3 namespace CoreFramework\Filter\Verifier\Captcha;
5 // Import framework stuff
6 use CoreFramework\Factory\ObjectFactory;
7 use CoreFramework\Request\Requestable;
8 use CoreFramework\Response\Responseable;
11 * A concrete filter for validating code graphical CAPTCHAs with hashes
13 * @author Roland Haeder <webmaster@shipsimu.org>
15 * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2017 Core Developer Team
16 * @license GNU GPL 3.0 or any newer version
17 * @link http://www.shipsimu.org
19 * This program is free software: you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License as published by
21 * the Free Software Foundation, either version 3 of the License, or
22 * (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program. If not, see <http://www.gnu.org/licenses/>.
32 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
34 * Protected constructor
38 protected function __construct () {
39 // Call parent constructor
40 parent::__construct(__CLASS__);
44 * Creates an instance of this filter class
46 * @return $filterInstance An instance of this filter class
48 public static final function createGraphicalCodeCaptchaVerifierFilter () {
50 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
52 // Return the instance
53 return $filterInstance;
57 * Executes the filter with given request and response objects
59 * @param $requestInstance An instance of a class with an Requestable interface
60 * @param $responseInstance An instance of a class with an Responseable interface
62 * @throws FilterChainException If this filter fails to operate
64 public function execute (Requestable $requestInstance, Responseable $responseInstance) {
66 if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
67 // Required field not set
68 $requestInstance->requestIsValid(FALSE);
71 $responseInstance->addFatalMessage('command_form_invalid');
73 // Skip further processing
74 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
77 // Create config entry
78 $configKey = sprintf('%s_captcha_secured',
79 $requestInstance->getRequestElement('form')
82 // Is the CAPTCHA enabled?
83 if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
84 // Not enabled, so don't check
88 // Get the captcha code
89 $captchaCode = $requestInstance->getRequestElement('c_code');
92 if (is_null($captchaCode)) {
93 // Not set so request is invalid
94 $requestInstance->requestIsValid(FALSE);
97 $responseInstance->addFatalMessage('captcha_code_unset');
99 // Skip further processing
100 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
101 } elseif (empty($captchaCode)) {
102 // Empty value so request is invalid
103 $requestInstance->requestIsValid(FALSE);
106 $responseInstance->addFatalMessage('captcha_code_empty');
108 // Skip further processing
109 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
112 // Get the hash as well
113 $captchaHash = $requestInstance->getRequestElement('hash');
116 if (is_null($captchaHash)) {
117 // Not set so request is invalid
118 $requestInstance->requestIsValid(FALSE);
121 $responseInstance->addFatalMessage('captcha_hash_unset');
123 // Skip further processing
124 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
125 } elseif (empty($captchaHash)) {
126 // Empty value so request is invalid
127 $requestInstance->requestIsValid(FALSE);
130 $responseInstance->addFatalMessage('captcha_hash_empty');
132 // Skip further processing
133 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
136 // Now, both are set hash the given one. First get a crypto instance
137 $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
139 // Then hash the code
140 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
142 // Is this CAPTCHA valid?
143 if ($hashedCode != $captchaHash) {
144 // Not the same so request is invalid
145 $requestInstance->requestIsValid(FALSE);
148 $responseInstance->addFatalMessage('captcha_hash_mismatch');
150 // Skip further processing
151 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
152 } // END - not the same!