3 namespace CoreFramework\Filter\Verifier\Captcha;
5 // Import framework stuff
6 use CoreFramework\Factory\ObjectFactory;
7 use CoreFramework\Filter\BaseFilter;
8 use CoreFramework\Filter\Filterable;
9 use CoreFramework\Request\Requestable;
10 use CoreFramework\Response\Responseable;
13 * A concrete filter for validating code graphical CAPTCHAs with hashes
15 * @author Roland Haeder <webmaster@shipsimu.org>
17 * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2017 Core Developer Team
18 * @license GNU GPL 3.0 or any newer version
19 * @link http://www.shipsimu.org
21 * This program is free software: you can redistribute it and/or modify
22 * it under the terms of the GNU General Public License as published by
23 * the Free Software Foundation, either version 3 of the License, or
24 * (at your option) any later version.
26 * This program is distributed in the hope that it will be useful,
27 * but WITHOUT ANY WARRANTY; without even the implied warranty of
28 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29 * GNU General Public License for more details.
31 * You should have received a copy of the GNU General Public License
32 * along with this program. If not, see <http://www.gnu.org/licenses/>.
34 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
36 * Protected constructor
40 protected function __construct () {
41 // Call parent constructor
42 parent::__construct(__CLASS__);
46 * Creates an instance of this filter class
48 * @return $filterInstance An instance of this filter class
50 public static final function createGraphicalCodeCaptchaVerifierFilter () {
52 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
54 // Return the instance
55 return $filterInstance;
59 * Executes the filter with given request and response objects
61 * @param $requestInstance An instance of a class with an Requestable interface
62 * @param $responseInstance An instance of a class with an Responseable interface
64 * @throws FilterChainException If this filter fails to operate
66 public function execute (Requestable $requestInstance, Responseable $responseInstance) {
68 if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
69 // Required field not set
70 $requestInstance->requestIsValid(FALSE);
73 $responseInstance->addFatalMessage('command_form_invalid');
75 // Skip further processing
76 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
79 // Create config entry
80 $configKey = sprintf('%s_captcha_secured',
81 $requestInstance->getRequestElement('form')
84 // Is the CAPTCHA enabled?
85 if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
86 // Not enabled, so don't check
90 // Get the captcha code
91 $captchaCode = $requestInstance->getRequestElement('c_code');
94 if (is_null($captchaCode)) {
95 // Not set so request is invalid
96 $requestInstance->requestIsValid(FALSE);
99 $responseInstance->addFatalMessage('captcha_code_unset');
101 // Skip further processing
102 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
103 } elseif (empty($captchaCode)) {
104 // Empty value so request is invalid
105 $requestInstance->requestIsValid(FALSE);
108 $responseInstance->addFatalMessage('captcha_code_empty');
110 // Skip further processing
111 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
114 // Get the hash as well
115 $captchaHash = $requestInstance->getRequestElement('hash');
118 if (is_null($captchaHash)) {
119 // Not set so request is invalid
120 $requestInstance->requestIsValid(FALSE);
123 $responseInstance->addFatalMessage('captcha_hash_unset');
125 // Skip further processing
126 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
127 } elseif (empty($captchaHash)) {
128 // Empty value so request is invalid
129 $requestInstance->requestIsValid(FALSE);
132 $responseInstance->addFatalMessage('captcha_hash_empty');
134 // Skip further processing
135 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
138 // Now, both are set hash the given one. First get a crypto instance
139 $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
141 // Then hash the code
142 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
144 // Is this CAPTCHA valid?
145 if ($hashedCode != $captchaHash) {
146 // Not the same so request is invalid
147 $requestInstance->requestIsValid(FALSE);
150 $responseInstance->addFatalMessage('captcha_hash_mismatch');
152 // Skip further processing
153 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
154 } // END - not the same!