3 namespace Org\Mxchange\CoreFramework\Filter\Verifier\Captcha;
5 // Import framework stuff
6 use Org\Mxchange\CoreFramework\Bootstrap\FrameworkBootstrap;
7 use Org\Mxchange\CoreFramework\Factory\Object\ObjectFactory;
8 use Org\Mxchange\CoreFramework\Filter\BaseFilter;
9 use Org\Mxchange\CoreFramework\Filter\Chain\FilterChainException;
10 use Org\Mxchange\CoreFramework\Filter\Filterable;
11 use Org\Mxchange\CoreFramework\Helper\Crypto\CryptoHelper;
12 use Org\Mxchange\CoreFramework\Request\Requestable;
13 use Org\Mxchange\CoreFramework\Response\Responseable;
16 * A concrete filter for validating code graphical CAPTCHAs with hashes
18 * @author Roland Haeder <webmaster@shipsimu.org>
20 * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2023 Core Developer Team
21 * @license GNU GPL 3.0 or any newer version
22 * @link http://www.shipsimu.org
24 * This program is free software: you can redistribute it and/or modify
25 * it under the terms of the GNU General Public License as published by
26 * the Free Software Foundation, either version 3 of the License, or
27 * (at your option) any later version.
29 * This program is distributed in the hope that it will be useful,
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32 * GNU General Public License for more details.
34 * You should have received a copy of the GNU General Public License
35 * along with this program. If not, see <http://www.gnu.org/licenses/>.
37 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
39 * Protected constructor
43 private function __construct () {
44 // Call parent constructor
45 parent::__construct(__CLASS__);
49 * Creates an instance of this filter class
51 * @return $filterInstance An instance of this filter class
53 public static final function createGraphicalCodeCaptchaVerifierFilter () {
55 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
57 // Return the instance
58 return $filterInstance;
62 * Executes the filter with given request and response objects
64 * @param $requestInstance An instance of a class with an Requestable interface
65 * @param $responseInstance An instance of a class with an Responseable interface
67 * @throws FilterChainException If this filter fails to operate
69 public function execute (Requestable $requestInstance, Responseable $responseInstance) {
71 if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
72 // Required field not set
73 $requestInstance->setIsRequestValid(FALSE);
76 $responseInstance->addFatalMessage('command_form_invalid');
78 // Skip further processing
79 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
82 // Create config entry
83 $configKey = sprintf('%s_captcha_secured', $requestInstance->getRequestElement('form'));
85 // Is the CAPTCHA enabled?
86 if (FrameworkBootstrap::getConfigurationInstance()->isEnabled($configKey)) {
87 // Not enabled, so don't check
91 // Get the captcha code
92 $captchaCode = $requestInstance->getRequestElement('c_code');
95 if (is_null($captchaCode)) {
96 // Not set so request is invalid
97 $requestInstance->setIsRequestValid(FALSE);
100 $responseInstance->addFatalMessage('captcha_code_unset');
102 // Skip further processing
103 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
104 } elseif (empty($captchaCode)) {
105 // Empty value so request is invalid
106 $requestInstance->setIsRequestValid(FALSE);
109 $responseInstance->addFatalMessage('captcha_code_empty');
111 // Skip further processing
112 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
115 // Get the hash as well
116 $captchaHash = $requestInstance->getRequestElement('hash');
119 if (is_null($captchaHash)) {
120 // Not set so request is invalid
121 $requestInstance->setIsRequestValid(FALSE);
124 $responseInstance->addFatalMessage('captcha_hash_unset');
126 // Skip further processing
127 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
128 } elseif (empty($captchaHash)) {
129 // Empty value so request is invalid
130 $requestInstance->setIsRequestValid(FALSE);
133 $responseInstance->addFatalMessage('captcha_hash_empty');
135 // Skip further processing
136 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
139 // Now, both are set hash the given one. First get a crypto instance
140 $cryptoInstance = CryptoHelper::getSelfInstance();
142 // Then hash the code
143 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
145 // Is this CAPTCHA valid?
146 if ($hashedCode != $captchaHash) {
147 // Not the same so request is invalid
148 $requestInstance->setIsRequestValid(FALSE);
151 $responseInstance->addFatalMessage('captcha_hash_mismatch');
153 // Skip further processing
154 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);