From 89d543156fb273b5845c6c4b0ef2033154b193c3 Mon Sep 17 00:00:00 2001
From: Daniel Seifert <git@daniel-seifert.com>
Date: Sat, 14 Nov 2020 12:44:46 +0100
Subject: [PATCH 1/2] Captcha for newsletter subscription added This form is
 often used for spam attacks. Requires new template blocks in the frontend
 theme.

---
 controllers/oecaptchanewsletter.php | 44 +++++++++++++++++++++++++++++
 metadata.php                        |  2 ++
 2 files changed, 46 insertions(+)
 create mode 100644 controllers/oecaptchanewsletter.php

diff --git a/controllers/oecaptchanewsletter.php b/controllers/oecaptchanewsletter.php
new file mode 100644
index 0000000..caf7000
--- /dev/null
+++ b/controllers/oecaptchanewsletter.php
@@ -0,0 +1,44 @@
+<?php
+/**
+ * #PHPHEADER_OECAPTCHA_LICENSE_INFORMATION#
+ */
+
+class oeCaptchaNewsletter extends oeCaptchaNewsletter_parent
+{
+    /**
+     * Class handling CAPTCHA image.
+     *
+     * @var object
+     */
+    protected $captcha = null;
+
+    /**
+     * Composes and sends user written message, returns false if some parameters
+     * are missing.
+     *
+     * @return bool
+     */
+    public function send()
+    {
+        if (!$this->getCaptcha()->passCaptcha()) {
+            return false;
+        }
+
+        return parent::send();
+    }
+
+    /**
+     * Template variable getter. Returns object of handling CAPTCHA image
+     *
+     * @return object
+     */
+    public function getCaptcha()
+    {
+        if ($this->captcha === null) {
+            $this->captcha = oxNew('oeCaptcha');
+        }
+
+        return $this->captcha;
+    }
+
+}
diff --git a/metadata.php b/metadata.php
index 33ce471..ce582b3 100755
--- a/metadata.php
+++ b/metadata.php
@@ -40,6 +40,7 @@ $aModule = array(
     'extend'      => array('details'           => 'oe/captcha/controllers/oecaptchadetails',
                            'contact'           => 'oe/captcha/controllers/oecaptchacontact',
                            'invite'            => 'oe/captcha/controllers/oecaptchainvite',
+                           'newsletter'        => 'oe/captcha/controllers/oecaptchanewsletter',
                            'pricealarm'        => 'oe/captcha/controllers/oecaptchapricealarm',
                            'suggest'           => 'oe/captcha/controllers/oecaptchasuggest',
                            'oxwarticledetails' => 'oe/captcha/application/component/widget/oecaptchawarticledetails'),
@@ -52,6 +53,7 @@ $aModule = array(
     ),
     'blocks'      => array(
         array('template' => 'form/contact.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
+        array('template' => 'form/newsletter.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
         array('template' => 'form/privatesales/invite.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
         array('template' => 'form/pricealarm.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
         array('template' => 'form/suggest.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),

From 087f9128979d0274bb93827a0b7b2aaaca25d831 Mon Sep 17 00:00:00 2001
From: Daniel Seifert <ds@shopmodule.com>
Date: Mon, 16 Nov 2020 13:18:30 +0100
Subject: [PATCH 2/2] insert Captcha also in the forgotten password form, as
 this is also often used for spam

---
 application/views/blocks/captcha_form.tpl     |  2 +-
 .../views/blocks/captcha_form_forgotpwd.tpl   |  3 ++
 application/views/tpl/oecaptcha.tpl           |  4 +-
 controllers/oecaptchaforgotpwd.php            | 44 +++++++++++++++++++
 metadata.php                                  |  2 +
 5 files changed, 52 insertions(+), 3 deletions(-)
 create mode 100644 application/views/blocks/captcha_form_forgotpwd.tpl
 create mode 100644 controllers/oecaptchaforgotpwd.php

diff --git a/application/views/blocks/captcha_form.tpl b/application/views/blocks/captcha_form.tpl
index a0487c1..531645c 100644
--- a/application/views/blocks/captcha_form.tpl
+++ b/application/views/blocks/captcha_form.tpl
@@ -1,3 +1,3 @@
 [{$smarty.block.parent}]
 
