github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 14:23:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Обновление рекапчи, PHP 5.4

Browse source 
Библиотека поддержки рекапчи обновлена до новой версии. Минимально поддерживаемая версия движка искуственно повышена до 5.4 (несколько файлов для начала).
This commit is contained in:
Exile 2015-04-13 03:20:15 +03:00
commit 82cef4d6f0
18 changed files with 689 additions and 204 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -14,7 +14,7 @@ TorrentPier - движок торрент-трекера, написанный
> ***'db1' => array('localhost', 'tp_216', 'user', 'pass', $charset, $pconnect)***
В данной строке изменяем данные входа в базу данных
***$domain_name = 'torrentpier.me';***
В данной строке указываем ваше доменное имя. Остальные правки в файле вносятся по усмотрению, исходя из необходимости из внесения (ориентируйтесь на описания, указанные у полей).
В данной строке указываем ваше доменное имя. Остальные правки в файле вносятся по усмотрению, исходя из необходимости из внесения (ориентируйтесь на описания, указанные у полей). Также вы можете создать файл **library/config.local.php** в который продублировать все изменяемые значения, чтобы была возможность обновления основного файла конфигурации через git. Значения из этого файла будут иметь приоритет перед всеми остальными.
4. Редактируем указанные файлы:
+ **favicon.ico** (меняем на свою иконку, если есть)

54
ajax.php
View file

@ -76,35 +76,35 @@ $ajax->exec();
//
class ajax_common
{
var $request = array();
var $response = array();
var $request = [];
var $response = [];
var $valid_actions = array(
var $valid_actions = [
// ACTION NAME AJAX_AUTH
'edit_user_profile' => array('admin'),
'change_user_rank' => array('admin'),
'change_user_opt' => array('admin'),
'manage_user' => array('admin'),
'manage_admin' => array('admin'),
'sitemap' => array('admin'),
'edit_user_profile' => ['admin'],
'change_user_rank' => ['admin'],
'change_user_opt' => ['admin'],
'manage_user' => ['admin'],
'manage_admin' => ['admin'],
'sitemap' => ['admin'],
'mod_action' => array('mod'),
'topic_tpl' => array('mod'),
'group_membership' => array('mod'),
'post_mod_comment' => array('mod'),
'mod_action' => ['mod'],
'topic_tpl' => ['mod'],
'group_membership' => ['mod'],
'post_mod_comment' => ['mod'],
'avatar' => array('user'),
'gen_passkey' => array('user'),
'change_torrent' => array('user'),
'change_tor_status' => array('user'),
'manage_group' => array('user'),
'avatar' => ['user'],
'gen_passkey' => ['user'],
'change_torrent' => ['user'],
'change_tor_status' => ['user'],
'manage_group' => ['user'],
'view_post' => array('guest'),
'view_torrent' => array('guest'),
'user_register' => array('guest'),
'posts' => array('guest'),
'index_data' => array('guest'),
);
'view_post' => ['guest'],
'view_torrent' => ['guest'],
'user_register' => ['guest'],
'posts' => ['guest'],
'index_data' => ['guest'],
];
var $action = null;
@ -113,7 +113,7 @@ class ajax_common
*/
function ajax_common()
{
ob_start(array(&$this, 'ob_handler'));
ob_start([&$this, 'ob_handler']);
header('Content-Type: text/plain');
}
@ -273,10 +273,10 @@ class ajax_common
}
else
{
$login_args = array(
$login_args = [
'login_username' => $user->data['username'],
'login_password' => $_POST['user_password'],
);
];
if (!$user->login($login_args, true))
{
$this->ajax_die('Wrong password');

4
callseed.php
View file

@ -5,7 +5,7 @@ define('BB_ROOT', './');
require(BB_ROOT . 'common.php');
// Init userdata
$user->session_start(array('req_login' => true));
$user->session_start(['req_login' => true]);
$topic_id = (int) request_var('t', 0);
$t_data = topic_info($topic_id);
@ -23,7 +23,7 @@ elseif ($t_data['call_seed_time'] > (TIMENOW - 86400))
bb_die(sprintf($lang['CALLSEED_MSG_SPAM'], $time_left));
}
$ban_user_id = array();
$ban_user_id = [];
$sql = DB()->fetch_rowset("SELECT ban_userid FROM ". BB_BANLIST ." WHERE ban_userid != 0");

