MediaWiki  1.34.4
ReCaptchaNoCaptcha.php
Go to the documentation of this file.
1 <?php
2 
3 use MediaWiki\Auth\AuthenticationRequest;
4 
5 class ReCaptchaNoCaptcha extends SimpleCaptcha {
6  // used for renocaptcha-edit, renocaptcha-addurl, renocaptcha-badlogin, renocaptcha-createaccount,
7  // renocaptcha-create, renocaptcha-sendemail via getMessage()
8  protected static $messagePrefix = 'renocaptcha-';
9 
10  private $error = null;
11 
17  public function getFormInformation( $tabIndex = 1 ) {
18  global $wgReCaptchaSiteKey, $wgLang;
19  $lang = htmlspecialchars( urlencode( $wgLang->getCode() ) );
20 
21  $output = Html::element( 'div', [
22  'class' => [
23  'g-recaptcha',
24  'mw-confirmedit-captcha-fail' => (bool)$this->error,
25  ],
26  'data-sitekey' => $wgReCaptchaSiteKey
27  ] );
28  $htmlUrlencoded = htmlspecialchars( urlencode( $wgReCaptchaSiteKey ) );
29  $output .= <<<HTML
30 <noscript>
31  <div>
32  <div style="width: 302px; height: 422px; position: relative;">
33  <div style="width: 302px; height: 422px; position: absolute;">
34  <iframe src="https://www.google.com/recaptcha/api/fallback?k={$htmlUrlencoded}&hl={$lang}"
35  frameborder="0" scrolling="no"
36  style="width: 302px; height:422px; border-style: none;">
37  </iframe>
38  </div>
39  </div>
40  <div style="width: 300px; height: 60px; border-style: none;
41  bottom: 12px; left: 25px; margin: 0px; padding: 0px; right: 25px;
42  background: #f9f9f9; border: 1px solid #c1c1c1; border-radius: 3px;">
43  <textarea id="g-recaptcha-response" name="g-recaptcha-response"
44  class="g-recaptcha-response"
45  style="width: 250px; height: 40px; border: 1px solid #c1c1c1;
46  margin: 10px 25px; padding: 0px; resize: none;" >
47  </textarea>
48  </div>
49  </div>
50 </noscript>
51 HTML;
52  return [
53  'html' => $output,
54  'headitems' => [
55  // Insert reCAPTCHA script, in display language, if available.
56  // Language falls back to the browser's display language.
57  // See https://developers.google.com/recaptcha/docs/faq
58  "<script src=\"https://www.google.com/recaptcha/api.js?hl={$lang}\" async defer></script>"
59  ]
60  ];
61  }
62 
66  protected function logCheckError( $info ) {
67  if ( $info instanceof Status ) {
68  $errors = $info->getErrorsArray();
69  $error = $errors[0][0];
70  } elseif ( is_array( $info ) ) {
71  $error = implode( ',', $info );
72  } else {
73  $error = $info;
74  }
75 
76  wfDebugLog( 'captcha', 'Unable to validate response: ' . $error );
77  }
78 
83  protected function getCaptchaParamsFromRequest( WebRequest $request ) {
84  // ReCaptchaNoCaptcha combines captcha ID + solution into a single value
85  // API is hardwired to return captchaWord, so use that if the standard isempty
86  // "captchaWord" is sent as "captchaword" by visual editor
87  $index = 'not used';
88  $response = $request->getVal( 'g-recaptcha-response',
89  $request->getVal( 'captchaWord',
90  $request->getVal( 'captchaword' )
91  ) );
92  return [ $index, $response ];
93  }
94 
105  protected function passCaptcha( $_, $word ) {
106  global $wgRequest, $wgReCaptchaSecretKey, $wgReCaptchaSendRemoteIP;
107 
108  $url = 'https://www.google.com/recaptcha/api/siteverify';
109  // Build data to append to request
110  $data = [
111  'secret' => $wgReCaptchaSecretKey,
112  'response' => $word,
113  ];
114  if ( $wgReCaptchaSendRemoteIP ) {
115  $data['remoteip'] = $wgRequest->getIP();
116  }
117  $url = wfAppendQuery( $url, $data );
118  $request = MWHttpRequest::factory( $url, [ 'method' => 'GET' ] );
119  $status = $request->execute();
120  if ( !$status->isOK() ) {
121  $this->error = 'http';
122  $this->logCheckError( $status );
123  return false;
124  }
