inc/main/classes/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php

   1 <?php
   2 // Own namespace
   3 namespace CoreFramework\Filter\Verifier\Captcha;
   4
   5 // Import framework stuff
   6 use CoreFramework\Factory\ObjectFactory;
   7 use CoreFramework\Request\Requestable;
   8 use CoreFramework\Response\Responseable;
   9
  10 /**
  11  * A concrete filter for validating code graphical CAPTCHAs with hashes
  12  *
  13  * @author              Roland Haeder <webmaster@shipsimu.org>
  14  * @version             0.0.0
  15  * @copyright   Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2017 Core Developer Team
  16  * @license             GNU GPL 3.0 or any newer version
  17  * @link                http://www.shipsimu.org
  18  *
  19  * This program is free software: you can redistribute it and/or modify
  20  * it under the terms of the GNU General Public License as published by
  21  * the Free Software Foundation, either version 3 of the License, or
  22  * (at your option) any later version.
  23  *
  24  * This program is distributed in the hope that it will be useful,
  25  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  26  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  27  * GNU General Public License for more details.
  28  *
  29  * You should have received a copy of the GNU General Public License
  30  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  31  */
  32 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
  33         /**
  34          * Protected constructor
  35          *
  36          * @return      void
  37          */
  38         protected function __construct () {
  39                 // Call parent constructor
  40                 parent::__construct(__CLASS__);
  41         }
  42
  43         /**
  44          * Creates an instance of this filter class
  45          *
  46          * @return      $filterInstance         An instance of this filter class
  47          */
  48         public static final function createGraphicalCodeCaptchaVerifierFilter () {
  49                 // Get a new instance
  50                 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
  51
  52                 // Return the instance
  53                 return $filterInstance;
  54         }
  55
  56         /**
  57          * Executes the filter with given request and response objects
  58          *
  59          * @param       $requestInstance        An instance of a class with an Requestable interface
  60          * @param       $responseInstance       An instance of a class with an Responseable interface
  61          * @return      void
  62          * @throws      FilterChainException    If this filter fails to operate
  63          */
  64         public function execute (Requestable $requestInstance, Responseable $responseInstance) {
  65                 // Is the form set?
  66                 if (($requestInstance->getRequestElement('command') !== 'do_form') ||  (!$requestInstance->isRequestElementSet('form'))) {
  67                         // Required field not set
  68                         $requestInstance->requestIsValid(FALSE);
  69
  70                         // Add fatal message
  71                         $responseInstance->addFatalMessage('command_form_invalid');
  72
  73                         // Skip further processing
  74                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
  75                 } // END - if
  76
  77                 // Create config entry
  78                 $configKey = sprintf('%s_captcha_secured',
  79                         $requestInstance->getRequestElement('form')
  80                 );
  81
  82                 // Is the CAPTCHA enabled?
  83                 if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
  84                         // Not enabled, so don't check
  85                         return;
  86                 } // END - if
  87
  88                 // Get the captcha code
  89                 $captchaCode = $requestInstance->getRequestElement('c_code');
  90
  91                 // Is this set?
  92                 if (is_null($captchaCode)) {
  93                         // Not set so request is invalid
  94                         $requestInstance->requestIsValid(FALSE);
  95
  96                         // Add fatal message
  97                         $responseInstance->addFatalMessage('captcha_code_unset');
  98
  99                         // Skip further processing
 100                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
 101                 } elseif (empty($captchaCode)) {
 102                         // Empty value so request is invalid
 103                         $requestInstance->requestIsValid(FALSE);
 104
 105                         // Add fatal message
 106                         $responseInstance->addFatalMessage('captcha_code_empty');
 107
 108                         // Skip further processing
 109                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
 110                 }
 111
 112                 // Get the hash as well
 113                 $captchaHash = $requestInstance->getRequestElement('hash');
 114
 115                 // Is this set?
 116                 if (is_null($captchaHash)) {
 117                         // Not set so request is invalid
 118                         $requestInstance->requestIsValid(FALSE);
 119
 120                         // Add fatal message
 121                         $responseInstance->addFatalMessage('captcha_hash_unset');
 122
 123                         // Skip further processing
 124                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
 125                 } elseif (empty($captchaHash)) {
 126                         // Empty value so request is invalid
 127                         $requestInstance->requestIsValid(FALSE);
 128
 129                         // Add fatal message
 130                         $responseInstance->addFatalMessage('captcha_hash_empty');
 131
 132                         // Skip further processing
 133                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
 134                 }
 135
 136                 // Now, both are set hash the given one. First get a crypto instance
 137                 $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
 138
 139                 // Then hash the code
 140                 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
 141
 142                 // Is this CAPTCHA valid?
 143                 if ($hashedCode != $captchaHash) {
 144                         // Not the same so request is invalid
 145                         $requestInstance->requestIsValid(FALSE);
 146
 147                         // Add fatal message
 148                         $responseInstance->addFatalMessage('captcha_hash_mismatch');
 149
 150                         // Skip further processing
 151                         throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
 152                 } // END - not the same!
 153         }
 154
 155 }