diff options
| -rw-r--r-- | extensions/FunnyDot.php | 194 |
1 files changed, 136 insertions, 58 deletions
diff --git a/extensions/FunnyDot.php b/extensions/FunnyDot.php index db62b148..3a4cabc8 100644 --- a/extensions/FunnyDot.php +++ b/extensions/FunnyDot.php @@ -1,80 +1,158 @@ <?php -$wgHooks['EditPage::showEditForm:fields'][] = 'FunnyDot::addAntiSpamCheck'; -$wgHooks['EditFilter'][] = 'FunnyDot::checkAntiSpamHash'; - $wgExtensionCredits['other'][] = array( - 'name' => 'FunnyDot', - 'description' => 'Schutz vor Spam-Bots', - 'author' => 'Pierre Schmitz', - 'url' => 'http://www.archlinux.de', + 'name' => 'FunnyDot', + 'version' => '2.0', + 'description' => 'Automated CAPTCHA', + 'author' => 'Pierre Schmitz', + 'url' => 'http://www.archlinux.de' ); +if ($wgGroupPermissions['*']['edit']) { + $wgHooks['EditPage::showEditForm:fields'][] = 'FunnyDot::addFunnyDotToEditPage'; + $wgHooks['EditFilter'][] = 'FunnyDot::checkFunnyDotOnEditPage'; +} + +if (empty($wgAuth)) { + $wgHooks['UserLoginForm'][] = 'FunnyDot::addFunnyDotToUserLoginForm'; + $wgHooks['AbortLogin'][] = 'FunnyDot::checkFunnyDotOnAbortLogin'; +} + +if ($wgGroupPermissions['*']['createaccount'] && (empty($wgAuth) || $wgAuth->canCreateAccounts())) { + $wgHooks['UserCreateForm'][] = 'FunnyDot::addFunnyDotToUserCreateForm'; + $wgHooks['AbortNewAccount'][] = 'FunnyDot::checkFunnyDotOnAbortNewAccount'; +} + +$wgSpecialPages['FunnyDotImage'] = 'SpecialFunnyDotImage'; + + class FunnyDot { -public static function addAntiSpamCheck($editpage, $outputpage) - { - global $wgAntiSpamHash, $wgUser; +private static function getFunnyDot() { + global $wgFunnyDotHash, $wgScript; - if (!$wgUser->isLoggedIn()) - { - $outputpage->addHTML('<div style="background-image:url(FunnyDotImage.php);background-repeat:no-repeat;visibility:hidden;width:1px;height:1px;"> </div>'); + !isset($wgFunnyDotHash) && $wgFunnyDotHash = ''; + $time = time(); + $hash = substr(sha1($time.$wgFunnyDotHash), 0, 4); + setCookie('FunnyDotTime', $time); - $time = time(); - $hash = sha1($time.$wgAntiSpamHash); - setCookie('AlternateAntiSpamTime', $time); - setCookie('AlternateAntiSpamHashTail', substr($hash, 4)); + return '<div style="background-image:url('.$wgScript.'?title=Special:FunnyDotImage);visibility:hidden;position:absolute;z-index:-1"> + <label for="FunnyDotHashField">Please type in the following code: <strong>'.$hash.'</strong></label> + <input id="FunnyDotHashField" type="text" name="FunnyDotHash" size="4" value="" /> + </div>'; +} + +private static function checkFunnyDot() { + global $wgFunnyDotHash, $wgFunnyDotTimeout, $wgFunnyDotWait; - $outputpage->addHTML('<div style="display:none;"><label for="AlternateAntiSpamHashHeadField">Sicherheitscode bestätigen: <strong>'.substr($hash, 0, 4).'</strong></label> <input id="AlternateAntiSpamHashHeadField" type="text" name="AlternateAntiSpamHashHead" size="4" value="" /></div>'); - } + # set some sane defaults + # can be overridden in LocalSettings.php + !isset($wgFunnyDotHash) && $wgFunnyDotHash = ''; + !isset($wgFunnyDotTimeout) && $wgFunnyDotTimeout = 3600; + !isset($wgFunnyDotWait) && $wgFunnyDotWait = 2; + if (!empty($_COOKIE['FunnyDotTime']) && (!empty($_COOKIE['FunnyDotHash']) || !empty($_POST['FunnyDotHash']))) { + $now = time(); + $time = $_COOKIE['FunnyDotTime']; + $hash = !empty($_POST['FunnyDotHash']) ? $_POST['FunnyDotHash'] : $_COOKIE['FunnyDotHash']; + } else { + return false; + } + + if ($hash != substr(sha1($time.$wgFunnyDotHash), 0, 4)) { + return false; + } elseif ($now - $time > $wgFunnyDotTimeout) { + return false; + } elseif ($now - $time < $wgFunnyDotWait) { + return false; + } else { + return true; + } +} + + +public static function addFunnyDotToEditPage($editpage, $output) { + global $wgUser; + + if (!