125  $response = FormatJson::decode( $request->getContent(), true );
126  if ( !$response ) {
127  $this->error = 'json';
128  $this->logCheckError( $this->error );
129  return false;
130  }
131  if ( isset( $response['error-codes'] ) ) {
132  $this->error = 'recaptcha-api';
133  $this->logCheckError( $response['error-codes'] );
134  return false;
135  }
136 
137  return $response['success'];
138  }
139 
143  protected function addCaptchaAPI( &$resultArr ) {
144  $resultArr['captcha'] = $this->describeCaptchaType();
145  $resultArr['captcha']['error'] = $this->error;
146  }
147 
151  public function describeCaptchaType() {
152  global $wgReCaptchaSiteKey;
153  return [
154  'type' => 'recaptchanocaptcha',
155  'mime' => 'image/png',
156  'key' => $wgReCaptchaSiteKey,
157  ];
158  }
159 
167  public function getMessage( $action ) {
168  $msg = parent::getMessage( $action );
169  if ( $this->error ) {
170  $msg = new RawMessage( '<div class="error">$1</div>', [ $msg ] );
171  }
172  return $msg;
173  }
174 
181  public function apiGetAllowedParams( &$module, &$params, $flags ) {
182  if ( $flags && $this->isAPICaptchaModule( $module ) ) {
183  $params['g-recaptcha-response'] = [
184  ApiBase::PARAM_HELP_MSG => 'renocaptcha-apihelp-param-g-recaptcha-response',
185  ];
186  }
187 
188  return true;
189  }
190 
191  public function getError() {
192  return $this->error;
193  }
194 
195  public function storeCaptcha( $info ) {
196  // ReCaptcha is stored by Google; the ID will be generated at that time as well, and
197  // the one returned here won't be used. Just pretend this worked.
198  return 'not used';
199  }
200 
201  public function retrieveCaptcha( $index ) {
202  // just pretend it worked
203  return [ 'index' => $index ];
204  }
205 
206  public function getCaptcha() {
207  // ReCaptcha is handled by frontend code + an external provider; nothing to do here.
208  return [];
209  }
210 
216  public function getCaptchaInfo( $captchaData, $id ) {
217  return wfMessage( 'renocaptcha-info' );
218  }
219 
223  public function createAuthenticationRequest() {
224  return new ReCaptchaNoCaptchaAuthenticationRequest();
225  }
226 
233  public function onAuthChangeFormFields(
234  array $requests, array $fieldInfo, array &$formDescriptor, $action
235  ) {
236  global $wgReCaptchaSiteKey;
237 
238  $req = AuthenticationRequest::getRequestByClass( $requests,
239  CaptchaAuthenticationRequest::class, true );
240  if ( !$req ) {
241  return;
242  }
243 
244  // ugly way to retrieve error information
245  $captcha = ConfirmEditHooks::getInstance();
246 
247  $formDescriptor['captchaWord'] = [
248  'class' => HTMLReCaptchaNoCaptchaField::class,
249  'key' => $wgReCaptchaSiteKey,
250  'error' => $captcha->getError(),
251  ] + $formDescriptor['captchaWord'];
252  }
253 }
ReCaptchaNoCaptcha\logCheckError
logCheckError( $info)
Definition: ReCaptchaNoCaptcha.php:66
ReCaptchaNoCaptcha\retrieveCaptcha
retrieveCaptcha( $index)
Fetch this session's captcha info.
Definition: ReCaptchaNoCaptcha.php:201
$response
$response
Definition: opensearch_desc.php:38
ReCaptchaNoCaptcha\passCaptcha
passCaptcha( $_, $word)
Check, if the user solved the captcha.
Definition: ReCaptchaNoCaptcha.php:105
$lang
if(!isset( $args[0])) $lang
Definition: testCompression.php:33
ReCaptchaNoCaptcha\getCaptcha
getCaptcha()
Returns an array with 'question' and 'answer' keys.
Definition: ReCaptchaNoCaptcha.php:206
ApiBase\PARAM_HELP_MSG
const PARAM_HELP_MSG
(string|array|Message) Specify an alternative i18n documentation message for this parameter.
Definition: ApiBase.php:131
ReCaptchaNoCaptcha\getFormInformation
getFormInformation( $tabIndex=1)
Get the captcha form.
