mirror of
https://github.com/Znote/ZnoteAAC.git
synced 2025-04-29 10:49:23 +02:00
Adding Google reCaptcha system
Also disable all shop and buypoints functionality as default in config.php
This commit is contained in:
Znote
parent
05800d282d
commit
984e62e095
@ -753,7 +753,10 @@
|
||||
// SECURITY STUFF \\
|
||||
// --------------- \\
|
||||
$config['use_token'] = false;
|
||||
// Set up captcha keys on https://www.google.com/recaptcha/
|
||||
$config['use_captcha'] = false;
|
||||
$config['captcha_secret_key'] = "Secret key";
|
||||
$config['captcha_site_key'] = "Site key";
|
||||
|
||||
// Session prefix, if you are hosting multiple sites, make the session name different to avoid conflict.
|
||||
$config['session_prefix'] = 'znote_';
|
||||
@ -826,7 +829,7 @@
|
||||
/////////////////
|
||||
// Write your pagseguro address here, and what currency you want to recieve money in.
|
||||
$config['pagseguro'] = array(
|
||||
'enabled' => true,
|
||||
'enabled' => false,
|
||||
'sandbox' => false,
|
||||
'email' => '', // Example: pagseguro@mail.com
|
||||
'token' => '',
|
||||
@ -854,7 +857,7 @@
|
||||
// You can configure paygol to send each month, then they will send money
|
||||
// to you 1 month after recieving 50+ eur.
|
||||
$config['paygol'] = array(
|
||||
'enabled' => true,
|
||||
'enabled' => false,
|
||||
'serviceID' => 86648,// Service ID from paygol.com
|
||||
'currency' => 'SEK',
|
||||
'price' => 20,
|
||||
@ -869,7 +872,7 @@
|
||||
////////////
|
||||
// If useDB is set to true, player can shop in-game as well using Znote LUA shop system plugin.
|
||||
$config['shop'] = array(
|
||||
'enabled' => true,
|
||||
'enabled' => false,
|
||||
'enableShopConfirmation' => true, // Verify that user wants to buy with popup
|
||||
'useDB' => false, // Fetch offers from database, or the below config array
|
||||
'showImage' => true,
|
||||
|
||||
30
helpdesk.php
30
helpdesk.php
@ -108,10 +108,27 @@ if ($view !== false) {
|
||||
$errors[] = 'Token is invalid.';
|
||||
}
|
||||
if ($config['use_captcha']) {
|
||||
include_once 'captcha/securimage.php';
|
||||
$securimage = new Securimage();
|
||||
if ($securimage->check($_POST['captcha_code']) == false) {
|
||||
$errors[] = 'Captcha image verification was submitted wrong.';
|
||||
$captcha = (isset($_POST['g-recaptcha-response'])) ? $_POST['g-recaptcha-response'] : false;
|
||||
if(!$captcha) {
|
||||
$errors[] = 'Please check the the captcha form.';
|
||||
} else {
|
||||
$secretKey = $config['captcha_secret_key'];
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
// curl start
|
||||
$curl_connection = curl_init("https://www.google.com/recaptcha/api/siteverify");
|
||||
$post_string = "secret=".$secretKey."&response=".$captcha."&remoteip=".$ip;
|
||||
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
|
||||
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0);
|
||||
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
|
||||
$response = curl_exec($curl_connection);
|
||||
curl_close($curl_connection);
|
||||
// Curl end
|
||||
$responseKeys = json_decode($response,true);
|
||||
if(intval($responseKeys["success"]) !== 1) {
|
||||
$errors[] = 'Captcha failed.';
|
||||
}
|
||||
}
|
||||
}
|
||||
// Reversed this if, so: first check if you need to validate, then validate.
|
||||
@ -205,10 +222,7 @@ if ($view !== false) {
|
||||
if ($config['use_captcha']) {
|
||||
?>
|
||||
<li>
|
||||
<b>Write the image symbols in the text field to verify that you are a human:</b>
|
||||
<img id="captcha" src="captcha/securimage_show.php" alt="CAPTCHA Image" /><br>
|
||||
<input type="text" name="captcha_code" size="10" maxlength="6" />
|
||||
<a href="#" onclick="document.getElementById('captcha').src = 'captcha/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a><br><br>
|
||||
<div class="g-recaptcha" data-sitekey="<?php echo $config['captcha_site_key']; ?>"></div>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
|
||||
@ -6,4 +6,5 @@
|
||||
<link rel="stylesheet" type="text/css" href="layout/css/style.css" />
|
||||
<!-- modernizr enables HTML5 elements and feature detects -->
|
||||
<script type="text/javascript" src="layout/js/modernizr-1.5.min.js"></script>
|
||||
<script src='https://www.google.com/recaptcha/api.js'></script>
|
||||
</head>
|
||||
30
recovery.php
30
recovery.php
@ -13,10 +13,27 @@ if ($config['mailserver']['accountRecovery']) {
|
||||
if (!empty($_POST)) {
|
||||
$status = true;
|
||||
if ($config['use_captcha']) {
|
||||
include_once 'captcha/securimage.php';
|
||||
$securimage = new Securimage();
|
||||
if ($securimage->check($_POST['captcha_code']) == false) {
|
||||
$status = false;
|
||||
$captcha = (isset($_POST['g-recaptcha-response'])) ? $_POST['g-recaptcha-response'] : false;
|
||||
if(!$captcha) {
|
||||
$status = false;
|
||||
} else {
|
||||
$secretKey = $config['captcha_secret_key'];
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
// curl start
|
||||
$curl_connection = curl_init("https://www.google.com/recaptcha/api/siteverify");
|
||||
$post_string = "secret=".$secretKey."&response=".$captcha."&remoteip=".$ip;
|
||||
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
|
||||
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0);
|
||||
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
|
||||
$response = curl_exec($curl_connection);
|
||||
curl_close($curl_connection);
|
||||
// Curl end
|
||||
$responseKeys = json_decode($response,true);
|
||||
if(intval($responseKeys["success"]) !== 1) {
|
||||
$status = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($status) {
|
||||
@ -175,10 +192,7 @@ if ($config['mailserver']['accountRecovery']) {
|
||||
|
||||
if ($config['use_captcha']) {
|
||||
?>
|
||||
<b>Write the image symbols in the text field to verify that you are a human:</b>
|
||||
<img id="captcha" src="captcha/securimage_show.php" alt="CAPTCHA Image" /><br>
|
||||
<input type="text" name="captcha_code" size="10" maxlength="6" />
|
||||
<a href="#" onclick="document.getElementById('captcha').src = 'captcha/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a><br><br>
|
||||
<div class="g-recaptcha" data-sitekey="<?php echo $config['captcha_site_key']; ?>"></div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
|
||||
31
register.php
31
register.php
@ -21,10 +21,27 @@ if (empty($_POST) === false) {
|
||||
}
|
||||
|
||||
if ($config['use_captcha']) {
|
||||
include_once 'captcha/securimage.php';
|
||||
$securimage = new Securimage();
|
||||
if ($securimage->check($_POST['captcha_code']) == false) {
|
||||
$errors[] = 'Captcha image verification was submitted wrong.';
|
||||
$captcha = (isset($_POST['g-recaptcha-response'])) ? $_POST['g-recaptcha-response'] : false;
|
||||
if(!$captcha) {
|
||||
$errors[] = 'Please check the the captcha form.';
|
||||
} else {
|
||||
$secretKey = $config['captcha_secret_key'];
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
// curl start
|
||||
$curl_connection = curl_init("https://www.google.com/recaptcha/api/siteverify");
|
||||
$post_string = "secret=".$secretKey."&response=".$captcha."&remoteip=".$ip;
|
||||
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
|
||||
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0);
|
||||
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
|
||||
$response = curl_exec($curl_connection);
|
||||
curl_close($curl_connection);
|
||||
// Curl end
|
||||
$responseKeys = json_decode($response,true);
|
||||
if(intval($responseKeys["success"]) !== 1) {
|
||||
$errors[] = 'Captcha failed.';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -171,10 +188,7 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
|
||||
if ($config['use_captcha']) {
|
||||
?>
|
||||
<li>
|
||||
<b>Write the image symbols in the text field to verify that you are a human:</b>
|
||||
<img id="captcha" src="captcha/securimage_show.php" alt="CAPTCHA Image" /><br>
|
||||
<input type="text" name="captcha_code" size="10" maxlength="6" />
|
||||
<a href="#" onclick="document.getElementById('captcha').src = 'captcha/securimage_show.php?' + Math.random(); return false">[ Different Image ]</a><br><br>
|
||||
<div class="g-recaptcha" data-sitekey="<?php echo $config['captcha_site_key']; ?>"></div>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
@ -187,7 +201,6 @@ if (isset($_GET['success']) && empty($_GET['success'])) {
|
||||
<p>No <a href='http://en.wikipedia.org/wiki/Video_game_bot' target="_blank">botting</a> allowed.</p>
|
||||
<p>The staff can delete, ban, do whatever they want with your account and your <br>
|
||||
submitted information. (Including exposing and logging your IP).</p>
|
||||
<p></p>
|
||||
</li>
|
||||
<li>
|
||||
Do you agree to follow the server rules?<br>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user