1: <?php
  2: /*
  3:  You may not change or alter any portion of this comment or credits
  4:  of supporting developers from this source code or any supporting source code
  5:  which is considered copyrighted (c) material of the original comment or credit authors.
  6: 
  7:  This program is distributed in the hope that it will be useful,
  8:  but WITHOUT ANY WARRANTY; without even the implied warranty of
  9:  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 10: */
 11: 
 12: /**
 13:  * CAPTCHA configurations for Image mode
 14:  *
 15:  * Based on DuGris' SecurityImage
 16:  *
 17:  * PHP 5.3
 18:  *
 19:  * @category  Xoops\Class\Captcha\Captcha
 20:  * @package   Captcha
 21:  * @author    Taiwen Jiang <phppp@users.sourceforge.net>
 22:  * @copyright 2013 XOOPS Project (http://xoops.org)
 23:  * @license   GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 24:  * @version   $Id$
 25:  * @link      http://xoops.org
 26:  * @since     2.6.0
 27:  */
 28: class XoopsCaptcha
 29: {
 30:     /**
 31:      * @var bool
 32:      */
 33:     public $active;
 34: 
 35:     /**
 36:      * @var XoopsCaptchaMethod
 37:      */
 38:     public $handler;
 39: 
 40:     /**
 41:      * @var string
 42:      */
 43:     public $path_basic;
 44: 
 45:     /**
 46:      * @var string
 47:      */
 48:     public $path_plugin;
 49: 
 50:     /**
 51:      * @var string
 52:      */
 53:     public $configPath;
 54: 
 55:     /**
 56:      * @var string
 57:      */
 58:     public $name;
 59: 
 60:     /**
 61:      * @var array
 62:      */
 63:     public $config = array();
 64: 
 65:     /**
 66:      * @var array
 67:      */
 68:     public $message = array();
 69: 
 70:     /**
 71:      * construct
 72:      */
 73:     protected function __construct()
 74:     {
 75:         // Load static configurations
 76:         $xoops_root_path = \XoopsBaseConfig::get('root-path');
 77:         $xoops_var_path = \XoopsBaseConfig::get('var-path');
 78:         $this->path_basic = $xoops_root_path . '/class/captcha';
 79:         $this->path_plugin = $xoops_root_path . '/Frameworks/captcha';
 80:         $this->configPath = $xoops_var_path . '/configs/';
 81:         $this->config = $this->loadConfig();
 82:         $this->name = $this->config['name'];
 83:     }
 84: 
 85:     /**
 86:      * Get Instance
 87:      *
 88:      * @return XoopsCaptcha
 89:      */
 90:     static function getInstance()
 91:     {
 92:         static $instance;
 93:         if (!isset($instance)) {
 94:             $class = __CLASS__;
 95:             $instance = new $class();
 96:         }
 97:         return $instance;
 98:     }
 99: 
100:     /**
101:      * XoopsCaptcha::loadConfig()
102:      *
103:      * @param string $name
104:      *
105:      * @return array
106:      */
107:     function loadConfig( $name = 'config') {
108:         if ( $name === 'config' ) {
109:             $filename = 'captcha.config';
110:         } else {
111:             $filename = 'captcha.config.' . $name;
112:         }
113:         if ( !$config = $this->readConfig($filename) ) {
114:             $config = $this->loadBasicConfig( $name );
115:             $this->writeConfig($filename, $config );
116:         }
117: 
118:         return $config;
119:     }
120: 
121:     /**
122:      * XoopsCaptcha::loadBasicConfig()
123:      *
124:      * @param string $filename
125:      *
126:      * @return array
127:      */
128:     function loadBasicConfig($filename = 'config')
129:     {
130:         $basic_config = array();
131:         $plugin_config = array();
132:         $filename = ($filename === 'config') ? 'config.php' : 'config.' . $filename . '.php';
133:         if (XoopsLoad::fileExists($file = $this->path_basic . '/' . $filename)) {
134:             $basic_config = include $file;
135:         }
136:         if (XoopsLoad::fileExists($file = $this->path_plugin . '/' . $filename)) {
137:             $plugin_config = include $file;
138:         }
139: 
140:         $config = array_merge($basic_config, $plugin_config);
141:         return $config;
142:     }
143: 
144:     /**
145:      * XoopsCaptcha::readConfig()
146:      *
147:      * @param string $filename
148:      *
149:      * @return array
150:      */
151:     function readConfig($filename = 'config')
152:     {
153:         $path_file = $this->configPath . $filename . '.php';
