From 5d8e9004837426bf72f67ed35b55344d4d47624a Mon Sep 17 00:00:00 2001
From: Cesar G <prototech91@gmail.com>
Date: Wed, 14 Oct 2015 01:54:22 -0700
Subject: [PATCH] [ticket/11971] Validate "Spambot countermeasures" settings
before saving.
PHPBB3-11971
---
phpBB/adm/style/acp_captcha.html | 7 ++++
phpBB/includes/acp/acp_captcha.php | 65 ++++++++++++++++++++++++------
2 files changed, 60 insertions(+), 12 deletions(-)
diff --git a/phpBB/adm/style/acp_captcha.html b/phpBB/adm/style/acp_captcha.html
index f4866653c3..0efbbac51e 100644
--- a/phpBB/adm/style/acp_captcha.html
+++ b/phpBB/adm/style/acp_captcha.html
@@ -8,6 +8,13 @@
<p>{L_ACP_VC_EXT_GET_MORE}</p>
+<!-- IF ERROR_MSG -->
+<div class="errorbox">
+ <h3>{L_WARNING}</h3>
+ <p>{ERROR_MSG}</p>
+</div>
+<!-- ENDIF -->
+
<form id="acp_captcha" method="post" action="{U_ACTION}">
<fieldset>
diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php
index fa8d8fb6a9..92d5e1dda6 100644
--- a/phpBB/includes/acp/acp_captcha.php
+++ b/phpBB/includes/acp/acp_captcha.php
@@ -25,7 +25,7 @@ class acp_captcha
function main($id, $mode)
{
- global $db, $user, $auth, $template;
+ global $request, $user, $auth, $template;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx, $phpbb_container;
$user->add_lang('acp/board');
@@ -52,11 +52,36 @@ class acp_captcha
else
{
$config_vars = array(
- 'enable_confirm' => array('tpl' => 'REG_ENABLE', 'default' => false),
- 'enable_post_confirm' => array('tpl' => 'POST_ENABLE', 'default' => false),
- 'confirm_refresh' => array('tpl' => 'CONFIRM_REFRESH', 'default' => false),
- 'max_reg_attempts' => array('tpl' => 'REG_LIMIT', 'default' => 0),
- 'max_login_attempts' => array('tpl' => 'MAX_LOGIN_ATTEMPTS', 'default' => 0),
+ 'enable_confirm' => array(
+ 'tpl' => 'REG_ENABLE',
+ 'default' => false,
+ 'validate' => 'bool',
+ 'lang' => 'VISUAL_CONFIRM_REG',
+ ),
+ 'enable_post_confirm' => array(
+ 'tpl' => 'POST_ENABLE',
+ 'default' => false,
+ 'validate' => 'bool',
+ 'lang' => 'VISUAL_CONFIRM_POST',
+ ),
+ 'confirm_refresh' => array(
+ 'tpl' => 'CONFIRM_REFRESH',
+ 'default' => false,
+ 'validate' => 'bool',
+ 'lang' => 'VISUAL_CONFIRM_REFRESH',
+ ),
+ 'max_reg_attempts' => array(
+ 'tpl' => 'REG_LIMIT',
+ 'default' => 0,
+ 'validate' => 'int:0:99999',
+ 'lang' => 'REG_LIMIT',
+ ),
+ 'max_login_attempts' => array(
+ 'tpl' => 'MAX_LOGIN_ATTEMPTS',
+ 'default' => 0,
+ 'validate' => 'int:0:99999',
+ 'lang' => 'MAX_LOGIN_ATTEMPTS',
+ ),
);
$this->tpl_name = 'acp_captcha';
@@ -65,12 +90,31 @@ class acp_captcha
add_form_key($form_key);
$submit = request_var('main_submit', false);
+ $error = $cfg_array = array();
- if ($submit && check_form_key($form_key))
+ if ($submit)
{
foreach ($config_vars as $config_var => $options)
{
- set_config($config_var, request_var($config_var, $options['default']));
+ $cfg_array[$config_var] = $request->variable($config_var, $options['default']);
+ }
+ validate_config_vars($config_vars, $cfg_array, $error);
+
+ if (!check_form_key($form_key))
+ {
+ $error[] = $user->lang['FORM_INVALID'];
+ }
+ if ($error)
+ {
+ $submit = false;
+ }
+ }
+
+ if ($submit)
+ {
+ foreach ($cfg_array as $key => $value)
+ {
+ $config->set($key, $value);
}
if ($selected !== $config['captcha_plugin'])
@@ -94,10 +138,6 @@ class acp_captcha
}
trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
}
- else if ($submit)
- {
- trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
- }
else
{
$captcha_select = '';
@@ -124,6 +164,7 @@ class acp_captcha
'CAPTCHA_PREVIEW_TPL' => $demo_captcha->get_demo_template($id),
'S_CAPTCHA_HAS_CONFIG' => $demo_captcha->has_config(),
'CAPTCHA_SELECT' => $captcha_select,
+ 'ERROR_MSG' => implode('<br />', $error),
'U_ACTION' => $this->u_action,
));