Definition: ReCaptchaNoCaptcha.php:17
ReCaptchaNoCaptcha\$messagePrefix
static $messagePrefix
Definition: ReCaptchaNoCaptcha.php:8
ReCaptchaNoCaptcha\getMessage
getMessage( $action)
Show a message asking the user to enter a captcha on edit The result will be treated as wiki text.
Definition: ReCaptchaNoCaptcha.php:167
wfMessage
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Definition: GlobalFunctions.php:1263
ReCaptchaNoCaptcha\createAuthenticationRequest
createAuthenticationRequest()
Definition: ReCaptchaNoCaptcha.php:223
SimpleCaptcha\$action
string $action
Used to select the right message.
Definition: SimpleCaptcha.php:20
ConfirmEditHooks\getInstance
static getInstance()
Get the global Captcha instance.
Definition: ConfirmEditHooks.php:13
wfDebugLog
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
Definition: GlobalFunctions.php:1007
Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:40
wfAppendQuery
wfAppendQuery( $url, $query)
Append a query string to an existing URL, which may or may not already have query string parameters a...
Definition: GlobalFunctions.php:439
FormatJson\decode
static decode( $value, $assoc=false)
Decodes a JSON string.
Definition: FormatJson.php:174
ReCaptchaNoCaptchaAuthenticationRequest
Authentication request for ReCaptcha v2.
Definition: ReCaptchaNoCaptchaAuthenticationRequest.php:9
$wgLang
$wgLang
Definition: Setup.php:880
ReCaptchaNoCaptcha\$error
$error
Definition: ReCaptchaNoCaptcha.php:10
ReCaptchaNoCaptcha\getCaptchaParamsFromRequest
getCaptchaParamsFromRequest(WebRequest $request)
Definition: ReCaptchaNoCaptcha.php:83
SimpleCaptcha
Demo CAPTCHA (not for production usage) and base class for real CAPTCHAs.
Definition: SimpleCaptcha.php:9
WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
Definition: WebRequest.php:42
SimpleCaptcha\isAPICaptchaModule
isAPICaptchaModule( $module)
Definition: SimpleCaptcha.php:917
ReCaptchaNoCaptcha\getCaptchaInfo
getCaptchaInfo( $captchaData, $id)
Definition: ReCaptchaNoCaptcha.php:216
ReCaptchaNoCaptcha\getError
getError()
Return the error from the last passCaptcha* call.
Definition: ReCaptchaNoCaptcha.php:191
WebRequest\getVal
getVal( $name, $default=null)
Fetch a scalar from the input or return $default if it's not set.
Definition: WebRequest.php:483
ReCaptchaNoCaptcha\addCaptchaAPI
addCaptchaAPI(&$resultArr)
Definition: ReCaptchaNoCaptcha.php:143
ReCaptchaNoCaptcha\describeCaptchaType
describeCaptchaType()
Definition: ReCaptchaNoCaptcha.php:151
ReCaptchaNoCaptcha\onAuthChangeFormFields
onAuthChangeFormFields(array $requests, array $fieldInfo, array &$formDescriptor, $action)
Definition: ReCaptchaNoCaptcha.php:233
$wgRequest
if(! $wgDBerrorLogTZ) $wgRequest
Definition: Setup.php:751
Html\element
static element( $element, $attribs=[], $contents='')
Identical to rawElement(), but HTML-escapes $contents (like Xml::element()).
Definition: Html.php:231
RawMessage
Variant of the Message class.
Definition: RawMessage.php:34
ReCaptchaNoCaptcha\apiGetAllowedParams
apiGetAllowedParams(&$module, &$params, $flags)
Definition: ReCaptchaNoCaptcha.php:181
ReCaptchaNoCaptcha
Definition: ReCaptchaNoCaptcha.php:5
ReCaptchaNoCaptcha\storeCaptcha
storeCaptcha( $info)
Generate a captcha session ID and save the info in PHP's session storage.
Definition: ReCaptchaNoCaptcha.php:195
MediaWiki\Auth\AuthenticationRequest
This is a value object for authentication requests.
Definition: AuthenticationRequest.php:37
MWHttpRequest\factory
static factory( $url, array $options=null, $caller=__METHOD__)
Generate a new request object.
Definition: MWHttpRequest.php:189