From: <bh...@us...> - 2009-01-28 08:16:01
|
Revision: 19914 http://gallery.svn.sourceforge.net/gallery/?rev=19914&view=rev Author: bharat Date: 2009-01-28 08:15:56 +0000 (Wed, 28 Jan 2009) Log Message: ----------- Simplify the recaptcha admin page. It's not guaranteed to verify your recaptcha private key properly anymore, but it's more intuitive to configure in the admin UI. Modified Paths: -------------- gallery3/trunk/modules/recaptcha/controllers/admin_recaptcha.php gallery3/trunk/modules/recaptcha/helpers/recaptcha.php gallery3/trunk/modules/recaptcha/libraries/Form_Recaptcha.php gallery3/trunk/modules/recaptcha/views/admin_recaptcha.html.php Modified: gallery3/trunk/modules/recaptcha/controllers/admin_recaptcha.php =================================================================== --- gallery3/trunk/modules/recaptcha/controllers/admin_recaptcha.php 2009-01-28 04:22:59 UTC (rev 19913) +++ gallery3/trunk/modules/recaptcha/controllers/admin_recaptcha.php 2009-01-28 08:15:56 UTC (rev 19914) @@ -20,90 +20,45 @@ class Admin_Recaptcha_Controller extends Admin_Controller { public function index() { $form = recaptcha::get_configure_form(); + if (request::method() == "post") { $old_public_key = module::get_var("recaptcha", "public_key"); $old_private_key = module::get_var("recaptcha", "private_key"); - if (request::method() == "post") { + if ($form->validate()) { + $public_key = $form->configure_recaptcha->public_key->value; + $private_key = $form->configure_recaptcha->private_key->value; - $valid_key = $form->validate(); - if ($valid_key) { - $input = Input::instance(); - $challenge = $input->post("recaptcha_challenge_field", "", true); - $response = $input->post("recaptcha_response_field", "", true); - $valid_key = recaptcha::is_recaptcha_valid($challenge, $response, - $form->configure_recaptcha->private_key->value); - if (empty($valid_key) && $form->captcha_error == "invalid-site-private-key") { - $form->configure_recaptcha->private_key->add_error("invalid", 1); - unset($form->captcha_error); + if ($public_key && $private_key) { + module::set_var("recaptcha", "public_key", $public_key); + module::set_var("recaptcha", "private_key", $private_key); + message::success(t("Recaptcha configured!")); + log::success(t("Recaptcha public and private keys set")); + url::redirect("admin/recaptcha"); + } else if ($public_key && !$private_key) { + $form->configure_recaptcha->private_key->add_error("invalid"); + } else if ($private_key && !$public_key) { + $form->configure_recaptcha->public_key->add_error("invalid"); + } else { + module::set_var("recaptcha", "public_key", ""); + module::set_var("recaptcha", "private_key", ""); + message::success(t("Recaptcha disabled!")); + log::success(t("Recaptcha public and private keys cleared")); + url::redirect("admin/recaptcha"); } } - if ($valid_key) { - $new_public_key = $form->configure_recaptcha->public_key->value; - $new_private_key = $form->configure_recaptcha->private_key->value; - - $update = $this->_update_key("public_key", $old_public_key, $new_public_key); - $update |= $this->_update_key("private_key", $old_private_key, $new_private_key); - - if ($update) { - message::success(t("Recaptcha Configured")); - } - recaptcha::check_config(); - } - } else { - $valid_key = !empty($old_public_key) && !empty($old_private_key); } recaptcha::check_config(); $view = new Admin_View("admin.html"); $view->content = new View("admin_recaptcha.html"); - $view->content->valid_key = $valid_key; + $view->content->public_key = module::get_var("recaptcha", "public_key"); + $view->content->private_key = module::get_var("recaptcha", "private_key"); $view->content->form = $form; print $view; } - private function _update_key($type, $old_key, $new_key) { - $changed = true; - if ($old_key && !$new_key) { - log::success(sprintf(t("Your Recaptcha %s has been cleared."), strtr($type, "_", " "))); - } else if ($old_key && $new_key && $old_key != $new_key) { - log::success(sprintf(t("Your Recaptcha %s has been changed."), strtr($type, "_", " "))); - } else if (!$old_key && $new_key) { - log::success(sprintf(t("Your Recaptcha %s has been saved."), strtr($type, "_", " "))); - } else { - $changed = false; - } - if ($changed) { - module::set_var("recaptcha", $type, $new_key); - } - return $changed; + public function test() { + $view = new View("admin_recaptcha_test.html"); + $view->public_key = module::get_var("recaptcha", "public_key"); + print $view; } - - public function gethtml($public_key, $error=null) { - $http_request = "GET /challenge?k=$public_key HTTP/1.0\r\n"; - $response = ""; - if( false == ( $fs = @fsockopen("api.recaptcha.net", 80, $errno, $errstr, 10) ) ) { - throw new Exception("@todo COULD NOT OPEN SOCKET"); - } - $errorpart = empty($error) ? "" : "&error=$error"; - fputs($fs, "GET /challenge?k=$public_key&ajax=1$errorpart HTTP/1.0\r\n"); - fputs($fs, "Host: api.recaptcha.net\r\n"); - fputs($fs, "Connection: Close\r\n\r\n"); - while (!feof($fs)) { - $response .= fgets($fs, 1160); // One TCP-IP packet - } - fclose($fs); - $response = explode("\r\n\r\n", $response, 2); - - if (strpos($response[1], "document.write") === 0) { - header("HTTP/1.1 400 BAD REQUEST"); - if (preg_match("#.*\'(.*)\'#", $response[1], $matches)) { - $msg = $matches[1]; - } else { - $msg = _t("Unable to determine error message"); - } - print $msg; - } else { - header("HTTP/1.1 200 OK"); - print json_encode(array("result" => "success", "script" => $response[1])); - } - } } Modified: gallery3/trunk/modules/recaptcha/helpers/recaptcha.php =================================================================== --- gallery3/trunk/modules/recaptcha/helpers/recaptcha.php 2009-01-28 04:22:59 UTC (rev 19913) +++ gallery3/trunk/modules/recaptcha/helpers/recaptcha.php 2009-01-28 08:15:56 UTC (rev 19914) @@ -26,13 +26,11 @@ ->value(module::get_var()); $group->input("public_key") ->label(t("Public Key")) - ->value(module::get_var("recaptcha", "public_key")) - ->rules("required|length[40]"); + ->value(module::get_var("recaptcha", "public_key")); $group->public_key->error_messages("invalid", t("The public key you provided is invalid.")); $group->input("private_key") ->label(t("Private Key")) - ->value(module::get_var("recaptcha", "private_key")) - ->rules("required|length[40]"); + ->value(module::get_var("recaptcha", "private_key")); $group->private_key->error_messages("invalid", t("The private key you provided is invalid.")); $group->submit("")->value(t("Save")); @@ -55,14 +53,24 @@ } /** - * Gets the challenge HTML (javascript and non-javascript version). - * This is called from the browser, and the resulting reCAPTCHA HTML widget - * is embedded within the HTML form it was called from. - * @param string $error The error given by reCAPTCHA (optional, default is null) - * @param string $pubkey The public key to use in the challenge (optional, default is null) - * @return string - The HTML to be embedded in the user"s form. + * Verify that the recaptcha key is valid. + * @param string $private_key + * @return boolean */ - static function get_challenge_html($id, $error=null, $public_key=null ) { + static function verify_key($private_key) { + $remote_ip = Input::instance()->server("REMOTE_ADDR"); + $response = self::_http_post("api-verify.recaptcha.net", "/verify", + array("privatekey" => $private_key, + "remoteip" => $remote_ip, + "challenge" => "right", + "response" => "wrong")); + + $answers = explode("\n", $response[1]); + if (trim($answers[0]) == "true") { + return null; + } else { + return $answers[1]; + } } /** @@ -70,29 +78,21 @@ * @param string $form * @return string error message or null */ - static function is_recaptcha_valid($challenge, $response, $private_key=null) { - if (!module::installed("recaptcha")) { - return null; - } + static function is_recaptcha_valid($challenge, $response, $private_key) { $input = Input::instance(); + $remote_ip = $input->server("REMOTE_ADDR"); - if (empty($private_key)) { - $private_key = module::get_var("recaptcha", "private_key"); - } - $remoteip = $input->server("REMOTE_ADDR"); - //discard spam submissions if (empty($challenge) || empty($response)) { return "incorrect-captcha-sol"; } + $response = self::_http_post("api-verify.recaptcha.net", "/verify", array ("privatekey" => $private_key, - "remoteip" => $remoteip, + "remoteip" => $remote_ip, "challenge" => $challenge, "response" => $response)); - Kohana::log("debug", print_r($response, 1)); - Kohana::log("debug", print_r(debug_backtrace(), 1)); $answers = explode ("\n", $response [1]); if (trim ($answers [0]) == "true") { return null; Modified: gallery3/trunk/modules/recaptcha/libraries/Form_Recaptcha.php =================================================================== --- gallery3/trunk/modules/recaptcha/libraries/Form_Recaptcha.php 2009-01-28 04:22:59 UTC (rev 19913) +++ gallery3/trunk/modules/recaptcha/libraries/Form_Recaptcha.php 2009-01-28 08:15:56 UTC (rev 19914) @@ -65,7 +65,8 @@ $challenge = $input->post("recaptcha_challenge_field", "", true); $response = $input->post("recaptcha_response_field", "", true); if (!empty($challenge)) { - $this->_error = recaptcha::is_recaptcha_valid($challenge, $response); + $this->_error = recaptcha::is_recaptcha_valid( + $challenge, $response, module::get_var("recaptcha", "private_key")); if (!empty($this->_error)) { $this->add_error($this->_error, 1); } Modified: gallery3/trunk/modules/recaptcha/views/admin_recaptcha.html.php =================================================================== --- gallery3/trunk/modules/recaptcha/views/admin_recaptcha.html.php 2009-01-28 04:22:59 UTC (rev 19913) +++ gallery3/trunk/modules/recaptcha/views/admin_recaptcha.html.php 2009-01-28 08:15:56 UTC (rev 19914) @@ -1,52 +1,30 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script> -<script> -var RecaptchaOptions = {lang: 'en', theme: "white"}; - -$("#gConfigureRecaptchaForm").ready(function() { - $("#gConfigureRecaptchaForm :submit").before("<ul><li id=recaptcha_div /></ul>"); - $("#public_key").change(function() { - showRecaptcha($(this).val()); - }); - var original = $("#public_key").val(); - if (original != "") { - showRecaptcha(original); - } -}); - -function showRecaptcha(public_key) { - if (public_key != "") { - Recaptcha.widget = document.getElementById("recaptcha_div"); - $.ajax({url: "<?= url::site("admin/recaptcha/gethtml") ?>/" + public_key <? if (!empty($form->captcha_error)): ?> + "/<?= $form->captcha_error ?>" <? endif ?> , - dataType: "json", - cache: false, - error: function(request, textStatus, errorThrown) { - var public_key = $("#gConfigureRecaptchaForm ul li:first-child"); - public_key.addClass("gError"); - $("#gConfigureRecaptchaForm ul li:first-child p").replaceWith(""); - public_key.append('<p class="gError">' + request.responseText + "</p>"); - }, - success: function(data, textStatus) { - var public_key = $("#gConfigureRecaptchaForm ul li:first-child"); - public_key.removeClass("gError"); - $("#gConfigureRecaptchaForm ul li:first-child p").replaceWith(""); - $("#recaptcha_div").html("<script type='text/javascript'>" + data.script + "</script" + ">"); - } - }); - } else { - if (Recaptcha.widget != undefined) { - Recaptcha.destroy(); - } - } -} - -</script> - <div id="gAdminRecaptcha"> <h1> <?= t("ReCaptcha Challenge Filtering") ?> </h1> <p> - <?= t("Recaptcha is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. automated spam filtering service. In order to use it, you need to sign up for a <a href=\"{$form->get_key_url}\">ReCaptcha Public/Private Key pair</a>, which is also free. Once registered, the the challenge and response strings are evaluated at <a href=\"http://recaptcha.net\">recaptcha.net</a> to determine if the form content has been entered by a bot.") ?> + <?= t("Recaptcha is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows. automated spam filtering service. In order to use it, you need to sign up for a <a href=\"{$form->get_key_url}\">ReCaptcha Public/Private Key pair</a>, which is also free. Once registered, the the challenge and response strings are evaluated at <a href=\"%url\">recaptcha.net</a> to determine if the form content has been entered by a bot.", array("url" => "http://recaptcha.net")) ?> </p> <?= $form ?> </div> + +<? if ($public_key && $private_key): ?> +<div id="gAdminRecaptchaTest" class="gBlock"> + <h2> <?= t("Recaptcha Test") ?> </h2> + <p> + <?= t("If you see a captcha form below, then Recaptcha is functioning properly.") ?> + </p> + + <div id="gRecaptcha"/> + <script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script> + <script type="text/javascript"> + Recaptcha.create("<?= $public_key ?>", "gRecaptcha", { + callback: Recaptcha.focus_response_field, + lang: "en", + theme: "white" + }); + </script> + </div> +</div> +<? endif ?> + This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |