oxcaptcha.php

Go to the documentation of this file.

<?php

class oxCaptcha extends oxSuperCfg
{
    protected $_iMacLength = 5;

    protected $_sText = null;

    private $_sMacChars  = 'abcdefghijkmnpqrstuvwxyz23456789';

    protected $_iTimeout = 300;

    public function getText()
    {
        if ( !$this->_sText ) {
            $this->_sText = '';
            for ( $i=0; $i < $this->_iMacLength; $i++ ) {
                $this->_sText .= strtolower( $this->_sMacChars{ rand( 0, strlen( $this->_sMacChars ) - 1 ) } );
            }
        }

        return $this->_sText;
    }

    public function getHash($sText = null)
    {
        // inserting captcha record
        $iTime = time() + $this->_iTimeout;
        $sTextHash = $this->getTextHash( $sText );

        // if session is started - storing captcha info here
        $session = $this->getSession();
        if ( $session->isSessionStarted() ) {
            $sHash = oxUtilsObject::getInstance()->generateUID();
            $aHash = $session->getVariable( "aCaptchaHash" );
            $aHash[$sHash] = array( $sTextHash => $iTime );
            $session->setVariable( "aCaptchaHash", $aHash );
        } else {
            $oDb = oxDb::getDb();
            $sQ = "insert into oxcaptcha ( oxhash, oxtime ) values ( '{$sTextHash}', '{$iTime}' )";
            $oDb->execute( $sQ );
            $sHash = $oDb->getOne( "select LAST_INSERT_ID()", false, false );
        }
        return $sHash;
    }

    public function getTextHash( $sText )
    {
        if (!$sText) {
            $sText = $this->getText();
        }

        $sText = strtolower($sText);
        return md5( "ox{$sText}" );
    }

    public function getImageUrl()
    {
        $sUrl = $this->getConfig()->getCoreUtilsURL() . "verificationimg.php?e_mac=";
        $sUrl .= oxRegistry::getUtils()->strMan( $this->getText() );

        return $sUrl;
    }

    public function isImageVisible()
    {
        return ( ( function_exists( 'imagecreatetruecolor' ) || function_exists( 'imagecreate' ) ) && $this->getConfig()->getConfigParam( 'iUseGDVersion' ) > 1 );
    }

    protected function _passFromSession( $sMacHash, $sHash, $iTime )
    {
        $blPass = null;
        $oSession = $this->getSession();
        if ( ( $aHash = $oSession->getVariable( "aCaptchaHash" ) ) ) {
            $blPass = ( isset( $aHash[$sMacHash][$sHash] ) && $aHash[$sMacHash][$sHash] >= $iTime ) ? true : false;
            unset( $aHash[$sMacHash] );
            if ( !empty( $aHash ) ) {
                $oSession->setVariable( "aCaptchaHash", $aHash );
            } else {
                $oSession->deleteVariable( "aCaptchaHash" );
            }
        }
        return $blPass;
    }

    protected function _passFromDb( $iMacHash, $sHash, $iTime )
    {
        $blPass = false;

        $oDb = oxDb::getDb();
        $sQ  = "select 1 from oxcaptcha where oxid = {$iMacHash} and oxhash = '{$sHash}'";
        if ( ( $blPass = (bool) $oDb->getOne( $sQ, false, false ) ) ) {
            // cleanup
            $sQ = "delete from oxcaptcha where oxid = {$iMacHash} and oxhash = '{$sHash}'";
            $oDb->execute( $sQ );
        }

        // garbage cleanup
        $sQ = "delete from oxcaptcha where oxtime < $iTime";
        $oDb->execute( $sQ );

        return $blPass;
    }

    public function pass( $sMac, $sMacHash )
    {
        $iTime = time();
        $sHash = $this->getTextHash( $sMac );

        $blPass = $this->_passFromSession( $sMacHash, $sHash, $iTime );

        // if captha info was NOT stored in session
        if ( $blPass === null ) {
            $blPass = $this->_passFromDb( (int) $sMacHash, $sHash, $iTime );
        }

        return (bool) $blPass;
    }
}