Open Journal Systems  3.3.0
FormValidatorReCaptcha.inc.php
1 <?php
2 
16 define('RECAPTCHA_RESPONSE_FIELD', 'g-recaptcha-response');
17 define('RECAPTCHA_HOST', 'https://www.recaptcha.net');
18 define("RECAPTCHA_PATH", "/recaptcha/api/siteverify");
19 
20 class FormValidatorReCaptcha extends FormValidator {
22  var $_userIp;
24  var $_hostname;
25 
33  function __construct(&$form, $userIp, $message, $hostname = '') {
34  parent::__construct($form, RECAPTCHA_RESPONSE_FIELD, FORM_VALIDATOR_REQUIRED_VALUE, $message);
35  $this->_userIp = $userIp;
36  $this->_hostname = $hostname;
37  }
38 
39 
40  //
41  // Public methods
42  //
48  function isValid() {
49 
50  $privateKey = Config::getVar('captcha', 'recaptcha_private_key');
51  if (is_null($privateKey) || empty($privateKey)) {
52  return false;
53  }
54 
55  if (is_null($this->_userIp) || empty($this->_userIp)) {
56  return false;
57  }
58 
59  $form =& $this->getForm();
60 
61  // Request response from recaptcha api
62  $requestOptions = array(
63  'http' => array(
64  'header' => "Content-Type: application/x-www-form-urlencoded;\r\n",
65  'method' => 'POST',
66  'content' => http_build_query(array(
67  'secret' => $privateKey,
68  'response' => $form->getData(RECAPTCHA_RESPONSE_FIELD),
69  'remoteip' => $this->_userIp,
70  )),
71  ),
72  );
73 
74  $proxySettings = array(
75  'host' => Config::getVar('proxy', 'http_host'),
76  'port' => Config::getVar('proxy', 'http_port'),
77  'user' => Config::getVar('proxy', 'proxy_username'),
78  'pass' => Config::getVar('proxy', 'proxy_password'),
79  );
80  if (!empty($proxySettings['host'])) {
81  $requestOptions['http']['proxy'] = $proxySettings['host'] . ((!empty($proxySettings['port'])) ? ':'.$proxySettings['port'] : '');
82  $requestOptions['http']['request_fulluri'] = true;
83  if (!empty($proxySettings['user'])) {
84  $requestOptions['http']['header'] .= 'Proxy-Authorization: Basic ' . base64_encode($proxySettings['user'].':'.$proxySettings['pass']);
85  }
86  }
87 
88  $requestContext = stream_context_create($requestOptions);
89  $response = file_get_contents(RECAPTCHA_HOST . RECAPTCHA_PATH, false, $requestContext);
90  if ($response === false) {
91  return false;
92  }
93 
94  $response = json_decode($response, true);
95 
96  // Unrecognizable response from Google server
97  if (isset($response['success']) && $response['success'] === true) {
98  if (Config::getVar('captcha', 'recaptcha_enforce_hostname') && $response['hostname'] !== $this->_hostname) {
99  $this->_message = 'common.captcha.error.invalid-input-response';
100  return false;
101  }
102  return true;
103  } else {
104  if (isset($response['error-codes']) && is_array($response['error-codes'])) {
105  $this->_message = 'common.captcha.error.' . $response['error-codes'][0];
106  }
107  return false;
108  }
109 
110  }
111 }
112 
113 
114 
FormValidatorReCaptcha\isValid
isValid()
Definition: FormValidatorReCaptcha.inc.php:54
FormValidatorReCaptcha\$_userIp
$_userIp
Definition: FormValidatorReCaptcha.inc.php:25
FormValidatorReCaptcha
Form validation check reCaptcha values.
Definition: FormValidatorReCaptcha.inc.php:20
FormValidator\getForm
& getForm()
Definition: FormValidator.inc.php:100
GuzzleHttp\json_decode
json_decode($json, $assoc=false, $depth=512, $options=0)
Definition: guzzlehttp/guzzle/src/functions.php:301
Config\getVar
static getVar($section, $key, $default=null)
Definition: Config.inc.php:35
FormValidatorReCaptcha\$_hostname
$_hostname
Definition: FormValidatorReCaptcha.inc.php:30
FormValidator
Class to represent a form validation check.
Definition: FormValidator.inc.php:23
FormValidatorReCaptcha\__construct
__construct(&$form, $userIp, $message, $hostname='')
Definition: FormValidatorReCaptcha.inc.php:39