optional, configurable reCAPTCHA support

erickok · Sep 27, 2015 · 57bbd03 · 57bbd03
1 parent c92cf09
commit 57bbd03
Show file tree

Hide file tree

Showing 4 changed files with 74 additions and 7 deletions.
diff --git a/includes/common.php b/includes/common.php
@@ -45,5 +45,39 @@
 		$iso639[$data[0]] = $data[1];
 	}
 	fclose($handle);
-
+
+	function render_captcha($site_key) {
+		return '<div class="g-recaptcha" data-sitekey="' . $site_key . '" style="display: inline-block"></div>' .
+		'<noscript>' .
+		'  <div style="width: 302px; height: 352px; display: inline-block">' .
+		'    <div style="width: 302px; height: 352px; position: relative;">' .
+		'      <div style="width: 302px; height: 352px; position: absolute;">' .
+		'        <iframe src="https://www.google.com/recaptcha/api/fallback?k="' . $site_key .
+		'          frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;">' .
+		'        </iframe>' .
+		'      </div>' .
+		'      <div style="width: 250px; height: 80px; position: absolute; border-style: none;' .
+		'        bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">' .
+		'        <textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response"' .
+		'          style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value="">' .
+		'        </textarea>' .
+		'      </div>' .
+		'    </div>' .
+		'  </div>' .
+		'</noscript>';
+	}
+
+	function confirm_captcha_response($secret_key, $response) {
+		// do not check invalid responses
+		if ($response == null || strlen($response) == 0) {
+			return false;
+		}
+
+		$response = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . $secret_key .
+			'&remoteip=' . $_SERVER["REMOTE_ADDR"] .
+			'&response=' . $response);
+
+		$answer = json_decode($response);
+		return $answer->success == 'true';
+	}
 ?>
diff --git a/includes/header.php b/includes/header.php
@@ -16,6 +16,7 @@
         <style type="text/css">
             @import url("includes/default.css");
         </style>
+        <?php if ($requirecaptcha) { echo "<script src=\"https://www.google.com/recaptcha/api.js\" async defer></script>"; } ?>
 </head>
 
 <body>

diff --git a/includes/settings.example.php b/includes/settings.example.php
@@ -14,5 +14,10 @@
 	$frommail = '';
 	$askforemail = TRUE;
 	$requireemail = FALSE;
-
+
+	// reCAPTCHA settings
+	$requirecaptcha = FALSE;
+	$recaptcha_site_key = '';
+	$recaptcha_secret_key = '';
+
 ?>
diff --git a/translation.php b/translation.php
@@ -61,7 +61,12 @@
 				die('Please enter a name and valid email address. You can use the back button of the browser to recover your translations.');
 			}
 		}
-
+
+		// Check captcha
+		if (!confirm_captcha_response($recaptcha_secret_key, $_POST["g-recaptcha-response"])) {
+			die('Error validating the security response. You can use the back button of the browser to recover your translations.');
+		}
+
 		// Traverse through the lines of the original strings file
 		$lines = file($basedir . '/values/strings.xml');
 		$outfile = "";
@@ -221,6 +226,13 @@ function requireNameAndEmail() {
 			alert(\'Please enter a name and valid e-mail address.\');
 			return false;
 		}
+		function requireCaptcha() {
+			if (!grecaptcha.getResponse()) {
+				alert("Please confirm the captcha first.");
+				return false;
+			}
+			return true;
+		}
 	</script>
 
 	<h1>Translating to ' . $langname . ' (' . $lang . ')</h1>';
@@ -317,10 +329,18 @@ function dp($in) {
 	<p>No translation for this language currently exists. When saving for the first time, it will create a directory and the first strings.{timestamp}.xml for this new language.</p>';
 	}
 
-	// Require the input of a name and email address?
-	$requireemailhtml = $requireemail? 'return(requireNameAndEmail());"': '';
+	// Require the input of a name and email address and/or captcha?
+	if ($requireemail && $requireCaptcha) {
+		$requirehtml = 'return(requireNameAndEmail() && requireCaptcha());';
+	} else if ($requireemail) {
+		$requirehtml = 'return(requireNameAndEmail());';
+	} else if ($requirecaptcha) {
+		$requirehtml = 'return(requireCaptcha());';
+	} else {
+		$requirehtml = '';
+	}
 	echo '
-	<form id="translationform" name="translationform" method="post" action="translation.php?lang=' . $lang . '" onsubmit="javascript:unloadOk=true;' . $requireemailhtml . '">
+	<form id="translationform" name="translationform" method="post" action="translation.php?lang=' . $lang . '" onsubmit="javascript:unloadOk=true;' . $requirehtml . '">
 	<table id="translationtable">
 		<tr>
 			<th id="key">Key</th>
@@ -393,7 +413,14 @@ function encodeForInput($in) {
 			<td colspan="2"><input type="input" id="pastt_translator_email" name="pastt_translator_email" value="" /></td>
 		</tr>';
 	}
-
+
+	if($requirecaptcha) {
+		echo '
+		<tr>
+			<td colspan="3"><div style="text-align: center">' . render_captcha($recaptcha_site_key) . '</div></td>
+		</tr>';
+	}
+
 	echo '
 		<tr>
 			<td colspan="3"><input type="submit" id="submit" name="submit" value="Save updated translation" /></td>