From: Bryan Tong Minh <btongminh@users.mediawiki.org>
Date: Sat, 9 May 2009 14:00:13 +0000 (+0000)
Subject: Verify IP whitelisting on login and account creation as well.
X-Git-Url: https://git.toastfreeware.priv.at/toast/cookiecaptcha.git/commitdiff_plain/e70965603fb02fc723a079e99bfffed4759e70e8

Verify IP whitelisting on login and account creation as well.
---

diff --git a/ConfirmEdit_body.php b/ConfirmEdit_body.php
index e5b975f..57655c6 100644
--- a/ConfirmEdit_body.php
+++ b/ConfirmEdit_body.php
@@ -213,6 +213,22 @@ class SimpleCaptcha {
 		return intval( $wgMemc->get( $this->badLoginKey() ) ) >= $wgCaptchaBadLoginAttempts;
 	}
 	
+	/**
+	 * Check if the IP is allowed to skip captchas
+	 */
+	function isIPWhitelisted() {
+		global $wgCaptchaWhitelistIP;
+		if( !empty( $wgCaptchaWhitelistIP ) ) {
+			$ip = wfGetIp();
+			foreach ( $wgCaptchaWhitelistIP as $range ) {
+				if ( IP::isInRange( $ip, $range ) ) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+	
 	/**
 	 * Internal cache key for badlogin checks.
 	 * @return string
@@ -268,15 +284,8 @@ class SimpleCaptcha {
 			wfDebug( "ConfirmEdit: user group allows skipping captcha\n" );
 			return false;
 		}
-		global $wgCaptchaWhitelistIP;
-		if( !empty( $wgCaptchaWhitelistIP ) ) {
-			$ip = wfGetIp();
-			foreach ( $wgCaptchaWhitelistIP as $range ) {
-				if ( IP::isInRange( $ip, $range ) ) {
-					return false;
-				}
-			}
-		}
+		if( $this->isIPWhitelisted() )
+			return false;
 
 
 		global $wgEmailAuthentication, $ceAllowConfirmedEmail;
@@ -523,6 +532,9 @@ class SimpleCaptcha {
 				wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
 				return true;
 			}
+			if( $this->isIPWhitelisted() )
+				return true;
+				
 			$this->trigger = "new account '" . $u->getName() . "'";
 			if( !$this->passCaptcha() ) {
 				$message = wfMsg( 'captcha-createaccount-fail' );
@@ -540,6 +552,9 @@ class SimpleCaptcha {
 	 */
 	function confirmUserLogin( $u, $pass, &$retval ) {
 		if( $this->isBadLoginTriggered() ) {
+			if( $this->isIPWhitelisted() )
+				return true;
+			
 			$this->trigger = "post-badlogin login '" . $u->getName() . "'";
 			if( !$this->passCaptcha() ) {
 				$message = wfMsg( 'captcha-badlogin-fail' );