97
library/TorrentPier/ReCaptcha/ReCaptcha.php Executable file
View file

@ -0,0 +1,97 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha;
/**
* reCAPTCHA client.
*/
class ReCaptcha
{
/**
* Version of this client library.
* @const string
*/
const VERSION = 'php_1.1.1';
/**
* Shared secret for the site.
* @var type string
*/
private $secret;
/**
* Method used to communicate with service. Defaults to POST request.
* @var RequestMethod
*/
private $requestMethod;
/**
* Create a configured instance to use the reCAPTCHA service.
*
* @param string $secret shared secret between site and reCAPTCHA server.
* @param RequestMethod $requestMethod method used to send the request. Defaults to POST.
*/
public function __construct($secret, RequestMethod $requestMethod = null)
{
if (empty($secret)) {
throw new \RuntimeException('No secret provided');
}
if (!is_string($secret)) {
throw new \RuntimeException('The provided secret must be a string');
}
$this->secret = $secret;
if (!is_null($requestMethod)) {
$this->requestMethod = $requestMethod;
} else {
$this->requestMethod = new RequestMethod\Post();
}
}
/**
* Calls the reCAPTCHA siteverify API to verify whether the user passes
* CAPTCHA test.
*
* @param string $response The value of 'g-recaptcha-response' in the submitted form.
* @param string $remoteIp The end user's IP address.
* @return Response Response from the service.
*/
public function verify($response, $remoteIp = null)
{
// Discard empty solution submissions
if (empty($response)) {
$recaptchaResponse = new Response(false, array('missing-input-response'));
return $recaptchaResponse;
}
$params = new RequestParameters($this->secret, $response, $remoteIp, self::VERSION);
$rawResponse = $this->requestMethod->submit($params);
return Response::fromJson($rawResponse);
}
}

42
library/TorrentPier/ReCaptcha/RequestMethod.php Executable file
View file

@ -0,0 +1,42 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha;
/**
* Method used to send the request to the service.
*/
interface RequestMethod
{
/**
* Submit the request with the specified parameters.
*
* @param RequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
public function submit(RequestParameters $params);
}

70
library/TorrentPier/ReCaptcha/RequestMethod/Post.php Executable file
View file

@ -0,0 +1,70 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha\RequestMethod;
use ReCaptcha\RequestMethod;
use ReCaptcha\RequestParameters;
/**
* Sends POST requests to the reCAPTCHA service.
*/
class Post implements RequestMethod
{
/**
* URL to which requests are POSTed.
* @const string
*/
const SITE_VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify';
/**
* Submit the POST request with the specified parameters.
*
* @param RequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
public function submit(RequestParameters $params)
{
/**
* PHP 5.6.0 changed the way you specify the peer name for SSL context options.
* Using "CN_name" will still work, but it will raise deprecated errors.
*/
$peer_key = version_compare(PHP_VERSION, '5.6.0', '<') ? 'CN_name' : 'peer_name';
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => $params->toQueryString(),
// Force the peer to validate (not needed in 5.6.0+, but still works
'verify_peer' => true,
// Force the peer validation to use www.google.com
$peer_key => 'www.google.com',
),
);
$context = stream_context_create($options);
return file_get_contents(self::SITE_VERIFY_URL, false, $context);
}
}

104
library/TorrentPier/ReCaptcha/RequestMethod/Socket.php Executable file
View file

