# Prelim in-progress code. Proof of concept for framework, not
# intended as a real production captcha system!
-# Loader for spam blacklist feature
+# Loader for simple captcha feature
# Include this from LocalSettings.php
if ( defined( 'MEDIAWIKI' ) ) {
-global $wgExtensionFunctions, $wgHooks, $wgGroupPermissions;
+global $wgExtensionFunctions, $wgGroupPermissions;
$wgExtensionFunctions[] = 'ceSetup';
-$wgHooks['EditFilter'][] = 'ceConfirmEditLinks';
-
$wgGroupPermissions['*' ]['skipcaptcha'] = false;
$wgGroupPermissions['user' ]['skipcaptcha'] = false;
$wgGroupPermissions['bot' ]['skipcaptcha'] = true; // registered bots
$wgGroupPermissions['sysop' ]['skipcaptcha'] = true;
+global $wgCaptcha, $wgCaptchaClass, $wgCaptchaTriggers;
+$wgCaptcha = null;
+$wgCaptchaClass = 'SimpleCaptcha';
+
+$wgCaptchaTriggers = array();
+$wgCaptchaTriggers['edit'] = false; // Would check on every edit
+$wgCaptchaTriggers['addurl'] = true; // Check on edits that add URLs
+
/**
* Allow users who have confirmed their e-mail addresses to post
* URL links without being harassed by the captcha.
* Set up message strings for captcha utilities.
*/
function ceSetup() {
- global $wgMessageCache;
+ global $wgMessageCache, $wgHooks, $wgCaptcha, $wgCaptchaClass;
$wgMessageCache->addMessage('captcha-short', "Your edit includes new URL links; as a protection
against automated spam, you'll need to enter the answer to this
simple arithmetic test:" );
+
SpecialPage::addPage( new SpecialPage( 'Captcha', false,
/*listed*/ false, /*function*/ false, /*file*/ false ) );
+
+ $wgCaptcha = new $wgCaptchaClass();
+ $wgHooks['EditFilter'][] = array( &$wgCaptcha, 'confirmEdit' );
}
/**
* Entry point for Special:Captcha
*/
function wfSpecialCaptcha( $par = null ) {
+ global $wgCaptcha;
switch( $par ) {
case "image":
- return ceShowImage();
+ return $wgCaptcha->showImage();
case "help":
default:
- return ceShowHelp();
+ return $wgCaptcha->showHelp();
}
}
-function ceConfirmEditLinks( &$editPage, $newtext, $section ) {
- $oldtext = ceLoadText( $editPage, $section );
-
- $oldLinks = ceFindLinks( $oldtext );
- $newLinks = ceFindLinks( $newtext );
-
- $addedLinks = array_diff( $newLinks, $oldLinks );
- $numLinks = count( $addedLinks );
-
- /*
- var_dump( $oldtext );
- var_dump( $newtext );
- var_dump( $oldLinks );
- var_dump( $newLinks );
- var_dump( $addedLinks );
- die( '---' );
- */
-
- if( $numLinks > 0 ) {
- wfDebug( "ConfirmEdit found $numLinks new links...\n" );
- if( ceKeyMatch() ) {
- wfDebug( "ConfirmEdit given proper key from form, passing.\n" );
- return true;
- } else {
- wfDebug( "ConfirmEdit missing form key, prompting.\n" );
- $editPage->showEditForm( 'ceFormCallback' );
+class SimpleCaptcha {
+ /**
+ * @param EditPage $editPage
+ * @param string $newtext
+ * @param string $section
+ * @return bool true if the captcha should run
+ */
+ function shouldCheck( &$editPage, $newtext, $section ) {
+ global $wgUser;
+ if( $wgUser->isAllowed( 'skipcaptcha' ) ) {
+ wfDebug( "SimpleCaptcha: user group allows skipping captcha\n" );
return false;
}
- } else {
- wfDebug( "ConfirmEdit: no new links.\n" );
- return true;
- }
-}
-
-function ceKeyMatch() {
- global $wgUser;
- if( $wgUser->isAllowed( 'skipcaptcha' ) ) {
- wfDebug( "ConfirmEdit: user group allows skipping captcha\n" );
- return true;
- }
-
- global $wgEmailAuthentication, $ceAllowConfirmedEmail;
- if( $wgEmailAuthentication && $ceAllowConfirmedEmail &&
- $wgUser->isEmailConfirmed() ) {
- wfDebug( "ConfirmEdit: user has confirmed mail, skippng captcha\n" );
- return true;
- }
- if( !isset( $_SESSION['ceAnswerVar'] ) ) {
- wfDebug( "ConfirmEdit no session captcha key set, this is new visitor.\n" );
+ global $wgEmailAuthentication, $ceAllowConfirmedEmail;
+ if( $wgEmailAuthentication && $ceAllowConfirmedEmail &&
