title = PLUGIN_EVENT_RECAPTCHA_TITLE; $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_TITLE); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_DESC); $propbag->add('stackable', false); $propbag->add('author', 'Christian Brabandt (based on work of Garvin Hicking, Sebastian Nohn)'); $propbag->add('requirements', array( 'serendipity' => '1.0', 'smarty' => '2.6.7', 'php' => '4.1.0' )); $propbag->add('version', '0.20.2'); $propbag->add('event_hooks', array( 'frontend_configure' => true, 'frontend_saveComment' => true, 'frontend_comment' => true )); $propbag->add('configuration', array( 'info', 'sep', 'hide_for_authors', 'recaptcha', 'recaptcha_style', 'recaptcha_pub', 'recaptcha_priv', 'captchas_ttl', 'logtype', 'logfile')); $propbag->add('groups', array('ANTISPAM')); } function introspect_config_item($name, &$propbag) { global $serendipity; switch($name) { case 'recaptcha': $propbag->add('type', 'radio'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_DESC); $propbag->add('default', 'no'); $propbag->add('radio', array( 'value' => array('yes2', 'no'), 'desc' => array(YES . ' (v2)', NO) )); break; case 'recaptcha_pub': $propbag->add('type', 'string'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_PUB); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_PUB_DESC); $propbag->add('default', ''); break; case 'recaptcha_priv': $propbag->add('type', 'string'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_PRIV); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_PRIV_DESC); $propbag->add('default', ''); break; case 'recaptcha_style': $propbag->add('type', 'radio'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_STYLE); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_RECAPTCHA_STYLE_DESC); $propbag->add('default', 'red'); $propbag->add('radio', array( 'value' => array('red', 'white', 'blackglass'), 'desc' => array('Red', 'White', 'Blackglass') )); break; case 'hide_for_authors': $_groups =& serendipity_getAllGroups(); $groups = array( 'all' => ALL_AUTHORS, 'none' => NONE ); foreach($_groups AS $group) { $groups[$group['confkey']] = $group['confvalue']; } $propbag->add('type', 'multiselect'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_HIDE); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_HIDE_DESC); $propbag->add('select_values', $groups); $propbag->add('select_size', 5); $propbag->add('default', 'all'); break; case 'logfile': $propbag->add('type', 'string'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_LOGFILE); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_LOGFILE_DESC); $propbag->add('default', $serendipity['serendipityPath'] . 'spamblock.log'); break; case 'logtype': $propbag->add('type', 'radio'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_LOGTYPE); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_LOGTYPE_DESC); $propbag->add('default', 'db'); $propbag->add('radio', array( 'value' => array('file', 'db', 'none'), 'desc' => array(PLUGIN_EVENT_RECAPTCHA_LOGTYPE_FILE, PLUGIN_EVENT_RECAPTCHA_LOGTYPE_DB, PLUGIN_EVENT_RECAPTCHA_LOGTYPE_NONE) )); $propbag->add('radio_per_row', '1'); break; case 'captchas_ttl': $propbag->add('type', 'string'); $propbag->add('name', PLUGIN_EVENT_RECAPTCHA_CAPTCHAS_TTL); $propbag->add('description', PLUGIN_EVENT_RECAPTCHA_CAPTCHAS_TTL_DESC); $propbag->add('default', '7'); break; case 'info': $suche='!http(?:s)?:\/\/(?:(?:[^.]*)\.)?([^.\/]*)!'; $result=preg_match($suche,$serendipity['baseURL'],$domain); $propbag->add('type', 'content'); $propbag->add('default', PLUGIN_EVENT_RECAPTCHA_INFO1.$domain[1]. PLUGIN_EVENT_RECAPTCHA_INFO2); break; case 'sep': $propbag->add('type', 'seperator'); break; default: return false; } return true; } function performConfig(&$bag) { // set "yes" (recaptcha v1 is active) to "yes2" (recaptcha v2 is active) //because v1 has been phased out if ($this->get_config('recaptcha', 'no') === 'yes') { $this->set_config('recaptcha', 'yes2'); }; } function generate_content(&$title) { $title = $this->title; } // Checks whether the current author is contained in one of the groups that // need no spam checking function inGroup() { global $serendipity; $checkgroups = explode('^', $this->get_config('hide_for_authors')); if (!isset($serendipity['authorid']) || !is_array($checkgroups)) { return false; } $mygroups =& serendipity_getGroups($serendipity['authorid'], true); if (!is_array($mygroups)) { return false; } foreach($checkgroups AS $key => $groupid) { if ($groupid == 'all') { return true; } elseif (in_array($groupid, $mygroups)) { return true; } } return false; } function event_hook($event, &$bag, &$eventData, $addData = null) { global $serendipity; $hooks = &$bag->get('event_hooks'); if (isset($hooks[$event])) { $captchas_ttl = $this->get_config('captchas_ttl', 7); $_recaptcha = $this->get_config('recaptcha', 'no'); $recaptcha = ($_recaptcha === 'yes' || $_recaptcha === 'yes2' || $_recaptcha !== 'no' || serendipity_db_bool($_recaptcha)); // Check if the entry is older than the allowed amount of time. // Enforce captchas if that is true of if captchas are activated // for every entry $show_captcha = (($recaptcha) && isset($eventData['timestamp']) && ($captchas_ttl < 1 || ($eventData['timestamp'] < (time() - ($captchas_ttl*60*60*24)))) ? true : false); switch($event) { case 'frontend_configure': // set a variable, so that the spamblock plugin can disable the captcha when recaptcha is found. if ($_recaptcha) { $serendipity['plugins']['disable_internal_captcha'] = true; } return true; break; case 'frontend_saveComment': if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) { //$serendipity['csuccess'] = 'true'; $logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log'); // Check whether to allow comments from registered authors if (serendipity_userLoggedIn() && $this->inGroup()) { return true; } // Captcha checking if ($show_captcha && $addData['type'] == 'NORMAL') { $privatekey = $this->get_config('recaptcha_priv'); if ($_POST["recaptcha_response_field"] != 1) { // interpret "yes" as "yes2" if ($_recaptcha === 'yes2' || $_recaptcha === 'yes') { $resp_valid = ''; $resp_error = ''; $url = 'https://www.google.com/recaptcha/api/siteverify'; if (function_exists('serendipity_request_url')) { $data = serendipity_request_url( $url, 'POST', null, array( 'secret' => $privatekey, 'response' => $_POST["g-recaptcha-response"], 'remoteip' => $_SERVER['REMOTE_ADDR'] ) ); } else { require_once S9Y_PEAR_PATH . 'HTTP/Request.php'; serendipity_request_start(); $req = new HTTP_Request($url, array('method' => HTTP_REQUEST_METHOD_POST, 'allowRedirects' => true, 'timeout' => 20, 'readTimeout' => array(5,0), 'maxRedirects' => 3)); $req->addPostData('secret', $privatekey); $req->addPostData('response', $_POST["g-recaptcha-response"]); $req->addPostData('remoteip', $_SERVER['REMOTE_ADDR']); $req->sendRequest(); $data = $req->getResponseBody(); serendipity_request_end(); } if (empty($data)) { $resp_valid = false; $resp_error = 'Empty Request'; } else { $json_data = json_decode($data); if (!is_object($json_data)) { $resp_valid = false; $resp_error = 'Invalid JSON return: ' . $data; } else { $resp_valid = $json_data->success; $resp_error = $json_data->{'error-codes'}; } } } if (!$resp_valid) { # set the error code so that we can display it $this->error = $resp_error; $this->log($logfile, $eventData['id'], 'REJECTED', $this->error, $addData); $eventData = array('allow_comments' => false); $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_RECAPTCHA_ERROR_CAPTCHAS; return false; } } else { return false; } } } return true; break; case 'frontend_comment': // Check whether to allow comments from registered authors if (serendipity_userLoggedIn() && $this->inGroup()) { return true; } if ($show_captcha) { $pubkey = $this->get_config('recaptcha_pub'); $privkey = $this->get_config('recaptcha_priv'); if ( $recaptcha && (($pubkey == null || $pubkey == '') || ($privkey == null || $pubkey == '')) ) { $recaptcha = false; //$captchas = true; printf('
',PLUGIN_EVENT_RECAPTCHA_ERROR_RECAPTCHA); } // The response from recaptcha.net // interpret "yes" as "yes2" if ($_recaptcha === 'yes2' || $_recaptcha === 'yes') { echo ""; echo '
'; } } return true; break; default: return false; break; } } else { return false; } } function log($logfile, $id, $switch, $reason, $comment) { global $serendipity; $method = $this->get_config('logtype'); switch($method) { case 'file': if (empty($logfile)) { return; } $fp = @fopen($logfile, 'a+'); if (!is_resource($fp)) { return; } fwrite($fp, sprintf( '[%s] - [%s: %s] - [#%s, Name "%s", E-Mail "%s", URL "%s", User-Agent "%s", IP %s] - [%s]' . "\n", date('Y-m-d H:i:s', serendipity_serverOffsetHour()), $switch, $reason, $id, str_replace("\n", ' ', $comment['name']), str_replace("\n", ' ', $comment['email']), str_replace("\n", ' ', $comment['url']), str_replace("\n", ' ', $_SERVER['HTTP_USER_AGENT']), $_SERVER['REMOTE_ADDR'], str_replace("\n", ' ', $comment['comment']) )); fclose($fp); break; case 'none': return; break; case 'db': default: $q = sprintf("INSERT INTO {$serendipity['dbPrefix']}spamblocklog (timestamp, type, reason, entry_id, author, email, url, useragent, ip, referer, body) VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", serendipity_serverOffsetHour(), serendipity_db_escape_string($switch), serendipity_db_escape_string($reason), serendipity_db_escape_string($id), serendipity_db_escape_string($comment['name']), serendipity_db_escape_string($comment['email']), serendipity_db_escape_string($comment['url']), serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), serendipity_db_escape_string($_SERVER['REMOTE_ADDR']), serendipity_db_escape_string(isset($_SESSION['HTTP_REFERER']) ? $_SESSION['HTTP_REFERER'] : $_SERVER['HTTP_REFERER']), serendipity_db_escape_string($comment['comment']) ); serendipity_db_query($q); break; } } } /* vim: set sts=4 ts=4 expandtab : */