oxcaptcha.php

Go to the documentation of this file.
00001 <?php
00002 
00008 class oxCaptcha extends oxSuperCfg
00009 {
00015     protected $_iMacLength = 5;
00016 
00022     protected $_sText = null;
00023 
00029     private $_sMacChars  = 'abcdefghijkmnpqrstuvwxyz23456789';
00030 
00036     protected $_iTimeout = 300;
00037 
00043     public function getText()
00044     {
00045         if ( !$this->_sText ) {
00046             $this->_sText = '';
00047             for ( $i=0; $i < $this->_iMacLength; $i++ ) {
00048                 $this->_sText .= strtolower( $this->_sMacChars{ rand( 0, strlen( $this->_sMacChars ) - 1 ) } );
00049             }
00050         }
00051 
00052         return $this->_sText;
00053     }
00054 
00062     public function getHash($sText = null)
00063     {
00064         // inserting captcha record
00065         $iTime = time() + $this->_iTimeout;
00066         $sTextHash = $this->getTextHash( $sText );
00067 
00068         // if session is started - storing captcha info here
00069         $session = $this->getSession();
00070         if ( $session->isSessionStarted() ) {
00071             $sHash = oxUtilsObject::getInstance()->generateUID();
00072             $aHash = $session->getVariable( "aCaptchaHash" );
00073             $aHash[$sHash] = array( $sTextHash => $iTime );
00074             $session->setVariable( "aCaptchaHash", $aHash );
00075         } else {
00076             $oDb = oxDb::getDb();
00077             $sQ = "insert into oxcaptcha ( oxhash, oxtime ) values ( '{$sTextHash}', '{$iTime}' )";
00078             $oDb->execute( $sQ );
00079             $sHash = $oDb->getOne( "select LAST_INSERT_ID()", false, false );
00080         }
00081         return $sHash;
00082     }
00083 
00091     public function getTextHash( $sText )
00092     {
00093         if (!$sText) {
00094             $sText = $this->getText();
00095         }
00096 
00097         $sText = strtolower($sText);
00098         return md5( "ox{$sText}" );
00099     }
00100 
00106     public function getImageUrl()
00107     {
00108         $sUrl = $this->getConfig()->getCoreUtilsURL() . "verificationimg.php?e_mac=";
00109         $sUrl .= oxRegistry::getUtils()->strMan( $this->getText() );
00110 
00111         return $sUrl;
00112     }
00113 
00119     public function isImageVisible()
00120     {
00121         return ( ( function_exists( 'imagecreatetruecolor' ) || function_exists( 'imagecreate' ) ) && $this->getConfig()->getConfigParam( 'iUseGDVersion' ) > 1 );
00122     }
00123 
00133     protected function _passFromSession( $sMacHash, $sHash, $iTime )
00134     {
00135         $blPass = null;
00136         $oSession = $this->getSession();
00137         if ( ( $aHash = $oSession->getVariable( "aCaptchaHash" ) ) ) {
00138             $blPass = ( isset( $aHash[$sMacHash][$sHash] ) && $aHash[$sMacHash][$sHash] >= $iTime ) ? true : false;
00139             unset( $aHash[$sMacHash] );
00140             if ( !empty( $aHash ) ) {
00141                 $oSession->setVariable( "aCaptchaHash", $aHash );
00142             } else {
00143                 $oSession->deleteVariable( "aCaptchaHash" );
00144             }
00145         }
00146         return $blPass;
00147     }
00148 
00158     protected function _passFromDb( $iMacHash, $sHash, $iTime )
00159     {
00160         $blPass = false;
00161 
00162         $oDb = oxDb::getDb();
00163         $sQ  = "select 1 from oxcaptcha where oxid = {$iMacHash} and oxhash = '{$sHash}'";
00164         if ( ( $blPass = (bool) $oDb->getOne( $sQ, false, false ) ) ) {
00165             // cleanup
00166             $sQ = "delete from oxcaptcha where oxid = {$iMacHash} and oxhash = '{$sHash}'";
00167             $oDb->execute( $sQ );
00168         }
00169 
00170         // garbage cleanup
00171         $sQ = "delete from oxcaptcha where oxtime < $iTime";
00172         $oDb->execute( $sQ );
00173 
00174         return $blPass;
00175     }
00176 
00185     public function pass( $sMac, $sMacHash )
00186     {
00187         $iTime = time();
00188         $sHash = $this->getTextHash( $sMac );
00189 
00190         $blPass = $this->_passFromSession( $sMacHash, $sHash, $iTime );
00191 
00192         // if captha info was NOT stored in session
00193         if ( $blPass === null ) {
00194             $blPass = $this->_passFromDb( (int) $sMacHash, $sHash, $iTime );
00195         }
00196 
00197         return (bool) $blPass;
00198     }
00199 }