@ -0,0 +1,104 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha\RequestMethod;
/**
* Convenience wrapper around native socket and file functions to allow for
* mocking.
*/
class Socket
{
private $handle = null;
/**
* fsockopen
*
* @see http://php.net/fsockopen
* @param string $hostname
* @param int $port
* @param int $errno
* @param string $errstr
* @param float $timeout
* @return resource
*/
public function fsockopen($hostname, $port = -1, &$errno = 0, &$errstr = '', $timeout = null)
{
$this->handle = fsockopen($hostname, $port, $errno, $errstr, (is_null($timeout) ? ini_get("default_socket_timeout") : $timeout));
if ($this->handle != false && $errno === 0 && $errstr === '') {
return $this->handle;
} else {
return false;
}
}
/**
* fwrite
*
* @see http://php.net/fwrite
* @param string $string
* @param int $length
* @return int | bool
*/
public function fwrite($string, $length = null)
{
return fwrite($this->handle, $string, (is_null($length) ? strlen($string) : $length));
}
/**
* fgets
*
* @see http://php.net/fgets
* @param int $length
*/
public function fgets($length = null)
{
return fgets($this->handle, $length);
}
/**
* feof
*
* @see http://php.net/feof
* @return bool
*/
public function feof()
{
return feof($this->handle);
}
/**
* fclose
*
* @see http://php.net/fclose
* @return bool
*/
public function fclose()
{
return fclose($this->handle);
}
}

120
library/TorrentPier/ReCaptcha/RequestMethod/SocketPost.php Executable file
View file

@ -0,0 +1,120 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha\RequestMethod;
use ReCaptcha\RequestMethod;
use ReCaptcha\RequestParameters;
/**
* Sends a POST request to the reCAPTCHA service, but makes use of fsockopen()
* instead of get_file_contents(). This is to account for people who may be on
* servers where allow_furl_open is disabled.
*/
class SocketPost implements RequestMethod
{
/**
* reCAPTCHA service host.
* @const string
*/
const RECAPTCHA_HOST = 'www.google.com';
/**
* @const string reCAPTCHA service path
*/
const SITE_VERIFY_PATH = '/recaptcha/api/siteverify';
/**
* @const string Bad request error
*/
const BAD_REQUEST = '{"success": false, "error-codes": ["invalid-request"]}';
/**
* @const string Bad response error
*/
const BAD_RESPONSE = '{"success": false, "error-codes": ["invalid-response"]}';
/**
* Socket to the reCAPTCHA service
* @var Socket
*/
private $socket;
/**
* Constructor
*
* @param \ReCaptcha\RequestMethod\Socket $socket optional socket, injectable for testing
*/
public function __construct(Socket $socket = null)
{
if (!is_null($socket)) {
$this->socket = $socket;
} else {
$this->socket = new Socket();
}
}
/**
* Submit the POST request with the specified parameters.
*
* @param RequestParameters $params Request parameters
* @return string Body of the reCAPTCHA response
*/
public function submit(RequestParameters $params)
{
$errno = 0;
$errstr = '';
if ($this->socket->fsockopen('ssl://' . self::RECAPTCHA_HOST, 443, $errno, $errstr, 30) !== false) {
$content = $params->toQueryString();
$request = "POST " . self::SITE_VERIFY_PATH . " HTTP/1.1\r\n";
$request .= "Host: " . self::RECAPTCHA_HOST . "\r\n";
$request .= "Content-Type: application/x-www-form-urlencoded\r\n";
$request .= "Content-length: " . strlen($content) . "\r\n";
$request .= "Connection: close\r\n\r\n";
$request .= $content . "\r\n\r\n";
$this->socket->fwrite($request);
$response = '';
while (!$this->socket->feof()) {
$response .= $this->socket->fgets(4096);
}
$this->socket->fclose();
if (0 === strpos($response, 'HTTP/1.1 200 OK')) {
$parts = preg_split("#\n\s*\n#Uis", $response);
return $parts[1];
}
return self::BAD_RESPONSE;
}
return self::BAD_REQUEST;
}
}

103
library/TorrentPier/ReCaptcha/RequestParameters.php Executable file
View file

