Session cookie is configurable. Added apache2 config example.
[toast/cookiecaptcha.git] / CookieCaptcha.class.php
index f559f0f3c9f15f70ab0c78ecbb6e671da20fe2b7..b96ac4c674db1774ca47df8333bf1fcbce89471d 100644 (file)
@@ -1,53 +1,6 @@
 <?php
 
-class FancyCaptcha extends SimpleCaptcha {
-       /**
-        * @return FileBackend
-        */
-       public function getBackend() {
-               global $wgCaptchaFileBackend, $wgCaptchaDirectory;
-
-               if ( $wgCaptchaFileBackend ) {
-                       return FileBackendGroup::singleton()->get( $wgCaptchaFileBackend );
-               } else {
-                       static $backend = null;
-                       if ( !$backend ) {
-                               $backend = new FSFileBackend( array(
-                                       'name'           => 'captcha-backend',
-                                       'lockManager'    => 'nullLockManager',
-                                       'containerPaths' => array( 'captcha-render' => $wgCaptchaDirectory ),
-                                       'fileMode'       => 777
-                               ) );
-                       }
-                       return $backend;
-               }
-       }
-
-       /**
-        * @return integer Estimate of the number of captchas files
-        */
-       public function estimateCaptchaCount() {
-               global $wgCaptchaDirectoryLevels;
-
-               $factor = 1;
-               $sampleDir = $this->getBackend()->getRootStoragePath() . '/captcha-render';
-               if ( $wgCaptchaDirectoryLevels >= 1 ) { // 1/16 sample if 16 shards
-                       $sampleDir .= '/' . dechex( mt_rand( 0, 15 ) );
-                       $factor = 16;
-               }
-               if ( $wgCaptchaDirectoryLevels >= 3 ) { // 1/256 sample if 4096 shards
-                       $sampleDir .= '/' . dechex( mt_rand( 0, 15 ) );
-                       $factor = 256;
-               }
-
-               $count = 0;
-               foreach ( $this->getBackend()->getFileList( array( 'dir' => $sampleDir ) ) as $file ) {
-                       ++$count;
-               }
-
-               return ( $count * $factor );
-       }
-
+class CookieCaptcha extends SimpleCaptcha {
        /**
         * Check if the submitted form matches the captcha session data provided
         * by the plugin when the form was generated.
@@ -57,20 +10,21 @@ class FancyCaptcha extends SimpleCaptcha {
         * @return bool
         */
        function keyMatch( $answer, $info ) {
-               global $wgCaptchaSecret;
-
-               $digest = $wgCaptchaSecret . $info['salt'] . $answer . $wgCaptchaSecret . $info['salt'];
-               $answerHash = substr( md5( $digest ), 0, 16 );
-
-               if ( $answerHash == $info['hash'] ) {
-                       wfDebug( "FancyCaptcha: answer hash matches expected {$info['hash']}\n" );
+               global $wgCaptchaCookieName;
+               if (isset($_COOKIE[$wgCaptchaCookieName])) {
+                       wfDebug( "CookieCaptcha: Found cookie\n" );
                        return true;
                } else {
-                       wfDebug( "FancyCaptcha: answer hashes to $answerHash, expected {$info['hash']}\n" );
+                       wfDebug( "CookieCaptcha: Didn't find cookie...\n" );
                        return false;
                }
        }
 
+       function retrieveCaptcha() {
+               return true;
+       }
+
+       /*
        function addCaptchaAPI( &$resultArr ) {
                $info = $this->pickImage();
                if ( !$info ) {
@@ -84,255 +38,21 @@ class FancyCaptcha extends SimpleCaptcha {
                $resultArr['captcha']['id'] = $index;
                $resultArr['captcha']['url'] = $title->getLocalUrl( 'wpCaptchaId=' . urlencode( $index ) );
        }
+        */
 
        /**
         * Insert the captcha prompt into the edit form.
         */
        function getForm() {
-               $info = $this->pickImage();
-               if ( !$info ) {
-                       throw new MWException( "Ran out of captcha images" );
-               }
-
-               // Generate a random key for use of this captcha image in this session.
-               // This is needed so multiple edits in separate tabs or windows can
-               // go through without extra pain.
-               $index = $this->storeCaptcha( $info );
-
-               wfDebug( "Captcha id $index using hash ${info['hash']}, salt ${info['salt']}.\n" );
-
-               $title = SpecialPage::getTitleFor( 'Captcha', 'image' );
-
+               global $wgCaptchaCookieName, $wgCaptchaCookieImage, $wgCaptchaCookieAlt, $wgCaptchaCookieStyle;
                return "<p>" .
                        Html::element( 'img', array(
-                               'src'    => $title->getLocalUrl( 'wpCaptchaId=' . urlencode( $index ) ),
-                               'width'  => $info['width'],
-                               'height' => $info['height'],
-                               'alt'    => '' ) ) .
-                       "</p>\n" .
-                       Html::element( 'input', array(
-                               'type'  => 'hidden',
-                               'name'  => 'wpCaptchaId',
-                               'id'    => 'wpCaptchaId',
-                               'value' => $index ) ) .
-                       '<p>' .
-                       Html::element( 'label', array(
-                               'for' => 'wpCaptchaWord',
-                       ), parent::getMessage( 'label' ) . wfMessage( 'colon-separator' )->text() ) .
-                       Html::element( 'input', array(
-                               'name' => 'wpCaptchaWord',
-                               'id'   => 'wpCaptchaWord',
-                               'type' => 'text',
-                               'autocorrect' => 'off',
-                               'autocapitalize' => 'off',
-                               'required' => 'required',
-                               'tabindex' => 1 ) ) . // tab in before the edit textarea
+                               'src'    => $wgCaptchaCookieImage,
+                               'alt'    => $wgCaptchaCookieAlt,
+                               'style'  => $wgCaptchaCookieStyle ) ) .
                        "</p>\n";
        }
 
