oidplusalarmingautosfxaysaliacalllibchecksum-toolscolormanagercryptochatcurrency_converterdecoderdelphiutilsdistributeddpcstudiodpg2fastphpfileformatsfilter_foundryforestgridgameht46f47_simulatorindexer_suiteipe_artfile_utilsjavautilsjumperlightgamelogviewermusikboxmystic_houseoidconverteroidinfo_apioidinfo_new_designpersonal-webbasephp_antispamphp_clientchallengephp_guestbookphp_utilsplumbersprependrecyclebinunitsimple_log_eventsokobanspacemissionstackmanuserdetect2uuid_mac_utilsvgwhoisvnagwebcounterwinbugtrackeryt_downloader

BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /trunk/plugins/viathinksoft/captcha/vts_challenge/OIDplusCaptchaPluginVtsClientChallenge.class.php @ 1024

  → /trunk/plugins/viathinksoft/captcha/vts_challenge/OIDplusCaptchaPluginVtsClientChallenge.class.php @ 1025

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Regard whitespace Rev 1024 → Rev 1025

/trunk/plugins/viathinksoft/captcha/vts_challenge/OIDplusCaptchaPluginVtsClientChallenge.class.php
38,13 → 38,15
public function action($actionID, $params) {
if ($actionID == 'get_challenge') {
$complexity=50000; // TODO: make configurable
$server_secret='VtsClientChallenge:'.OIDplus::baseConfig()->getValue('SERVER_SECRET');
$min = 0;
$max = $complexity;
$offset = 0; // doesn't matter
$min = $offset;
$max = $offset + OIDplus::baseConfig()->getValue('VTS_CAPTCHA_COMPLEXITY', 50000);
if ($max > mt_getrandmax()) $max = mt_getrandmax();
$starttime = time();
$random = rand($min,$max); // TODO: cryptographic rand
$random = mt_rand($min,$max);
$ip_target = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown';
$challenge = sha3_512($starttime.'/'.$ip_target.'/'.$random);
$challenge_integrity = sha3_512_hmac($challenge,$server_secret);
55,7 → 57,12
throw new OIDplusException(_L('Cannot write file %1', $open_trans_file));
}
return array("status" => 0, "challenge" => $send_to_client);
return array(
"status" => 0,
"challenge" => $send_to_client,
// Autosolve on=calculate result on page load; off=calculate result on form submit
"autosolve" => OIDplus::baseConfig()->getValue('VTS_CAPTCHA_AUTOSOLVE', true)
);
}
}
90,7 → 97,6
if (is_null($fieldname)) $fieldname = 'vts_validation_result';
$server_secret='VtsClientChallenge:'.OIDplus::baseConfig()->getValue('SERVER_SECRET');
$max_time = 10*60; // 10min. TODO: make configurable!
if (!isset($params[$fieldname])) throw new OIDplusException(_L('No challenge response found').' (A)');
110,7 → 116,7
$current_ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown');
if ($ip_target != $current_ip) {
throw new OIDplusException(_L('IP address has changed. Please try again. (current IP %1, expected %2)', $current_ip, $ip_target));
} else if (time()-$starttime > $max_time) {
} else if (time()-$starttime > OIDplus::baseConfig()->getValue('VTS_CAPTCHA_MAXTIME', 10*60/*10 minutes*/)) {
throw new OIDplusException(_L('Challenge expired. Please try again.'));
} else if ($challenge_integrity != sha3_512_hmac($challenge,$server_secret)) {
throw new OIDplusException(_L('Challenge integrity failed'));