'captcha-createaccount' => 'To help protect against automated account creation, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
'captcha-createaccount-fail' => "Incorrect or missing confirmation code.",
'captcha-create' => 'To create the page, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
+ 'captcha-sendemail' => 'To help protect against automated spamming, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
+ 'captcha-sendemail-fail' => 'Incorrect or missing confirmation code.',
+ 'captcha-disabledinapi' => 'This action requires a captcha, so it cannot be performed through the API.',
'captchahelp-title' => 'Captcha help',
'captchahelp-cookies-needed' => "You will need to have cookies enabled in your browser for this to work.",
'captchahelp-text' => "Web sites that accept postings from the public, like this wiki, are often abused by spammers who use automated tools to post their links to many sites.
$wgCaptchaTriggers = array();
$wgCaptchaTriggers['edit'] = false; // Would check on every edit
$wgCaptchaTriggers['create'] = false; // Check on page creation.
+$wgCaptchaTriggers['sendemail'] = false; // Special:Emailuser
$wgCaptchaTriggers['addurl'] = true; // Check on edits that add URLs
$wgCaptchaTriggers['createaccount'] = true; // Special:Userlogin&type=signup
$wgCaptchaTriggers['badlogin'] = true; // Special:Userlogin after failure
$wgHooks['LoginAuthenticateAudit'][] = 'ConfirmEditHooks::triggerUserLogin';
$wgHooks['UserLoginForm'][] = 'ConfirmEditHooks::injectUserLogin';
$wgHooks['AbortLogin'][] = 'ConfirmEditHooks::confirmUserLogin';
+$wgHooks['EmailUserForm'][] = 'ConfirmEditHooks::injectEmailUser';
+$wgHooks['EmailUser'][] = 'ConfirmEditHooks::confirmEmailUser';
# Register API hook
$wgHooks['APIEditBeforeSave'][] = 'ConfirmEditHooks::confirmEditAPI';
static function confirmUserLogin( $u, $pass, &$retval ) {
return self::getInstance()->confirmUserLogin( $u, $pass, $retval );
}
+
+ static function injectEmailUser( &$form ) {
+ return self::getInstance()->injectEmailUser( $form );
+ }
+
+ static function confirmEmailUser( $from, $to, $subject, $text, &$error ) {
+ return self::getInstance()->confirmEmailUser( $from, $to, $subject, $text, $error );
+ }
}
class CaptchaSpecialPage extends UnlistedSpecialPage {
return wfEmptyMsg( $name, $text ) ? wfMsg( 'captcha-edit' ) : $text;
}
+ /**
+ * Inject whazawhoo
+ * @fixme if multiple thingies insert a header, could break
+ * @param HTMLForm
+ * @return bool true to keep running callbacks
+ */
+ function injectEmailUser( &$form ) {
+ global $wgCaptchaTriggers, $wgOut, $wgUser;
+ if ( $wgCaptchaTriggers['sendemail'] ) {
+ if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
+ wfDebug( "ConfirmEdit: user group allows skipping captcha on email sending\n" );
+ return true;
+ }
+ $form->addFooterText(
+ "<div class='captcha'>" .
+ $wgOut->parse( $this->getMessage( 'sendemail' ) ) .
+ $this->getForm() .
+ "</div>\n" );
+ }
+ return true;
+ }
+
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
return true;
}
+ /**
+ * Check the captcha on Special:EmailUser
+ * @param $from MailAddress
+ * @param $to MailAddress
+ * @param $subject String
+ * @param $text String
+ * @param $error String reference
+ * @return Bool true to continue saving, false to abort and show a captcha form
+ */
+ function confirmEmailUser( $from, $to, $subject, $text, &$error ) {
+ global $wgCaptchaTriggers, $wgUser;
+ if ( $wgCaptchaTriggers['sendemail'] ) {
+ if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
+ wfDebug( "ConfirmEdit: user group allows skipping captcha on email sending\n" );
+ return true;
+ }
+ if ( $this->isIPWhitelisted() )
+ return true;
+
+ if ( defined( 'MW_API' ) ) {
+ # API mode
+ # Asking for captchas in the API is really silly
+ $error = wfMsg( 'captcha-disabledinapi' );
+ return false;
+ }
+ $this->trigger = "{$wgUser->getName()} sending email";
+ if ( !$this->passCaptcha() ) {
+ $error = wfMsg( 'captcha-sendemail-fail' );
+ return false;
+ }
+ }
+ return true;
+ }
+
/**
* Given a required captcha run, test form input for correct
* input on the open session.
'fancycaptcha-createaccount' => 'To help protect against automated account creation, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
'fancycaptcha-create' => 'To create the page, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
'fancycaptcha-edit' => 'To edit this page, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
+ 'fancycaptcha-sendemail' => 'To help protect against automated spamming, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
);
/** Message documentation (Message documentation)
'questycaptcha-createaccount' => 'To help protect against automated account creation, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
'questycaptcha-create' => 'To create the page, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
'questycaptcha-edit' => 'To edit this page, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
+ 'questycaptcha-sendemail' => 'To help protect against automated spamming, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
'questycaptchahelp-text' => "Web sites that accept contributions from the public, like this wiki, are often abused by spammers who use automated tools to add their links to many sites.
While these spam links can be removed, they are a significant nuisance.