Revision 640
Added by thorn almost 18 years ago
| trunk/CHANGELOG | ||
|---|---|---|
| 12 | 12 |
|
| 13 | 13 |
------------------------------------- 2.7.0 ------------------------------------- |
| 14 | 14 |
29-Jan-2008 Thomas Hornik |
| 15 |
# Security bugfix: Text file for text-captcha was readable from everywhere
|
|
| 15 |
# Security bugfix: Text file for text-captcha was world-readable. Moved to database.
|
|
| 16 | 16 |
# Text-captcha: empty line in test file, following a question, was accepted as answer. Fixed. |
| 17 | 17 |
28-Jan-2008 Matthias Gallas |
| 18 | 18 |
# Replaced all special chars in language files with htmlentities or unicode |
| trunk/wb/include/captcha/captchas/text.php | ||
|---|---|---|
| 27 | 27 |
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
|
| 28 | 28 |
|
| 29 | 29 |
global $admin; |
| 30 |
global $database; |
|
| 30 | 31 |
$name = 'text'; |
| 31 | 32 |
$file = WB_PATH."/temp/.captcha_$name.php"; |
| 32 | 33 |
|
| ... | ... | |
| 34 | 35 |
$_SESSION['captcha'] = rand(0,99999); |
| 35 | 36 |
|
| 36 | 37 |
// get questions and answers |
| 37 |
$qa = array(); |
|
| 38 |
@$content = file($file); |
|
| 39 |
if($content===FALSE) {
|
|
| 40 |
echo '<b>Error</b>: Can not read text! Enter <b>0</b> to solve this captcha'; |
|
| 41 |
$_SESSION['captcha'] = '0'; |
|
| 42 |
return; |
|
| 38 |
$text_qa=''; |
|
| 39 |
$table = TABLE_PREFIX.'mod_captcha_control'; |
|
| 40 |
if($query = $database->query("SELECT ct_text FROM $table")) {
|
|
| 41 |
$data = $query->fetchRow(); |
|
| 42 |
$text_qa = $admin->strip_slashes($data['ct_text']); |
|
| 43 | 43 |
} |
| 44 |
$content = explode("\n", $text_qa);
|
|
| 45 |
|
|
| 44 | 46 |
reset($content); |
| 45 | 47 |
while($s = current($content)) {
|
| 46 | 48 |
// get question |
| ... | ... | |
| 56 | 58 |
} else {
|
| 57 | 59 |
$lang='XX'; |
| 58 | 60 |
$q=substr($s,1); |
| 61 |
if($q=='') {
|
|
| 62 |
next($content); |
|
| 63 |
continue; |
|
| 64 |
} |
|
| 59 | 65 |
} |
| 60 | 66 |
// get answer |
| 61 | 67 |
$s=next($content); |
| ... | ... | |
| 67 | 73 |
next($content); |
| 68 | 74 |
} |
| 69 | 75 |
} |
| 70 |
if($qa == array()) {
|
|
| 76 |
if(!isset($qa) || $qa == array()) {
|
|
| 71 | 77 |
echo '<b>Error</b>: no text defined! Enter <b>0</b> to solve this captcha'; |
| 72 | 78 |
$_SESSION['captcha'] = '0'; |
| 73 | 79 |
return; |
| ... | ... | |
| 91 | 97 |
|
| 92 | 98 |
echo $k; |
| 93 | 99 |
|
| 94 |
?> |
|
| 100 |
?> |
|
| trunk/wb/modules/captcha_control/tool.php | ||
|---|---|---|
| 52 | 52 |
"); |
| 53 | 53 |
|
| 54 | 54 |
// save text-captchas |
| 55 |
if($_POST['captcha_type'] == 'text') {
|
|
| 55 |
if($_POST['captcha_type'] == 'text') { // ct_text
|
|
| 56 | 56 |
$text_qa=$_POST['text_qa']; |
| 57 | 57 |
if(strpos($text_qa, '### example ###') === FALSE) {
|
| 58 | 58 |
$text_qa=$admin->add_slashes($text_qa); |
| 59 |
$text_qa="<?php die(header('Location: ../index.php')); ?>\n".$text_qa;
|
|
| 60 |
if($fh = fopen(WB_PATH.'/temp/.captcha_text.php', 'wb')) {
|
|
| 61 |
fwrite($fh, $text_qa); |
|
| 62 |
fclose($fh); |
|
| 63 |
} |
|
| 59 |
$database->query("UPDATE $table SET ct_text = '$text_qa'");
|
|
| 64 | 60 |
} |
| 65 | 61 |
} |
| 66 | 62 |
|
| ... | ... | |
| 78 | 74 |
|
| 79 | 75 |
// load text-captchas |
| 80 | 76 |
$text_qa=''; |
| 81 |
if(file_exists(WB_PATH.'/include/captcha/captchas/text.php')) {
|
|
| 82 |
if(file_exists(WB_PATH.'/temp/.captcha_text.php')) {
|
|
| 83 |
@$content = file(WB_PATH.'/temp/.captcha_text.php'); |
|
| 84 |
if($content!==FALSE) {
|
|
| 85 |
$content[0]=''; |
|
| 86 |
$text_qa = $admin->strip_slashes(implode('', $content));
|
|
| 87 |
} |
|
| 88 |
} |
|
| 77 |
if($query = $database->query("SELECT ct_text FROM $table")) {
|
|
| 78 |
$data = $query->fetchRow(); |
|
| 79 |
$text_qa = $admin->strip_slashes($data['ct_text']); |
|
| 89 | 80 |
} |
| 90 | 81 |
if($text_qa == '') |
| 91 | 82 |
$text_qa = $MOD_CAPTCHA_CONTROL['CAPTCHA_TEXT_DESC']; |
| ... | ... | |
| 199 | 190 |
<?php |
| 200 | 191 |
} |
| 201 | 192 |
|
| 202 |
?> |
|
| 193 |
?> |
|
| trunk/wb/modules/captcha_control/install.php | ||
|---|---|---|
| 35 | 35 |
`captcha_type` VARCHAR(255) NOT NULL DEFAULT 'calc_text', |
| 36 | 36 |
`asp_session_min_age` INT(11) NOT NULL DEFAULT '20', |
| 37 | 37 |
`asp_view_min_age` INT(11) NOT NULL DEFAULT '10', |
| 38 |
`asp_input_min_age` INT(11) NOT NULL DEFAULT '5' |
|
| 38 |
`asp_input_min_age` INT(11) NOT NULL DEFAULT '5', |
|
| 39 |
`ct_text` LONGTEXT NOT NULL DEFAULT '' |
|
| 39 | 40 |
)" |
| 40 | 41 |
); |
| 41 | 42 |
|
Also available in: Unified diff
Text-captcha: moved text-file to database.