3 namespace CoreFramework\Filter\Verifier\Captcha;
5 // Import framework stuff
6 use CoreFramework\Factory\ObjectFactory;
7 use CoreFramework\Filter\BaseFilter;
8 use CoreFramework\Request\Requestable;
9 use CoreFramework\Response\Responseable;
12 * A concrete filter for validating code graphical CAPTCHAs with hashes
14 * @author Roland Haeder <webmaster@shipsimu.org>
16 * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2017 Core Developer Team
17 * @license GNU GPL 3.0 or any newer version
18 * @link http://www.shipsimu.org
20 * This program is free software: you can redistribute it and/or modify
21 * it under the terms of the GNU General Public License as published by
22 * the Free Software Foundation, either version 3 of the License, or
23 * (at your option) any later version.
25 * This program is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 * GNU General Public License for more details.
30 * You should have received a copy of the GNU General Public License
31 * along with this program. If not, see <http://www.gnu.org/licenses/>.
33 class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterable {
35 * Protected constructor
39 protected function __construct () {
40 // Call parent constructor
41 parent::__construct(__CLASS__);
45 * Creates an instance of this filter class
47 * @return $filterInstance An instance of this filter class
49 public static final function createGraphicalCodeCaptchaVerifierFilter () {
51 $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
53 // Return the instance
54 return $filterInstance;
58 * Executes the filter with given request and response objects
60 * @param $requestInstance An instance of a class with an Requestable interface
61 * @param $responseInstance An instance of a class with an Responseable interface
63 * @throws FilterChainException If this filter fails to operate
65 public function execute (Requestable $requestInstance, Responseable $responseInstance) {
67 if (($requestInstance->getRequestElement('command') !== 'do_form') || (!$requestInstance->isRequestElementSet('form'))) {
68 // Required field not set
69 $requestInstance->requestIsValid(FALSE);
72 $responseInstance->addFatalMessage('command_form_invalid');
74 // Skip further processing
75 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
78 // Create config entry
79 $configKey = sprintf('%s_captcha_secured',
80 $requestInstance->getRequestElement('form')
83 // Is the CAPTCHA enabled?
84 if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
85 // Not enabled, so don't check
89 // Get the captcha code
90 $captchaCode = $requestInstance->getRequestElement('c_code');
93 if (is_null($captchaCode)) {
94 // Not set so request is invalid
95 $requestInstance->requestIsValid(FALSE);
98 $responseInstance->addFatalMessage('captcha_code_unset');
100 // Skip further processing
101 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
102 } elseif (empty($captchaCode)) {
103 // Empty value so request is invalid
104 $requestInstance->requestIsValid(FALSE);
107 $responseInstance->addFatalMessage('captcha_code_empty');
109 // Skip further processing
110 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
113 // Get the hash as well
114 $captchaHash = $requestInstance->getRequestElement('hash');
117 if (is_null($captchaHash)) {
118 // Not set so request is invalid
119 $requestInstance->requestIsValid(FALSE);
122 $responseInstance->addFatalMessage('captcha_hash_unset');
124 // Skip further processing
125 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
126 } elseif (empty($captchaHash)) {
127 // Empty value so request is invalid
128 $requestInstance->requestIsValid(FALSE);
131 $responseInstance->addFatalMessage('captcha_hash_empty');
133 // Skip further processing
134 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
137 // Now, both are set hash the given one. First get a crypto instance
138 $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
140 // Then hash the code
141 $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
143 // Is this CAPTCHA valid?
144 if ($hashedCode != $captchaHash) {
145 // Not the same so request is invalid
146 $requestInstance->requestIsValid(FALSE);
149 $responseInstance->addFatalMessage('captcha_hash_mismatch');
151 // Skip further processing
152 throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
153 } // END - not the same!