diff --git a/config/autoload.php b/config/autoload.php index 9f0f07a6..00d8cfa5 100755 --- a/config/autoload.php +++ b/config/autoload.php @@ -34,6 +34,9 @@ function __autoload($className) return true; } + if (function_exists('MathCaptcha\mathcaptchaAutoload') && MathCaptcha\mathcaptchaAutoload($className)) { + return true; + } $className = str_replace(chr(0), '', $className); $classDir = dirname(__FILE__).'/../classes/'; @@ -42,24 +45,23 @@ function __autoload($className) $file_in_classes = file_exists($classDir.$className.'.php'); // This is a Core class and its name is the same as its declared name - if (substr($className, -4) == 'Core') + if (substr($className, -4) == 'Core') { require_once($classDir.substr($className, 0, -4).'.php'); - else - { - if ($file_in_override && $file_in_classes) - { + } + else { + if ($file_in_override && $file_in_classes) { require_once($classDir.str_replace(chr(0), '', $className).'.php'); require_once($overrideDir.$className.'.php'); } - elseif (!$file_in_override && $file_in_classes) - { + elseif (!$file_in_override && $file_in_classes) { require_once($classDir.str_replace(chr(0), '', $className).'.php'); $classInfos = new ReflectionClass($className.((interface_exists($className, false) or class_exists($className, false)) ? '' : 'Core')); if (!$classInfos->isInterface() && substr($classInfos->name, -4) == 'Core') eval(($classInfos->isAbstract() ? 'abstract ' : '').'class '.$className.' extends '.$className.'Core {}'); } - elseif ($file_in_override && !$file_in_classes) + elseif ($file_in_override && !$file_in_classes) { require_once($overrideDir.$className.'.php'); + } } } diff --git a/modules/ant_support_form/captcha.php b/modules/ant_support_form/captcha.php new file mode 100644 index 00000000..c724609f --- /dev/null +++ b/modules/ant_support_form/captcha.php @@ -0,0 +1,16 @@ +generate(); + $mathCaptcha->output(); +} +catch ( MathCaptcha\MathCaptchaException $e ) { + // Here you normally log the error, and you can output an error image + // to notify the user that something went wrong, if you want. +} \ No newline at end of file diff --git a/modules/ant_support_form/support.php b/modules/ant_support_form/support.php index cbdb106c..23dcc4d8 100644 --- a/modules/ant_support_form/support.php +++ b/modules/ant_support_form/support.php @@ -1,7 +1,10 @@ preProcess(); $langs = Language::getLanguages(); @@ -52,12 +55,18 @@ if (Tools::isSubmit('submitMessage')) { $fileAttachment['mime'] = $_FILES['fileUpload']['type']; } + $mathCaptcha = new MathCaptcha\MathCaptcha(); + $captcha_ans = Tools::getValue('cans'); $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); + if (Tools::getValue('email2') != '') { - $this->errors[] = Tools::displayError('Invalid'); + $errors[] = Tools::displayError('Invalid'); + } + elseif ($mathCaptcha->check($captcha_ans) !== true) { + $errors[] = Tools::displayError('For security reasons, thank you to solve the addition to validate the sending of your message'); } elseif (preg_match("/\p{Han}+/u", $message)) { - $this->errors[] = Tools::displayError('Invalid message'); + $errors[] = Tools::displayError('Invalid message'); } elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) { $errors[] = Tools::displayError('Invalid e-mail address'); diff --git a/modules/ant_support_form/support.tpl b/modules/ant_support_form/support.tpl index cc35fd17..185dd83d 100644 --- a/modules/ant_support_form/support.tpl +++ b/modules/ant_support_form/support.tpl @@ -176,10 +176,13 @@
++ + +
- diff --git a/override/controllers/ContactController.php b/override/controllers/ContactController.php index b32b1391..81391438 100755 --- a/override/controllers/ContactController.php +++ b/override/controllers/ContactController.php @@ -3,6 +3,8 @@ class ContactController extends ContactControllerCore { public function preProcess() { + session_start(); + FrontController::preProcess(); if (self::$cookie->isLogged()) @@ -56,10 +58,16 @@ class ContactController extends ContactControllerCore { $fileAttachment['mime'] = $_FILES['fileUpload']['type']; } + $mathCaptcha = new MathCaptcha\MathCaptcha(); + $captcha_ans = Tools::getValue('cans'); $message = Tools::htmlentitiesUTF8(Tools::getValue('message')); + if (Tools::getValue('email2') != '') { $this->errors[] = Tools::displayError('Invalid'); } + elseif ($mathCaptcha->check($captcha_ans) !== true) { + $this->errors[] = Tools::displayError('For security reasons, thank you to solve the addition to validate the sending of your message'); + } elseif (preg_match("/\p{Han}+/u", $message)) { $this->errors[] = Tools::displayError('Invalid message'); } diff --git a/themes/site/contact-form.tpl b/themes/site/contact-form.tpl index 0f1db096..21b063c8 100755 --- a/themes/site/contact-form.tpl +++ b/themes/site/contact-form.tpl @@ -117,7 +117,11 @@ -
+
+ + +
+diff --git a/themes/site_mobile/contact-form.tpl b/themes/site_mobile/contact-form.tpl index 39ba5d1b..69351f6d 100755 --- a/themes/site_mobile/contact-form.tpl +++ b/themes/site_mobile/contact-form.tpl @@ -119,6 +119,10 @@ +
+ + +