154:         $file = XoopsFile::getHandler('file', $path_file);
155:         return eval(@$file->read());
156:     }
157: 
158:     /**
159:      * XoopsCaptcha::writeConfig()
160:      *
161:      * @param string $filename
162:      * @param array $config
163:      *
164:      * @return array
165:      */
166:     function writeConfig($filename = 'config', $config)
167:     {
168:         $path_file = $this->configPath . $filename . '.php';
169:         $file = XoopsFile::getHandler('file', $path_file);
170:         return $file->write( 'return ' . var_export($config, true) . ';');
171:     }
172: 
173:     /**
174:      * XoopsCaptcha::isActive()
175:      *
176:      * @return bool
177:      */
178:     public function isActive()
179:     {
180:         $xoops = Xoops::getInstance();
181: 
182:         if (isset($this->active)) {
183:             return $this->active;
184:         }
185:         if (!empty($this->config['disabled'])) {
186:             $this->active = false;
187:             return $this->active;
188:         }
189:         if (!empty($this->config['skipmember']) && $xoops->isUser()) {
190:             $this->active = false;
191:             return $this->active;
192:         }
193:         if (!isset($this->handler)) {
194:             $this->loadHandler();
195:         }
196:         $this->active = isset($this->handler);
197:         return $this->active;
198:     }
199: 
200:     /**
201:      * XoopsCaptcha::loadHandler()
202:      *
203:      * @param string $name
204:      *
205:      * @return XoopsCaptchaMethod|null
206:      */
207:     public function loadHandler($name = null)
208:     {
209:         $name = !empty($name) ? $name : (empty($this->config['mode']) ? 'text' : $this->config['mode']);
210:         $class = 'XoopsCaptcha' . ucfirst($name);
211:         if (!empty($this->handler) && get_class($this->handler) == $class) {
212:             return $this->handler;
213:         }
214:         $this->handler = null;
215:         if (XoopsLoad::fileExists($file = $this->path_basic . '/' . $name . '.php')) {
216:             require_once $file;
217:         } else {
218:             if (XoopsLoad::fileExists($file = $this->path_plugin . '/' . $name . '.php')) {
219:                 require_once $file;
220:             }
221:         }
222: 
223:         if (!class_exists($class)) {
224:             $class = 'XoopsCaptchaText';
225:             require_once $this->path_basic . '/text.php';
226:         }
227:         /* @var $handler XoopsCaptchaMethod */
228:         $handler = new $class($this);
229:         if ($handler->isActive()) {
230:             $this->handler = $handler;
231:             $this->handler->loadConfig($name);
232:         }
233:         return $this->handler;
234:     }
235: 
236:     /**
237:      * XoopsCaptcha::setConfigs()
238:      *
239:      * @param mixed $configs
240:      *
241:      * @return bool
242:      */
243:     public function setConfigs($configs)
244:     {
245:         foreach ($configs as $key => $val) {
246:             $this->setConfig($key, $val);
247:         }
248:         return true;
249:     }
250: 
251:     /**
252:      * XoopsCaptcha::setConfig()
253:      *
254:      * @param mixed $name
255:      * @param mixed $val
256:      *
257:      * @return bool
258:      */
259:     public function setConfig($name, $val)
260:     {
261:         if (isset($this->$name)) {
262:             $this->$name = $val;
263:         } else {
264:             $this->config[$name] = $val;
265:         }
266:         return true;
267:     }
268: 
269:     /**
270:      * XoopsCaptcha::verify()
271:      *
272:      * Verify user submission
273:      *
274:      * @param bool $skipMember
275:      * @param string $name
276:      *
277:      * @return bool
278:      */
279:     public function verify($skipMember = null, $name = null)
280:     {
281:         $xoops = Xoops::getInstance();
282:         $sessionName = empty($name) ? $this->name : $name;
283:         $skipMember = ($skipMember === null) ? $_SESSION["{$sessionName}_skipmember"] : $skipMember;
284:         $maxAttempts = $_SESSION["{$sessionName}_maxattempts"];
285:         $attempt = $_SESSION["{$sessionName}_attempt"];
286:         $is_valid = false;
287:         // Skip CAPTCHA verification if disabled
288:         if (!$this->isActive()) {