@ -0,0 +1,103 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha;
/**
* Stores and formats the parameters for the request to the reCAPTCHA service.
*/
class RequestParameters
{
/**
* Site secret.
* @var string
*/
private $secret;
/**
* Form response.
* @var string
*/
private $response;
/**
* Remote user's IP address.
* @var string
*/
private $remoteIp;
/**
* Client version.
* @var string
*/
private $version;
/**
* Initialise parameters.
*
* @param string $secret Site secret.
* @param string $response Value from g-captcha-response form field.
* @param string $remoteIp User's IP address.
* @param string $version Version of this client library.
*/
public function __construct($secret, $response, $remoteIp = null, $version = null)
{
$this->secret = $secret;
$this->response = $response;
$this->remoteIp = $remoteIp;
$this->version = $version;
}
/**
* Array representation.
*
* @return array Array formatted parameters.
*/
public function toArray()
{
$params = array('secret' => $this->secret, 'response' => $this->response);
if (!is_null($this->remoteIp)) {
$params['remoteip'] = $this->remoteIp;
}
if (!is_null($this->version)) {
$params['version'] = $this->version;
}
return $params;
}
/**
* Query string representation for HTTP request.
*
* @return string Query string formatted parameters.
*/
public function toQueryString()
{
return http_build_query($this->toArray(), '', '&');
}
}

102
library/TorrentPier/ReCaptcha/Response.php Executable file
View file

@ -0,0 +1,102 @@
<?php
/**
* This is a PHP library that handles calling reCAPTCHA.
*
* @copyright Copyright (c) 2015, Google Inc.
* @link http://www.google.com/recaptcha
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
namespace ReCaptcha;
/**
* The response returned from the service.
*/
class Response
{
/**
* Succes or failure.
* @var boolean
*/
private $success = false;
/**
* Error code strings.
* @var array
*/
private $errorCodes = array();
/**
* Build the response from the expected JSON returned by the service.
*
* @param string $json
* @return \ReCaptcha\Response
*/
public static function fromJson($json)
{
$responseData = json_decode($json, true);
if (!$responseData) {
return new Response(false, array('invalid-json'));
}
if (isset($responseData['success']) && $responseData['success'] == true) {
return new Response(true);
}
if (isset($responseData['error-codes']) && is_array($responseData['error-codes'])) {
return new Response(false, $responseData['error-codes']);
}
return new Response(false);
}
/**
* Constructor.
*
* @param boolean $success
* @param array $errorCodes
*/
public function __construct($success, array $errorCodes = array())
{
$this->success = $success;
$this->errorCodes = $errorCodes;
}
/**
* Is success?
*
* @return boolean
*/
public function isSuccess()
{
return $this->success;
}
/**
* Get error codes.
*
* @return array
*/
public function getErrorCodes()
{
return $this->errorCodes;
}
}

3
library/config.php
View file

@ -262,6 +262,7 @@ define('CLASS_DIR', BB_PATH .'/library/includes/classes/');
define('CORE_DIR', BB_PATH .'/library/includes/core/' );
define('UCP_DIR', BB_PATH .'/library/includes/ucp/' );
define('LANG_ROOT_DIR', BB_PATH .'/library/language/' );
define('TP_AUTO_DIR', BB_PATH .'/library/TorrentPier/' );
define('IMAGES_DIR', BB_PATH .'/styles/images/' );
define('TEMPLATES_DIR', BB_PATH .'/styles/templates/' );
@ -347,7 +348,7 @@ $page_cfg['show_sidebar2'] = array(
// Cookie
$bb_cfg['cookie_domain'] = in_array($domain_name, array(getenv('SERVER_ADDR'), 'localhost')) ? '' : ".$domain_name";
$bb_cfg['cookie_secure'] = (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') ? 1 : 0);
$bb_cfg['cookie_secure'] = (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') ? 1 : 0;
$bb_cfg['cookie_prefix'] = 'bb_'; // 'bb_'
// Sessions

