diff --git a/.gitignore b/.gitignore index 09122f6..485dee6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1 @@ -.idea/ -.vscode/ -vendor/ -.DS_Store \ No newline at end of file +.idea diff --git a/.ide-helper.php b/.ide-helper.php deleted file mode 100644 index b1df0c6..0000000 --- a/.ide-helper.php +++ /dev/null @@ -1,23 +0,0 @@ -getCaptcha()->passCaptcha()) { - return false; - } - - return parent::send(); - } -} diff --git a/Application/Controller/DetailsController.php b/Application/Controller/DetailsController.php deleted file mode 100644 index e1543b9..0000000 --- a/Application/Controller/DetailsController.php +++ /dev/null @@ -1,23 +0,0 @@ -getCaptcha()->passCaptcha(false)) { - $this->_iPriceAlarmStatus = 2; - - return; - } - - return parent::addme(); - } -} diff --git a/Application/Controller/ForgotPasswordController.php b/Application/Controller/ForgotPasswordController.php deleted file mode 100644 index 8dda74f..0000000 --- a/Application/Controller/ForgotPasswordController.php +++ /dev/null @@ -1,21 +0,0 @@ -getCaptcha()->passCaptcha()) { - return false; - } - - return parent::forgotpassword(); - } -} diff --git a/Application/Controller/ImageGeneratorController.php b/Application/Controller/ImageGeneratorController.php deleted file mode 100644 index e53422a..0000000 --- a/Application/Controller/ImageGeneratorController.php +++ /dev/null @@ -1,102 +0,0 @@ -emac = Registry::getRequest()->getRequestEscapedParameter('e_mac', null); - if ($this->emac) { - $this->emac = $this->decodeEmac($this->emac); - } - } - - public function render() - { - parent::render(); - - try { - if (!$this->emac) { - throw new StandardException('No e_mac parameter given'); - } - $image = $this->generateVerificationImage(); - if (!$image) { - throw new StandardException('Image generation failed by returning NULL'); - } - header('Content-type: image/png'); - imagepng($image); - imagedestroy($image); - - exit; - } catch (Throwable $e) { - Registry::getLogger()->error(sprintf('%s() | %s', __METHOD__, $e->getMessage()), [$e]); - http_response_code(400); - - exit(1); - } - } - - protected function decodeEmac(string $emac): string - { - $decryptor = new \OxidEsales\Eshop\Core\Decryptor(); - - $key = $this->getOeCaptchaKey(); - - return $decryptor->decrypt($emac, $key); - } - - protected function generateVerificationImage() - { - $image = null; - - switch (true) { - case function_exists('imagecreatetruecolor'): - $image = imagecreatetruecolor($this->imageWidth, $this->imageHeight); - - break; - - case function_exists('imagecreate'): - $image = imagecreate($this->imageWidth, $this->imageHeight); - - break; - - default: - return null; - } - $textX = (int)ceil(($this->imageWidth - strlen($this->emac) * imagefontwidth($this->fontSize)) / 2); - $textY = (int)ceil(($this->imageHeight - imagefontheight($this->fontSize)) / 2) - 1; - - $colors = [ - 'text' => imagecolorallocate($image, 0, 0, 0), - 'shadow1' => imagecolorallocate($image, 200, 200, 200), - 'shadow2' => imagecolorallocate($image, 100, 100, 100), - 'background' => imagecolorallocate($image, 255, 255, 255), - 'border' => imagecolorallocate($image, 0, 0, 0), - ]; - - imagefill($image, 0, 0, $colors['background']); - imagerectangle($image, 0, 0, $this->imageWidth - 2, $this->imageHeight - 2, $colors['border']); - imagestring($image, $this->fontSize, $textX + 1, $textY + 0, $this->emac, $colors['shadow2']); - imagestring($image, $this->fontSize, $textX + 0, $textY + 1, $this->emac, $colors['shadow1']); - imagestring($image, $this->fontSize, $textX, $textY, $this->emac, $colors['text']); - - return $image; - } -} diff --git a/Application/Controller/InviteController.php b/Application/Controller/InviteController.php deleted file mode 100644 index 42e3e4d..0000000 --- a/Application/Controller/InviteController.php +++ /dev/null @@ -1,21 +0,0 @@ -getCaptcha()->passCaptcha()) { - return false; - } - - return parent::send(); - } -} diff --git a/Application/Controller/NewsletterController.php b/Application/Controller/NewsletterController.php deleted file mode 100644 index ddd78bd..0000000 --- a/Application/Controller/NewsletterController.php +++ /dev/null @@ -1,21 +0,0 @@ -getCaptcha()->passCaptcha()) { - return false; - } - - return parent::send(); - } -} diff --git a/Application/Controller/PricealarmController.php b/Application/Controller/PricealarmController.php deleted file mode 100644 index cc8c455..0000000 --- a/Application/Controller/PricealarmController.php +++ /dev/null @@ -1,23 +0,0 @@ -getCaptcha()->passCaptcha(false)) { - $this->_iPriceAlarmStatus = 2; - - return; - } - - return parent::addme(); - } -} diff --git a/Application/Core/Module.php b/Application/Core/Module.php deleted file mode 