From fd8fa1608b2b9477d8cd49dfcdfe78c0acf366a8 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Tue, 30 Aug 2022 05:00:35 +0000 Subject: [PATCH] Add reCAPTCHA integration to the registration page. This adds two new settings for the site and secret keys. --- admin/setting.php | 8 ++++++++ install/settings.php | 2 ++ register.php | 29 +++++++++++++++++++++++++++++ templates/register.tpl | 6 +++++- 4 files changed, 44 insertions(+), 1 deletion(-) diff --git a/admin/setting.php b/admin/setting.php index c573e55..74f3d16 100644 --- a/admin/setting.php +++ b/admin/setting.php @@ -106,6 +106,14 @@ if ($_REQUEST['do'] == 'modify') $admin->row_span(T('Moderate New Users'), 'thead'); $admin->row_yesno(T('All new users will have to be approved by the administration before being able to have normal user rights.'), 'setting[moderatenewusers]', $bugsys->options['moderatenewusers']); + // recaptchasitekey + $admin->row_span(T('reCAPTCHA Site Key'), 'thead'); + $admin->row_input(T('reCAPTCHA Site Key to generate CAPTCHA challenges.'), 'setting[recaptchasitekey]', $bugsys->options['recaptchasitekey']); + + // recaptchasecretkey + $admin->row_span(T('reCAPTCHA Secret Key'), 'thead'); + $admin->row_input(T('reCAPTCHA Secret Key to validate registration requests.'), 'setting[recaptchasecretkey]', $bugsys->options['recaptchasecretkey']); + // sendwelcomemail $admin->row_span(T('Send New Use Welcome Email'), 'thead'); $admin->row_yesno(T('Setting this option to yes will send each new verified user a welcome email.'), 'setting[sendwelcomemail]', $bugsys->options['sendwelcomemail']); diff --git a/install/settings.php b/install/settings.php index a475779..c7fb6f9 100644 --- a/install/settings.php +++ b/install/settings.php @@ -27,6 +27,8 @@ $settings = array( 'allownewreg' => '1', 'verifyemail' => '1', 'moderatenewusers' => '0', + 'recaptchasitekey' => '', + 'recaptchasecretkey' => '', 'webmasteremail' => 'noreply@bluestatic.org', 'trackertitle' => 'Avalon Development Tracker', 'trackerversion' => BUGDAR_VERSION, diff --git a/register.php b/register.php index 766e153..86d2711 100644 --- a/register.php +++ b/register.php @@ -56,6 +56,35 @@ if ($_POST['do'] == 'insert') $message->addError(T('The passwords you entered did not match.')); } + if ($bugsys->options['recaptchasitekey'] && $bugsys->options['recaptchasecretkey']) + { + if ($bugsys->in['g-recaptcha-response']) + { + $request = http_build_query([ + 'secret' => $bugsys->options['recaptchasecretkey'], + 'response' => $bugsys->in['g-recaptcha-response'], + 'remoteip' => $_SERVER['REMOTE_ADDR'], + ]); + $context = stream_context_create([ + 'http' => [ + 'method' => 'POST', + 'header' => 'Content-type: application/x-www-form-urlencoded', + 'content' => $request, + ] + ]); + $response = @file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context); + $response_object = json_decode($response); + if (!$response_object || !$response_object->success) + { + $message->addError(T('Sorry, you do not appear to be human.')); + } + } + else + { + $message->addError(T('Please verify you are a human.')); + } + } + if ($bugsys->options['verifyemail']) { $usergroupid = 3; diff --git a/templates/register.tpl b/templates/register.tpl index 5eec074..453e1fd 100644 --- a/templates/register.tpl +++ b/templates/register.tpl @@ -3,6 +3,7 @@ $doctype $headinclude + {$bugsys->options['trackertitle']} - {@"Register"} @@ -32,6 +33,9 @@ $header
{@"Confirm Password"}:
{@"Show My Email Publicly"}: checked="checked" /> {@"Yes"}
{@"Language"}:
+ +
+
@@ -43,4 +47,4 @@ $header -$footer \ No newline at end of file +$footer -- 2.43.5