diff --git a/imgcaptcha_im.php b/imgcaptcha_im.php new file mode 100644 index 00000000..152d92ad --- /dev/null +++ b/imgcaptcha_im.php @@ -0,0 +1,7 @@ + diff --git a/imgcaptcha_p.php b/imgcaptcha_p.php new file mode 100644 index 00000000..9543dc6c --- /dev/null +++ b/imgcaptcha_p.php @@ -0,0 +1,5 @@ + diff --git a/inc/config.php b/inc/config.php index f4951a40..c700d232 100644 --- a/inc/config.php +++ b/inc/config.php @@ -227,6 +227,8 @@ 'embed', 'recaptcha_challenge_field', 'recaptcha_response_field', + 'imgcaptcha_hash', + 'imgcaptcha_verify', 'spoiler', 'quick-reply' ); @@ -262,6 +264,19 @@ $config['recaptcha_public'] = '6LcXTcUSAAAAAKBxyFWIt2SO8jwx4W7wcSMRoN3f'; $config['recaptcha_private'] = '6LcXTcUSAAAAAOGVbVdhmEM1_SyRF4xTKe8jbzf_'; + $config['imgcaptcha'] = false; + $config['imgcaptcha_key'] = "cos losowego"; // max 32 znaki + $config['imgcaptcha_list'] = "/sciezka/do/pliku.txt"; + $config['imgcaptcha_images'] = "/sciezka/do/obrazkow"; // without a slash at the end + $config['imgcaptcha_question'] = "Was ist das?"; + $config['imgcaptcha_time_limit'] = 90; // Kapcza wazna przez 90 sekund po wejsciu + $config['imgcaptcha_filler'] = "/plik/kliknijmie.png"; + $config['imgcaptcha_width'] = 128; + $config['imgcaptcha_height'] = 96; + + // JESLI DODAJESZ IMGKAPCZE, NIE ZAPOMNIJ O TYM + // Wymagane tez jQuery - o tam, nizej. + //$config['additional_javascript'][] = 'js/imgcaptcha.js'; /* * ==================== * Post settings diff --git a/inc/ic-encrypt.php b/inc/ic-encrypt.php new file mode 100644 index 00000000..5d73126b --- /dev/null +++ b/inc/ic-encrypt.php @@ -0,0 +1,37 @@ +safe_b64encode($crypttext)); + } + + public function decode($key, $value){ + if(!$value){return false;} + $crypttext = $this->safe_b64decode($value); + $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); + $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); + $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv); + return trim($decrypttext); + } +} +?> diff --git a/inc/imgcaptcha.php b/inc/imgcaptcha.php new file mode 100644 index 00000000..ab6db68f --- /dev/null +++ b/inc/imgcaptcha.php @@ -0,0 +1,136 @@ +255) { return 255; } + if($a<0) { return 0; } + return $a; + } + function randString($length, $charset='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+=') + { + $str = ''; + $count = strlen($charset); + while ($length--) { + $str .= $charset[rand(0, $count-1)]; + } + return $str; + } + function generateCaptchaHash() { + global $config; + $lines = getImages(); + $pick = pickImage($lines); + $enctext = $pick . ",," . time() . ",," . $_SERVER["REMOTE_ADDR"] . ",," . randString(12); + $converter = new Encryption; + return $converter->encode($config["imgcaptcha_key"],$enctext); + } + function ic_verifyHash($enctext, $output) { + global $config; + //print "VERIFY: " . $enctext . " " . $output . ""; + $converter = new Encryption; + $dectext = explode(",,",$converter->decode($config["imgcaptcha_key"],$enctext)); + if(count($dectext)<4) return true; + $lines = getImages(); + $pick = $dectext[0]; + $time = time()-$dectext[1]; + if($time>$config["imgcaptcha_time_limit"]) return true; + $lp = $lines[$pick]; + for($i=1;$idecode($config["imgcaptcha_key"],$enctext)); + if(count($dectext)<=1) return; //SC + $lines = getImages(); + return $dectext[0]; + } + function generateImage($enctext) + { + global $config; + $lines = getImages(); + $pick = getPick($enctext); + if(!isset($lines[$pick])) return; //SC + $src = imagecreatefrompng(getIPath($lines[$pick][0])); + if($src == FALSE) return; //SC + $maxc = 8; + $icw = $config["imgcaptcha_width"]; + $ich = $config["imgcaptcha_height"]; + $dst = imagecreatetruecolor($icw,$ich); + $srcxm = imagesx($src)-$icw; + $srcym = imagesy($src)-$ich; + $srcx = rand(0,$srcxm-1); + $srcy = rand(0,$srcym-1); + imagecopy($dst,$src,0,0,$srcx,$srcy,$icw,$ich); + + // Obfuscation step 1 + imagecopymergegray($dst,$dst,0,0,0,0,$icw,$ich,rand(20,45)); + // Obfuscation step 1.5 + for($i=0;$i<8;$i++) { + $w = rand(5,10); $h = rand(5,10); + $x = rand(0,$icw-1-$w); $y = rand(0,$ich-1-$h); + $x2 = rand(0,$icw-1); $y2 = rand(0,$ich-1); + imagefilledrectangle($dst,$x,$y,$x+$w,$y+$h,imagecolorat($dst,$x2,$y2)); + } + for($i=0;$i<5;$i++) { + $w = rand(20,40); $h = rand(20,40); + $x = rand(0,$icw-1-$w); $y = rand(0,$ich-1-$h); + imagecopymergegray($dst,$dst,$x,$y,$x,$y,$w,$h,0); + } + // Obfuscation step 2 + for($i=0;$i<$icw*$ich;$i++) { + $x = $i%$icw; $y = $i/$icw; + $c = imagecolorat($dst,$x,$y); + if(rand(0,4) == 2) { $nc = $c ^ rand(0,16777215); } + else { $nc = imagecolorat($dst,rand(0,$icw-1),rand(0,$ich-1)); } + if(rand(18,24)!=21 and $c != 0 and $c != 0xFF00FF) + { + $nc = ncfix(($c&0xFF) + rand(-16,16)) | ncfix((($c>>8)&0xFF) + rand(-8,8))<<8 | ncfix((($c>>16)&0xFF) + rand(-32,32))<<16; + $nc1 = $nc&0xFF ^ ($nc>>8)&0xFF ^ ($nc>>16)&0xFF; + } else { + $nc1 = $nc&0xFF; + if($nc1>($maxc*25)) $nc1 = $nc % ($maxc*25); + } + $nc2 = $nc1 | $nc1<<8 | $nc1<<16; + if(rand(0,1)==0) $nc2=$nc; + imagesetpixel($dst,$x,$y,$nc2); + } + // Obfuscation step 3 + for($i=0;$i diff --git a/js/imgcaptcha.js b/js/imgcaptcha.js new file mode 100644 index 00000000..8d3ed95c --- /dev/null +++ b/js/imgcaptcha.js @@ -0,0 +1,16 @@ +//function obecnyCzas() { +// return Math.round(new Date().getTime() / 1000); +//} + +function ic_odswiezKapcze() { + $.get("/imgcaptcha_p.php", function(data) { + $("#imgcaptcha_hash").val(data); + $("#imgcaptcha_img").prop("src","/imgcaptcha_im.php?cr=" + data); + }); +} +//function resetujKapcze() { +// $("#imgcaptcha_img").prop("src","/zakrytek.png"); +//} +//$(document).ready(function(){ +// //resetujKapcze(); - to nie powinno byc na razie potrzebne +//}); diff --git a/post.php b/post.php index 16566b51..f21b6164 100644 --- a/post.php +++ b/post.php @@ -6,6 +6,7 @@ require 'inc/functions.php'; require 'inc/anti-bot.php'; +require 'inc/imgcaptcha.php'; // Fix for magic quotes if (get_magic_quotes_gpc()) { @@ -192,7 +193,12 @@ if (isset($_POST['delete'])) { error($config['error']['captcha']); } } - + if ($config['imgcaptcha']) { + if (!isset($_POST['imgcaptcha_verify']) || !isset($_POST['imgcaptcha_hash'])) + error($config['error']['bot']); + if (ic_verifyHash($_POST['imgcaptcha_hash'],$_POST['imgcaptcha_verify'])) + error($config['error']['captcha']); + } if ($post['mod'] = isset($_POST['mod']) && $_POST['mod']) { require 'inc/mod.php'; if (!$mod) { diff --git a/templates/post_form.html b/templates/post_form.html index 8b7350c7..30bf9224 100644 --- a/templates/post_form.html +++ b/templates/post_form.html @@ -58,6 +58,21 @@ {% endif %} + {% if config.imgcaptcha %} + + + {% trans %}Verification{% endtrans %} + {{ antibot.html() }} + + + + + {{ config.imgcaptcha_question }} + Odswiez + {{ antibot.html() }} + + + {% endif %} {% trans %}File{% endtrans %}