+ $wgUser->isEmailConfirmed() ) {
+ wfDebug( "SimpleCaptcha: user has confirmed mail, skipping captcha\n" );
+ return false;
+ }
+
+ global $wgCaptchaTriggers;
+ if( !empty( $wgCaptchaTriggers['edit'] ) ) {
+ // Check on all edits
+ wfDebug( "SimpleCaptcha: checking all edits...\n" );
+ return true;
+ }
+
+ if( !empty( $wgCaptchaTriggers['addurl'] ) ) {
+ // Only check edits that add URLs
+ $oldtext = $this->loadText( $editPage, $section );
+
+ $oldLinks = $this->findLinks( $oldtext );
+ $newLinks = $this->findLinks( $newtext );
+
+ $addedLinks = array_diff( $newLinks, $oldLinks );
+ $numLinks = count( $addedLinks );
+
+ if( $numLinks > 0 ) {
+ wfDebug( "SimpleCaptcha: found $numLinks new links; triggered...\n" );
+ return true;
+ }
+ }
+
return false;
}
- global $wgRequest;
- return $wgRequest->getVal( $_SESSION['ceAnswerVar'] ) == $_SESSION['ceAnswer'];
-}
-
-function ceFormCallback( &$out ) {
- $source = 'ceSource' . mt_rand();
- $dest = 'ceConfirm' . mt_rand();
- $a = mt_rand(0, 100);
- $b = mt_rand(0, 10);
- $op = mt_rand(0, 1) ? '+' : '-';
-
- $test = "$a $op $b";
- $answer = ($op == '+') ? ($a + $b) : ($a - $b);
- $_SESSION['ceAnswer'] = $answer;
- $_SESSION['ceAnswerVar'] = $dest;
+ function confirmEdit( &$editPage, $newtext, $section ) {
+ if( $this->shouldCheck( $editPage, $newtext, $section ) ) {
+ if( $this->keyMatch() ) {
+ wfDebug( "ConfirmEdit given proper key from form, passing.\n" );
+ return true;
+ } else {
+ wfDebug( "ConfirmEdit missing form key, prompting.\n" );
+ $editPage->showEditForm( array( &$this, 'formCallback' ) );
+ return false;
+ }
+ } else {
+ wfDebug( "ConfirmEdit: no new links.\n" );
+ return true;
+ }
+ }
+ function keyMatch() {
+ if( !isset( $_SESSION['ceAnswerVar'] ) ) {
+ wfDebug( "ConfirmEdit no session captcha key set, this is new visitor.\n" );
+ return false;
+ }
+ global $wgRequest;
+ return $wgRequest->getVal( $_SESSION['ceAnswerVar'] ) == $_SESSION['ceAnswer'];
+ }
- $out->addWikiText( wfMsg( "captcha-short" ) );
- $out->addHTML( <<<END
- <p><span id="$source">$test</span> = <input name="$dest" id="$dest" /></p>
+ function formCallback( &$out ) {
+ $source = 'ceSource' . mt_rand();
+ $dest = 'ceConfirm' . mt_rand();
+
+ $a = mt_rand(0, 100);
+ $b = mt_rand(0, 10);
+ $op = mt_rand(0, 1) ? '+' : '-';
+
+ $test = "$a $op $b";
+ $answer = ($op == '+') ? ($a + $b) : ($a - $b);
+ $_SESSION['ceAnswer'] = $answer;
+ $_SESSION['ceAnswerVar'] = $dest;
+
+
+ $out->addWikiText( wfMsg( "captcha-short" ) );
+ $out->addHTML( <<<END
+ <p><span id="$source">$test</span> = <input name="$dest" id="$dest" /></p>
END
- );
-}
-
-function ceLoadText( $editPage, $section ) {
- $rev = Revision::newFromTitle( $editPage->mTitle );
- if( is_null( $rev ) ) {
- return "";
- } else {
- $text = $rev->getText();
- if( $section != '' ) {
- return Article::getSection( $text, $section );
+ );
+ }
+
+ function loadText( $editPage, $section ) {
+ $rev = Revision::newFromTitle( $editPage->mTitle );
+ if( is_null( $rev ) ) {
+ return "";
} else {
- return $text;
+ $text = $rev->getText();
+ if( $section != '' ) {
+ return Article::getSection( $text, $section );
+ } else {
+ return $text;
+ }
}
}
-}
-
-function ceFindLinks( $text ) {
- $regex = '/((?:' . HTTP_PROTOCOLS . ')' . EXT_LINK_URL_CLASS . '+)/';
- if( preg_match_all( $regex, $text, $matches, PREG_PATTERN_ORDER ) ) {
- return $matches[1];
- } else {
- return array();
+ function findLinks( $text ) {
+ $regex = '/((?:' . HTTP_PROTOCOLS . ')' . EXT_LINK_URL_CLASS . '+)/';
+
+ if( preg_match_all( $regex, $text, $matches, PREG_PATTERN_ORDER ) ) {
+ return $matches[1];
+ } else {
+ return array();
+ }
}
-}
-
-function ceShowHelp() {
- global $wgOut, $ceAllowConfirmedEmail;
- $wgOut->setPageTitle( 'Captcha help' );
- $wgOut->addWikiText( <<<END
-So what's this wacky captcha thing about?