100644 index 7e7edbd..0000000 --- a/Application/Core/Module.php +++ /dev/null @@ -1,62 +0,0 @@ -activate(); - } - - public static function onDeactivate(): void - { - static::getInstance()->deactivate(); - } - - public function createTable(): void - { - $this->getDb()->executeStatement(' - CREATE TABLE IF NOT EXISTS `oecaptcha` (' . - "`OXID` int(11) NOT NULL AUTO_INCREMENT COMMENT 'Captcha id'," . - "`OXHASH` char(32) NOT NULL default '' COMMENT 'Hash'," . - "`OXTIME` int(11) NOT NULL COMMENT 'Validation time'," . - "`OXTIMESTAMP` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP COMMENT 'Timestamp'," . - 'PRIMARY KEY (`OXID`), ' . - 'KEY `OXID` (`OXID`,`OXHASH`), ' . - 'KEY `OXTIME` (`OXTIME`) ' . - ") ENGINE=MEMORY AUTO_INCREMENT=1 COMMENT 'If session is not available, this is where captcha information is stored'; - "); - } - - public function dropTable(): void - { - $this->getDb()->executeStatement('DROP TABLE IF EXISTS `oecaptcha`;'); - } - - public function activate(): void - { - $this->createTable(); - } - - public function deactivate(): void - { - $this->dropTable(); - } -} diff --git a/Application/Shared/Captcha.php b/Application/Shared/Captcha.php deleted file mode 100644 index 0ba062e..0000000 --- a/Application/Shared/Captcha.php +++ /dev/null @@ -1,17 +0,0 @@ -oeCaptcha ??= CaptchaCore::getInstance(); - } -} diff --git a/Application/Shared/Connection.php b/Application/Shared/Connection.php deleted file mode 100644 index 625f1b3..0000000 --- a/Application/Shared/Connection.php +++ /dev/null @@ -1,25 +0,0 @@ -getContainer(); - - return $container->get(QueryBuilderFactoryInterface::class)->create(); - } - - public function getDb(): \Doctrine\DBAL\Connection - { - return ContainerFactory::getInstance()->getContainer()->get(ConnectionProviderInterface::class)->get(); - } -} diff --git a/Application/Shared/Options.php b/Application/Shared/Options.php deleted file mode 100644 index 1391e1e..0000000 --- a/Application/Shared/Options.php +++ /dev/null @@ -1,23 +0,0 @@ -getContainer()->get(ModuleSettingServiceInterface::class); - $key = $bridge->getString('oecaptchakey', 'oecaptcha')->toString(); - if (!trim($key)) { - return Captcha::ENCRYPT_KEY; - } - - return $key; - } -} diff --git a/Application/translations/en/oecaptcha_en_lang.php b/Application/translations/en/oecaptcha_en_lang.php deleted file mode 100755 index 0c84406..0000000 --- a/Application/translations/en/oecaptcha_en_lang.php +++ /dev/null @@ -1,18 +0,0 @@ - 'UTF-8', - 'MESSAGE_WRONG_VERIFICATION_CODE' => 'The verification code you entered is not correct. Please try again.', - 'OECAPTCHA_PLACEHOLDER' => 'Prüfcode hier eingeben', - -]; diff --git a/Application/views/admin_smarty/de/oe_captcha_admin_de_lang.php b/Application/views/admin_smarty/de/oe_captcha_admin_de_lang.php deleted file mode 100644 index 5b16ac8..0000000 --- a/Application/views/admin_smarty/de/oe_captcha_admin_de_lang.php +++ /dev/null @@ -1,9 +0,0 @@ - 'UTF-8', - 'SHOP_MODULE_GROUP_main' => 'Allgemein', - 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', -]; diff --git a/Application/views/admin_smarty/en/oe_captcha_admin_en_lang.php b/Application/views/admin_smarty/en/oe_captcha_admin_en_lang.php deleted file mode 100644 index 2ecd391..0000000 --- a/Application/views/admin_smarty/en/oe_captcha_admin_en_lang.php +++ /dev/null @@ -1,9 +0,0 @@ - 'UTF-8', - 'SHOP_MODULE_GROUP_main' => 'General', - 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', -]; diff --git a/Application/views/admin_twig/de/oe_captcha_admin_de_lang.php b/Application/views/admin_twig/de/oe_captcha_admin_de_lang.php deleted file mode 100644 index 5b16ac8..0000000 --- a/Application/views/admin_twig/de/oe_captcha_admin_de_lang.php +++ /dev/null @@ -1,9 +0,0 @@ - 'UTF-8', - 'SHOP_MODULE_GROUP_main' => 'Allgemein', - 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', -]; diff --git a/Application/views/admin_twig/en/oe_captcha_admin_en_lang.php b/Application/views/admin_twig/en/oe_captcha_admin_en_lang.php deleted file mode 100644 index 2ecd391..0000000 --- a/Application/views/admin_twig/en/oe_captcha_admin_en_lang.php +++ /dev/null @@ -1,9 +0,0 @@ - 'UTF-8', - 'SHOP_MODULE_GROUP_main' => 'General', - 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', -]; diff --git a/CHANGELOG.md b/CHANGELOG.md index 67ffc35..ef2c2b6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,19 +19,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ### Security -## [7.0.0] - 18 Jul 2023 -### Changed -- PHP 8.0 compatibility -- OXID 7.0 compatibility -- Twig & Smarty Support -- Major version bump to 7.0.0 to match OXID 7.0 compatibility -### Removed -- Suggest dropped out -- /docs folder (no relevant information) - -### Deprecated -- Tests won't work for this release and should be updated in the future. ## [2.0.4] - 22 Oct 2021 diff --git a/README.md b/README.md index 3922987..dd83b41 100644 --- a/README.md +++ b/README.md @@ -9,9 +9,8 @@ It is used to ensure that only a user who can read the distorted characters and can submit the following forms: - contact - invite - - pricealarm (not bound in twig) - - newsletter (not bound in twig) - - forgotpwd (not bound in twig) + - pricealarm + - suggest The captcha module then validates the submitted value against the expected one and then decides whether to process the request (e.g. send contact mail to shop administrator) or refuse and show an error message instead. @@ -25,55 +24,29 @@ Please proceed with one of the following ways to install the module: In order to install the module via composer, run the following commands in commandline of your shop base directory (where the shop's composer.json file resides). -```bash +``` composer require oxid-projects/captcha-module ``` ### Module installation via repository cloning Clone the module to your OXID eShop **modules/oe/** directory: -```bash +``` git clone https://github.com/OXIDprojects/captcha-module.git captcha ``` -And add repository to root composer: -```bash -composer config repositories.oxid-projects/captcha-module path "source/modules/oe/captcha" -``` -And install module: -```bash -composer require oxid-projects/captcha-module -vendor/bin/oe-console oe:module:install source/modules/oe/captcha -``` + +### Module installation from zip package + +* Make a new folder "captcha" in the **modules/oe/ directory** of your shop installation. +* Download the https://github.com/OXIDprojects/captcha-module/archive/master.zip file and unpack it into the created folder. ## Activate Module - Activate the module in the administration panel. -- Or use console -```bash -vendor/bin/oe-console oe:module:activate oecaptcha -vendor/bin/oe-console oe:cache:clear -``` ## Uninstall -Disable the module in administration area or by executing following shell command. -```bash -vendor/bin/oe-console oe:module:deactivate oecaptcha -``` -If installed over composer (packagist): -```bash -composer remove oxid-projects/captcha-module -vendor/bin/oe-console oe:cache:clear -``` -else if cloned: -```bash -vendor/bin/oe-console oe:module:uninstall oecaptcha -vendor/bin/oe-console oe:cache:clear -composer remove oxid-projects/captcha-module -composer config --unset repositories.oxid-projects/captcha-module -# and remove the source itself -rm -rf source/modules/oe/captcha -``` +Disable the module in administration area and delete the module folder. ## License diff --git a/application/component/widget/oecaptchawarticledetails.php b/application/component/widget/oecaptchawarticledetails.php new file mode 100644 index 0000000..773159e --- /dev/null +++ b/application/component/widget/oecaptchawarticledetails.php @@ -0,0 +1,30 @@ +captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + return $this->captcha; + } +} diff --git a/application/views/admin/de/module_options.php b/application/views/admin/de/module_options.php new file mode 100644 index 0000000..8440e95 --- /dev/null +++ b/application/views/admin/de/module_options.php @@ -0,0 +1,13 @@ + 'UTF-8', + 'SHOP_MODULE_GROUP_main' => 'Allgemein', + 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', +); diff --git a/application/views/admin/en/module_options.php b/application/views/admin/en/module_options.php new file mode 100644 index 0000000..b9b8e88 --- /dev/null +++ b/application/views/admin/en/module_options.php @@ -0,0 +1,13 @@ + 'UTF-8', + 'SHOP_MODULE_GROUP_main' => 'General', + 'SHOP_MODULE_oecaptchakey' => 'Captcha Key', +); diff --git a/application/views/blocks/captcha_form.tpl b/application/views/blocks/captcha_form.tpl new file mode 100644 index 0000000..531645c --- /dev/null +++ b/application/views/blocks/captcha_form.tpl @@ -0,0 +1,3 @@ +[{$smarty.block.parent}] + +[{include file="oecaptcha.tpl" labelCssClass="col-lg-2" inputCssClass="col-lg-10"}] diff --git a/application/views/blocks/captcha_form_forgotpwd.tpl b/application/views/blocks/captcha_form_forgotpwd.tpl new file mode 100644 index 0000000..5171b71 --- /dev/null +++ b/application/views/blocks/captcha_form_forgotpwd.tpl @@ -0,0 +1,3 @@ +[{$smarty.block.parent}] + +[{include file="oecaptcha.tpl" labelCssClass="col-md-3" inputCssClass="col-md-9"}] diff --git a/application/views/tpl/oecaptcha.tpl b/application/views/tpl/oecaptcha.tpl new file mode 100644 index 0000000..be78fb2 --- /dev/null +++ b/application/views/tpl/oecaptcha.tpl @@ -0,0 +1,19 @@ +[{assign var="oCaptcha" value=$oView->getCaptcha()}] + + +
+ + +
+