-       /**
-        * Select a previously generated captcha image from the queue.
-        * @return mixed tuple of (salt key, text hash) or false if no image to find
-        */
-       protected function pickImage() {
-               global $wgCaptchaDirectoryLevels;
-
-               $lockouts = 0; // number of times another process claimed a file before this one
-               $baseDir = $this->getBackend()->getRootStoragePath() . '/captcha-render';
-               return $this->pickImageDir( $baseDir, $wgCaptchaDirectoryLevels, $lockouts );
-       }
-
-       /**
-        * @param $directory string
-        * @param $levels integer
-        * @param $lockouts integer
-        * @return Array|bool
-        */
-       protected function pickImageDir( $directory, $levels, &$lockouts ) {
-               global $wgMemc;
-
-               if ( $levels <= 0 ) { // $directory has regular files
-                       return $this->pickImageFromDir( $directory, $lockouts );
-               }
-
-               $backend = $this->getBackend();
-
-               $key  = "fancycaptcha:dirlist:{$backend->getWikiId()}:" . sha1( $directory );
-               $dirs = $wgMemc->get( $key ); // check cache
-               if ( !is_array( $dirs ) ) { // cache miss
-                       $dirs = array(); // subdirs actually present...
-                       foreach ( $backend->getTopDirectoryList( array( 'dir' => $directory ) ) as $entry ) {
-                               if ( ctype_xdigit( $entry ) && strlen( $entry ) == 1 ) {
-                                       $dirs[] = $entry;
-                               }
-                       }
-                       wfDebug( "Cache miss for $directory subdirectory listing.\n" );
-                       $wgMemc->set( $key, $dirs, 86400 );
-               }
-
-               if ( !count( $dirs ) ) {
-                       // Remove this directory if empty so callers don't keep looking here
-                       $backend->clean( array( 'dir' => $directory ) );
-                       return false; // none found
-               }
-
-               $place = mt_rand( 0, count( $dirs ) - 1 ); // pick a random subdir
-               // In case all dirs are not filled, cycle through next digits...
-               for ( $j = 0; $j < count( $dirs ); $j++ ) {
-                       $char = $dirs[( $place + $j ) % count( $dirs )];
-                       $info = $this->pickImageDir( "$directory/$char", $levels - 1, $lockouts );
-                       if ( $info ) {
-                               return $info; // found a captcha
-                       } else {
-                               wfDebug( "Could not find captcha in $directory.\n" );
-                               $wgMemc->delete( $key ); // files changed on disk?
-                       }
-               }
-
-               return false; // didn't find any images in this directory... empty?
-       }
-
-       /**
-        * @param $directory string
-        * @param $lockouts integer
-        * @return Array|bool
-        */
-       protected function pickImageFromDir( $directory, &$lockouts ) {
-               global $wgMemc;
-
-               $backend = $this->getBackend();
-
-               $key   = "fancycaptcha:filelist:{$backend->getWikiId()}:" . sha1( $directory );
-               $files = $wgMemc->get( $key ); // check cache
-               if ( !is_array( $files ) ) { // cache miss
-                       $files = array(); // captcha files
-                       foreach ( $backend->getTopFileList( array( 'dir' => $directory ) ) as $entry ) {
-                               $files[] = $entry;
-                               if ( count( $files ) >= 500 ) { // sanity
-                                       wfDebug( 'Skipping some captchas; $wgCaptchaDirectoryLevels set too low?.' );
-                                       break;
-                               }
-                       }
-                       $wgMemc->set( $key, $files, 86400 );
-                       wfDebug( "Cache miss for $directory captcha listing.\n" );
-               }
-
-               if ( !count( $files ) ) {
-                       // Remove this directory if empty so callers don't keep looking here
-                       $backend->clean( array( 'dir' => $directory ) );
-                       return false;
-               }
-
-               $info = $this->pickImageFromList( $directory, $files, $lockouts );
-               if ( !$info ) {
-                       wfDebug( "Could not find captcha in $directory.\n" );
-                       $wgMemc->delete( $key ); // files changed on disk?
-               }
-
-               return $info;
-       }
-
-       /**
-        * @param $directory string
-        * @param $files array
-        * @param $lockouts integer
-        * @return boolean
-        */
-       protected function pickImageFromList( $directory, array $files, &$lockouts ) {
-               global $wgMemc, $wgCaptchaDeleteOnSolve;
-
-               if ( !count( $files ) ) {
-                       return false; // none found
-               }
-
-               $backend  = $this->getBackend();
-               $place    = mt_rand( 0, count( $files ) - 1 ); // pick a random file
