1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-26 05:06:12 +01:00

Merge pull request #6090 from 3D-I/ticket/16653

[ticket/16653] Fix Recaptcha-v3 default request method
This commit is contained in:
Marc Alexander
2021-01-03 20:51:07 +01:00
2 changed files with 20 additions and 14 deletions

View File

@@ -21,7 +21,7 @@ if (!defined('IN_PHPBB'))
if (empty($lang) || !is_array($lang)) if (empty($lang) || !is_array($lang))
{ {
$lang = array(); $lang = [];
} }
// DEVELOPERS PLEASE NOTE // DEVELOPERS PLEASE NOTE
@@ -36,7 +36,7 @@ if (empty($lang) || !is_array($lang))
// equally where a string contains only two placeholders which are used to wrap text // equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine // in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
$lang = array_merge($lang, array( $lang = array_merge($lang, [
// Find the language/country code on https://developers.google.com/recaptcha/docs/language // Find the language/country code on https://developers.google.com/recaptcha/docs/language
// If no code exists for your language you can use "en" or leave the string empty // If no code exists for your language you can use "en" or leave the string empty
'RECAPTCHA_LANG' => 'en-GB', 'RECAPTCHA_LANG' => 'en-GB',
@@ -73,4 +73,5 @@ $lang = array_merge($lang, array(
'RECAPTCHA_V3_THRESHOLD_REPORT' => 'Report threshold', 'RECAPTCHA_V3_THRESHOLD_REPORT' => 'Report threshold',
'RECAPTCHA_V3_THRESHOLDS' => 'Thresholds', 'RECAPTCHA_V3_THRESHOLDS' => 'Thresholds',
'RECAPTCHA_V3_THRESHOLDS_EXPLAIN' => 'reCAPTCHA v3 returns a score (<samp>1.0</samp> is very likely a good interaction, <samp>0.0</samp> is very likely a bot). Here you can set the minimum score per action.', 'RECAPTCHA_V3_THRESHOLDS_EXPLAIN' => 'reCAPTCHA v3 returns a score (<samp>1.0</samp> is very likely a good interaction, <samp>0.0</samp> is very likely a bot). Here you can set the minimum score per action.',
)); 'EMPTY_RECAPTCHA_V3_REQUEST_METHOD' => 'reCAPTCHA v3 requires to know which available method you want to use when verifying the request.',
]);

View File

@@ -21,15 +21,15 @@ class recaptcha_v3 extends captcha_abstract
/** /**
* Possible request methods to verify the token. * Possible request methods to verify the token.
*/ */
const CURL = 'curl'; const CURL = 'curl';
const POST = 'post'; const POST = 'post';
const SOCKET = 'socket'; const SOCKET = 'socket';
/** /**
* Possible domain names to load the script and verify the token. * Possible domain names to load the script and verify the token.
*/ */
const GOOGLE = 'google.com'; const GOOGLE = 'google.com';
const RECAPTCHA = 'recaptcha.net'; const RECAPTCHA = 'recaptcha.net';
/** @var array CAPTCHA types mapped to their action */ /** @var array CAPTCHA types mapped to their action */
static protected $actions = [ static protected $actions = [
@@ -139,8 +139,7 @@ class recaptcha_v3 extends captcha_abstract
$language->add_lang('captcha_recaptcha'); $language->add_lang('captcha_recaptcha');
return ($config->offsetGet('recaptcha_v3_key') ?? false) return ($config->offsetGet('recaptcha_v3_key') ?? false) && ($config->offsetGet('recaptcha_v3_secret') ?? false);
&& ($config->offsetGet('recaptcha_v3_secret') ?? false);
} }
/** /**
@@ -162,8 +161,9 @@ class recaptcha_v3 extends captcha_abstract
*/ */
global $config, $language, $phpbb_log, $request, $template, $user; global $config, $language, $phpbb_log, $request, $template, $user;
$module->tpl_name = 'captcha_recaptcha_v3_acp'; $module->tpl_name = 'captcha_recaptcha_v3_acp';
$module->page_title = 'ACP_VC_SETTINGS'; $module->page_title = 'ACP_VC_SETTINGS';
$recaptcha_v3_method = $request->variable('recaptcha_v3_method', '', true);
$form_key = 'acp_captcha'; $form_key = 'acp_captcha';
add_form_key($form_key); add_form_key($form_key);
@@ -175,10 +175,15 @@ class recaptcha_v3 extends captcha_abstract
trigger_error($language->lang('FORM_INVALID') . adm_back_link($module->u_action), E_USER_WARNING); trigger_error($language->lang('FORM_INVALID') . adm_back_link($module->u_action), E_USER_WARNING);
} }
if (empty($recaptcha_v3_method))
{
trigger_error($language->lang('EMPTY_RECAPTCHA_V3_REQUEST_METHOD') . adm_back_link($module->u_action), E_USER_WARNING);
}
$config->set('recaptcha_v3_key', $request->variable('recaptcha_v3_key', '', true)); $config->set('recaptcha_v3_key', $request->variable('recaptcha_v3_key', '', true));
$config->set('recaptcha_v3_secret', $request->variable('recaptcha_v3_secret', '', true)); $config->set('recaptcha_v3_secret', $request->variable('recaptcha_v3_secret', '', true));
$config->set('recaptcha_v3_domain', $request->variable('recaptcha_v3_domain', '', true)); $config->set('recaptcha_v3_domain', $request->variable('recaptcha_v3_domain', '', true));
$config->set('recaptcha_v3_method', $request->variable('recaptcha_v3_method', '', true)); $config->set('recaptcha_v3_method', $recaptcha_v3_method);
foreach (self::$actions as $action) foreach (self::$actions as $action)
{ {
@@ -208,7 +213,7 @@ class recaptcha_v3 extends captcha_abstract
'RECAPTCHA_V3_DOMAIN' => $config['recaptcha_v3_domain'] ?? self::GOOGLE, 'RECAPTCHA_V3_DOMAIN' => $config['recaptcha_v3_domain'] ?? self::GOOGLE,
'RECAPTCHA_V3_DOMAINS' => [self::GOOGLE, self::RECAPTCHA], 'RECAPTCHA_V3_DOMAINS' => [self::GOOGLE, self::RECAPTCHA],
'RECAPTCHA_V3_METHOD' => $config['recaptcha_v3_method'] ?? self::POST, 'RECAPTCHA_V3_METHOD' => $config['recaptcha_v3_method'] ?? '',
'RECAPTCHA_V3_METHODS' => [ 'RECAPTCHA_V3_METHODS' => [
self::POST => ini_get('allow_url_fopen') && function_exists('file_get_contents'), self::POST => ini_get('allow_url_fopen') && function_exists('file_get_contents'),
self::CURL => extension_loaded('curl') && function_exists('curl_init'), self::CURL => extension_loaded('curl') && function_exists('curl_init'),