Added checks for 'command' and 'form' and check if CAPTCHA is enabled.
authorRoland Haeder <roland@mxchange.org>
Fri, 17 Apr 2015 18:50:53 +0000 (20:50 +0200)
committerRoland Haeder <roland@mxchange.org>
Fri, 17 Apr 2015 18:50:53 +0000 (20:50 +0200)
Signed-off-by: Roland H├Ąder <roland@mxchange.org>
inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php

index dc6e19b..5dc0f57 100644 (file)
@@ -54,6 +54,29 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
         * @throws      FilterChainException    If this filter fails to operate
         */
        public function execute (Requestable $requestInstance, Responseable $responseInstance) {
+               // Is the form set?
+               if (($requestInstance->getRequestElement('command') !== 'do_form') ||  (!$requestInstance->isRequestElementSet('form'))) {
+                       // Required field not set
+                       $requestInstance->requestIsValid(FALSE);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('command_form_invalid');
+
+                       // Skip further processing
+                       throw new FilterChainException($this, self::EXCEPTION_FILTER_CHAIN_INTERCEPTED);
+               } // END - if
+
+               // Create config entry
+               $configKey = sprintf('%s_captcha_secured',
+                       $requestInstance->getRequestElement('form')
+               );
+
+               // Is the CAPTCHA enabled?
+               if ($this->getConfigInstance()->getConfigEntry($configKey) != 'Y') {
+                       // Not enabled, so don't check
+                       return;
+               } // END - if
+
                // Get the captcha code
                $captchaCode = $requestInstance->getRequestElement('c_code');