forked from Apps/WebAppTemplate
Replace reCAPTCHA with Captcheck
This commit is contained in:
parent
64c3d47c32
commit
a9eb59c936
10
index.php
10
index.php
@ -18,7 +18,7 @@ $userpass_ok = false;
|
||||
$multiauth = false;
|
||||
if (checkLoginServer()) {
|
||||
if ($VARS['progress'] == "1") {
|
||||
if (!RECAPTCHA_ENABLED || (RECAPTCHA_ENABLED && verifyReCaptcha($VARS['g-recaptcha-response']))) {
|
||||
if (!CAPTCHA_ENABLED || (CAPTCHA_ENABLED && verifyCaptcheck($VARS['captcheck_session_code'], $VARS['captcheck_selected_answer'], CAPTCHA_SERVER . "/api.php"))) {
|
||||
$errmsg = "";
|
||||
if (authenticate_user($VARS['username'], $VARS['password'], $errmsg)) {
|
||||
switch (get_account_status($VARS['username'])) {
|
||||
@ -97,8 +97,8 @@ header("Link: <static/js/bootstrap.min.js>; rel=preload; as=script", false);
|
||||
<link href="static/css/bootstrap.min.css" rel="stylesheet">
|
||||
<link href="static/css/material-color/material-color.min.css" rel="stylesheet">
|
||||
<link href="static/css/index.css" rel="stylesheet">
|
||||
<?php if (RECAPTCHA_ENABLED) { ?>
|
||||
<script src='https://www.google.com/recaptcha/api.js'></script>
|
||||
<?php if (CAPTCHA_ENABLED) { ?>
|
||||
<script src="<?php echo CAPTCHA_SERVER ?>/captcheck.js"></script>
|
||||
<?php } ?>
|
||||
</head>
|
||||
<body>
|
||||
@ -125,8 +125,8 @@ header("Link: <static/js/bootstrap.min.js>; rel=preload; as=script", false);
|
||||
?>
|
||||
<input type="text" class="form-control" name="username" placeholder="<?php lang("username"); ?>" required="required" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" autofocus /><br />
|
||||
<input type="password" class="form-control" name="password" placeholder="<?php lang("password"); ?>" required="required" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" /><br />
|
||||
<?php if (RECAPTCHA_ENABLED) { ?>
|
||||
<div class="g-recaptcha" data-sitekey="<?php echo RECAPTCHA_SITE_KEY; ?>"></div>
|
||||
<?php if (CAPTCHA_ENABLED) { ?>
|
||||
<div class="captcheck_container" data-stylenonce="<?php echo $SECURE_NONCE; ?>"></div>
|
||||
<br />
|
||||
<?php } ?>
|
||||
<input type="hidden" name="progress" value="1" />
|
||||
|
||||
@ -308,29 +308,26 @@ function simLogin($username, $password) {
|
||||
}
|
||||
}
|
||||
|
||||
function verifyReCaptcha($code) {
|
||||
try {
|
||||
$client = new GuzzleHttp\Client();
|
||||
|
||||
$response = $client
|
||||
->request('POST', "https://www.google.com/recaptcha/api/siteverify", [
|
||||
'form_params' => [
|
||||
'secret' => RECAPTCHA_SECRET_KEY,
|
||||
'response' => $code
|
||||
]
|
||||
]);
|
||||
|
||||
if ($response->getStatusCode() != 200) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$resp = json_decode($response->getBody(), TRUE);
|
||||
if ($resp['success'] === true) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
} catch (Exception $e) {
|
||||
function verifyCaptcheck($session, $answer, $url) {
|
||||
$data = [
|
||||
'session_id' => $session,
|
||||
'answer_id' => $answer,
|
||||
'action' => "verify"
|
||||
];
|
||||
$options = [
|
||||
'http' => [
|
||||
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
|
||||
'method' => 'POST',
|
||||
'content' => http_build_query($data)
|
||||
]
|
||||
];
|
||||
$context = stream_context_create($options);
|
||||
$result = file_get_contents($url, false, $context);
|
||||
$resp = json_decode($result, TRUE);
|
||||
if (!$resp['result']) {
|
||||
return false;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
14
required.php
14
required.php
@ -8,6 +8,9 @@
|
||||
* This file contains global settings and utility functions.
