XOOPS  2.6.0
recaptchalib.php
Go to the documentation of this file.
1 <?php
2 /*
3  * This is a PHP library that handles calling reCAPTCHA.
4  * - Documentation and latest version
5  * http://recaptcha.net/plugins/php/
6  * - Get a reCAPTCHA API Key
7  * https://www.google.com/recaptcha/admin/create
8  * - Discussion group
9  * http://groups.google.com/group/recaptcha
10  *
11  * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
12  * AUTHORS:
13  * Mike Crawford
14  * Ben Maurer
15  *
16  * Permission is hereby granted, free of charge, to any person obtaining a copy
17  * of this software and associated documentation files (the "Software"), to deal
18  * in the Software without restriction, including without limitation the rights
19  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
20  * copies of the Software, and to permit persons to whom the Software is
21  * furnished to do so, subject to the following conditions:
22  *
23  * The above copyright notice and this permission notice shall be included in
24  * all copies or substantial portions of the Software.
25  *
26  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
27  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
28  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
29  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
30  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
31  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
32  * THE SOFTWARE.
33  */
34 
39 define('RECAPTCHA_API_SERVER', "http://www.google.com/recaptcha/api");
40 define('RECAPTCHA_API_SECURE_SERVER', "https://www.google.com/recaptcha/api");
41 define('RECAPTCHA_VERIFY_SERVER', "www.google.com");
42 
49 function _recaptcha_qsencode($data)
50 {
51  $req = "";
52  foreach ($data as $key => $value) {
53  $req .= $key . '=' . urlencode(stripslashes($value)) . '&';
54  }
55 
56  // Cut the last '&'
57  $req = substr($req, 0, strlen($req) - 1);
58  return $req;
59 }
60 
61 
71 function _recaptcha_http_post($host, $path, $data, $port = 80)
72 {
73 
74  $req = _recaptcha_qsencode($data);
75 
76  $http_request = "POST $path HTTP/1.0\r\n";
77  $http_request .= "Host: $host\r\n";
78  $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
79  $http_request .= "Content-Length: " . strlen($req) . "\r\n";
80  $http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
81  $http_request .= "\r\n";
82  $http_request .= $req;
83 
84  $response = '';
85  if (false == ($fs = @fsockopen($host, $port, $errno, $errstr, 10))) {
86  die ('Could not open socket');
87  }
88 
89  fwrite($fs, $http_request);
90 
91  while (!feof($fs)) {
92  $response .= fgets($fs, 1160);
93  } // One TCP-IP packet
94  fclose($fs);
95  $response = explode("\r\n\r\n", $response, 2);
96 
97  return $response;
98 }
99 
100 
111 function recaptcha_get_html($pubkey, $error = null, $use_ssl = false)
112 {
113  if ($pubkey == null || $pubkey == '') {
114  die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
115  }
116 
117  if ($use_ssl) {
118  $server = RECAPTCHA_API_SECURE_SERVER;
119  } else {
120  $server = RECAPTCHA_API_SERVER;
121  }
122 
123  $errorpart = "";
124  if ($error) {
125  $errorpart = "&amp;error=" . $error;
126  }
127  return '<script type="text/javascript" src="' . $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>
128 
129  <noscript>
130  <iframe src="' . $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
131  <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
132  <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
133  </noscript>';
134 }
135 
136 
141 {
143  var $error;
144 }
145 
156 function recaptcha_check_answer($privkey, $remoteip, $challenge, $response, $extra_params = array())
157 {
158  if ($privkey == null || $privkey == '') {
159  die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
160  }
161 
162  if ($remoteip == null || $remoteip == '') {
163  die ("For security reasons, you must pass the remote ip to reCAPTCHA");
164  }
165 
166  //discard spam submissions
167  if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
168  $recaptcha_response = new ReCaptchaResponse();
169  $recaptcha_response->is_valid = false;
170  $recaptcha_response->error = 'incorrect-captcha-sol';
171  return $recaptcha_response;
172  }
173 
175  "/recaptcha/api/verify",
176  array(
177  'privatekey' => $privkey,
178  'remoteip' => $remoteip,
179  'challenge' => $challenge,
180  'response' => $response
181  ) + $extra_params);
182 
183  $answers = explode("\n", $response [1]);
184  $recaptcha_response = new ReCaptchaResponse();
185 
186  if (trim($answers [0]) == 'true') {
187  $recaptcha_response->is_valid = true;
188  } else {
189  $recaptcha_response->is_valid = false;
190  $recaptcha_response->error = $answers [1];
191  }
192  return $recaptcha_response;
193 
194 }
195 
204 function recaptcha_get_signup_url($domain = null, $appname = null)
205 {
206  return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode(
207  array('domains' => $domain, 'app' => $appname));
208 }
209 
214 function _recaptcha_aes_pad($val)
215 {
216  $block_size = 16;
217  $numpad = $block_size - (strlen($val) % $block_size);
218  return str_pad($val, strlen($val) + $numpad, chr($numpad));
219 }
220 
228 function _recaptcha_aes_encrypt($val, $ky)
229 {
230  if (!function_exists("mcrypt_encrypt")) {
231  die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
232  }
233  $mode = MCRYPT_MODE_CBC;
234  $enc = MCRYPT_RIJNDAEL_128;
235  $val = _recaptcha_aes_pad($val);
236  return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
237 }
238 
244 {
245  return strtr(base64_encode($x), '+/', '-_');
246 }
247 
256 function recaptcha_mailhide_url($pubkey, $privkey, $email)
257 {
258  if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
259  die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " . "you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
260  }
261 
262  $ky = pack('H*', $privkey);
263  $cryptmail = _recaptcha_aes_encrypt($email, $ky);
264 
265  return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64($cryptmail);
266 }
267 
277 {
278  $arr = preg_split("/@/", $email);
279 
280  if (strlen($arr[0]) <= 4) {
281  $arr[0] = substr($arr[0], 0, 1);
282  } else {
283  if (strlen($arr[0]) <= 6) {
284  $arr[0] = substr($arr[0], 0, 3);
285  } else {
286  $arr[0] = substr($arr[0], 0, 4);
287  }
288  }
289  return $arr;
290 }
291 
303 function recaptcha_mailhide_html($pubkey, $privkey, $email)
304 {
306  $url = recaptcha_mailhide_url($pubkey, $privkey, $email);
307 
308  return htmlentities($emailparts[0]) . "<a href='" . htmlentities($url) . "' onclick=\"window.open('" . htmlentities($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities($emailparts [1]);
309 }
$path
Definition: execute.php:31
if(empty($settings['ROOT_PATH'])) elseif(empty($settings['DB_PARAMETERS'])) $error
const RECAPTCHA_API_SECURE_SERVER
const RECAPTCHA_VERIFY_SERVER
_recaptcha_aes_encrypt($val, $ky)
_recaptcha_http_post($host, $path, $data, $port=80)
_recaptcha_qsencode($data)
_recaptcha_aes_pad($val)
_recaptcha_mailhide_email_parts($email)
recaptcha_mailhide_html($pubkey, $privkey, $email)
recaptcha_mailhide_url($pubkey, $privkey, $email)
$url
Definition: register.php:72
const RECAPTCHA_API_SERVER
if($xoops->isUser()&&$isAdmin) $response
Definition: userinfo.php:83
recaptcha_get_html($pubkey, $error=null, $use_ssl=false)
recaptcha_check_answer($privkey, $remoteip, $challenge, $response, $extra_params=array())
recaptcha_get_signup_url($domain=null, $appname=null)
$email
Definition: lostpass.php:32
_recaptcha_mailhide_urlbase64($x)