1
|
<?php
|
2
|
|
3
|
/**
|
4
|
* @file
|
5
|
* Verifies if user is a human without necessity to solve a CAPTCHA.
|
6
|
*/
|
7
|
|
8
|
require_once dirname(__FILE__) . '/recaptcha-php/src/ReCaptcha/ReCaptcha.php';
|
9
|
require_once dirname(__FILE__) . '/recaptcha-php/src/ReCaptcha/RequestMethod.php';
|
10
|
require_once dirname(__FILE__) . '/recaptcha-php/src/ReCaptcha/RequestParameters.php';
|
11
|
require_once dirname(__FILE__) . '/recaptcha-php/src/ReCaptcha/Response.php';
|
12
|
require_once dirname(__FILE__) . '/src/ReCaptcha/RequestMethod/Drupal7Post.php';
|
13
|
|
14
|
/**
|
15
|
* Implements hook_help().
|
16
|
*/
|
17
|
function recaptcha_help($path, $arg) {
|
18
|
switch ($path) {
|
19
|
case 'admin/config/people/captcha/recaptcha':
|
20
|
return t('Google <a href="@url">reCAPTCHA</a> is a free service to protect your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site. It does this while letting your valid users pass through with ease.', array('@url' => 'https://www.google.com/recaptcha'));
|
21
|
}
|
22
|
}
|
23
|
|
24
|
/**
|
25
|
* Implements hook_theme().
|
26
|
*/
|
27
|
function recaptcha_theme() {
|
28
|
return array(
|
29
|
'recaptcha_widget_noscript' => array(
|
30
|
'variables' => array(
|
31
|
'widget' => NULL,
|
32
|
),
|
33
|
'template' => 'recaptcha-widget-noscript',
|
34
|
),
|
35
|
);
|
36
|
}
|
37
|
|
38
|
/**
|
39
|
* Implements hook_menu().
|
40
|
*/
|
41
|
function recaptcha_menu() {
|
42
|
$items['admin/config/people/captcha/recaptcha'] = array(
|
43
|
'title' => 'reCAPTCHA',
|
44
|
'description' => 'Administer the Google No CAPTCHA reCAPTCHA web service.',
|
45
|
'page callback' => 'drupal_get_form',
|
46
|
'page arguments' => array('recaptcha_admin_settings'),
|
47
|
'access arguments' => array('administer recaptcha'),
|
48
|
'type' => MENU_LOCAL_TASK,
|
49
|
'file' => 'recaptcha.admin.inc',
|
50
|
'weight' => 1,
|
51
|
);
|
52
|
|
53
|
return $items;
|
54
|
}
|
55
|
|
56
|
/**
|
57
|
* Implements hook_permission().
|
58
|
*/
|
59
|
function recaptcha_permission() {
|
60
|
return array(
|
61
|
'administer recaptcha' => array(
|
62
|
'title' => t('Administer reCAPTCHA'),
|
63
|
'description' => t('Administer reCAPTCHA settings'),
|
64
|
),
|
65
|
);
|
66
|
}
|
67
|
|
68
|
/**
|
69
|
* Implements hook_captcha().
|
70
|
*/
|
71
|
function recaptcha_captcha($op, $captcha_type = '') {
|
72
|
global $language;
|
73
|
|
74
|
switch ($op) {
|
75
|
case 'list':
|
76
|
return array('reCAPTCHA');
|
77
|
|
78
|
case 'generate':
|
79
|
$captcha = array();
|
80
|
if ($captcha_type == 'reCAPTCHA') {
|
81
|
$recaptcha_site_key = variable_get('recaptcha_site_key', '');
|
82
|
$recaptcha_secret_key = variable_get('recaptcha_secret_key', '');
|
83
|
|
84
|
if (!empty($recaptcha_site_key) && !empty($recaptcha_secret_key)) {
|
85
|
// Build the reCAPTCHA captcha form if site_key and secret_key are
|
86
|
// configured. Captcha requires TRUE to be returned in solution.
|
87
|
$captcha['solution'] = TRUE;
|
88
|
$captcha['captcha_validate'] = 'recaptcha_captcha_validation';
|
89
|
$captcha['form']['captcha_response'] = array(
|
90
|
'#type' => 'hidden',
|
91
|
'#value' => 'Google no captcha',
|
92
|
);
|
93
|
|
94
|
$noscript = '';
|
95
|
if (variable_get('recaptcha_noscript', 0)) {
|
96
|
$variables = array(
|
97
|
'sitekey' => $recaptcha_site_key,
|
98
|
'language' => $language->language,
|
99
|
);
|
100
|
$noscript = theme('recaptcha_widget_noscript', array('widget' => $variables));
|
101
|
}
|
102
|
|
103
|
$attributes = array(
|
104
|
'class' => 'g-recaptcha',
|
105
|
'data-sitekey' => $recaptcha_site_key,
|
106
|
'data-theme' => variable_get('recaptcha_theme', 'light'),
|
107
|
'data-type' => variable_get('recaptcha_type', 'image'),
|
108
|
'data-size' => variable_get('recaptcha_size', ''),
|
109
|
'data-tabindex' => variable_get('recaptcha_tabindex', 0),
|
110
|
);
|
111
|
// Filter out empty tabindex/size.