+ + [{if $oCaptcha->isImageVisible()}] + + [{else}] + [{$oCaptcha->getText()}] + [{/if}] + + +
+
+
\ No newline at end of file diff --git a/composer.json b/composer.json index 0c45897..b24f871 100644 --- a/composer.json +++ b/composer.json @@ -2,13 +2,7 @@ "name": "oxid-projects/captcha-module", "description": "This is Captcha module for OXID eShop.", "type": "oxideshop-module", - "version": "7.0.0", - "keywords": [ - "oxid", - "modules", - "eShop", - "captcha" - ], + "keywords": ["oxid", "modules", "eShop", "captcha"], "homepage": "https://www.oxid-esales.com/en/home.html", "license": [ "GPL-3.0", @@ -18,14 +12,5 @@ "oxideshop": { "target-directory": "oe/captcha" } - }, - "require": { - "oxid-esales/oxideshop-ce": "^7.0", - "ext-gd": "*" - }, - "autoload": { - "psr-4": { - "OxidProfessionalServices\\Captcha\\": "./" - } } -} \ No newline at end of file +} diff --git a/controllers/oecaptchacontact.php b/controllers/oecaptchacontact.php new file mode 100644 index 0000000..b9af7d9 --- /dev/null +++ b/controllers/oecaptchacontact.php @@ -0,0 +1,44 @@ +getCaptcha()->passCaptcha()) { + return false; + } + + return parent::send(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + + return $this->captcha; + } + +} diff --git a/controllers/oecaptchadetails.php b/controllers/oecaptchadetails.php new file mode 100644 index 0000000..a2056e3 --- /dev/null +++ b/controllers/oecaptchadetails.php @@ -0,0 +1,52 @@ +getCaptcha()->passCaptcha(false)) { + $this->_iPriceAlarmStatus = 2; + return; + } + + return parent::addme(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + return $this->captcha; + } +} diff --git a/controllers/oecaptchaforgotpwd.php b/controllers/oecaptchaforgotpwd.php new file mode 100644 index 0000000..7158f89 --- /dev/null +++ b/controllers/oecaptchaforgotpwd.php @@ -0,0 +1,44 @@ +getCaptcha()->passCaptcha()) { + return false; + } + + return parent::forgotpassword(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + + return $this->captcha; + } + +} diff --git a/controllers/oecaptchainvite.php b/controllers/oecaptchainvite.php new file mode 100644 index 0000000..f849ec9 --- /dev/null +++ b/controllers/oecaptchainvite.php @@ -0,0 +1,49 @@ +getCaptcha()->passCaptcha()) { + return false; + } + + return parent::send(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + + return $this->captcha; + } + +} diff --git a/controllers/oecaptchanewsletter.php b/controllers/oecaptchanewsletter.php new file mode 100644 index 0000000..caf7000 --- /dev/null +++ b/controllers/oecaptchanewsletter.php @@ -0,0 +1,44 @@ +getCaptcha()->passCaptcha()) { + return false; + } + + return parent::send(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + + return $this->captcha; + } + +} diff --git a/controllers/oecaptchapricealarm.php b/controllers/oecaptchapricealarm.php new file mode 100644 index 0000000..ddea7eb --- /dev/null +++ b/controllers/oecaptchapricealarm.php @@ -0,0 +1,37 @@ + pricealarm. + */ +class oeCaptchaPricealarm extends oeCaptchaPricealarm_parent +{ + /** + * Validates email + * address. If email is wrong - returns false and exits. If email + * address is OK - creates prcealarm object and saves it + * (oxpricealarm::save()). Sends pricealarm notification mail + * to shop owner. + * + * @return bool false on error + */ + public function addme() + { + //control captcha + $captcha = oxNew('oeCaptcha'); + if (!$captcha->passCaptcha(false)) { + $this->_iPriceAlarmStatus = 2; + + return; + } + + return parent::addme(); + } +} diff --git a/controllers/oecaptchasuggest.php b/controllers/oecaptchasuggest.php new file mode 100644 index 0000000..73d1db8 --- /dev/null +++ b/controllers/oecaptchasuggest.php @@ -0,0 +1,52 @@ +editval, error + * + * @return null + */ + public function send() + { + // spam spider prevension + if (!$this->getCaptcha()->passCaptcha()) { + return false; + } + + return parent::send(); + } + + /** + * Template variable getter. Returns object of handling CAPTCHA image + * + * @return object + */ + public function getCaptcha() + { + if ($this->captcha === null) { + $this->captcha = oxNew('oeCaptcha'); + } + + return $this->captcha; + } +} diff --git a/Application/Core/Captcha.php b/core/oecaptcha.php similarity index 52% rename from Application/Core/Captcha.php rename to core/oecaptcha.php index cba5d81..2959fc6 100644 --- a/Application/Core/Captcha.php +++ b/core/oecaptcha.php @@ -1,55 +1,47 @@ text) { $this->text = ''; - - for ($i = 0; $i < $this->macLength; ++$i) { + for ($i = 0; $i < $this->macLength; $i++) { $this->text .