From dadcee117a850111d5ef67cfed1dbd34a9c15db7 Mon Sep 17 00:00:00 2001 From: Bruce Atkinson Date: Fri, 6 May 2022 07:16:36 +0200 Subject: [PATCH] Add reCAPTCHA to help protect stop bots and other automated attacks. Remove use of session. --- changelog.txt | 15 +++-- public_html/classes/paygate.payweb3.php | 2 +- public_html/classes/paygate_currencies.php | 2 +- public_html/composer.json | 1 + public_html/composer.lock | 61 ++++++++++++------- public_html/includes/footer.php | 2 +- public_html/includes/header.php | 5 +- public_html/index.php | 20 ++++-- public_html/redirect.php | 7 ++- public_html/result.php | 6 +- public_html/terms.php | 2 +- public_html/vendor/autoload.php | 2 +- public_html/vendor/composer/autoload_real.php | 8 +-- .../vendor/composer/autoload_static.php | 6 +- 14 files changed, 89 insertions(+), 50 deletions(-) diff --git a/changelog.txt b/changelog.txt index 2af963b..dd64986 100755 --- a/changelog.txt +++ b/changelog.txt @@ -1,6 +1,11 @@ -= 1.0.1 - March 01, 2020 = -* Add Currency Options and Logging for development and testing. -* Minor fixes and improvements. +===================================== +Date : Version: Description +===================================== -= 1.0.0 - December 21, 2019 = -* Initial Release. \ No newline at end of file +2022-05-06: v1.0.2 : Add reCAPTCHA to help protect stop bots and other automated attacks. + Remove use of session. + +2020-03-01: v1.0.1 : Add Currency Options and Logging for development and testing. + Minor fixes and improvements. + +2019-12-21: v1.0.0 : Initial release. \ No newline at end of file diff --git a/public_html/classes/paygate.payweb3.php b/public_html/classes/paygate.payweb3.php index 5417b0e..76579b5 100755 --- a/public_html/classes/paygate.payweb3.php +++ b/public_html/classes/paygate.payweb3.php @@ -1,6 +1,6 @@ =7.2", "psr/log": "^1.0.1" }, "provide": { @@ -30,16 +30,17 @@ "require-dev": { "aws/aws-sdk-php": "^2.4.9 || ^3.0", "doctrine/couchdb": "~1.0@dev", - "elasticsearch/elasticsearch": "^6.0", + "elasticsearch/elasticsearch": "^7", "graylog2/gelf-php": "^1.4.2", - "jakub-onderka/php-parallel-lint": "^0.9", + "mongodb/mongodb": "^1.8", "php-amqplib/php-amqplib": "~2.4", "php-console/php-console": "^3.1.3", "phpspec/prophecy": "^1.6.1", - "phpunit/phpunit": "^8.3", + "phpstan/phpstan": "^0.12.59", + "phpunit/phpunit": "^8.5", "predis/predis": "^1.1", "rollbar/rollbar": "^1.3", - "ruflin/elastica": ">=0.90 <3.0", + "ruflin/elastica": ">=0.90 <7.0.1", "swiftmailer/swiftmailer": "^5.3|^6.0" }, "suggest": { @@ -59,7 +60,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "2.x-dev" + "dev-main": "2.x-dev" } }, "autoload": { @@ -75,30 +76,44 @@ { "name": "Jordi Boggiano", "email": "j.boggiano@seld.be", - "homepage": "http://seld.be" + "homepage": "https://seld.be" } ], "description": "Sends your logs to files, sockets, inboxes, databases and various web services", - "homepage": "http://github.com/Seldaek/monolog", + "homepage": "https://github.com/Seldaek/monolog", "keywords": [ "log", "logging", "psr-3" ], - "time": "2019-12-20T14:22:59+00:00" + "support": { + "issues": "https://github.com/Seldaek/monolog/issues", + "source": "https://github.com/Seldaek/monolog/tree/2.2.0" + }, + "funding": [ + { + "url": "https://github.com/Seldaek", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/monolog/monolog", + "type": "tidelift" + } + ], + "time": "2020-12-14T13:15:25+00:00" }, { "name": "psr/log", - "version": "1.1.2", + "version": "1.1.3", "source": { "type": "git", "url": "https://github.com/php-fig/log.git", - "reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801" + "reference": "0f73288fd15629204f9d42b7055f72dacbe811fc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/log/zipball/446d54b4cb6bf489fc9d75f55843658e6f25d801", - "reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801", + "url": "https://api.github.com/repos/php-fig/log/zipball/0f73288fd15629204f9d42b7055f72dacbe811fc", + "reference": "0f73288fd15629204f9d42b7055f72dacbe811fc", "shasum": "" }, "require": { @@ -132,7 +147,10 @@ "psr", "psr-3" ], - "time": "2019-11-01T11:05:21+00:00" + "support": { + "source": "https://github.com/php-fig/log/tree/1.1.3" + }, + "time": "2020-03-23T09:12:05+00:00" } ], "packages-dev": [], @@ -142,5 +160,6 @@ "prefer-stable": false, "prefer-lowest": false, "platform": [], - "platform-dev": [] + "platform-dev": [], + "plugin-api-version": "2.0.0" } diff --git a/public_html/includes/footer.php b/public_html/includes/footer.php index e05c650..7afedca 100755 --- a/public_html/includes/footer.php +++ b/public_html/includes/footer.php @@ -1,6 +1,6 @@ This is your encryption key, e.g. secret. + +
+ + +
@@ -371,6 +376,12 @@ function prepare_final_install_page() } } echo << +

Create Transaction

@@ -398,7 +409,8 @@ function prepare_final_install_page() - + diff --git a/public_html/redirect.php b/public_html/redirect.php index ab98353..7377104 100755 --- a/public_html/redirect.php +++ b/public_html/redirect.php @@ -1,6 +1,6 @@ $paygate_id, - 'REFERENCE' => filter_var( $_POST['REFERENCE'], FILTER_SANITIZE_STRING ), + 'REFERENCE' => $reference, 'AMOUNT' => filter_var( $_POST['AMOUNT'] * 100, FILTER_SANITIZE_NUMBER_INT ), 'CURRENCY' => filter_var( $_POST['CURRENCY'], FILTER_SANITIZE_STRING ), - 'RETURN_URL' => filter_var( $_POST['RETURN_URL'], FILTER_SANITIZE_URL ), + 'RETURN_URL' => filter_var( $_POST['RETURN_URL'], FILTER_SANITIZE_URL ) . '?reference=' . $reference, 'TRANSACTION_DATE' => filter_var( $_POST['TRANSACTION_DATE'], FILTER_SANITIZE_STRING ), 'LOCALE' => filter_var( $_POST['LOCALE'], FILTER_SANITIZE_STRING ), 'COUNTRY' => filter_var( $_POST['COUNTRY'], FILTER_SANITIZE_STRING ), diff --git a/public_html/result.php b/public_html/result.php index 38e2177..5b0b092 100755 --- a/public_html/result.php +++ b/public_html/result.php @@ -1,6 +1,6 @@ $paygate_id, 'PAY_REQUEST_ID' => isset( $_POST['PAY_REQUEST_ID'] ) ? $_POST['PAY_REQUEST_ID'] : '', 'TRANSACTION_STATUS' => isset( $_POST['TRANSACTION_STATUS'] ) ? $_POST['TRANSACTION_STATUS'] : '', - 'REFERENCE' => isset( $_SESSION['reference'] ) ? $_SESSION['reference'] : '', + 'REFERENCE' => isset( $reference ) ? $reference : '', 'CHECKSUM' => isset( $_POST['CHECKSUM'] ) ? $_POST['CHECKSUM'] : '', ); diff --git a/public_html/terms.php b/public_html/terms.php index eb9bd61..e38e08f 100755 --- a/public_html/terms.php +++ b/public_html/terms.php @@ -1,6 +1,6 @@ = 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); if ($useStaticLoader) { require_once __DIR__ . '/autoload_static.php'; - call_user_func(\Composer\Autoload\ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::getInitializer($loader)); + call_user_func(\Composer\Autoload\ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::getInitializer($loader)); } else { $map = require __DIR__ . '/autoload_namespaces.php'; foreach ($map as $namespace => $path) { diff --git a/public_html/vendor/composer/autoload_static.php b/public_html/vendor/composer/autoload_static.php index 59e73ff..70b623c 100644 --- a/public_html/vendor/composer/autoload_static.php +++ b/public_html/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560 +class ComposerStaticInitf4f9ceee581bf9a60933ba548c368355 { public static $prefixLengthsPsr4 = array ( 'P' => @@ -31,8 +31,8 @@ class ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::$prefixDirsPsr4; + $loader->prefixLengthsPsr4 = ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::$prefixDirsPsr4; }, null, ClassLoader::class); }