remove Solve Media smcaptcha (not defunct) and implement Cloudflare Turnstile groundwork

5 files changed, 96 insertions, 18 deletions

diff --git a/admin/admin_login_inc.php b/admin/admin_login_inc.php
index 7a13d58..9651616 100644
--- a/admin/admin_login_inc.php
+++ b/admin/admin_login_inc.php
@@ -147,25 +147,20 @@ $registerSettings = array(
 		'type' => "text",
 		'note' => "This will be given to you after registering your site with Google",
 	),
-	'users_register_smcaptcha' => array(
-		'label' => "Use Solve Media CAPTCHA to prevent automatic/robot registration",
+	'users_register_cfturnstile' => array(
+		'label' => "Use Cloudflare Turnstile to prevent automatic/robot registration",
 		'type' => "checkbox",
-		'note' => "To use Solve Media CAPTCHA you must get your API keys from <a href='https://www.solvemedia.com'>https://www.solvemedia.com</a> and enter them below.",
+		'note' => "To use Cloudflare Turnstile you must get your API keys from <a href='https://www.cloudflare.com/application-services/products/turnstile/'>https://www.solvemedia.com</a> and enter them below.",
 	),
-	'users_register_smcaptcha_c_key' => array(
-		'label' => "Solve Media Challenge Key (C-key)",
+	'users_register_cfturnstile_site_key' => array(
+		'label' => "Cloudflare Site Key",
 		'type' => "text",
-		'note' => "This will be given to you after registering your site with Solve Media",
+		'note' => "This will be given to you after registering your site with Cloudflare",
 	),
-	'users_register_smcaptcha_v_key' => array(
-		'label' => "Solve Media Verification Key (V-key)",
+	'users_register_cfturnstile_secret_key' => array(
+		'label' => "Cloudflare Secret Key",
 		'type' => "text",
-		'note' => "This will be given to you after registering your site with Solve Media",
-	),
-	'users_register_smcaptcha_h_key' => array(
-		'label' => "Solve Media Authentication Hash Key (H-key)",
-		'type' => "text",
-		'note' => "This will be given to you after registering your site with Solve Media",
+		'note' => "This will be given to you after registering your site with Cloudflare",
 	),
 );
 $gBitSmarty->assign( 'registerSettings', $registerSettings );
diff --git a/includes/classes/CloudflareTurnstile.php b/includes/classes/CloudflareTurnstile.php
new file mode 100644
index 0000000..06f4e1a
--- /dev/null
+++ b/includes/classes/CloudflareTurnstile.php
@@ -0,0 +1,73 @@
+<?php
+
+class CloudflareTurnstileValidator {
+    private $secretKey;
+    private $verifyUrl = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
+
+    public function __construct($secretKey) {
+        $this->secretKey = $secretKey;
+    }
+
+    public function validate($responseToken, $remoteIp = null) {
+        // Prepare POST data
+        $data = [
+            'secret' => $this->secretKey,
+            'response' => $responseToken
+        ];
+
+        if ($remoteIp) {
+            $data['remoteip'] = $remoteIp;
+        }
+
+        // Initialize cURL
+        $ch = curl_init($this->verifyUrl);
+        curl_setopt($ch, CURLOPT_POST, true);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_TIMEOUT, 10);
+
+        // Execute request
+        $response = curl_exec($ch);
+        $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+        
+        curl_close($ch);
+
+        // Check if request was successful
+        if ($httpCode !== 200) {
+            return [
+                'success' => false,
+                'error' => 'Failed to connect to verification server'
+            ];
+        }
+
+        // Decode JSON response
+        $result = json_decode($response, true);
+
+        if (!$result) {
+            return [
+                'success' => false,
+                'error' => 'Invalid response from verification server'
+            ];
+        }
+
+        // Return validation result
+        return [
+            'success' => $result['success'],
+            'timestamp' => $result['challenge_ts'] ?? null,
+            'hostname' => $result['hostname'] ?? null,
+            'error_codes' => $result['error-codes'] ?? []
+        ];
+    }
+}
+
+// Example usage:
+/*
+$validator = new TurnstileValidator('YOUR_SECRET_KEY_HERE');
+$result = $validator->validate($_POST['cf-turnstile-response'], $_SERVER['REMOTE_ADDR']);
+
+if ($result['success']) {
+    echo "Verification successful!";
+} else {
+    echo "Verification failed: " . implode(', ', $result['error_codes']);
+}
+*/
diff --git a/includes/classes/RoleUser.php b/includes/classes/RoleUser.php
index 7e9c496..d4efc66 100644
--- a/includes/classes/RoleUser.php
+++ b/includes/classes/RoleUser.php
@@ -414,15 +414,15 @@ class BitUser extends LibertyMime {
 			}
 		}
 