-[{include file="oecaptcha.tpl"}]
+[{include file="oecaptcha.tpl" labelCssClass="col-lg-2" inputCssClass="col-lg-10"}]
diff --git a/application/views/blocks/captcha_form_forgotpwd.tpl b/application/views/blocks/captcha_form_forgotpwd.tpl
new file mode 100644
index 0000000..5171b71
--- /dev/null
+++ b/application/views/blocks/captcha_form_forgotpwd.tpl
@@ -0,0 +1,3 @@
+[{$smarty.block.parent}]
+
+[{include file="oecaptcha.tpl" labelCssClass="col-md-3" inputCssClass="col-md-9"}]
diff --git a/application/views/tpl/oecaptcha.tpl b/application/views/tpl/oecaptcha.tpl
index b482fc4..be78fb2 100644
--- a/application/views/tpl/oecaptcha.tpl
+++ b/application/views/tpl/oecaptcha.tpl
@@ -2,9 +2,9 @@
 <input type="hidden" name="c_mach" value="[{$oCaptcha->getHash()}]"/>
 
 <div class="form-group verify">
-    <label class="req control-label col-lg-2" for="c_mac">[{oxmultilang ident="VERIFICATION_CODE"}]</label>
+    <label class="req control-label [{$labelCssClass}]" for="c_mac">[{oxmultilang ident="VERIFICATION_CODE"}]</label>
 
-    <div class="col-lg-10 controls">
+    <div class="[{$inputCssClass}] controls">
         <div class="input-group">
             <span class="input-group-addon">
                 [{if $oCaptcha->isImageVisible()}]
diff --git a/controllers/oecaptchaforgotpwd.php b/controllers/oecaptchaforgotpwd.php
new file mode 100644
index 0000000..7158f89
--- /dev/null
+++ b/controllers/oecaptchaforgotpwd.php
@@ -0,0 +1,44 @@
+<?php
+/**
+ * #PHPHEADER_OECAPTCHA_LICENSE_INFORMATION#
+ */
+
+class oeCaptchaForgotPwd extends oeCaptchaForgotPwd_parent
+{
+    /**
+     * Class handling CAPTCHA image.
+     *
+     * @var object
+     */
+    protected $captcha = null;
+
+    /**
+     * Composes and sends user written message, returns false if some parameters
+     * are missing.
+     *
+     * @return bool
+     */
+    public function forgotpassword()
+    {
+        if (!$this->getCaptcha()->passCaptcha()) {
+            return false;
+        }
+
+        return parent::forgotpassword();
+    }
+
+    /**
+     * Template variable getter. Returns object of handling CAPTCHA image
+     *
+     * @return object
+     */
+    public function getCaptcha()
+    {
+        if ($this->captcha === null) {
+            $this->captcha = oxNew('oeCaptcha');
+        }
+
+        return $this->captcha;
+    }
+
+}
diff --git a/metadata.php b/metadata.php
index ce582b3..062f6f5 100755
--- a/metadata.php
+++ b/metadata.php
@@ -39,6 +39,7 @@ $aModule = array(
     'email'       => '',
     'extend'      => array('details'           => 'oe/captcha/controllers/oecaptchadetails',
                            'contact'           => 'oe/captcha/controllers/oecaptchacontact',
+                           'forgotpwd'         => 'oe/captcha/controllers/oecaptchaforgotpwd',
                            'invite'            => 'oe/captcha/controllers/oecaptchainvite',
                            'newsletter'        => 'oe/captcha/controllers/oecaptchanewsletter',
                            'pricealarm'        => 'oe/captcha/controllers/oecaptchapricealarm',
@@ -57,6 +58,7 @@ $aModule = array(
         array('template' => 'form/privatesales/invite.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
         array('template' => 'form/pricealarm.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
         array('template' => 'form/suggest.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form.tpl'),
+        array('template' => 'form/forgotpwd_email.tpl', 'block'=>'captcha_form', 'file'=>'/application/views/blocks/captcha_form_forgotpwd.tpl'),
     ),
     'settings'    => array(
         array('group' => 'main', 'name' => 'oecaptchakey', 'type' => 'str', 'value' => ''),