diff --git a/tools/math-captcha/README.md b/tools/math-captcha/README.md new file mode 100644 index 00000000..09592bbd --- /dev/null +++ b/tools/math-captcha/README.md @@ -0,0 +1,41 @@ +## Description: +This is a PHP class for generating images with simple mathematical questions (Math CAPTCHAs) to protect the forms of your website from spambots. + +## How to Use: + +To generate a captcha you simply: + +```PHP +session_start(); + +$mathCaptcha = new MathCaptcha\MathCaptcha(); + +$mathCaptcha->generate(); +$mathCaptcha->output(); +``` + +The `MathCaptcha` class makes use of session variables so you have to call the `session_start()` function before instantiating a `MathCaptcha` object. + +You can optionally supply an identifier for the captcha, to the constructor of the `MathCaptcha` class, if you want to use multiple captchas in your website. + +To verify the user's answer you simply: + +```PHP +session_start(); + +$mathCaptcha = new MathCaptcha\MathCaptcha(); + +if ( $mathCaptcha->check($captcha_answer) === true ) { + // Correct answer +} +else { + // Incorrect answer +} +``` + +If you use more than one captchas in your website you need also to supply the identifier of the captcha, to the constructor of the `MathCaptcha` class. + +Check out the `test_form.php` and `math_captcha.php` files for a working example. + +## Requirements: +PHP 5, GD 2.0.1 or later (2.0.28 or later is recommended) diff --git a/tools/math-captcha/autoloadPrestashop.php b/tools/math-captcha/autoloadPrestashop.php new file mode 100644 index 00000000..19266710 --- /dev/null +++ b/tools/math-captcha/autoloadPrestashop.php @@ -0,0 +1,27 @@ +=5.0.0", + "ext-gd": "*" + }, + "autoload": { + "psr-0": { + "MathCaptcha": "src/" + } + } +} diff --git a/tools/math-captcha/math_captcha.php b/tools/math-captcha/math_captcha.php new file mode 100644 index 00000000..8ac41cd8 --- /dev/null +++ b/tools/math-captcha/math_captcha.php @@ -0,0 +1,15 @@ +generate(); + $mathCaptcha->output(); +} +catch ( MathCaptcha\MathCaptchaException $e ) { + // Here you normally log the error, and you can output an error image + // to notify the user that something went wrong, if you want. +} \ No newline at end of file diff --git a/tools/math-captcha/src/MathCaptcha/MathCaptcha.php b/tools/math-captcha/src/MathCaptcha/MathCaptcha.php new file mode 100644 index 00000000..bd73fbeb --- /dev/null +++ b/tools/math-captcha/src/MathCaptcha/MathCaptcha.php @@ -0,0 +1,78 @@ +captchaID = 'math_captcha_' . $captchaID; + + // Set the captcha result from last generated captcha and unset it from the session + if ( isset($_SESSION[$this->captchaID]) ) { + $this->answer = $_SESSION[$this->captchaID]; + unset($_SESSION[$this->captchaID]); + } + + } + + public function generate() + { + $this->addNum1 = rand(0, 10) * rand(1, 3); + $this->addNum2 = rand(0, 10) * rand(1, 3); + + // Set the captcha result for current captcha and set it to the session for later check + $_SESSION[$this->captchaID] = $this->answer = $this->addNum1 + $this->addNum2; + + // Create a canvas + if ( ($this->captchaImg = @imagecreatetruecolor(99, 19)) === false ) { + throw new MathCaptchaException('Creation of true color image failed'); + } + + // Allocate black and white colors + $color_black = imagecolorallocate($this->captchaImg, 0, 0, 0); + $color_white = imagecolorallocate($this->captchaImg, 255, 255, 255); + + // Make the background of the image white + imagefilledrectangle($this->captchaImg, 0, 0, 99, 19, $color_white); + + // Draw the math question on the image using black color + imagestring($this->captchaImg, 10, 2, 2, $this->addNum1 . ' + ' . $this->addNum2 . ' = ', $color_black); + + } + + public function output() + { + if ( $this->captchaImg === null ) { + throw new MathCaptchaException('Captcha image has not been generated'); + } + + header('Content-Disposition: Attachment;filename=captcha.png'); + header('Content-Type: image/png'); + + imagepng($this->captchaImg); + imagedestroy($this->captchaImg); + } + + public function check( $answer ) + { + // Check if math captcha has been generated + if ( $this->answer === null ) { + return false; + } + + // Validate captcha + if ( $this->answer === (int) trim($answer) ) { + return true; + } + else { + return false; + } + } + +} \ No newline at end of file diff --git a/tools/math-captcha/src/MathCaptcha/MathCaptchaException.php b/tools/math-captcha/src/MathCaptcha/MathCaptchaException.php new file mode 100644 index 00000000..0656a15a --- /dev/null +++ b/tools/math-captcha/src/MathCaptcha/MathCaptchaException.php @@ -0,0 +1,4 @@ +Please fill the answer to the math question'; + + } + else { + + $mathCaptcha = new MathCaptcha\MathCaptcha(); + + // Validate the answer + if ( $mathCaptcha->check($_POST['captcha_ans']) === true ) { + + // In a real application here you can register/login the user, insert a comment in the database etc + $msg = 'SUCCESS'; + + } + else { + + $msg = 'You didn\'t answered the question correctly'; + + } + + } + +} +?> + + + + +
Answer to this simple math question:
+ + + \ No newline at end of file diff --git a/tools/predis/autoloadPrestashop.php b/tools/predis/autoloadPrestashop.php index bccba9a9..6c98ec06 100755 --- a/tools/predis/autoloadPrestashop.php +++ b/tools/predis/autoloadPrestashop.php @@ -2,21 +2,11 @@ namespace Predis; - /* - * This file is part of the Predis package. - * - * (c) Daniele Alessandri