ajax.php
changeset 336 bfa2e9c23f03
parent 335 67bd3121a12e
child 345 4ccdfeee9a11
--- a/ajax.php	Thu Dec 27 22:09:33 2007 -0500
+++ b/ajax.php	Thu Dec 27 23:32:11 2007 -0500
@@ -114,13 +114,24 @@
         $allowed = false;
         $src = '';
       }
+      
+      $auth_edit = ( $session->get_permissions('edit_page') && ( $session->get_permissions('even_when_protected') || !$paths->page_protected ) );
+      
       $return = array(
           'mode' => 'editor',
           'src' => $src,
           'auth_view_source' => $allowed,
-          'auth_edit' => $session->get_permissions('edit_page'),
-          'time' => time()
+          'auth_edit' => $auth_edit,
+          'time' => time(),
+          'require_captcha' => false,
         );
+      
+      if ( $auth_edit && !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+      {
+        $return['require_captcha'] = true;
+        $return['captcha_id'] = $session->make_captcha();
+      }
+      
       echo enano_json_encode($return);
       break;
     case "getpage":
@@ -178,6 +189,27 @@
         break;
       }
       
+      // Verify captcha, if needed
+      if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+      {
+        if ( !isset($request['captcha_id']) || !isset($request['captcha_code']) )
+        {
+          die('Invalid request, need captcha metadata');
+        }
+        $code_correct = strtolower($session->get_captcha($request['captcha_id']));
+        $code_input = strtolower($request['captcha_code']);
+        if ( $code_correct !== $code_input )
+        {
+          $return = array(
+            'mode' => 'errors',
+            'errors' => array($lang->get('editor_err_captcha_wrong')),
+            'new_captcha' => $session->make_captcha()
+          );
+          echo enano_json_encode($return);
+          break;
+        }
+      }
+      
       // Verification complete. Start the PageProcessor and let it do the dirty work for us.
       $page = new PageProcessor($paths->page_id, $paths->namespace);
       if ( $page->update_page($request['src'], $request['summary'], ( $request['minor_edit'] == 1 )) )
@@ -197,6 +229,10 @@
           'mode' => 'errors',
           'errors' => array_values($errors)
           );
+        if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+        {
+          $return['new_captcha'] = $session->make_captcha();
+        }
       }
       
       echo enano_json_encode($return);