= strtolower($this->macChars[rand(0, strlen($this->macChars) - 1)]); } } @@ -67,7 +58,38 @@ class Captcha } /** - * Returns given string captcha hash. + * Returns text hash + * + * @param string $text User supplie text + * + * @return string + */ + public function getHash($text = null) + { + // inserting captcha record + $time = time() + $this->timeout; + $textHash = $this->getTextHash($text); + + // if session is started - storing captcha info here + $session = $this->getSession(); + if ($session->isSessionStarted()) { + $hash = oxUtilsObject::getInstance()->generateUID(); + $hashArray = $session->getVariable('captchaHashes'); + $hashArray[$hash] = array($textHash => $time); + $session->setVariable('captchaHashes', $hashArray); + } else { + $database = DatabaseProvider::getDb(); + $query = "insert into oecaptcha (oxhash, oxtime) values (" . + $database->quote($textHash) . ", " . $database->quote($time) . ")"; + $database->execute($query); + $hash = $database->getOne('select LAST_INSERT_ID()', false, false); + } + + return $hash; + } + + /** + * Returns given string captcha hash * * @param string $text string to hash * @@ -84,9 +106,36 @@ class Captcha } /** - * Check if captcha is passed. + * Returns url to CAPTCHA image generator. * - * @param mixed $displayError + * @return string + */ + public function getImageUrl() + { + $config = \OxidEsales\Eshop\Core\Registry::getConfig(); + $url = $config->getCurrentShopUrl() . 'modules/oe/captcha/core/utils/verificationimg.php?e_mac='; + $key = $config->getConfigParam('oecaptchakey'); + + $key = $key ? $key : $config->getConfigParam('sConfigKey'); + + $encryptor = new \OxidEsales\Eshop\Core\Encryptor(); + $url .= $encryptor->encrypt($this->getText(), $key); + + return $url; + } + + /** + * Checks if image could be generated + * + * @return bool + */ + public function isImageVisible() + { + return ((function_exists('imagecreatetruecolor') || function_exists('imagecreate')) && $this->getConfig()->getConfigParam('iUseGDVersion') > 1); + } + + /** + * Check if captcha is passed. * * @return bool */ @@ -95,8 +144,8 @@ class Captcha $return = true; // spam spider prevention - $mac = Registry::getRequest()->getRequestParameter('c_mac'); - $macHash = Registry::getRequest()->getRequestParameter('c_mach'); + $mac = $this->getConfig()->getRequestParameter('c_mac'); + $macHash = $this->getConfig()->getRequestParameter('c_mach'); if (!$this->pass($mac, $macHash)) { $return = false; @@ -104,139 +153,12 @@ class Captcha if (!$return && $displayError) { // even if there is no exception, use this as a default display method - Registry::getUtilsView()->addErrorToDisplay('MESSAGE_WRONG_VERIFICATION_CODE'); + oxRegistry::get('oxUtilsView')->addErrorToDisplay('MESSAGE_WRONG_VERIFICATION_CODE'); } return $return; } - /** - * Checks if image could be generated. - * - * @return bool - */ - public function isImageVisible() - { - return (function_exists('imagecreatetruecolor') || function_exists('imagecreate')) && Registry::getConfig()->getConfigParam('iUseGDVersion') > 1; - } - - /** - * Returns url to CAPTCHA image generator. - * - * @return string - */ - public function getImageUrl() - { - $config = Registry::getConfig(); - $key = $this->getOeCaptchaKey(); - $encryptor = new \OxidEsales\Eshop\Core\Encryptor(); - - return $config->getCurrentShopUrl() . sprintf('?cl=oe_captcha_generator&e_mac=%s&shp=%d', $encryptor->encrypt($this->getText(), $key), $config->getShopId()); - } - - /** - * Returns text hash. - * - * @param string $text User supplie text - * - * @return string - */ - public function getHash($text = null) - { - // inserting captcha record - $time = time() + $this->timeout; - $textHash = $this->getTextHash($text); - - // if session is started - storing captcha info here - $session = Registry::getSession(); - if ($session->isSessionStarted()) { - $hash = UtilsObject::getInstance()->generateUID(); - $hashArray = $session->getVariable('captchaHashes'); - $hashArray[$hash] = [$textHash => $time]; - $session->setVariable('captchaHashes', $hashArray); - } else { - $q = $this->getQueryBuilder(); - $q->insert('oecaptcha') - ->values( - [ - 'oxhash' => '?', - 'oxtime' => '?', - ] - )->setParameter(0, $textHash)->setParameter(1, $time); - $q->execute(); - $hash = $q->getConnection()->lastInsertId(); - } - - return $hash; - } - - /** - * Checks for DB captcha hash validity. - * - * @param int $macHash hash key - * @param string $hash captcha hash - * @param int $time check time - * - * @return bool - */ - protected function passFromDb($macHash, $hash, $time) - { - $q = $this->getQueryBuilder(); - $q->select('1') - ->from('oecaptcha') - ->where('oxid = :macHash') - ->andWhere('oxhash = :hash') - ->setParameter('macHash', $macHash) - ->setParameter('hash', $hash); - $pass = (bool) $q->execute()->fetchOne(); - if ($pass) { - // cleanup - $q = $this->getQueryBuilder() - ->delete('oecaptcha') - ->where('oxid = :macHash') - ->andWhere('oxhash = :hash') - ->setParameter('macHash', $macHash) - ->setParameter('hash', $hash); - $q->execute(); - } - - // garbage cleanup - $q = $this->getQueryBuilder() - ->delete('oecaptcha') - ->where('oxtime < :time') - ->setParameter('time', $time); - $q->execute(); - - return $pass; - } - - /** - * Checks for session captcha hash validity. - * - * @param string $macHash hash key - * @param string $hash captcha hash - * @param int $time check time - * - * @return bool - */ - protected function passFromSession($macHash, $hash, $time) - { - $pass = null; - $session = Registry::getSession(); - - if ($hashArray = $session->getVariable('captchaHashes')) { - $pass = (isset($hashArray[$macHash][$hash]) && $hashArray[$macHash][$hash] >= $time) ? true : false; - unset($hashArray[$macHash]); - if (!empty($hashArray)) { - $session->setVariable('captchaHashes', $hashArray); - } else { - $session->deleteVariable('captchaHashes'); - } - } - - return $pass; - } - /** * Verifies captcha input vs supplied hash. Returns true on success. * @@ -252,10 +174,67 @@ class Captcha $pass = $this->passFromSession($macHash, $hash, $time); // if captcha info was NOT stored in session - if (null === $pass) { + if ($pass === null) { $pass = $this->passFromDb((int) $macHash, $hash, $time); } return (bool) $pass; } + + /** + * Checks for session captcha hash validity + * + * @param string $macHash hash key + * @param string $hash captcha hash + * @param int $time check time + * + * @return bool + */ + protected function passFromSession($macHash, $hash, $time) + { + $pass = null; + $session = $this->getSession(); + + if (($hashArray = $session->getVariable('captchaHashes'))) { + $pass = (isset($hashArray[$macHash][$hash]) && $hashArray[$macHash][$hash] >= $time) ? true : false; + unset($hashArray[$macHash]); + if (!empty($hashArray)) { + $session->setVariable('captchaHashes', $hashArray); + } else { + $session->deleteVariable('captchaHashes'); + } + } + + return $pass; + } + + /** + * Checks for DB captcha hash validity + * + * @param int $macHash hash key + * @param string $hash captcha hash + * @param int $time check time + * + * @return bool + */ + protected function passFromDb($macHash, $hash, $time) + { + $database = DatabaseProvider::getDb(); + $where = "where oxid = " . $database->quote($macHash) . " and oxhash = " . $database->quote($hash); + $query = "select 1 from oecaptcha " . $where; + $pass = (bool) $database->getOne($query, false, false); + + if ($pass) { + // cleanup + $query = "delete from oecaptcha " . $where; + $database->execute($query); + } + + // garbage cleanup + $query = "delete from oecaptcha where oxtime < $time"; + $database->execute($query); + + return $pass; + } + } diff --git a/core/oecaptchaevents.php b/core/oecaptchaevents.php new file mode 100644 index 0000000..f647ee6 --- /dev/null +++ b/core/oecaptchaevents.php @@ -0,0 +1,62 @@ +execute($query); + } + + /** + * Remove table oecaptcha. + * NOTE: table oecaptcha contains temporary data if any and can be + * removed without side effects on module deactivation + */ + public static function removeCaptchaTable() + { + $query = "DROP TABLE IF EXISTS `oecaptcha`"; + + DatabaseProvider::getDb()->execute($query); + } + + /** + * Execute action on activate event + * + * @return null + */ + public static function onActivate() + { + self::addCaptchaTable(); + } + + /** + * Execute action on deactivate event + * + * @return null + */ + public static function onDeactivate() + { + self::removeCaptchaTable(); + } +} diff --git a/core/utils/verificationimg.php b/core/utils/verificationimg.php new file mode 100644 index 0000000..769931e --- /dev/null +++ b/core/utils/verificationimg.php @@ -0,0 +1,103 @@ +getConfigParam('oecaptchakey'); + if (empty($key)) { + $key = getOxConfKey(); + } + + return $decryptor->decrypt($value, $key); + } +} + +if (!function_exists('getOxConfKey')) { + + /** + * Get default config key. + * + * @return string + */ + function getOxConfKey() + { + $config = oxRegistry::getConfig(); + $configKey = $config->getConfigParam('sConfigKey') ?: \OxidEsales\Eshop\Core\Config::DEFAULT_CONFIG_KEY; + return $configKey; + } + +} + +$mac = strRem($emac); +generateVerificationImg($mac); diff --git a/docs/README.txt b/docs/README.txt new file mode 100755 index 0000000..5400211 --- /dev/null +++ b/docs/README.txt @@ -0,0 +1,36 @@ +==Title== +OE Captcha + +==Author== +OXID eSales AG + +==Prefix== +oe + +==Shop Version== +6.x + +==Version== +1.0.0 + +==Link== +http://www.oxid-esales.com/ + +==Mail== + + +==Description== +OE Captcha Module + +==Installation== +Activate the module in administration area. + +==Extend== + + +==Modules== + +==Modified original