Implement google recaptcha for sitemanager forms

This commit is contained in:
Hadi Nategh 2016-12-09 10:32:56 +01:00
parent d4a64babbd
commit 5f4fc359be
4 changed files with 57 additions and 11 deletions

View File

@ -69,7 +69,9 @@ class addressbook_contactform
// check if submitted
if (is_array($content))
{
if ((isset($content['captcha_result']) && $content['captcha'] != $content['captcha_result']) || // no correct captcha OR
if (isset($_POST['g-recaptcha-response'])) $recaptcha = sitemgr_module::verify_recaptcha ($_POST['g-recaptcha-response']);
$captcha = (isset($content['captcha_result']) && $content['captcha'] != $content['captcha_result']) || ($recaptcha && $recaptcha->success == false);
if ($captcha || // no correct captcha OR
(time() - $content['start_time'] < 10 && // bot indicator (less then 10 sec to fill out the form and
!$GLOBALS['egw_info']['etemplate']['java_script'])) // javascript disabled)
{
@ -202,20 +204,28 @@ class addressbook_contactform
if ($addressbook) $preserv['owner'] = $addressbook;
if ($msg) $preserv['msg'] = $msg;
// a simple calculation captcha
$num1 = rand(1,99);
$num2 = rand(1,99);
if ($num2 > $num1) // keep the result positive
if (!sitemgr_module::get_recaptcha())
{
$n = $num1; $num1 = $num2; $num2 = $n;
// a simple calculation captcha
$num1 = rand(1,99);
$num2 = rand(1,99);
if ($num2 > $num1) // keep the result positive
{
$n = $num1; $num1 = $num2; $num2 = $n;
}
if (in_array('captcha',$fields))
{
$content['captcha_task'] = sprintf('%d - %d =',$num1,$num2);
$preserv['captcha_result'] = $num1-$num2;
}
}
if (in_array('captcha',$fields))
else
{
$content['captcha_task'] = sprintf('%d - %d =',$num1,$num2);
$preserv['captcha_result'] = $num1-$num2;
$content['show']['captcha'] = false;
$content['show']['recaptcha'] = true;
$recaptcha = sitemgr_module::get_recaptcha();
$content['recaptcha'] = '<div class="g-recaptcha" data-sitekey="'.$recaptcha['site'].'"></div>';
}
// allow to preset variables via get parameters
if ($_SERVER['REQUEST_METHOD'] == 'GET')
{

View File

@ -34,6 +34,20 @@ class module_addressbook_contactform extends sitemgr_module
$this->etemplate_method = 'addressbook.addressbook_contactform.display';
}
function get_content (&$arguments,$properties)
{
$parent = parent::get_content($arguments, $properties);
//Make sure that recaptcha keys are set before include it
if (($recaptcha = sitemgr_module::get_recaptcha()))
{
$extra .= '<script src="https://www.google.com/recaptcha/api.js" type="text/javascript"></script>'."\n";
return $extra.$parent;
}
// fallback to basic captcha
return $parent;
}
/**
* Reimplemented to add the addressbook translations and fetch the addressbooks only if needed for the user-interface
*

View File

@ -129,6 +129,11 @@
<row disabled="!@show[sep5]">
<hrule span="all"/>
</row>
<row disabled="!@show[recaptcha]">
<description span="2"/>
<html id="recaptcha"/>
<description/>
</row>
<row disabled="!@show[captcha]">
<image src="private.png"/>
<description value="Verification"/>

View File

@ -250,6 +250,23 @@
<!-- no more dynamic minifying: option value="debug">Debug</option -->
</select>
</row>
<row>
<description value="Google recaptcha" span="all" class="subHeader"/>
</row>
<row>
<vbox>
<description value="Google recaptcha secret key" label="%s:"/>
<description value="This secret key used for communication between your site and Google. Be sure to keep it a secret."/>
</vbox>
<textbox id="newsettings[recaptcha_secret]" size="60"/>
</row>
<row>
<vbox>
<description value="Google recaptcha site key" label="%s:"/>
<description value="This key used in the HTML code your site serves to users." />
</vbox>
<textbox id="newsettings[recaptcha_site]" size="60"/>
</row>
</rows>
</grid>
</template>