsBaseConfig::get('root-path') . '/modules/xcaptcha/plugins';
 }
コード例 #2
0
ファイル: CaptchaTest.php プロジェクト: ming-hai/XoopsCore
 /**
  * @covers Xoops\Form\Captcha::setConfig
  */
 public function testSetConfig()
 {
     $value = $this->object->setConfig('dummy_name', 'dummy_value');
     $this->assertTrue($value);
     $handler = \XoopsCaptcha::getInstance();
     $configs = $handler->config;
     $this->assertTrue(is_array($configs));
     $this->assertSame('dummy_value', $configs['dummy_name']);
 }
コード例 #3
0
 /**
  *
  * @param string $caption Caption of the form element, default value is defined in captcha/language/
  * @param string $name Name for the input box
  * @param boolean $skipmember Skip CAPTCHA check for members
  */
 function XoopsFormCaptcha($caption = '', $name = 'xoopscaptcha', $skipmember = true, $configs = array())
 {
     xoops_load('XoopsCaptcha');
     $this->captchaHandler =& XoopsCaptcha::getInstance();
     $configs['name'] = $name;
     $configs['skipmember'] = $skipmember;
     $this->captchaHandler->setConfigs($configs);
     if (!$this->captchaHandler->isActive()) {
         $this->setHidden();
     } else {
         $caption = !empty($caption) ? $caption : $this->captchaHandler->getCaption();
         $this->setCaption($caption);
         $this->setName($name);
     }
 }
コード例 #4
0
ファイル: Captcha.php プロジェクト: redmexico/XoopsCore
 /**
  * __construct
  *
  * @param string  $caption    Caption of the form element, default value is defined in captcha/language/
  * @param string  $name       Name for the input box
  * @param boolean $skipmember Skip CAPTCHA check for members
  * @param array   $configs    key/value pairs
  */
 public function __construct($caption = '', $name = 'xoopscaptcha', $skipmember = true, $configs = array())
 {
     $this->captchaHandler = \XoopsCaptcha::getInstance();
     $configs['name'] = $name;
     $configs['skipmember'] = $skipmember;
     $configs = $this->captchaHandler->loadConfig();
     $this->captchaHandler->setConfigs($configs);
     if (!$this->captchaHandler->isActive()) {
         $this->setHidden();
     } else {
         $caption = !empty($caption) ? $caption : $this->captchaHandler->getCaption();
         $this->setCaption($caption);
         $this->setName($name);
     }
 }
コード例 #5
0
ファイル: Captcha.php プロジェクト: ming-hai/XoopsCore
 /**
  * __construct
  *
  * @param string|array $caption    Caption (default defined in captcha/language/) or array of all attributes
  * @param string       $name       Name for the input box
  * @param boolean      $skipmember Skip CAPTCHA check for members
  * @param array        $configs    key/value pairs
  */
 public function __construct($caption = '', $name = 'xoopscaptcha', $skipmember = true, $configs = array())
 {
     $this->captchaHandler = \XoopsCaptcha::getInstance();
     if (is_array($caption)) {
         parent::__construct($caption);
     } else {
         parent::__construct([]);
         $this->setIfNotEmpty('caption', $caption);
         $this->setIfNotEmpty('name', $name);
         $this->setIfNotSet(':skipmember', $skipmember);
         $this->setIfNotEmpty(':configs', $configs);
     }
     $this->setIfNotSet('caption', $this->captchaHandler->getCaption());
     $this->setIfNotSet('name', 'xoopscaptcha');
     $configs = $this->get(':configs', []);
     $configs['name'] = $this->get('name');
     $configs['skipmember'] = $this->get(':skipmember', true);
     $configs = $this->captchaHandler->loadConfig();
     $this->captchaHandler->setConfigs($configs);
     if (!$this->captchaHandler->isActive()) {
         $this->setHidden();
     }
 }
コード例 #6
0
ファイル: recaptcha2.php プロジェクト: geekwright/XoopsCore25
 /**
  * XoopsCaptchaRecaptcha2::verify()
  *
  * @param string|null $sessionName unused for recaptcha
  *
  * @return bool
  */
 public function verify($sessionName = null)
 {
     $isValid = false;
     $recaptchaResponse = Request::getString('g-recaptcha-response', '');
     $recaptchaVerifyURL = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config['secret_key'] . '&response=' . $recaptchaResponse . '&remoteip=' . IPAddress::fromRequest()->asReadable();
     $usedCurl = false;
     if (function_exists('curl_init') && false !== ($curlHandle = curl_init())) {
         curl_setopt($curlHandle, CURLOPT_URL, $recaptchaVerifyURL);
         curl_setopt($curlHandle, CURLOPT_FAILONERROR, true);
         curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 5);
         $curlReturn = curl_exec($curlHandle);
         if (false === $curlReturn) {
             trigger_error(curl_error($curlHandle));
         } else {
             $usedCurl = true;
             $recaptchaCheck = json_decode($curlReturn, true);
         }
         curl_close($curlHandle);
     }
     if (false === $usedCurl) {
         $recaptchaCheck = file_get_contents($recaptchaVerifyURL);
         $recaptchaCheck = json_decode($recaptchaCheck, true);
     }
     if (isset($recaptchaCheck['success']) && $recaptchaCheck['success'] === true) {
         $isValid = true;
     } else {
         /** @var \XoopsCaptcha $captchaInstance */
         $captchaInstance = \XoopsCaptcha::getInstance();
         /** @var array $recaptchaCheck */
         foreach ($recaptchaCheck['error-codes'] as $msg) {
             $captchaInstance->message[] = $msg;
         }
     }
     return $isValid;
 }
コード例 #7
0
ファイル: register.php プロジェクト: yunsite/xoopsdc
         echo "<input type='hidden' name='user_viewemail' value='" . $user_viewemail . "' />\n        <input type='hidden' name='timezone_offset' value='" . (double) $timezone_offset . "' />\n        <input type='hidden' name='url' value='" . $myts->htmlSpecialChars($url) . "' />\n        <input type='hidden' name='pass' value='" . $myts->htmlSpecialChars($pass) . "' />\n        <input type='hidden' name='vpass' value='" . $myts->htmlSpecialChars($vpass) . "' />\n        <input type='hidden' name='user_mailok' value='" . $user_mailok . "' />\n        <br /><br /><input type='hidden' name='op' value='finish' />" . $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _US_FINISH . "' /></form>";
     } else {
         echo "<span style='color:#ff0000;'>{$stop}</span>";
         include 'include/registerform.php';
         $reg_form->display();
     }
     include 'footer.php';
     break;
 case 'finish':
     include 'header.php';
     $stop = XoopsUserUtility::validate($uname, $email, $pass, $vpass);
     if (!$GLOBALS['xoopsSecurity']->check()) {
         $stop .= implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()) . "<br />";
     }
     xoops_load("captcha");
     $xoopsCaptcha = XoopsCaptcha::getInstance();
     if (!$xoopsCaptcha->verify()) {
         $stop .= $xoopsCaptcha->getMessage() . "<br />";
     }
     if (empty($stop)) {
         $member_handler =& xoops_gethandler('member');
         $newuser =& $member_handler->createUser();
         $newuser->setVar('user_viewemail', $user_viewemail, true);
         $newuser->setVar('uname', $uname, true);
         $newuser->setVar('email', $email, true);
         if ($url != '') {
             $newuser->setVar('url', formatURL($url), true);
         }
         $newuser->setVar('user_avatar', 'blank.gif', true);
         $actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);
         $newuser->setVar('actkey', $actkey, true);
コード例 #8
0
ファイル: helper.php プロジェクト: ming-hai/XoopsCore
 public function displayPost()
 {
     $xoops = Xoops::getInstance();
     if (Request::getMethod() !== 'POST') {
         $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
     }
     $id = Request::getInt('com_id');
     $modid = Request::getInt('com_modid');
     if (empty($modid)) {
         $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
     }
     /* @var $comment CommentsComment */
     $comment = $this->getHandlerComment()->get($id);
     if (!is_object($comment)) {
         $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
     }
     if (!$comment->isNew()) {
         $modid = $comment->getVar('modid');
     } else {
         $comment->setVar('modid', $modid);
     }
     $module = $xoops->getModuleById($modid);
     if (!is_object($module)) {
         $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
     }
     $moddir = $module->getVar('dirname');
     if ($xoops->isAdminSide) {
         if (empty($id)) {
             $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
         }
         $redirect_page = $this->url('admin/main.php?com_modid=' . $modid . '&amp;com_itemid');
     } else {
         if (COMMENTS_APPROVENONE == $xoops->getModuleConfig('com_rule', $module->getVar('dirname'))) {
             $xoops->redirect(\XoopsBaseConfig::get('url'), 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
         }
         $redirect_page = '';
     }
     /* @var $plugin CommentsPluginInterface */
     if ($plugin = \Xoops\Module\Plugin::getPlugin($moddir, 'comments')) {
         if (!$xoops->isAdminSide) {
             $redirect_page = $xoops->url('modules/' . $moddir . '/' . $plugin->pageName() . '?');
             if (is_array($extraParams = $plugin->extraParams())) {
                 $extra_params = '';
                 foreach ($extraParams as $extra_param) {
                     $extra_params .= isset($_POST[$extra_param]) ? $extra_param . '=' . htmlspecialchars($_POST[$extra_param]) . '&amp;' : $extra_param . '=amp;';
                 }
                 $redirect_page .= $extra_params;
             }
             $redirect_page .= $plugin->itemName();
         }
         $comment_url = $redirect_page;
         $op = Request::getBool('com_dopost') ? 'post' : '';
         $op = Request::getBool('com_dopreview') ? 'preview' : $op;
         $op = Request::getBool('com_dodelete') ? 'delete' : $op;
         if ($op === 'preview' || $op === 'post') {
             if (!$xoops->security()->check()) {
                 $op = '';
             }
         }
         if ($op === 'post' && !$xoops->isUser()) {
