Pluf Framework

Pluf Framework Commit Details


Date:2009-11-03 05:26:16 (15 years 1 month ago)
Author:Loic d'Anterroches
Branch:develop, master
Commit:1ede9dc94aa6b423640c84e256882a0c13fb1aa4
Parents: 163641133fa671c83d9ccc64d350e0237faaae64
Message:Added a ReCaptcha field for the forms.
Changes:

File differences

src/Pluf/Form/Field/ReCaptcha.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
<?php
/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
# ***** BEGIN LICENSE BLOCK *****
# This file is part of Plume Framework, a simple PHP Application Framework.
# Copyright (C) 2001-2007 Loic d'Anterroches and contributors.
#
# Plume Framework is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Plume Framework is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# ***** END LICENSE BLOCK ***** */
/**
* Add ReCaptcha control to your forms.
*
* You need first to get a ReCaptcha account, create a domain and get
* the API keys for your domain. Check http://recaptcha.net/ for more
* information.
*
* The recaptcha field needs to know the IP address of the user
* submitting the form and if the request is made over SSL or
* not. This means that you need to provide the $request object in the
* extra parameters of your form.
*
* To add the ReCaptcha field to your form, simply add the following
* to your form object (note the use of $extra['request']):
*
* <pre>
* $ssl = (!empty($extra['request']->SERVER['HTTPS'])
* and $extra['request']->SERVER['HTTPS'] != 'off');
*
* $this->fields['recaptcha'] = new Pluf_Form_Field_ReCaptcha(
* array('required' => true,
* 'label' => __('Please solve this challenge'),
* 'privkey' => 'PRIVATE_RECAPTCHA_KEY_HERE',
* 'remoteip' => $extra['request']->remote_addr,
* 'widget_attrs' => array(
* 'pubkey' => 'PUBLIC_RECAPTCHA_KEY_HERE',
* ),
* ));
* </pre>
*
* Then in your template, you simply need to add the ReCaptcha field:
*
* <pre>
* {if $form.f.recaptcha.errors}{$form.f.recaptcha.fieldErrors}{/if}
* {$form.f.recaptcha|safe}
* </pre>
*
* Based on http://recaptcha.googlecode.com/files/recaptcha-php-1.10.zip
*
* Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
* AUTHORS:
* Mike Crawford
* Ben Maurer
*/
class Pluf_Form_Field_ReCaptcha extends Pluf_Form_Field
{
public $widget = 'Pluf_Form_Widget_ReCaptcha';
public $privkey = '';
public $remoteip = '';
public $extra_params = array();
public function clean($value)
{
// will throw the Pluf_Form_Invalid exception in case of
// error.
self::checkAnswer($this->privkey, $this->remoteip,
$value[0], $value[1], $this->extra_params);
return $value;
}
/**
* Submits an HTTP POST to a reCAPTCHA server
*
* @param string Host
* @param string Path
* @param array Data
* @param int port (80
* @return array response
*/
public static function httpPost($host, $path, $data, $port=80)
{
$req = self::qsencode($data);
$http_request = "POST $path HTTP/1.0\r\n";
$http_request .= "Host: $host\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: " . strlen($req) . "\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $req;
if (false === ($fs=@fsockopen($host, $port, $errno, $errstr, 10))) {
throw new Pluf_Form_Invalid(__('Cannot connect to the reCaptcha server for validation.'));
}
fwrite($fs, $http_request);
$response = '';
while (!feof($fs)) {
$response .= fgets($fs, 1160); // One TCP-IP packet
}
fclose($fs);
return explode("\r\n\r\n", $response, 2);
}
/**
* Encodes the given data into a query string format
*
* @param array Array of string elements to be encoded
* @return string Encoded request
*/
public static function qsencode($data)
{
$d = array();
foreach ($data as $key => $value) {
$d[] = $key.'='.urlencode(stripslashes($value));
}
return implode('&', $d);
}
/**
* Calls an HTTP POST function to verify if the user's guess was correct
* @param string $privkey
* @param string $remoteip
* @param string $challenge