153
library/includes/classes/recaptcha.php
View file

@ -1,153 +0,0 @@
<?php
namespace Google\ReCaptcha;
if (!defined('BB_ROOT')) die(basename(__FILE__));
const SIGNUP_URL = 'https://www.google.com/recaptcha/admin';
const VERIFY_URL = 'https://www.google.com/recaptcha/api/siteverify?';
const VERSION = 'php_1.0';
/**
* A Response is returned from checkAnswer()
*/
class Response
{
public $success;
public $errorCodes;
}
class Exception extends \Exception
{
public function getError()
{
echo $this->getMessage();
}
}
class Client
{
private $_secret;
private $_curl_opts;
/**
* Constructor
*
* @param string $secret shared secret between site and ReCAPTCHA server
* @param array $curl_opts array of curl parameters
*
* @throws Exception
*/
public function __construct($secret, array $curl_opts = array())
{
if (is_null($secret) || $secret == '') {
throw new Exception('To use reCAPTCHA you must get an API key from <a href=\'' . SIGNUP_URL . '\'>' . SIGNUP_URL . '</a>');
}
$this->_secret = $secret;
if (!empty($curl_opts)) {
$this->_curl_opts = $curl_opts;
}
}
/**
* Encodes the given data into a query string format
*
* @param array $data array of string elements to be encoded
*
* @return string - encoded request
*/
private function _encodeQS($data)
{
$req = array();
foreach ($data as $key => $value) {
$req[] = $key . '=' . urlencode(stripslashes(trim($value)));
}
return implode('&', $req);
}
/**
* Submits an HTTP GET to a reCAPTCHA server
*
* @param string $path url path to reCAPTCHA server
* @param array $data array of parameters to be sent
*
* @throws Exception
* @return array response
*/
private function _submitHTTPGet($path, $data)
{
$req = $this->_encodeQS($data);
// Prefer curl
if (function_exists('curl_version')) {
$opts = array(
CURLOPT_HEADER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_USERAGENT => 'ReCaptcha ' . VERSION,
CURLOPT_AUTOREFERER => true,
CURLOPT_CONNECTTIMEOUT => 60,
CURLOPT_TIMEOUT => 60,
CURLOPT_MAXREDIRS => 5,
CURLOPT_ENCODING => '',
);
// Check if we got overrides, or extra options (eg. proxy configuration)
if (is_array($this->_curl_opts) && !empty($this->_curl_opts)) {
$opts = array_merge($opts, $this->_curl_opts);
}
$conn = curl_init($path . $req);
curl_setopt_array($conn, $opts);
$response = curl_exec($conn);
// Handle a connection error
$errno = curl_errno($conn);
if ($errno !== 0) {
throw new Exception('Fatal error while contacting reCAPTCHA. ' . $errno . ': ' . curl_error($conn));
}
curl_close($conn);
} else {
$response = file_get_contents($path . $req);
}
return $response;
}
/**
* Calls the reCAPTCHA siteverify API to verify whether the user passes test
*
* @param string $remoteIp IP address of end user
* @param string $response response string from reCAPTCHA verification
*
* @return ReCaptcha\Response
*/
public function verifyResponse($remoteIp, $response)
{
// Discard empty solution submissions
if (is_null($response) || strlen($response) == 0) {
$recaptchaResponse = new Response();
$recaptchaResponse->success = false;
$recaptchaResponse->errorCodes = 'missing-input';
return $recaptchaResponse;
}
// Send request
$getResponse = $this->_submitHttpGet(
VERIFY_URL,
array(
'secret' => $this->_secret,
'remoteip' => $remoteIp,
'v' => VERSION,
'response' => $response
)
);
$answers = json_decode($getResponse, true);
$recaptchaResponse = new Response();
// Parse answer
if (trim($answers['success']) == true) {
$recaptchaResponse->success = true;
} else {
$recaptchaResponse->success = false;
$recaptchaResponse->errorCodes = $answers['error-codes'];
}
return $recaptchaResponse;
}
}

25
library/includes/functions.php
View file

@ -2566,16 +2566,21 @@ function hash_search ($hash)
function bb_captcha ($mode, $callback = '')
{
global $bb_cfg, $userdata;
global $bb_cfg, $lang, $userdata;
require_once(CLASS_DIR . 'recaptcha.php');
require_once(TP_AUTO_DIR . 'ReCaptcha/ReCaptcha.php');
$secret = $bb_cfg['captcha']['secret_key'];
$public = $bb_cfg['captcha']['public_key'];
$theme = $bb_cfg['captcha']['theme'];
$lang = $bb_cfg['lang'][$userdata['user_lang']]['captcha'];
$reCaptcha = new Google\ReCaptcha\Client($secret);
if (!$public || !$secret)
{
bb_die($lang['CAPTCHA_SETTINGS']);
}
$reCaptcha = new \ReCaptcha\ReCaptcha($secret);
switch ($mode)
{
@ -2595,19 +2600,11 @@ function bb_captcha ($mode, $callback = '')
break;
case 'check':
$resp = null;
$g_resp = request_var('g-recaptcha-response', '');
if ($g_resp) {
try {
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $g_resp);
} catch (Google\ReCaptcha\Exception $e) {
$e->getError();
}
}
if (is_object($resp) && $resp->success === true) {
$resp = $reCaptcha->verify($g_resp, $_SERVER['REMOTE_ADDR']);
if ($resp->isSuccess())
{
return true;
} else {
return false;
}
break;

3
library/includes/functions_selects.php
View file

@ -9,7 +9,6 @@ function language_select ($default_lang, $select_name = 'language')
{
global $bb_cfg;
$lang_default = reset($bb_cfg['lang']);
$lang_select = '<select name="'. $select_name .'">';
$x = 0;
foreach ($bb_cfg['lang'] as $key => $data)
@ -20,7 +19,7 @@ function language_select ($default_lang, $select_name = 'language')
$x++;
}
$lang_select .= '</select>';
return ($x > 1) ? $lang_select : $lang_default['name'];
return ($x > 1) ? $lang_select : reset($bb_cfg['lang'])['name'];
}
//

2
library/includes/init_bb.php
View file

@ -1,7 +1,7 @@
<?php
if (!defined('BB_ROOT')) die(basename(__FILE__));
if (PHP_VERSION < '5.3') die('TorrentPier requires PHP version 5.3.23+. Your PHP version '. PHP_VERSION);
if (PHP_VERSION < '5.4') die('TorrentPier requires PHP version 5.4 and above. Your PHP version '. PHP_VERSION);
if (!defined('BB_SCRIPT')) define('BB_SCRIPT', 'undefined');
if (!defined('BB_CFG_LOADED')) trigger_error('File config.php not loaded', E_USER_ERROR);

3
library/language/en/main.php
View file

@ -2704,4 +2704,5 @@ $lang['UPLOAD_ERRORS'] = array(
// Captcha
$lang['CAPTCHA'] = 'Check that you are not a robot';
$lang['CAPTCHA_WRONG'] = 'You could not confirm that you are not a robot';
$lang['CAPTCHA_WRONG'] = 'You could not confirm that you are not a robot';
$lang['CAPTCHA_SETTINGS'] = '<h2>ReCaptcha not being fully configured</h2><p>If you haven\'t already generated the keys, you can do it on <a href="https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a>.<br />After you generate the keys, you need to put them at the file library/config.php.</p>';

3
library/language/ru/main.php
View file

@ -2704,4 +2704,5 @@ $lang['UPLOAD_ERRORS'] = array(
// Captcha
$lang['CAPTCHA'] = 'Проверка, что вы не робот';
$lang['CAPTCHA_WRONG'] = 'Вы не смогли подтвердить, что вы не робот';
$lang['CAPTCHA_WRONG'] = 'Вы не смогли подтвердить, что вы не робот';
$lang['CAPTCHA_SETTINGS'] = '<h2>ReCaptcha настроена не полностью</h2><p>Если вы еще не сгенерировали ключи, вы можете это сделать на странице <a href="https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a>.<br />После того, как вы сгенерируете ключи, нужно прописать их в файл library/config.php.</p>';

3
library/language/uk/main.php
View file

@ -2704,4 +2704,5 @@ $lang['UPLOAD_ERRORS'] = array(
// Captcha
$lang['CAPTCHA'] = 'Перевірка, що ви не робот';
$lang['CAPTCHA_WRONG'] = 'Ви не змогли підтвердити, що ви не робот';
$lang['CAPTCHA_WRONG'] = 'Ви не змогли підтвердити, що ви не робот';
$lang['CAPTCHA_SETTINGS'] = '<h2>ReCaptcha налаштована не повністю</h2><p>Якщо ви ще не згенерували ключі, ви можете це зробити на сторінці <a href="https://www.google.com/recaptcha/admin">https://www.google.com/recaptcha/admin</a>.<br />Після того, як ви сгенеріруете ключі, потрібно прописати їх у файл library/config.php.</p>';