Révision 00c2605a
Ajouté par Assos Assos il y a environ 9 ans
| drupal7/sites/all/modules/captcha/captcha.module | ||
|---|---|---|
| 303 | 303 |
return $element; |
| 304 | 304 |
} |
| 305 | 305 |
|
| 306 |
/** |
|
| 307 |
* Implementation of hook_captcha_default_points_alter(). |
|
| 308 |
* |
|
| 309 |
* Provide some default captchas only if defaults are not already |
|
| 310 |
* provided by other modules. |
|
| 311 |
*/ |
|
| 312 |
function captcha_captcha_default_points_alter(&$items) {
|
|
| 313 |
$modules = array( |
|
| 314 |
'comment' => array( |
|
| 315 |
), |
|
| 316 |
'contact' => array( |
|
| 317 |
'contact_site_form', |
|
| 318 |
'contact_personal_form' |
|
| 319 |
), |
|
| 320 |
'forum' => array( |
|
| 321 |
'forum_node_form', |
|
| 322 |
), |
|
| 323 |
'user' => array( |
|
| 324 |
'user_register_form', |
|
| 325 |
'user_pass', |
|
| 326 |
'user_login', |
|
| 327 |
'user_login_block', |
|
| 328 |
), |
|
| 329 |
); |
|
| 330 |
// Add comment form_ids of all currently known node types. |
|
| 331 |
foreach (node_type_get_names() as $type => $name) {
|
|
| 332 |
$modules['comment'][] = 'comment_node_' . $type . '_form'; |
|
| 333 |
} |
|
| 334 |
|
|
| 335 |
foreach ($modules as $module => $form_ids) {
|
|
| 336 |
// Only give defaults if the module exists. |
|
| 337 |
if (module_exists($module)) {
|
|
| 338 |
foreach ($form_ids as $form_id) {
|
|
| 339 |
// Ensure a default has not been provided already. |
|
| 340 |
if (!isset($items[$form_id])) {
|
|
| 341 |
$captcha = new stdClass; |
|
| 342 |
$captcha->disabled = FALSE; |
|
| 343 |
$captcha->api_version = 1; |
|
| 344 |
$captcha->form_id = $form_id; |
|
| 345 |
$captcha->module = ''; |
|
| 346 |
$captcha->captcha_type = 'default'; |
|
| 347 |
$items[$form_id] = $captcha; |
|
| 348 |
} |
|
| 349 |
} |
|
| 350 |
} |
|
| 351 |
} |
|
| 352 |
} |
|
| 353 |
|
|
| 306 | 354 |
/** |
| 307 | 355 |
* Theme function for a CAPTCHA element. |
| 308 | 356 |
* |
| ... | ... | |
| 438 | 486 |
$form['caching']['captcha'] = array( |
| 439 | 487 |
'#type' => 'item', |
| 440 | 488 |
'#title' => t('CAPTCHA'),
|
| 441 |
'#markup' => t('!icon The CAPTCHA module will disable the caching of pages that contain a CAPTCHA element.', array(
|
|
| 442 |
'!icon' => '<span class="icon">' . $icon . '</span>') |
|
| 489 |
'#markup' => t( |
|
| 490 |
'!icon The CAPTCHA module will disable the caching of pages that contain a CAPTCHA element.', |
|
| 491 |
array( |
|
| 492 |
'!icon' => '<span class="icon">' . $icon . '</span>' |
|
| 493 |
) |
|
| 443 | 494 |
), |
| 444 | 495 |
'#attributes' => array('class' => array('warning')),
|
| 445 | 496 |
); |
| ... | ... | |
| 512 | 563 |
} |
| 513 | 564 |
|
| 514 | 565 |
/** |
| 515 |
* Helper function for getting the posted CAPTCHA info (posted form_id and CAPTCHA sessions ID) from a form in case it is posted. |
|
| 566 |
* Helper function for getting the posted CAPTCHA info (posted form_id and |
|
| 567 |
* CAPTCHA sessions ID) from a form in case it is posted. |
|
| 516 | 568 |
* |
| 517 | 569 |
* This function hides the form processing mess for several use cases an |
| 518 | 570 |
* browser bug workarounds. |
| ... | ... | |
| 556 | 608 |
// we should be extra cautious and filter this data. |
| 557 | 609 |
$posted_form_id = isset($form_state['input']['form_id']) ? preg_replace("/[^a-z0-9_]/", "", (string) $form_state['input']['form_id']) : NULL;
|
| 558 | 610 |
$posted_captcha_sid = isset($form_state['input']['captcha_sid']) ? (int) $form_state['input']['captcha_sid'] : NULL; |
| 559 |
$posted_captcha_token = isset($form_state['input']['captcha_token']) ? preg_replace("/[^a-zA-Z0-9]/", "", (string) $form_state['input']['captcha_token']) : NULL;
|
|
| 611 |
$posted_captcha_token = !empty($form_state['input']['captcha_token']) ? preg_replace("/[^a-zA-Z0-9]/", "", (string) $form_state['input']['captcha_token']) : NULL;
|
|
| 560 | 612 |
|
| 561 | 613 |
if ($posted_form_id == $this_form_id) {
|
| 562 | 614 |
// Check if the posted CAPTCHA token is valid for the posted CAPTCHA |
| ... | ... | |
| 571 | 623 |
"SELECT token FROM {captcha_sessions} WHERE csid = :csid",
|
| 572 | 624 |
array(':csid' => $posted_captcha_sid)
|
| 573 | 625 |
)->fetchField(); |
| 626 |
|
|
| 574 | 627 |
if ($expected_captcha_token !== $posted_captcha_token) {
|
| 575 | 628 |
drupal_set_message(t('CAPTCHA session reuse attack detected.'), 'error');
|
| 576 | 629 |
// Invalidate the CAPTCHA session. |
| 577 | 630 |
$posted_captcha_sid = NULL; |
| 578 | 631 |
} |
| 632 |
|
|
| 579 | 633 |
// Invalidate CAPTCHA token to avoid reuse. |
| 580 | 634 |
db_update('captcha_sessions')
|
| 581 | 635 |
->fields(array('token' => NULL))
|
| 582 |
->condition('csid', $posted_captcha_sid);
|
|
| 636 |
->condition('csid', $posted_captcha_sid)
|
|
| 637 |
->execute(); |
|
| 583 | 638 |
} |
| 584 | 639 |
} |
| 585 | 640 |
else {
|
| ... | ... | |
| 600 | 655 |
* files). |
| 601 | 656 |
*/ |
| 602 | 657 |
function captcha_validate($element, &$form_state) {
|
| 658 |
// If disable captcha mode is enabled, bypass captcha validation. |
|
| 659 |
if (variable_get('disable_captcha', FALSE)) {
|
|
| 660 |
return; |
|
| 661 |
} |
|
| 603 | 662 |
|
| 604 | 663 |
$captcha_info = $form_state['captcha_info']; |
| 605 | 664 |
$form_id = $captcha_info['this_form_id']; |
Formats disponibles : Unified diff
Weekly update of contrib modules