Révision 00c2605a
Ajouté par Assos Assos il y a environ 9 ans
drupal7/sites/all/modules/captcha/captcha.module | ||
---|---|---|
303 | 303 |
return $element; |
304 | 304 |
} |
305 | 305 |
|
306 |
/** |
|
307 |
* Implementation of hook_captcha_default_points_alter(). |
|
308 |
* |
|
309 |
* Provide some default captchas only if defaults are not already |
|
310 |
* provided by other modules. |
|
311 |
*/ |
|
312 |
function captcha_captcha_default_points_alter(&$items) { |
|
313 |
$modules = array( |
|
314 |
'comment' => array( |
|
315 |
), |
|
316 |
'contact' => array( |
|
317 |
'contact_site_form', |
|
318 |
'contact_personal_form' |
|
319 |
), |
|
320 |
'forum' => array( |
|
321 |
'forum_node_form', |
|
322 |
), |
|
323 |
'user' => array( |
|
324 |
'user_register_form', |
|
325 |
'user_pass', |
|
326 |
'user_login', |
|
327 |
'user_login_block', |
|
328 |
), |
|
329 |
); |
|
330 |
// Add comment form_ids of all currently known node types. |
|
331 |
foreach (node_type_get_names() as $type => $name) { |
|
332 |
$modules['comment'][] = 'comment_node_' . $type . '_form'; |
|
333 |
} |
|
334 |
|
|
335 |
foreach ($modules as $module => $form_ids) { |
|
336 |
// Only give defaults if the module exists. |
|
337 |
if (module_exists($module)) { |
|
338 |
foreach ($form_ids as $form_id) { |
|
339 |
// Ensure a default has not been provided already. |
|
340 |
if (!isset($items[$form_id])) { |
|
341 |
$captcha = new stdClass; |
|
342 |
$captcha->disabled = FALSE; |
|
343 |
$captcha->api_version = 1; |
|
344 |
$captcha->form_id = $form_id; |
|
345 |
$captcha->module = ''; |
|
346 |
$captcha->captcha_type = 'default'; |
|
347 |
$items[$form_id] = $captcha; |
|
348 |
} |
|
349 |
} |
|
350 |
} |
|
351 |
} |
|
352 |
} |
|
353 |
|
|
306 | 354 |
/** |
307 | 355 |
* Theme function for a CAPTCHA element. |
308 | 356 |
* |
... | ... | |
438 | 486 |
$form['caching']['captcha'] = array( |
439 | 487 |
'#type' => 'item', |
440 | 488 |
'#title' => t('CAPTCHA'), |
441 |
'#markup' => t('!icon The CAPTCHA module will disable the caching of pages that contain a CAPTCHA element.', array( |
|
442 |
'!icon' => '<span class="icon">' . $icon . '</span>') |
|
489 |
'#markup' => t( |
|
490 |
'!icon The CAPTCHA module will disable the caching of pages that contain a CAPTCHA element.', |
|
491 |
array( |
|
492 |
'!icon' => '<span class="icon">' . $icon . '</span>' |
|
493 |
) |
|
443 | 494 |
), |
444 | 495 |
'#attributes' => array('class' => array('warning')), |
445 | 496 |
); |
... | ... | |
512 | 563 |
} |
513 | 564 |
|
514 | 565 |
/** |
515 |
* Helper function for getting the posted CAPTCHA info (posted form_id and CAPTCHA sessions ID) from a form in case it is posted. |
|
566 |
* Helper function for getting the posted CAPTCHA info (posted form_id and |
|
567 |
* CAPTCHA sessions ID) from a form in case it is posted. |
|
516 | 568 |
* |
517 | 569 |
* This function hides the form processing mess for several use cases an |
518 | 570 |
* browser bug workarounds. |
... | ... | |
556 | 608 |
// we should be extra cautious and filter this data. |
557 | 609 |
$posted_form_id = isset($form_state['input']['form_id']) ? preg_replace("/[^a-z0-9_]/", "", (string) $form_state['input']['form_id']) : NULL; |
558 | 610 |
$posted_captcha_sid = isset($form_state['input']['captcha_sid']) ? (int) $form_state['input']['captcha_sid'] : NULL; |
559 |
$posted_captcha_token = isset($form_state['input']['captcha_token']) ? preg_replace("/[^a-zA-Z0-9]/", "", (string) $form_state['input']['captcha_token']) : NULL;
|
|
611 |
$posted_captcha_token = !empty($form_state['input']['captcha_token']) ? preg_replace("/[^a-zA-Z0-9]/", "", (string) $form_state['input']['captcha_token']) : NULL;
|
|
560 | 612 |
|
561 | 613 |
if ($posted_form_id == $this_form_id) { |
562 | 614 |
// Check if the posted CAPTCHA token is valid for the posted CAPTCHA |
... | ... | |
571 | 623 |
"SELECT token FROM {captcha_sessions} WHERE csid = :csid", |
572 | 624 |
array(':csid' => $posted_captcha_sid) |
573 | 625 |
)->fetchField(); |
626 |
|
|
574 | 627 |
if ($expected_captcha_token !== $posted_captcha_token) { |
575 | 628 |
drupal_set_message(t('CAPTCHA session reuse attack detected.'), 'error'); |
576 | 629 |
// Invalidate the CAPTCHA session. |
577 | 630 |
$posted_captcha_sid = NULL; |
578 | 631 |
} |
632 |
|
|
579 | 633 |
// Invalidate CAPTCHA token to avoid reuse. |
580 | 634 |
db_update('captcha_sessions') |
581 | 635 |
->fields(array('token' => NULL)) |
582 |
->condition('csid', $posted_captcha_sid); |
|
636 |
->condition('csid', $posted_captcha_sid) |
|
637 |
->execute(); |
|
583 | 638 |
} |
584 | 639 |
} |
585 | 640 |
else { |
... | ... | |
600 | 655 |
* files). |
601 | 656 |
*/ |
602 | 657 |
function captcha_validate($element, &$form_state) { |
658 |
// If disable captcha mode is enabled, bypass captcha validation. |
|
659 |
if (variable_get('disable_captcha', FALSE)) { |
|
660 |
return; |
|
661 |
} |
|
603 | 662 |
|
604 | 663 |
$captcha_info = $form_state['captcha_info']; |
605 | 664 |
$form_id = $captcha_info['this_form_id']; |
Formats disponibles : Unified diff
Weekly update of contrib modules