             $xoopsCaptcha = XoopsCaptcha::getInstance();
             if (!$xoopsCaptcha->verify()) {
                 $captcha_message = $xoopsCaptcha->getMessage();
                 $op = 'preview';
             }
         }
         $title = XoopsLocale::trim(Request::getString('com_title'));
         $text = XoopsLocale::trim(Request::getString('com_text'));
         $mode = XoopsLocale::trim(Request::getString('com_mode', 'flat'));
         $order = XoopsLocale::trim(Request::getString('com_order', COMMENTS_OLD1ST));
         $itemid = Request::getInt('com_itemid');
         $pid = Request::getInt('com_pid');
         $rootid = Request::getInt('com_rootid');
         $status = Request::getInt('com_status');
         $dosmiley = Request::getBool('com_dosmiley');
         $doxcode = Request::getBool('com_doxcode');
         $dobr = Request::getBool('com_dobr');
         $dohtml = Request::getBool('com_html');
         $doimage = Request::getBool('com_doimage');
         $icon = XoopsLocale::trim(Request::getString('com_icon'));
         $comment->setVar('title', $title);
         $comment->setVar('text', $text);
         $comment->setVar('itemid', $itemid);
         $comment->setVar('pid', $pid);
         $comment->setVar('rootid', $rootid);
         $comment->setVar('status', $status);
         $comment->setVar('dosmiley', $dosmiley);
         $comment->setVar('doxcode', $doxcode);
         $comment->setVar('dobr', $dobr);
         $comment->setVar('dohtml', $dohtml);
         $comment->setVar('doimage', $doimage);
         $comment->setVar('icon', $icon);
         switch ($op) {
             case "delete":
                 $this->displayDelete();
                 break;
             case "preview":
                 $comment->setVar('doimage', 1);
                 if ($comment->getVar('dohtml') != 0) {
                     if ($xoops->isUser()) {
                         if (!$xoops->user->isAdmin($comment->getVar('modid'))) {
                             $comment->setVar('dohtml', 0);
                         }
                     } else {
                         $comment->setVar('dohtml', 0);
                     }
                 }
                 $xoops->header();
                 if (!$xoops->isAdminSide && !empty($captcha_message)) {
                     echo $xoops->alert('error', $captcha_message);
                 }
                 echo $this->renderHeader($comment->getVar('title', 'p'), $comment->getVar('text', 'p'), false, time());
                 $this->displayCommentForm($comment);
                 $xoops->footer();
                 break;
             case "post":
                 $comment->setVar('doimage', 1);
                 $comment_handler = $this->getHandlerComment();
                 $add_userpost = false;
                 $call_approvefunc = false;
                 $call_updatefunc = false;
                 // RMV-NOTIFY - this can be set to 'comment' or 'comment_submit'
                 $notify_event = false;
                 if (!empty($id)) {
                     $accesserror = false;
                     if ($xoops->isUser()) {
                         if ($xoops->user->isAdmin($comment->getVar('modid'))) {
                             if (!empty($status) && $status != COMMENTS_PENDING) {
                                 $old_status = $comment->getVar('status');
                                 $comment->setVar('status', $status);
                                 // if changing status from pending state, increment user post
                                 if (COMMENTS_PENDING == $old_status) {
                                     $add_userpost = true;
                                     if (COMMENTS_ACTIVE == $status) {
                                         $call_updatefunc = true;
                                         $call_approvefunc = true;
                                         // RMV-NOTIFY
                                         $notify_event = 'comment';
                                     }
                                 } else {
                                     if (COMMENTS_HIDDEN == $old_status && COMMENTS_ACTIVE == $status) {
                                         $call_updatefunc = true;
                                         // Comments can not be directly posted hidden,
                                         // no need to send notification here
                                     } else {
                                         if (COMMENTS_ACTIVE == $old_status && COMMENTS_HIDDEN == $status) {
                                             $call_updatefunc = true;
                                         }
                                     }
                                 }
                             }
                         } else {
                             $comment->setVar('dohtml', 0);
                             if ($comment->getVar('uid') != $xoops->user->getVar('uid')) {
                                 $accesserror = true;
