summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorspiderr <spiderr@bitweaver.org>2025-04-06 00:44:35 -0400
committerspiderr <spiderr@bitweaver.org>2025-04-06 00:44:35 -0400
commitd6c495d7738a91ab87fc41058743d95f242b51c4 (patch)
treeb12c01d3d6423da5b4a5877110469f75fdd1d356
parente441c2464df951c756d46d8252d14077519f68f0 (diff)
downloadusers-d6c495d7738a91ab87fc41058743d95f242b51c4.tar.gz
users-d6c495d7738a91ab87fc41058743d95f242b51c4.tar.bz2
users-d6c495d7738a91ab87fc41058743d95f242b51c4.zip
Clean up Cloudflare Turnstile, now working
-rw-r--r--includes/classes/BitUser.php16
-rw-r--r--includes/classes/CloudflareTurnstile.php31
-rw-r--r--templates/captcha.tpl4
3 files changed, 24 insertions, 27 deletions
diff --git a/includes/classes/BitUser.php b/includes/classes/BitUser.php
index b00151b..cc237d1 100644
--- a/includes/classes/BitUser.php
+++ b/includes/classes/BitUser.php
@@ -424,15 +424,17 @@ class BitUser extends LibertyMime {
}
}
- if( $gBitSystem->isFeatureActive( 'users_register_smcaptcha' ) && (empty( $pParamHash['novalidation'] ) || $pParamHash['novalidation'] != 'yes') ) {
- require_once( USERS_PKG_INCLUDE_PATH.'solvemedialib.php' );
- if( !empty( $pParamHash['adcopy_challenge'] ) && !empty( $pParamHash['adcopy_response'] ) ) {
- $solvemediaResponse = solvemedia_check_answer($gBitSystem->getConfig( 'users_register_smcaptcha_v_key' ), $_SERVER["REMOTE_ADDR"], $pParamHash["adcopy_challenge"], $pParamHash["adcopy_response"], $gBitSystem->getConfig( 'users_register_smcaptcha_h_key' ) );
- if( !$solvemediaResponse->is_valid ) {
- $this->mErrors['smcaptcha'] = $solvemediaResponse->error;
+ if( $gBitSystem->isFeatureActive( 'users_register_cfturnstile' ) && (empty( $pParamHash['novalidation'] ) || $pParamHash['novalidation'] != 'yes') ) {
+ require_once( USERS_PKG_CLASS_PATH.'CloudflareTurnstile.php' );
+ $cfTurnstile = new CloudflareTurnstileValidator( $gBitSystem->getConfig( 'users_register_cfturnstile_secret_key' ) );
+ if( !empty( $pParamHash['cf-turnstile-response'] ) ) {
+ $result = $cfTurnstile->validate( $pParamHash['cf-turnstile-response'], $_SERVER['REMOTE_ADDR'] );
+ if ($result['success']) {
+ } else {
+ $this->mErrors['cfturnstile'] = "Cloudflare Verification failed: " . implode(', ', $result['error_codes']);
}
} else {
- $this->mErrors['smcaptcha'] = 'Wrong Answer';
+ $this->mErrors['smcaptcha'] = 'No Cloudflare Response';
}
}
diff --git a/includes/classes/CloudflareTurnstile.php b/includes/classes/CloudflareTurnstile.php
index 06f4e1a..e2f75ce 100644
--- a/includes/classes/CloudflareTurnstile.php
+++ b/includes/classes/CloudflareTurnstile.php
@@ -32,32 +32,27 @@ class CloudflareTurnstileValidator {
curl_close($ch);
- // Check if request was successful
- if ($httpCode !== 200) {
- return [
- 'success' => false,
- 'error' => 'Failed to connect to verification server'
- ];
- }
+ $ret = array();
// Decode JSON response
$result = json_decode($response, true);
if (!$result) {
- return [
+ $ret = [
'success' => false,
- 'error' => 'Invalid response from verification server'
+ 'error_codes' => array( 'Invalid response from verification server ('.$httpCode.')' )
];
- }
+ } else {
+ $ret = [
+ 'success' => $result['success'],
+ 'timestamp' => $result['challenge_ts'] ?? null,
+ 'hostname' => $result['hostname'] ?? null,
+ 'error_codes' => $result['error-codes'] ?? []
+ ];
+ }
- // Return validation result
- return [
- 'success' => $result['success'],
- 'timestamp' => $result['challenge_ts'] ?? null,
- 'hostname' => $result['hostname'] ?? null,
- 'error_codes' => $result['error-codes'] ?? []
- ];
- }
+ return $ret;
+ }
}
// Example usage:
diff --git a/templates/captcha.tpl b/templates/captcha.tpl
index 929c01c..d67131d 100644
--- a/templates/captcha.tpl
+++ b/templates/captcha.tpl
@@ -51,10 +51,10 @@
{/if}
{if $gBitSystem->isFeatureActive('users_register_cfturnstile')}
- <div class="form-group {if $errors.recaptcha}error{/if}">
+ <div class="form-group {if $errors.cfturnstile}error{/if}">
{formlabel label="" for=""}
{forminput}
- {formfeedback error=$errors.recaptcha}
+ {formfeedback error=$errors.cfturnstile}
<div class="cf-turnstile" data-sitekey="{$gBitSystem->getConfig('users_register_cfturnstile_site_key')}" data-callback="javascriptCallback"></div>
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
{/forminput}