|
||||
*/
|
||||
ob_start(); // allow sending headers after content
|
||||
// Settings file
|
||||
require __DIR__ . '/settings.php';
|
||||
|
||||
// Unicode, solves almost all stupid encoding problems
|
||||
header('Content-Type: text/html; charset=utf-8');
|
||||
|
||||
@ -28,6 +31,7 @@ session_start(); // stick some cookies in it
|
||||
// renew session cookie
|
||||
setcookie(session_name(), session_id(), time() + $session_length);
|
||||
|
||||
$captcha_server = (CAPTCHA_ENABLED === true ? preg_replace("/http(s)?:\/\//", "", CAPTCHA_SERVER) : "");
|
||||
if ($_SESSION['mobile'] === TRUE) {
|
||||
header("Content-Security-Policy: "
|
||||
. "default-src 'self';"
|
||||
@ -37,8 +41,8 @@ if ($_SESSION['mobile'] === TRUE) {
|
||||
. "frame-src 'none'; "
|
||||
. "font-src 'self'; "
|
||||
. "connect-src *; "
|
||||
. "style-src 'self' 'unsafe-inline'; "
|
||||
. "script-src 'self' 'unsafe-inline'");
|
||||
. "style-src 'self' 'unsafe-inline' $captcha_server; "
|
||||
. "script-src 'self' 'unsafe-inline' $captcha_server");
|
||||
} else {
|
||||
header("Content-Security-Policy: "
|
||||
. "default-src 'self';"
|
||||
@ -48,16 +52,14 @@ if ($_SESSION['mobile'] === TRUE) {
|
||||
. "frame-src 'none'; "
|
||||
. "font-src 'self'; "
|
||||
. "connect-src *; "
|
||||
. "style-src 'self' 'nonce-$SECURE_NONCE'; "
|
||||
. "script-src 'self' 'nonce-$SECURE_NONCE'");
|
||||
. "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
|
||||
. "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
|
||||
}
|
||||
|
||||
//
|
||||
// Composer
|
||||
require __DIR__ . '/vendor/autoload.php';
|
||||
|
||||
// Settings file
|
||||
require __DIR__ . '/settings.php';
|
||||
// List of alert messages
|
||||
require __DIR__ . '/lang/messages.php';
|
||||
// text strings (i18n)
|
||||
|
||||
@ -20,33 +20,24 @@ define("DB_CHARSET", "utf8");
|
||||
// Name of the app.
|
||||
define("SITE_TITLE", "Web App Template");
|
||||
|
||||
// Which pages to show the app icon on:
|
||||
// index, app, both, none
|
||||
define("SHOW_ICON", "both");
|
||||
// Where to put the icon: top or menu
|
||||
// Overridden to 'menu' if MENU_BAR_STYLE is 'fixed'.
|
||||
define("ICON_POSITION", "menu");
|
||||
// App menu bar style: fixed or static
|
||||
define("MENU_BAR_STYLE", "fixed");
|
||||
|
||||
// URL of the Business Portal API endpoint
|
||||
// URL of the AccountHub API endpoint
|
||||
define("PORTAL_API", "http://localhost/accounthub/api.php");
|
||||
// URL of the Portal home page
|
||||
// URL of the AccountHub home page
|
||||
define("PORTAL_URL", "http://localhost/accounthub/home.php");
|
||||
// Business Portal API Key
|
||||
// AccountHub API Key
|
||||
define("PORTAL_KEY", "123");
|
||||
|
||||
// For supported values, see http://php.net/manual/en/timezones.php
|
||||
define("TIMEZONE", "America/Denver");
|
||||
|
||||
// Base URL for site links.
|
||||
define('URL', 'http://localhost/app');
|
||||
define('URL', '.');
|
||||
|
||||
// Use reCAPTCHA on login screen
|
||||
// https://www.google.com/recaptcha/
|
||||
define("RECAPTCHA_ENABLED", FALSE);
|
||||
define('RECAPTCHA_SITE_KEY', '');
|
||||
define('RECAPTCHA_SECRET_KEY', '');
|
||||
// Use Captcheck on login screen
|
||||
// https://captcheck.netsyms.com
|
||||
define("CAPTCHA_ENABLED", FALSE);
|
||||
define('CAPTCHA_SERVER', 'https://captcheck.netsyms.com');
|
||||
|
||||
// See lang folder for language options
|
||||
define('LANGUAGE', "en_us");
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user