                             }
                         }
                     } else {
                         $comment->setVar('dohtml', 0);
                         $accesserror = true;
                     }
                     if (false != $accesserror) {
                         $xoops->redirect($redirect_page . '=' . $comment->getVar('itemid') . '&amp;com_id=' . $comment->getVar('id') . '&amp;com_mode=' . $mode . '&amp;com_order=' . $order, 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
                     }
                 } else {
                     $comment->setVar('created', time());
                     $comment->setVar('ip', $xoops->getEnv('REMOTE_ADDR'));
                     if ($xoops->isUser()) {
                         if ($xoops->user->isAdmin($comment->getVar('modid'))) {
                             $comment->setVar('status', COMMENTS_ACTIVE);
                             $add_userpost = true;
                             $call_approvefunc = true;
                             $call_updatefunc = true;
                             // RMV-NOTIFY
                             $notify_event = 'comment';
                         } else {
                             $comment->setVar('dohtml', 0);
                             switch ($xoops->getModuleConfig('com_rule')) {
                                 case COMMENTS_APPROVEALL:
                                 case COMMENTS_APPROVEUSER:
                                     $comment->setVar('status', COMMENTS_ACTIVE);
                                     $add_userpost = true;
                                     $call_approvefunc = true;
                                     $call_updatefunc = true;
                                     // RMV-NOTIFY
                                     $notify_event = 'comment';
                                     break;
                                 case COMMENTS_APPROVEADMIN:
                                 default:
                                     $comment->setVar('status', COMMENTS_PENDING);
                                     $notify_event = 'comment_submit';
                                     break;
                             }
                         }
                         if ($xoops->getModuleConfig('com_anonpost', $module->getVar('dirname')) && $comment->getVar('noname')) {
                             $comment->setVar('uid', 0);
                         } else {
                             $comment->setVar('uid', $xoops->user->getVar('uid'));
                         }
                     } else {
                         $comment->setVar('dohtml', 0);
                         $comment->setVar('uid', 0);
                         if ($xoops->getModuleConfig('com_anonpost', $module->getVar('dirname')) != 1) {
                             $xoops->redirect($redirect_page . '=' . $comment->getVar('itemid') . '&amp;com_id=' . $comment->getVar('id') . '&amp;com_mode=' . $mode . '&amp;com_order=' . $order, 1, XoopsLocale::E_NO_ACCESS_PERMISSION);
                         }
                     }
                     if ($comment->getVar('uid') == 0) {
                         switch ($xoops->getModuleConfig('com_rule')) {
                             case COMMENTS_APPROVEALL:
                                 $comment->setVar('status', COMMENTS_ACTIVE);
                                 $add_userpost = true;
                                 $call_approvefunc = true;
                                 $call_updatefunc = true;
                                 // RMV-NOTIFY
                                 $notify_event = 'comment';
                                 break;
                             case COMMENTS_APPROVEADMIN:
                             case COMMENTS_APPROVEUSER:
                             default:
                                 $comment->setVar('status', COMMENTS_PENDING);
                                 // RMV-NOTIFY
                                 $notify_event = 'comment_submit';
                                 break;
                         }
                     }
                 }
                 if ($comment->getVar('title') == '') {
                     $comment->setVar('title', XoopsLocale::NO_TITLE);
                 }
                 $comment->setVar('modified', time());
                 if (isset($extra_params)) {
                     $comment->setVar('exparams', $extra_params);
                 }
                 if (false != $comment_handler->insert($comment)) {
                     $newcid = $comment->getVar('id');
                     // set own id as root id if this is a top comment
                     if ($comment->getVar('rootid') == 0) {
                         $comment->setVar('rootid', $newcid);
                         if (!$comment_handler->updateByField($comment, 'rootid', $comment->getVar('rootid'))) {
                             $comment_handler->delete($comment);
                             $xoops->header();
                             echo $xoops->alert('error', $comment->getHtmlErrors());
                             $xoops->footer();
                         }
                     }
                     // call custom approve function if any
                     if (false != $call_approvefunc) {
                         $plugin->approve($comment);
                     }
                     if (false != $call_updatefunc) {
                         $criteria = new CriteriaCompo(new Criteria('modid', $comment->getVar('modid')));
                         $criteria->add(new Criteria('itemid', $comment->getVar('itemid')));
                         $criteria->add(new Criteria('status', COMMENTS_ACTIVE));
                         $comment_count = $comment_handler->getCount($criteria);
                         $plugin->update($comment->getVar('itemid'), $comment_count);
                     }
                     // increment user post if needed
                     $uid = $comment->getVar('uid');
                     if ($uid > 0 && false != $add_userpost) {
                         $member_handler = $xoops->getHandlerMember();
                         $poster = $member_handler->getUser($uid);
                         if ($poster instanceof XoopsUser) {
                             $member_handler->updateUserByField($poster, 'posts', $poster->getVar('posts') + 1);
                         }
                     }
                     // RMV-NOTIFY
                     // trigger notification event if necessary
                     if ($notify_event && $xoops->isActiveModule('notifications')) {
                         $notifications = Notifications::getInstance();
                         $not_modid = $comment->getVar('modid');
                         $not_catinfo = $notifications->getCommentsCategory($module->getVar('dirname'));
                         $not_category = $not_catinfo['name'];
                         $not_itemid = $comment->getVar('itemid');
                         $not_event = $notify_event;
                         // Build an ABSOLUTE URL to view the comment.  Make sure we
                         // point to a viewable page (i.e. not the system administration
                         // module).
                         $comment_tags = array();
                         $comment_tags['X_COMMENT_URL'] = $comment_url . '=' . $comment->getVar('itemid') . '&amp;com_id=' . $comment->getVar('id') . '&amp;com_rootid=' . $comment->getVar('rootid') . '&amp;com_mode=' . $mode . '&amp;com_order=' . $order . '#comment' . $comment->getVar('id');
                         if ($xoops->isActiveModule('notifications')) {
                             Notifications::getInstance()->getHandlerNotification()->triggerEvent($not_category, $not_itemid, $not_event, $comment_tags, false, $not_modid);
                         }
                     }
                     if (!isset($comment_post_results)) {
                         // if the comment is active, redirect to posted comment
                         if ($comment->getVar('status') == COMMENTS_ACTIVE) {
                             $xoops->redirect($redirect_page . '=' . $comment->getVar('itemid') . '&amp;com_id=' . $comment->getVar('id') . '&amp;com_rootid=' . $comment->getVar('rootid') . '&amp;com_mode=' . $mode . '&amp;com_order=' . $order . '#comment' . $comment->getVar('id'), 1, _MD_COMMENTS_THANKSPOST);
                         } else {
                             // not active, so redirect to top comment page
                             $xoops->redirect($redirect_page . '=' . $comment->getVar('itemid') . '&amp;com_mode=' . $mode . '&amp;com_order=' . $order . '#comment' . $comment->getVar('id'), 1, _MD_COMMENTS_THANKSPOST);
                         }
                     }
                 } else {
                     if (!isset($purge_comment_post_results)) {
                         $xoops->header();
                         echo $xoops->alert('error', $comment->getHtmlErrors());
                         $xoops->footer();
                     } else {
                         $comment_post_results = $comment->getErrors();
                     }
                 }
                 break;
             default:
                 $xoops->redirect(\XoopsBaseConfig::get('url') . '/', 1, implode('<br />', $xoops->security()->getErrors()));
                 break;
         }
     }
 }
コード例 #9
0
ファイル: image.php プロジェクト: gauravsaxena21/simantz
 function __construct()
 {
     xoops_load('XoopsCaptcha');
     $this->captcha_handler = XoopsCaptcha::getInstance();
     $this->config = $this->captcha_handler->loadConfig("image");
 }
コード例 #10
0
ファイル: imageclass.php プロジェクト: ming-hai/XoopsCore
 /**
  * Constructor
  */
 public function __construct()
 {
     $this->captcha_handler = XoopsCaptcha::getInstance();
     $this->config = $this->captcha_handler->loadConfig("image");
     $this->xoops_root_path = \XoopsBaseConfig::get('root-path');
 }