-
-It's your enemy. It's here to kill you. RUN WHILE YOU STILL CAN
+
+ function showHelp() {
+ global $wgOut, $ceAllowConfirmedEmail;
+ $wgOut->setPageTitle( 'Captcha help' );
+ $wgOut->addWikiText( <<<END
+ So what's this wacky captcha thing about?
+
+ It's your enemy. It's here to kill you. RUN WHILE YOU STILL CAN
END
- );
+ );
+ }
+
}
} # End invocation guard
+
?>
--- /dev/null
+<?php
+
+if ( defined( 'MEDIAWIKI' ) ) {
+
+global $wgCaptchaDirectory;
+$wgCaptchaDirectory = "$wgUploadDirectory/captcha"; // bad default :D
+
+global $wgCaptchaSecret;
+$wgCaptchaSecret = "CHANGE_THIS_SECRET!";
+
+
+class FancyCaptcha extends SimpleCaptcha {
+ function keyMatch() {
+ global $wgRequest, $wgCaptchaSecret;
+
+ if( !isset( $_SESSION['ceAnswerVar'] ) ) {
+ wfDebug( "FancyCaptcha: no session captcha key set, this is new visitor.\n" );
+ return false;
+ }
+
+ $var = $_SESSION['ceAnswerVar'];
+ $salt = $_SESSION['captchaSalt'];
+ $hash = $_SESSION['captchaHash'];
+
+ $answer = $wgRequest->getVal( $var );
+ $digest = $wgCaptchaSecret . $salt . $answer . $wgCaptchaSecret . $salt;
+ $answerHash = substr( md5( $digest ), 0, 16 );
+
+ if( $answerHash == $hash ) {
+ wfDebug( "FancyCaptcha: answer hash matches expected $hash\n" );
+ return true;
+ } else {
+ wfDebug( "FancyCaptcha: answer hashes to $answerHash, expected $hash\n" );
+ return false;
+ }
+ }
+
+ function formCallback( &$out ) {
+ $dest = 'wpCaptchaWord' . mt_rand();
+
+ $img = $this->pickImage();
+ if( !$img ) {
+ die( 'aaargh' );
+ }
+
+ $_SESSION['ceAnswerVar'] = $dest;
+ $_SESSION['captchaHash'] = $img['hash'];
+ $_SESSION['captchaSalt'] = $img['salt'];
+ $_SESSION['captchaViewed'] = false;
+ wfDebug( "Picked captcha with hash ${img['hash']}, salt ${img['salt']}.\n" );
+
+ $title = Title::makeTitle( NS_SPECIAL, 'Captcha/image' );
+ $url = $title->getLocalUrl();
+
+
+ $out->addWikiText( wfMsg( "captcha-short" ) );
+ $out->addHTML( <<<END
+ <p><img src="$url" alt="Oh noes" /></p>
+ <p><input name="$dest" id="$dest" /></p>
+END
+ );
+ }
+
+ function pickImage() {
+ global $wgCaptchaDirectory;
+ $dir = opendir( $wgCaptchaDirectory );
+
+ $n = mt_rand( 0, 16 );
+ $count = 0;
+
+ $entry = readdir( $dir );
+ while( false !== $entry ) {
+ $entry = readdir( $dir );
+ if( preg_match( '/^image_([0-9a-f]+)_([0-9a-f]+)\\.png$/', $entry, $matches ) ) {
+ if( $count++ % 16 == $n ) {
+ return array(
+ 'salt' => $matches[1],
+ 'hash' => $matches[2],
+ );
+ }
+ }
+ }
+ return false;
+ }
+
+ function showImage() {
+ global $wgOut;
+ $wgOut->disable();
+ if( !empty( $_SESSION['captchaViewed'] ) ) {
+ wfHttpError( 403, 'Access Forbidden', "Can't view captcha image a second time." );
+ return false;
+ }
+ $_SESSION['captchaViewed'] = wfTimestamp();
+
+ if( isset( $_SESSION['captchaSalt'] ) ) {
+ $salt = $_SESSION['captchaSalt'];
+ if( isset( $_SESSION['captchaHash'] ) ) {
+ $hash = $_SESSION['captchaHash'];
+
+ global $wgCaptchaDirectory;
+ $file = $wgCaptchaDirectory . DIRECTORY_SEPARATOR . "image_{$salt}_{$hash}.png";
+ if( file_exists( $file ) ) {
+ header( 'Content-type: image/png' );
+ readfile( $file );
+ }
+ }
+ } else {
+ wfHttpError( 500, 'Internal Error', 'Requested bogus captcha image' );
+ }
+ }
+}
+
+} # End invocation guard
+
+?>