-               $misses   = 0; // number of files in listing that don't actually exist
-               for ( $j = 0; $j < count( $files ); $j++ ) {
-                       $entry = $files[( $place + $j ) % count( $files )];
-                       if ( preg_match( '/^image_([0-9a-f]+)_([0-9a-f]+)\\.png$/', $entry, $matches ) ) {
-                               if ( $wgCaptchaDeleteOnSolve ) { // captcha will be deleted when solved
-                                       $key = "fancycaptcha:filelock:{$backend->getWikiId()}:" . sha1( $entry );
-                                       // Try to claim this captcha for 10 minutes (for the user to solve)...
-                                       if ( ++$lockouts <= 10 && !$wgMemc->add( $key, '1', 600 ) ) {
-                                               continue; // could not acquire (skip it to avoid race conditions)
-                                       }
-                               }
-                               $fsFile = $backend->getLocalReference( array( 'src' => "$directory/$entry" ) );
-                               if ( !$fsFile || !$fsFile->exists() ) {
-                                       if ( ++$misses >= 5 ) { // too many files in the listing don't exist
-                                               break; // listing cache too stale? break out so it will be cleared
-                                       }
-                                       continue; // try next file
-                               }
-                               $size = getimagesize( $fsFile->getPath() );
-                               return array(
-                                       'salt'   => $matches[1],
-                                       'hash'   => $matches[2],
-                                       'width'  => $size[0],
-                                       'height' => $size[1],
-                                       'viewed' => false,
-                               );
-                       }
-               }
-
-               return false; // none found
-       }
-
-       function showImage() {
-               global $wgOut;
-
-               $wgOut->disable();
-
-               $info = $this->retrieveCaptcha();
-               if ( $info ) {
-                       $timestamp = new MWTimestamp();
-                       $info['viewed'] = $timestamp->getTimestamp();
-                       $this->storeCaptcha( $info );
-
-                       $salt = $info['salt'];
-                       $hash = $info['hash'];
-
-                       return $this->getBackend()->streamFile( array(
-                               'src'     => $this->imagePath( $salt, $hash ),
-                               'headers' => array( "Cache-Control: private, s-maxage=0, max-age=3600" )
-                       ) )->isOK();
-               }
-
-               wfHttpError( 500, 'Internal Error', 'Requested bogus captcha image' );
-               return false;
-       }
-
-       /**
-        * @param $salt string
-        * @param $hash string
-        * @return string
-        */
-       public function imagePath( $salt, $hash ) {
-               global $wgCaptchaDirectoryLevels;
-
-               $file = $this->getBackend()->getRootStoragePath() . '/captcha-render/';
-               for ( $i = 0; $i < $wgCaptchaDirectoryLevels; $i++ ) {
-                       $file .= $hash{ $i } . '/';
-               }
-               $file .= "image_{$salt}_{$hash}.png";
-
-               return $file;
-       }
-
-       /**
-        * @param $basename string
-        * @return Array (salt, hash)
-        * @throws MWException
-        */
-       public function hashFromImageName( $basename ) {
-               if ( preg_match( '/^image_([0-9a-f]+)_([0-9a-f]+)\\.png$/', $basename, $matches ) ) {
-                       return array( $matches[1], $matches[2] );
-               } else {
-                       throw new MWException( "Invalid filename '$basename'.\n" );
-               }
-       }
-
        /**
         * Show a message asking the user to enter a captcha on edit
         * The result will be treated as wiki text
@@ -340,6 +60,7 @@ class FancyCaptcha extends SimpleCaptcha {
         * @param $action string Action being performed
         * @return string
         */
+       /*
        function getMessage( $action ) {
                $name = 'fancycaptcha-' . $action;
                $text = wfMessage( $name )->text();
@@ -348,22 +69,6 @@ class FancyCaptcha extends SimpleCaptcha {
                return wfMessage( $name, $text )->isDisabled() ?
                        wfMessage( 'fancycaptcha-edit' )->text() : $text;
        }
-
-       /**
-        * Delete a solved captcha image, if $wgCaptchaDeleteOnSolve is true.
         */
-       function passCaptcha() {
-               global $wgCaptchaDeleteOnSolve;
-
-               $info = $this->retrieveCaptcha(); // get the captcha info before it gets deleted
-               $pass = parent::passCaptcha();
 
-               if ( $pass && $wgCaptchaDeleteOnSolve ) {
-                       $this->getBackend()->quickDelete( array(
-                               'src' => $this->imagePath( $info['salt'], $info['hash'] )
-                       ) );
-               }
-
-               return $pass;
-       }
 }