# HG changeset patch
# User Dan
# Date 1260650376 18000
# Node ID e733f984c9907807700e7ff453c877540fcf167f
# Parent a1770361ef88c398940b31ae9aba9b29123c715e
CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
diff -r a1770361ef88 -r e733f984c990 includes/sessions.php
--- a/includes/sessions.php Mon Dec 07 15:21:47 2009 -0500
+++ b/includes/sessions.php Sat Dec 12 15:39:36 2009 -0500
@@ -3487,10 +3487,11 @@
/**
* For the given code ID, returns the correct CAPTCHA code, or false on failure
* @param string $hash The unique ID assigned to the code
+ * @param bool If true, the code is NOT deleted from the database. Use with caution!
* @return string The correct confirmation code
*/
- function get_captcha($hash)
+ function get_captcha($hash, $nodelete = false)
{
global $db, $session, $paths, $template, $plugins; // Common objects
@@ -3516,7 +3517,10 @@
list($code_id, $code) = $db->fetchrow_num();
$db->free_result();
- $this->sql('DELETE FROM ' . table_prefix . "captcha WHERE code_id = $code_id;");
+
+ // delete it
+ if ( !$nodelete )
+ $this->sql('DELETE FROM ' . table_prefix . "captcha WHERE code_id = $code_id;");
return $code;
}
diff -r a1770361ef88 -r e733f984c990 plugins/SpecialUserFuncs.php
--- a/plugins/SpecialUserFuncs.php Mon Dec 07 15:21:47 2009 -0500
+++ b/plugins/SpecialUserFuncs.php Sat Dec 12 15:39:36 2009 -0500
@@ -817,10 +817,10 @@
-
-
+
+
@@ -828,7 +828,8 @@
get('user_reg_lbl_field_captcha_code'); ?>
-
+
+
@@ -1060,8 +1061,49 @@
{
var frm = document.forms.regform;
document.getElementById('captchaimg').src = '/'+Math.floor(Math.random() * 100000);
+ frm.captchacode.value = '';
return false;
}
+ function validateCaptcha(input)
+ {
+ var frm = document.forms.regform;
+ if ( input.value.length < 7 )
+ {
+ return false;
+ }
+ var valid_field = document.getElementById('s_captcha');
+ var loader_img = document.getElementById('captchaajax');
+ loader_img.src = cdnPath + '/images/loading.gif';
+ ajaxGet(makeUrlNS('Special', 'Captcha/' + frm.captchahash.value + '/validate=' + input.value), function(ajax)
+ {
+ if ( ajax.readyState == 4 && ajax.status == 200 )
+ {
+ var response = String(ajax.responseText + '');
+ if ( !check_json_response(response) )
+ {
+ handle_invalid_json(response);
+ return false;
+ }
+ response = parseJSON(response);
+ if ( response.valid )
+ {
+ loader_img.src = cdnPath + '/images/spacer.gif';
+ valid_field.src = cdnPath + '/images/check.png';
+ }
+ else
+ {
+ valid_field.src = cdnPath + '/images/checkbad.png';
+ regenCaptcha();
+ document.getElementById('captchaimg').onload = function()
+ {
+ document.getElementById('captchaajax').src = cdnPath + '/images/spacer.gif';
+ input.focus();
+ };
+ input.value = '';
+ }
+ }
+ });
+ }
addOnloadHook(function()
{
@@ -1282,6 +1324,24 @@
{
$paths->main_page();
}
+
+ if ( $validate_code = $paths->getParam(1) )
+ {
+ if ( preg_match('/^validate=(.+)$/', $validate_code, $match) )
+ {
+ header('Content-type: text/javascript');
+ $code = $session->get_captcha($hash, true);
+ $valid = strtolower($code) === strtolower($match[1]);
+ if ( !$valid )
+ {
+ $session->make_captcha(7, $hash);
+ }
+ echo enano_json_encode(array(
+ 'valid' => $valid
+ ));
+ exit;
+ }
+ }
$session->make_captcha(7, $hash);
$code = $session->generate_captcha_code();
@@ -1292,6 +1352,8 @@
if ( stristr($code, $word) )
{
// but don't put too much effort into this (will only correct this once)
+ // I mean, face it. If it generates one of those words twice in a row, either the local root has had
+ // way too much fun with his /dev/random, or this server is just plain gutter-minded.
$code = $session->generate_captcha_code();
break;
}