$wgUser->isLoggedIn()) { + $editpage->editFormTextAfterWarn .= self::getFunnyDot(); + } return true; +} + +public static function checkFunnyDotOnEditPage($editpage, $text, $section, $error) { + global $wgUser; + + if (!$wgUser->isLoggedIn() && !self::checkFunnyDot()) { + $error = '<div class="errorbox">Please type in the correct code!</div><br clear="all" />'; } + return true; +} -public static function checkAntiSpamHash($editpage, $text, $section, $error) - { - global $wgAntiSpamHash, $wgAntiSpamTimeout, $wgAntiSpamWait, $wgUser; - - if (!$wgUser->isLoggedIn()) - { - if (!empty($_COOKIE['AntiSpamTime']) && !empty($_COOKIE['AntiSpamHash'])) - { - $time = $_COOKIE['AntiSpamTime']; - $hash = $_COOKIE['AntiSpamHash']; - } - elseif (!empty($_COOKIE['AlternateAntiSpamTime']) && !empty($_COOKIE['AlternateAntiSpamHashTail']) && !empty($_POST['AlternateAntiSpamHashHead'])) - { - $time = $_COOKIE['AlternateAntiSpamTime']; - $hash = $_POST['AlternateAntiSpamHashHead'].$_COOKIE['AlternateAntiSpamHashTail']; - } - else - { - sleep($wgAntiSpamWait); - $error = '<div class="mw-warning error">Ungültige Formulardaten empfangen. Stelle sicher, daß Cookies für diese Domain angenommen werden.</div>'; - return true; - } - $now = time(); +public static function addFunnyDotToUserLoginForm($template) { + $template->set('header', self::getFunnyDot()); + return true; +} + +public static function checkFunnyDotOnAbortLogin($user, $password, $retval) { + # LoginForm::ABBORT is not yet supported by MediaWiki + $retval = LoginForm::ILLEGAL; + return self::checkFunnyDot(); +} - if ($hash != sha1($time.$wgAntiSpamHash)) - { - sleep($wgAntiSpamWait); - $error = '<div class="mw-warning error">Fehlerhafte Formulardaten empfangen. Überprüfe den Sicherheitscode!</div>'; - } - elseif ($now - $time > $wgAntiSpamTimeout) - { - $error = '<div class="mw-warning error">Deine Zeit ist abgelaufen. Schicke das Formular bitte erneut ab, und zwar innherlab der nächsten '.$wgAntiSpamTimeout.' Sekunden.</div>'; - } - elseif ($now - $time < $wgAntiSpamWait) - { - sleep($wgAntiSpamWait); - $error = '<div class="mw-warning error">Du warst zu schnell. Schicke das Formular bitte erneut ab. Laße Dir diesmal mindestens '.$wgAntiSpamWait.' Sekunden Zeit.</div>'; - } - } +public static function addFunnyDotToUserCreateForm($template) { + $template->set('header', self::getFunnyDot()); return true; +} + +public static function checkFunnyDotOnAbortNewAccount($user, $message) { + if (!self::checkFunnyDot()) { + $message = '<div class="errorbox">Please type in the correct code!</div><br clear="all" />'; + return false; + } else { + return true; } +} + +} + + +class SpecialFunnyDotImage extends UnlistedSpecialPage { + +function __construct() { + parent::__construct('FunnyDotImage'); +} + +function execute($par) { + global $wgFunnyDotHash, $wgOut; + + # I will handle the output myself + $wgOut->disable(); + + !isset($wgFunnyDotHash) && $wgFunnyDotHash = ''; + + # FunnyDotTime should be set in the Form + # if not just set a new value + if (!empty($_COOKIE['FunnyDotTime'])) { + $time = $_COOKIE['FunnyDotTime']; + } else { + $time = time(); + setCookie('FunnyDotTime', $time); + } + + setCookie('FunnyDotHash', substr(sha1($time.$wgFunnyDotHash), 0, 4)); + + header('HTTP/1.1 200 OK'); + header("Cache-Control: no-cache, must-revalidate"); + header('Content-Type: image/png'); + header('Content-Length: 135'); + + # transparent png (1px*1px) + echo base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9gLFxMRGNZyzLoAAAACYktHRAD/h4/MvwAAAAtJREFUCB1j+M8AAAIBAQDFXxteAAAAAElFTkSuQmCC'); +} } -?>
\ No newline at end of file +?> |