|
112
|
$attributes = array_filter($attributes);
|
113
|
|
114
|
$captcha['form']['recaptcha_widget'] = array(
|
115
|
'#markup' => '<div' . drupal_attributes($attributes) . '></div>',
|
116
|
'#suffix' => $noscript,
|
117
|
);
|
118
|
|
119
|
// @todo: #1664602: D7 does not yet support "async" in drupal_add_js().
|
120
|
// drupal_add_js(url('https://www.google.com/recaptcha/api.js', array('query' => array('hl' => $language->language), 'absolute' => TRUE)), array('defer' => TRUE, 'async' => TRUE, 'type' => 'external'));
|
121
|
$data = array(
|
122
|
'#tag' => 'script',
|
123
|
'#value' => '',
|
124
|
'#attributes' => array(
|
125
|
'src' => url('https://www.google.com/recaptcha/api.js', array('query' => array('hl' => $language->language), 'absolute' => TRUE)),
|
126
|
'async' => 'async',
|
127
|
'defer' => 'defer',
|
128
|
),
|
129
|
);
|
130
|
drupal_add_html_head($data, 'recaptcha_api');
|
131
|
}
|
132
|
else {
|
133
|
// Fallback to Math captcha as reCAPTCHA is not configured.
|
134
|
$captcha = captcha_captcha('generate', 'Math');
|
135
|
}
|
136
|
}
|
137
|
return $captcha;
|
138
|
}
|
139
|
}
|
140
|
|
141
|
/**
|
142
|
* CAPTCHA Callback; Validates the reCAPTCHA code.
|
143
|
*/
|
144
|
function recaptcha_captcha_validation($solution, $response, $element, $form_state) {
|
145
|
$recaptcha_secret_key = variable_get('recaptcha_secret_key', '');
|
146
|
if (empty($_POST['g-recaptcha-response']) || empty($recaptcha_secret_key)) {
|
147
|
return FALSE;
|
148
|
}
|
149
|
|
150
|
// Use drupal_http_request() to circumvent all issues with the Google library.
|
151
|
$recaptcha = new \ReCaptcha\ReCaptcha($recaptcha_secret_key, new \ReCaptcha\RequestMethod\Drupal7Post());
|
152
|
|
153
|
$resp = $recaptcha->verify(
|
154
|
$_POST['g-recaptcha-response'],
|
155
|
ip_address()
|
156
|
);
|
157
|
|
158
|
if ($resp->isSuccess()) {
|
159
|
// Verified!
|
160
|
return TRUE;
|
161
|
}
|
162
|
else {
|
163
|
// Error code reference, https://developers.google.com/recaptcha/docs/verify
|
164
|
$error_codes = array(
|
165
|
'missing-input-secret' => t('The secret parameter is missing.'),
|
166
|
'invalid-input-secret' => t('The secret parameter is invalid or malformed.'),
|
167
|
'missing-input-response' => t('The response parameter is missing.'),
|
168
|
'invalid-input-response' => t('The response parameter is invalid or malformed.'),
|
169
|
'invalid-json' => t('The json response is invalid or malformed.'),
|
170
|
'unknown' => t('Unknown error.'),
|
171
|
);
|
172
|
foreach ($resp->getErrorCodes() as $code) {
|
173
|
if (!isset($error_codes[$code])) {
|
174
|
$code = 'unknown';
|
175
|
}
|
176
|
watchdog('reCAPTCHA web service', '@error', array('@error' => $error_codes[$code]), WATCHDOG_ERROR);
|
177
|
}
|
178
|
}
|
179
|
return FALSE;
|
180
|
}
|
181
|
|
182
|
/**
|
183
|
* Process variables for recaptcha-widget-noscript.tpl.php.
|
184
|
*
|
185
|
* @see recaptcha-widget-noscript.tpl.php
|
186
|
*/
|
187
|
function template_preprocess_recaptcha_widget_noscript(&$variables) {
|
188
|
$variables['sitekey'] = check_plain($variables['widget']['sitekey']);
|
189
|
$variables['language'] = check_plain($variables['widget']['language']);
|
190
|
$variables['url'] = check_url(url('https://www.google.com/recaptcha/api/fallback', array('query' => array('k' => $variables['widget']['sitekey'], 'hl' => $variables['widget']['language']), 'absolute' => TRUE)));
|
191
|
}
|