templates== + +==Uninstall== +Disable the module in administration area and delete module folder. diff --git a/metadata.php b/metadata.php index 7c8f446..b8e7bd9 100755 --- a/metadata.php +++ b/metadata.php @@ -1,9 +1,6 @@ Module::ID, - 'title' => [ +$aModule = array( + 'id' => 'oecaptcha', + 'title' => array( 'de' => 'Simple Captcha', 'en' => 'Simple Captcha', - ], - 'description' => [ + ), + 'description' => array( 'de' => 'OXID eSales Simple Captcha Module', 'en' => 'OXID eSales Simple Captcha Module', - ], - 'thumbnail' => 'logo.png', - 'version' => Module::VERSION, - 'author' => 'OXID eSales AG', - 'url' => 'https://www.oxid-esales.com/', - 'email' => '', - 'controllers' => [ - 'oe_captcha_generator' => OxidProfessionalServices\Captcha\Application\Controller\ImageGeneratorController::class, - ], - 'extend' => [ - OxidEsales\Eshop\Application\Controller\ArticleDetailsController::class => OxidProfessionalServices\Captcha\Application\Controller\DetailsController::class, - OxidEsales\Eshop\Application\Controller\ContactController::class => OxidProfessionalServices\Captcha\Application\Controller\ContactController::class, - OxidEsales\Eshop\Application\Controller\ForgotPasswordController::class => OxidProfessionalServices\Captcha\Application\Controller\ForgotPasswordController::class, - OxidEsales\Eshop\Application\Controller\InviteController::class => OxidProfessionalServices\Captcha\Application\Controller\InviteController::class, - OxidEsales\Eshop\Application\Controller\NewsletterController::class => OxidProfessionalServices\Captcha\Application\Controller\NewsletterController::class, - OxidEsales\Eshop\Application\Controller\PriceAlarmController::class => OxidProfessionalServices\Captcha\Application\Controller\PricealarmController::class, - OxidEsales\Eshop\Application\Component\Widget\ArticleDetails::class => OxidProfessionalServices\Captcha\Application\Component\Widget\ArticleDetails::class, - ], - 'templates' => [ - 'oe_captcha.tpl' => 'views/smarty/tpl/include/oe_captcha.tpl', - ], - 'blocks' => [ - [ - 'template' => 'form/contact.tpl', - 'block' => 'captcha_form', - 'file' => 'views/smarty/blocks/oe_captcha_form.tpl', - ], - [ - 'template' => 'form/privatesales/invite.tpl', - 'block' => 'captcha_form', - 'file' => 'views/smarty/blocks/oe_captcha_form.tpl', - ], - [ - 'template' => 'form/pricealarm.tpl', - 'block' => 'captcha_form', - 'file' => 'views/smarty/blocks/oe_captcha_form.tpl', - ], - [ - 'template' => 'form/newsletter.tpl', - 'block' => 'captcha_form', - 'file' => 'views/smarty/blocks/oe_captcha_form.tpl', - ], - [ - 'template' => 'form/forgotpwd_email.tpl', - 'block' => 'captcha_form', - 'file' => 'views/smarty/blocks/oe_captcha_form.tpl', - ], - ], - 'settings' => [ - [ - 'group' => 'main', - 'name' => 'oecaptchakey', - 'type' => 'str', - 'value' => '', - ], - ], - 'events' => [ - 'onActivate' => Module::class . '::onActivate', - 'onDeactivate' => Module::class . '::onDeactivate', - ], -]; + ), + 'thumbnail' => 'out/pictures/picture.png', + 'version' => '2.0.4', + 'author' => 'OXID eSales AG', + 'url' => 'http://www.oxid-esales.com/', + 'email' => '', + 'extend' => array('details' => 'oe/captcha/controllers/oecaptchadetails', + 'contact' => 'oe/captcha/controllers/oecaptchacontact', + 'forgotpwd' => 'oe/captcha/controllers/oecaptchaforgotpwd', + 'invite' => 'oe/captcha/controllers/oecaptchainvite', + 'newsletter' => 'oe/captcha/controllers/oecaptchanewsletter', + 'pricealarm' => 'oe/captcha/controllers/oecaptchapricealarm', + 'suggest' => 'oe/captcha/controllers/oecaptchasuggest', + 'oxwarticledetails' => 'oe/captcha/application/component/widget/oecaptchawarticledetails'), + 'files' => array( + 'oecaptcha' => 'oe/captcha/core/oecaptcha.php', + 'oecaptchaEvents' => 'oe/captcha/core/oecaptchaevents.php', + ), + 'templates' => array( + 'oecaptcha.tpl' => 'oe/captcha/application/views/tpl/oecaptcha.tpl', + ), + 'blocks' => array( + array('template' => 'form/contact.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'), + array('template' => 'form/newsletter.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'), + array('template' => 'form/privatesales/invite.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'), + array('template' => 'form/pricealarm.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'), + array('template' => 'form/suggest.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'), + array('template' => 'form/forgotpwd_email.