3 namespace Org\Mxchange\CoreFramework\Filter\Verifier\Captcha;
5 // Import framework stuff
6 use Org\Mxchange\CoreFramework\Bootstrap\FrameworkBootstrap;
7 use Org\Mxchange\CoreFramework\Factory\Object\ObjectFactory;
8 use Org\Mxchange\CoreFramework\Filter\BaseFilter;
9 use Org\Mxchange\CoreFramework\Filter\Chain\FilterChainException;
10 use Org\Mxchange\CoreFramework\Filter\Filterable;
11 use Org\Mxchange\CoreFramework\Request\Requestable;
12 use Org\Mxchange\CoreFramework\Response\Responseable;
15 * A concrete filter for validating code graphical CAPTCHAs with hashes
17 * @author Roland Haeder <webmaster@shipsimu.org>
19 * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2021 Core Developer Team
20 * @license GNU GPL 3.0 or any newer version
21 * @link http://www.shipsimu.org
23 * This program is free software: you can redistribute it and/or modify
24 * it under the terms of the GNU General Public License as published by
25 * the Free Software Foundation, either version 3 of the License, or
26 * (at your option) any later version.
28 * This program is distributed in the hope that it will be useful,
29 * but WITHOUT ANY WARRANTY; without even the implied warranty of
30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
31 * GNU General Public License for more details.
33 * You should have received a copy of the GNU General Public License
34 * along with this program. If not, see <http://www.gnu.org/licenses/>.
36 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
38 * Protected constructor
42 private function __construct () {
43 // Call parent constructor
44 parent::__construct(__CLASS__);
48 * Creates an instance of this filter class
50 * @return $filterInstance An instance of this filter class
52 public static final function createGraphicalCodeCaptchaVerifierFilter () {
54 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
56 // Return the instance
57 return $filterInstance;
61 * Executes the filter with given request and response objects
63 * @param $requestInstance An instance of a class with an Requestable interface
64 * @param $responseInstance An instance of a class with an Responseable interface
66 * @throws FilterChainException If this filter fails to operate
68 public function execute (Requestable $requestInstance, Responseable $responseInstance) {
70 if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
71 // Required field not set
72 $requestInstance->requestIsValid(false);
75 $responseInstance->addFatalMessage('command_form_invalid');
77 // Skip further processing
78 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
81 // Create config entry
82 $configKey = sprintf('%s_captcha_secured',
83 $requestInstance->getRequestElement('form')
86 // Is the CAPTCHA enabled?
87 if (FrameworkBootstrap::getConfigurationInstance()->getConfigEntry($configKey) != 'Y') {
88 // Not enabled, so don't check
92 // Get the captcha code
93 $captchaCode = $requestInstance->getRequestElement('c_code');
96 if (is_null($captchaCode)) {
97 // Not set so request is invalid
98 $requestInstance->requestIsValid(false);
101 $responseInstance->addFatalMessage('captcha_code_unset');
103 // Skip further processing
104 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
105 } elseif (empty($captchaCode)) {
106 // Empty value so request is invalid
107 $requestInstance->requestIsValid(false);
110 $responseInstance->addFatalMessage('captcha_code_empty');
112 // Skip further processing
113 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
116 // Get the hash as well
117 $captchaHash = $requestInstance->getRequestElement('hash');
120 if (is_null($captchaHash)) {
121 // Not set so request is invalid
122 $requestInstance->requestIsValid(false);
125 $responseInstance->addFatalMessage('captcha_hash_unset');
127 // Skip further processing
128 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
129 } elseif (empty($captchaHash)) {
130 // Empty value so request is invalid
131 $requestInstance->requestIsValid(false);
134 $responseInstance->addFatalMessage('captcha_hash_empty');
136 // Skip further processing
137 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
140 // Now, both are set hash the given one. First get a crypto instance
141 $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
143 // Then hash the code
144 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
146 // Is this CAPTCHA valid?
147 if ($hashedCode != $captchaHash) {
148 // Not the same so request is invalid
149 $requestInstance->requestIsValid(false);
152 $responseInstance->addFatalMessage('captcha_hash_mismatch');
154 // Skip further processing
155 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
156 } // END - not the same!