A lot rewrites and fixes for weak redirect methods

[shipsimu.git] / inc / classes / main / filter / verifier / class_GraphicalCodeCaptchaVerifierFilter.php

diff --git a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
index 5a584cbcc81160a2eb320ef2b4758929bd9bc4f7..27fe8a357a64cb3db09d990062d1596730200190 100644 (file)
--- a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
+++ b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
@@ -4,7 +4,7 @@
  *
  * @author             Roland Haeder <webmaster@ship-simu.org>
  * @version            0.0.0
- * @copyright  Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @copyright  Copyright (c) 2007, 2008 Roland Haeder, this is free software
  * @license            GNU GPL 3.0 or any newer version
  * @link               http://www.ship-simu.org
  *
@@ -30,23 +30,21 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
        protected function __construct () {
                // Call parent constructor
                parent::__construct(__CLASS__);
-
-               // Set part description
-               $this->setObjectDescription("A filter for verifying graphical code CAPTCHAs");
-
-               // Create unique ID number
-               $this->generateUniqueId();
        }
 
        /**
         * Creates an instance of this filter class
         *
-        * @return      $filterInstance         An instance of this filter class
+        * @param       $controllerInstance             An instance of a Controller class
+        * @return      $filterInstance                 An instance of this filter class
         */
-       public final static function createGraphicalCodeCaptchaVerifierFilter () {
+       public final static function createGraphicalCodeCaptchaVerifierFilter (Controller $controllerInstance) {
                // Get a new instance
                $filterInstance = new GraphicalCodeCaptchaVerifierFilter();
 
+               // Set the controller
+               $filterInstance->setControllerInstance($controllerInstance);
+
                // Return the instance
                return $filterInstance;
        }
@@ -59,7 +57,68 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
         * @return      void
         */
        public function execute (Requestable $requestInstance, Responseable $responseInstance) {
-               $requestInstance->debugInstance();
+               // Get the captcha code
+               $captchaCode = $requestInstance->getRequestElement('c_code');
+
+               // Is this set?
+               if (is_null($captchaCode)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaCode)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Get the hash as well
+               $captchaHash = $requestInstance->getRequestElement('hash');
+
+               // Is this set?
+               if (is_null($captchaHash)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaHash)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Now, both are set hash the given one. First get a crypto instance
+               $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
+
+               // Then hash the code
+               $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
+
+               // Is this CAPTCHA valid?
+               if ($hashedCode != $captchaHash) {
+                       // Not the same so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_mismatch');
+               } // END - not the same!
        }
 }