* @param string $response
* @param array $extra_params an array of extra variables to post to the server
* @return ReCaptchaResponse
*/
public static function checkAnswer($privkey, $remoteip, $challenge, $response, $extra_params=array())
{
if ($privkey == '') {
throw new Pluf_Form_Invalid(__('To use reCAPTCHA you must set your API key.'));
}
if ($remoteip == '') {
throw new Pluf_Form_Invalid(__('For security reasons, you must pass the remote ip to reCAPTCHA.'));
}
//discard spam submissions
if (strlen($challenge) == 0 || strlen($response) == 0) {
return false;
}
$response = self::httpPost('api-verify.recaptcha.net', '/verify',
array(
'privatekey' => $privkey,
'remoteip' => $remoteip,
'challenge' => $challenge,
'response' => $response
) + $extra_params
);
$answers = explode("\n", $response[1]);
if (trim($answers[0]) == 'true') {
return true;
} else {
throw new Pluf_Form_Invalid($answers[1]);
}
}
}
src/Pluf/Form/Widget/ReCaptcha.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
# ***** BEGIN LICENSE BLOCK *****
# This file is part of Plume Framework, a simple PHP Application Framework.
# Copyright (C) 2001-2007 Loic d'Anterroches and contributors.
#
# Plume Framework is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Plume Framework is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# ***** END LICENSE BLOCK ***** */
/**
* reCAPTCHA input for your forms.
*
* Based on http://recaptcha.googlecode.com/files/recaptcha-php-1.10.zip
*
* Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
* AUTHORS:
* Mike Crawford
* Ben Maurer
*
* @see Pluf_Form_Field_ReCaptcha
*
*/
class Pluf_Form_Widget_ReCaptcha extends Pluf_Form_Widget_Input
{
public $input_type = 'text';
public $ssl = false;
public $pubkey = '';
/**
* Renders the HTML of the input.
*
* @param string Name of the field.
* @param mixed Value for the field, can be a non valid value.
* @param array Extra attributes to add to the input form (array())
* @return string The HTML string of the input.
*/
public function render($name, $value, $extra_attrs=array())
{
return Pluf_Template::markSafe(self::getHtml($this->attrs['pubkey']));
}
/**
* Gets the challenge HTML (javascript and non-javascript
* version). This is called from the browser, and the resulting
* reCAPTCHA HTML widget is embedded within the HTML form it was
* called from.
*
* @param string A public key for reCAPTCHA
* @param string The error given by reCAPTCHA (null)
* @param boolean Should the request be made over ssl? (false)
* @return string The HTML to be embedded in the user's form.
*/
public static function getHtml($pubkey, $error=null, $use_ssl=false)
{
$server = ($use_ssl) ? 'https://api-secure.recaptcha.net'
: 'http://api.recaptcha.net';
$errorpart = ($error) ? '&amp;error='.$error : '';
return '<script type="text/javascript" src="'.$server.'/challenge?k='
.$pubkey.$errorpart.'"></script>
<noscript>
<iframe src="'.$server.'/noscript?k='.$pubkey.$errorpart
.'" height="300" width="500" frameborder="0"></iframe><br/>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
</noscript>';
}
/**
* Get the form data from the reCaptcha fields.
*
* We need to get back two fields from the POST request
* 'recaptcha_challenge_field' and 'recaptcha_response_field'.
*
* They are hardcoded, so we do not even bother checking something
* else.
*
* @param string Name of the form
* @param array Submitted form data
* @return array Challenge and answer
*/
public function valueFromFormData($name, $data)
{
$res = array('', '');
$res[0] = isset($data['recaptcha_challenge_field'])
? $data['recaptcha_challenge_field'] : '';
$res[1] = isset($data['recaptcha_response_field'])
? $data['recaptcha_response_field'] : '';
return $res;
}
}

Archive Download the corresponding diff file

Branches

Tags

Number of commits:
Page rendered in 0.06115s using 13 queries.