-		if( $gBitSystem->isFeatureActive( 'users_register_smcaptcha' ) && (empty( $pParamHash['novalidation'] ) || $pParamHash['novalidation'] != 'yes') ) {
+		if( $gBitSystem->isFeatureActive( 'users_register_cfcaptcha' ) && (empty( $pParamHash['novalidation'] ) || $pParamHash['novalidation'] != 'yes') ) {
 			require_once( USERS_PKG_INCLUDE_PATH.'solvemedialib.php' );
 			if( !empty( $pParamHash['adcopy_challenge'] ) && !empty( $pParamHash['adcopy_response'] ) ) {
 				$solvemediaResponse = solvemedia_check_answer($gBitSystem->getConfig( 'users_register_smcaptcha_v_key' ), $_SERVER["REMOTE_ADDR"], $pParamHash["adcopy_challenge"], $pParamHash["adcopy_response"], $gBitSystem->getConfig( 'users_register_smcaptcha_h_key' ) );
 				if( !$solvemediaResponse->is_valid ) {
-					$this->mErrors['smcaptcha'] = $solvemediaResponse->error;
+					$this->mErrors['cfcaptcha'] = $solvemediaResponse->error;
 				}
 			} else {
-				$this->mErrors['smcaptcha'] = 'Wrong Answer';
+				$this->mErrors['cfcaptcha'] = 'Wrong Answer';
 			}
 		}
 
diff --git a/role_register.php b/role_register.php
index 9e7f008..c87227d 100644
--- a/role_register.php
+++ b/role_register.php
@@ -19,7 +19,6 @@ if( isset( $_REQUEST['tk'] ) ) {
 require_once( '../kernel/includes/setup_inc.php' );
 require_once( KERNEL_PKG_CLASS_PATH.'BitBase.php' );
 include_once( KERNEL_PKG_INCLUDE_PATH.'notification_lib.php' );
-// no longer supported, needs update - spiderr require_once( USERS_PKG_INCLUDE_PATH.'recaptchalib.php' );
 
 $gBitSystem->verifyFeature( 'users_allow_register' );
 
diff --git a/templates/captcha.tpl b/templates/captcha.tpl
index 8c59d85..929c01c 100644
--- a/templates/captcha.tpl
+++ b/templates/captcha.tpl
@@ -50,6 +50,17 @@
 	</div>
 {/if}
 
+{if $gBitSystem->isFeatureActive('users_register_cfturnstile')}
+	<div class="form-group {if $errors.recaptcha}error{/if}">
+		{formlabel label="" for=""}
+		{forminput}
+			{formfeedback error=$errors.recaptcha}
+			<div class="cf-turnstile" data-sitekey="{$gBitSystem->getConfig('users_register_cfturnstile_site_key')}" data-callback="javascriptCallback"></div>
+			<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
+		{/forminput}
+	</div>
+{/if}
+
 {if $gBitSystem->isFeatureActive('users_register_smcaptcha')}
 	<div class="form-group {if $errors.smcaptcha}error{/if}">
 		{formlabel label="Are you human?" for="smcaptcha"}