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form_forgotpwd.tpl'), + ), + 'settings' => array( + array('group' => 'main', 'name' => 'oecaptchakey', 'type' => 'str', 'value' => ''), + ), + 'events' => array( + 'onActivate' => 'oecaptchaevents::onActivate', + 'onDeactivate' => 'oecaptchaevents::onDeactivate' + ), +); diff --git a/assets/logo.png b/out/pictures/picture.png similarity index 100% rename from assets/logo.png rename to out/pictures/picture.png diff --git a/Application/translations/de/oecaptcha_de_lang.php b/translations/de/oecaptcha_de_lang.php similarity index 69% rename from Application/translations/de/oecaptcha_de_lang.php rename to translations/de/oecaptcha_de_lang.php index 02977fe..0effcb4 100755 --- a/Application/translations/de/oecaptcha_de_lang.php +++ b/translations/de/oecaptcha_de_lang.php @@ -1,17 +1,17 @@ 'UTF-8', - 'MESSAGE_WRONG_VERIFICATION_CODE' => 'Der Prüfcode, den Sie eingegeben haben, ist nicht korrekt. Bitte versuchen Sie es erneut!', - 'OECAPTCHA_PLACEHOLDER' => 'Enter verification code here', -]; + 'MESSAGE_WRONG_VERIFICATION_CODE' => 'Der Prüfcode, den Sie eingegeben haben, ist nicht korrekt. Bitte versuchen Sie es erneut!' +); diff --git a/translations/en/oecaptcha_en_lang.php b/translations/en/oecaptcha_en_lang.php new file mode 100755 index 0000000..45abef1 --- /dev/null +++ b/translations/en/oecaptcha_en_lang.php @@ -0,0 +1,17 @@ + 'UTF-8', + 'MESSAGE_WRONG_VERIFICATION_CODE' => "The verification code you entered is not correct. Please try again." +); diff --git a/views/smarty/blocks/oe_captcha_form.tpl b/views/smarty/blocks/oe_captcha_form.tpl deleted file mode 100644 index 4c9afc7..0000000 --- a/views/smarty/blocks/oe_captcha_form.tpl +++ /dev/null @@ -1,3 +0,0 @@ -[{$smarty.block.parent}] - -[{include file="oe_captcha.tpl"}] \ No newline at end of file diff --git a/views/smarty/tpl/include/oe_captcha.tpl b/views/smarty/tpl/include/oe_captcha.tpl deleted file mode 100644 index 3c13fe4..0000000 --- a/views/smarty/tpl/include/oe_captcha.tpl +++ /dev/null @@ -1,47 +0,0 @@ -[{assign var="oCaptcha" value=$oView->getCaptcha()}] -[{block name="body"}] - [{block name="style"}] - - [{/block}] - - [{block name="hidden"}] - - [{/block}] - - [{block name="form_group"}] -
- [{block name="label"}] - - [{/block}] - - [{block name="input_control"}] -
- [{block name="input_group"}] -
- [{block name="image_group"}] - - [{if $oCaptcha->isImageVisible()}] - [{block name="image_visible"}] - - [{/block}] - [{else}] - [{block name="image_hidden"}] - [{$oCaptcha->getText()}] - [{/block}] - [{/if}] - - [{/block}] - [{block name="input"}] - - [{/block}] -
- [{/block}] -
- [{/block}] -
- [{/block}] -[{/block}] \ No newline at end of file diff --git a/views/twig/extensions/themes/default/form/contact.html.twig b/views/twig/extensions/themes/default/form/contact.html.twig deleted file mode 100644 index cab35c5..0000000 --- a/views/twig/extensions/themes/default/form/contact.html.twig +++ /dev/null @@ -1,6 +0,0 @@ -{% extends "form/contact.html.twig" %} - -{% block captcha_form %} - {{ parent() }} - {% include "@oecaptcha/oe_captcha.html.twig" %} -{% endblock %} \ No newline at end of file diff --git a/views/twig/extensions/themes/default/form/pricealarm.html.twig b/views/twig/extensions/themes/default/form/pricealarm.html.twig deleted file mode 100644 index 6ea0119..0000000 --- a/views/twig/extensions/themes/default/form/pricealarm.html.twig +++ /dev/null @@ -1,6 +0,0 @@ -{% extends "form/pricealarm.html.twig" %} - -{% block captcha_form %} - {{ parent() }} - {% include "@oecaptcha/oe_captcha.html.twig" %} -{% endblock %} \ No newline at end of file diff --git a/views/twig/extensions/themes/default/form/privatesales/invite.html.twig b/views/twig/extensions/themes/default/form/privatesales/invite.html.twig deleted file mode 100644 index 9822eb1..0000000 --- a/views/twig/extensions/themes/default/form/privatesales/invite.html.twig +++ /dev/null @@ -1,6 +0,0 @@ -{% extends "form/privatesales/invite.html.twig" %} - -{% block captcha_form %} - {{ parent() }} - {% include "@oecaptcha/oe_captcha.html.twig" %} -{% endblock %} \ No newline at end of file diff --git a/views/twig/oe_captcha.html.twig b/views/twig/oe_captcha.html.twig deleted file mode 100644 index 528974d..0000000 --- a/views/twig/oe_captcha.html.twig +++ /dev/null @@ -1,49 +0,0 @@ -{% set oCaptcha = oView.getCaptcha() %} -{% block body %} - {% block style %} - - {% endblock %} - - {% block hidden %} - - {% endblock %} - - {% block form_group %} -
- {% block label %} - - {% endblock %} - - {% block input_control %} -
- {% block input_group %} -
- {% block image_group %} - - {% if oCaptcha.isImageVisible() %} - {% block image_visible %} - - {% endblock %} - {% else %} - {% block image_hidden %} - {{ oCaptcha.getText() }} - {% endblock %} - {% endif %} - - {% endblock %} - - {% block input %} - - {% endblock %} -
- {% endblock %} -
- {% endblock %} -
- {% endblock %} -{% endblock %} \ No newline at end of file