289:             $is_valid = true;
290:             // Skip CAPTCHA for member if set
291:         } else {
292:             if ($xoops->isUser() && !empty($skipMember)) {
293:                 $is_valid = true;
294:                 // Kill too many attempts
295:             } else {
296:                 if (!empty($maxAttempts) && $attempt > $maxAttempts) {
297:                     $this->message[] = XoopsLocale::E_TO_MANY_ATTEMPTS;
298:                     // Verify the code
299:                 } else {
300:                     $is_valid = $this->handler->verify($sessionName);
301:                 }
302:             }
303:         }
304: 
305:         if (!$is_valid) {
306:             // Increase the attempt records on failure
307:             $_SESSION["{$sessionName}_attempt"]++;
308:             // Log the error message
309:             $this->message[] = XoopsLocale::E_INVALID_CONFIRMATION_CODE;
310:         } else {
311:             // reset attempt records on success
312:             $_SESSION["{$sessionName}_attempt"] = null;
313:         }
314:         $this->destroyGarbage(true);
315:         return $is_valid;
316:     }
317: 
318:     /**
319:      * XoopsCaptcha::getCaption()
320:      *
321:      * @return string
322:      */
323:     public function getCaption()
324:     {
325:         return XoopsLocale::CONFIRMATION_CODE;
326:     }
327: 
328:     /**
329:      * XoopsCaptcha::getMessage()
330:      *
331:      * @return string
332:      */
333:     public function getMessage()
334:     {
335:         return implode('<br />', $this->message);
336:     }
337: 
338:     /**
339:      * Destory historical stuff
340:      *
341:      * @param bool $clearSession
342:      *
343:      * @return bool
344:      */
345:     public function destroyGarbage($clearSession = false)
346:     {
347:         $this->loadHandler();
348:         $this->handler->destroyGarbage();
349: 
350:         if ($clearSession) {
351:             foreach ($this->config as $k => $config ) {
352:                 $_SESSION[$this->name . '_' . $k] = null;
353:             }
354:         }
355:         return true;
356:     }
357: 
358:     /**
359:      * XoopsCaptcha::render()
360:      *
361:      * @return string
362:      */
363:     public function render()
364:     {
365:         $sessionName = $this->config['name'];
366:         $_SESSION[$sessionName . '_name'] = $sessionName;
367:         foreach ($this->config as $k => $config ) {
368:             $_SESSION[$sessionName . '_' . $k] = $config;
369:         }
370:         $form = '';
371:         if (!$this->active || empty($this->config['name'])) {
372:             return $form;
373:         }
374: 
375:         $maxAttempts = $this->config['maxattempts'];
376:         $attempt = isset($_SESSION[$sessionName . '_attempt']) ? $_SESSION[$sessionName . '_attempt'] : 0;
377:         $_SESSION[$sessionName . '_attempt'] = $attempt;
378: 
379:         // Failure on too many attempts
380:         if (!empty($maxAttempts) && $attempt > $maxAttempts) {
381:             $form = XoopsLocale::E_TO_MANY_ATTEMPTS;
382:             // Load the form element
383:         } else {
384:             $form = $this->loadForm();
385:         }
386:         return $form;
387:     }
388: 
389:     /**
390:      * XoopsCaptcha::renderValidationJS()
391:      *
392:      * @return string
393:      */
394:     public function renderValidationJS()
395:     {
396:         if (!$this->active || empty($this->config['name'])) {
397:             return '';
398:         }
399:         return $this->handler->renderValidationJS();
400:     }
401: 
402:     /**
403:      * XoopsCaptcha::setCode()
404:      *
405:      * @param mixed $code
406:      *
407:      * @return bool
408:      */
409:     public function setCode($code = null)
410:     {
411:         $code = ($code === null) ? $this->handler->getCode() : $code;
412:         if (!empty($code)) {
413:             $_SESSION[$this->name . '_code'] = $code;
414:             return true;
415:         }
416:         return false;
417:     }
418: 
419:     /**
420:      * XoopsCaptcha::loadForm()
421:      *
422:      * @return string
423:      */
424:     public function loadForm()
425:     {
426:         $form = $this->handler->render();
427:         $this->setCode();
428:         return $form;
429:     }
430: }
431: