/** * Validate and decode a JSON Web Token string from a request (i.e. POST body) * * @param string $keyName name of the key to used to sign the token * @param string $attributeName name of cookie that sources the token * @param array|\Traversable $assertClaims traversable set of claims, claim => value, to assert * * @return object|false payload as stdClass, or false if token was invalid */ public static function fromRequest($keyName, $attributeName, $assertClaims = array()) { $token = Request::getString($attributeName, ''); if (empty($token)) { return false; } return static::fromString($keyName, $token, $assertClaims); }
/** * XoopsCaptchaRecaptcha::verify() * * @param mixed|null $sessionName * * @return bool */ public function verify($sessionName = null) { $is_valid = false; require_once __DIR__ . '/recaptcha/recaptchalib.php'; if (!empty(Request::getString('recaptcha_response_field', '', 'POST'))) { $resp = recaptcha_check_answer($this->config['private_key'], $_SERVER['REMOTE_ADDR'], Request::getString('recaptcha_challenge_field', '', 'POST'), Request::getString('recaptcha_response_field', '', 'POST')); if (!$resp->is_valid) { $this->message[] = $resp->error; } else { $is_valid = true; } } return $is_valid; }
/** * XoopsCaptchaRecaptcha2::verify() * * @param string|null $sessionName unused for recaptcha * * @return bool */ public function verify($sessionName = null) { $isValid = false; $recaptchaResponse = Request::getString('g-recaptcha-response', ''); $recaptchaVerifyURL = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config['secret_key'] . '&response=' . $recaptchaResponse . '&remoteip=' . IPAddress::fromRequest()->asReadable(); $usedCurl = false; if (function_exists('curl_init') && false !== ($curlHandle = curl_init())) { curl_setopt($curlHandle, CURLOPT_URL, $recaptchaVerifyURL); curl_setopt($curlHandle, CURLOPT_FAILONERROR, true); curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 5); $curlReturn = curl_exec($curlHandle); if (false === $curlReturn) { trigger_error(curl_error($curlHandle)); } else { $usedCurl = true; $recaptchaCheck = json_decode($curlReturn, true); } curl_close($curlHandle); } if (false === $usedCurl) { $recaptchaCheck = file_get_contents($recaptchaVerifyURL); $recaptchaCheck = json_decode($recaptchaCheck, true); } if (isset($recaptchaCheck['success']) && $recaptchaCheck['success'] === true) { $isValid = true; } else { /** @var \XoopsCaptcha $captchaInstance */ $captchaInstance = \XoopsCaptcha::getInstance(); /** @var array $recaptchaCheck */ foreach ($recaptchaCheck['error-codes'] as $msg) { $captchaInstance->message[] = $msg; } } return $isValid; }