CAPTCHA code now gets validated
authorRoland Häder <roland@mxchange.org>
Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
committerRoland Häder <roland@mxchange.org>
Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php

index 5a584cb..b0de5d3 100644 (file)
@@ -59,7 +59,68 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
         * @return      void
         */
        public function execute (Requestable $requestInstance, Responseable $responseInstance) {
-               $requestInstance->debugInstance();
+               // Get the captcha code
+               $captchaCode = $requestInstance->getRequestElement('c_code');
+
+               // Is this set?
+               if (is_null($captchaCode)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaCode)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Get the hash as well
+               $captchaHash = $requestInstance->getRequestElement('hash');
+
+               // Is this set?
+               if (is_null($captchaHash)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaHash)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Now, both are set hash the given one. First get a crypto instance
+               $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
+
+               // Then hash the code
+               $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
+
+               // Is this CAPTCHA valid?
+               if ($hashedCode != $captchaHash) {
+                       // Not the same so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_mismatch');
+               } // END - not the same!
        }
 }