CAPTCHA code now gets validated

author Roland Häder <roland@mxchange.org>

Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)

committer Roland Häder <roland@mxchange.org>

Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
author Roland Häder <roland@mxchange.org>
Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
committer Roland Häder <roland@mxchange.org>
Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
diff --git a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php

index 5a584cbcc81160a2eb320ef2b4758929bd9bc4f7..b0de5d3512a03f8a767f62a05644fc118fc07a48 100644 (file)
--- a/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
+++ b/inc/classes/main/filter/verifier/class_GraphicalCodeCaptchaVerifierFilter.php
@@ -59,7 +59,68 @@ class GraphicalCodeCaptchaVerifierFilter extends BaseFilter implements Filterabl
          * @return      void
          */
         public function execute (Requestable $requestInstance, Responseable $responseInstance) {
          * @return      void
          */
         public function execute (Requestable $requestInstance, Responseable $responseInstance) {
-               $requestInstance->debugInstance();
+               // Get the captcha code
+               $captchaCode = $requestInstance->getRequestElement('c_code');
+
+               // Is this set?
+               if (is_null($captchaCode)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaCode)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_code_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Get the hash as well
+               $captchaHash = $requestInstance->getRequestElement('hash');
+
+               // Is this set?
+               if (is_null($captchaHash)) {
+                       // Not set so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_unset');
+
+                       // Skip further processing
+                       return false;
+               } elseif (empty($captchaHash)) {
+                       // Empty value so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_empty');
+
+                       // Skip further processing
+                       return false;
+               }
+
+               // Now, both are set hash the given one. First get a crypto instance
+               $cryptoInstance = ObjectFactory::createObjectByConfiguredName('crypto_class');
+
+               // Then hash the code
+               $hashedCode = $cryptoInstance->hashString($captchaCode, $captchaHash);
+
+               // Is this CAPTCHA valid?
+               if ($hashedCode != $captchaHash) {
+                       // Not the same so request is invalid
+                       $requestInstance->requestIsValid(false);
+
+                       // Add fatal message
+                       $responseInstance->addFatalMessage('captcha_hash_mismatch');
+               } // END - not the same!
         }
  }
  
         }
  }
author	Roland Häder <roland@mxchange.org>
	Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)
committer	Roland Häder <roland@mxchange.org>
	Thu, 26 Jun 2008 17:28:56 +0000 (17:28 +0000)