From 0e55db7caf032202960d9b927905e334cc081bcd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 6 Nov 2024 23:02:46 +0100 Subject: [PATCH] WIP Captcha architecture --- htdocs/admin/security_captcha.php | 6 +-- htdocs/core/class/html.formticket.class.php | 37 +++++++++++++------ .../captcha/modCaptchaStandard.class.php | 2 +- htdocs/core/tpl/login.tpl.php | 36 ++++++++++++------ htdocs/core/tpl/passwordforgotten.tpl.php | 36 ++++++++++++------ 5 files changed, 78 insertions(+), 39 deletions(-) diff --git a/htdocs/admin/security_captcha.php b/htdocs/admin/security_captcha.php index e710915f8fc2a..c73631f5e74b8 100644 --- a/htdocs/admin/security_captcha.php +++ b/htdocs/admin/security_captcha.php @@ -91,11 +91,7 @@ print ''.$langs->trans("CaptchaDesc")."
\n"; print "
\n"; -$dirModCaptcha = array_merge(array('/core/modules/security/captcha'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); -foreach ($conf->modules_parts['captcha'] as $mo) { - //Add more models - $dirModCaptcha[] = $mo.'core/modules/security/captcha'; -} +$dirModCaptcha = array_merge(array('/core/modules/security/captcha/'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); // Load array with all captcha generation modules $arrayhandler = array(); diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index de9d367f75ba8..6d65f8e119ad4 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -793,21 +793,36 @@ function(response) { require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; $captcha = getDolGlobalString('MAIN_SECURITY_ENABLECAPTCHA_HANDLER', 'standard'); - $classfile = DOL_DOCUMENT_ROOT."/core/modules/security/captcha/modCaptcha".ucfirst($captcha).'.class.php'; - include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $captchaobj = null; - if (dol_is_file($classfile)) { - // Charging the numbering class - $classname = "modCaptcha".ucfirst($captcha); - require_once $classfile; + // List of directories where we can find captcha handlers + $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); - $captchaobj = new $classname($this->db, $conf, $langs, $user); + $fullpathclassfile = ''; + foreach ($dirModCaptcha as $dir) { + $fullpathclassfile = dol_buildpath($dir."modCaptcha".ucfirst($captcha).'.class.php', 0, 2); + if ($fullpathclassfile) { + break; + } } - if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { - print $captchaobj->getCaptchaCodeForForm(); + if ($fullpathclassfile) { + include_once $fullpathclassfile; + $captchaobj = null; + + // Charging the numbering class + $classname = "modCaptcha".ucfirst($captcha); + if (class_exists($classname)) { + $captchaobj = new $classname($this->db, $conf, $langs, $user); + + if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { + print $captchaobj->getCaptchaCodeForForm(); + } else { + print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + } + } else { + print 'Error, the captcha handler class '.$classname.' was not found after the include'; + } } else { - print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + print 'Error, the captcha handler '.$captcha.' has no class file found modCaptcha'.ucfirst($captcha); } print '
'; diff --git a/htdocs/core/modules/security/captcha/modCaptchaStandard.class.php b/htdocs/core/modules/security/captcha/modCaptchaStandard.class.php index cb736ff96d8ba..60cc6e5cdce82 100644 --- a/htdocs/core/modules/security/captcha/modCaptchaStandard.class.php +++ b/htdocs/core/modules/security/captcha/modCaptchaStandard.class.php @@ -99,7 +99,7 @@ public function getExample() * Return the HTML content to output on a form that need the captcha * * @param string $php_self An URL for the a href link - * @return int 0 if KO, >0 if OK + * @return string The HTML code to output */ public function getCaptchaCodeForForm($php_self = '') { diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 6b9cefd699647..c33c89e213192 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -307,21 +307,35 @@ $php_self .= '?time='.dol_print_date(dol_now(), 'dayhourlog'); } - $classfile = DOL_DOCUMENT_ROOT."/core/modules/security/captcha/modCaptcha".ucfirst($captcha).'.class.php'; - include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $captchaobj = null; - if (dol_is_file($classfile)) { + // List of directories where we can find captcha handlers + $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); + $fullpathclassfile = ''; + foreach ($dirModCaptcha as $dir) { + $fullpathclassfile = dol_buildpath($dir."modCaptcha".ucfirst($captcha).'.class.php', 0, 2); + if ($fullpathclassfile) { + break; + } + } + + if ($fullpathclassfile) { + include_once $fullpathclassfile; + $captchaobj = null; + // Charging the numbering class $classname = "modCaptcha".ucfirst($captcha); - require_once $classfile; + if (class_exists($classname)) { + $captchaobj = new $classname($db, $conf, $langs, $user); - $captchaobj = new $classname($db, $conf, $langs, $user); - } - - if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { - print $captchaobj->getCaptchaCodeForForm($php_self); + if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { + print $captchaobj->getCaptchaCodeForForm(); + } else { + print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + } + } else { + print 'Error, the captcha handler class '.$classname.' was not found after the include'; + } } else { - print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + print 'Error, the captcha handler '.$captcha.' has no class file found modCaptcha'.ucfirst($captcha); } } diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index aa5c12dcfe1f6..e2fb9115ac65b 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -174,21 +174,35 @@ $php_self .= '?time='.dol_print_date(dol_now(), 'dayhourlog'); } - $classfile = DOL_DOCUMENT_ROOT."/core/modules/security/captcha/modCaptcha".ucfirst($captcha).'.class.php'; - include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $captchaobj = null; - if (dol_is_file($classfile)) { + // List of directories where we can find captcha handlers + $dirModCaptcha = array_merge(array('main' => '/core/modules/security/captcha/'), is_array($conf->modules_parts['captcha']) ? $conf->modules_parts['captcha'] : array()); + $fullpathclassfile = ''; + foreach ($dirModCaptcha as $dir) { + $fullpathclassfile = dol_buildpath($dir."modCaptcha".ucfirst($captcha).'.class.php', 0, 2); + if ($fullpathclassfile) { + break; + } + } + + if ($fullpathclassfile) { + include_once $fullpathclassfile; + $captchaobj = null; + // Charging the numbering class $classname = "modCaptcha".ucfirst($captcha); - require_once $classfile; + if (class_exists($classname)) { + $captchaobj = new $classname($db, $conf, $langs, $user); - $captchaobj = new $classname($db, $conf, $langs, $user); - } - - if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { - print $captchaobj->getCaptchaCodeForForm($php_self); + if (is_object($captchaobj) && method_exists($captchaobj, 'getCaptchaCodeForForm')) { + print $captchaobj->getCaptchaCodeForForm(); + } else { + print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + } + } else { + print 'Error, the captcha handler class '.$classname.' was not found after the include'; + } } else { - print 'Error, the captcha handler '.get_class($captchaobj).' does not have any method getCaptchaCodeForForm()'; + print 'Error, the captcha handler '.$captcha.' has no class file found modCaptcha'.ucfirst($captcha); } }