Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 303 → Rev 348

/_recaptchalib.php
0,0 → 1,277
<?php
/*
* This is a PHP library that handles calling reCAPTCHA.
* - Documentation and latest version
* http://recaptcha.net/plugins/php/
* - Get a reCAPTCHA API Key
* https://www.google.com/recaptcha/admin/create
* - Discussion group
* http://groups.google.com/group/recaptcha
*
* Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
* AUTHORS:
* Mike Crawford
* Ben Maurer
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
 
/**
* The reCAPTCHA server URL's
*/
define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api");
define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api");
define("RECAPTCHA_VERIFY_SERVER", "www.google.com");
 
/**
* Encodes the given data into a query string format
* @param $data - array of string elements to be encoded
* @return string - encoded request
*/
function _recaptcha_qsencode ($data) {
$req = "";
foreach ( $data as $key => $value )
$req .= $key . '=' . urlencode( stripslashes($value) ) . '&';
 
// Cut the last '&'
$req=substr($req,0,strlen($req)-1);
return $req;
}
 
 
 
/**
* Submits an HTTP POST to a reCAPTCHA server
* @param string $host
* @param string $path
* @param array $data
* @param int port
* @return array response
*/
function _recaptcha_http_post($host, $path, $data, $port = 80) {
 
$req = _recaptcha_qsencode ($data);
 
$http_request = "POST $path HTTP/1.0\r\n";
$http_request .= "Host: $host\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
$http_request .= "Content-Length: " . strlen($req) . "\r\n";
$http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
$http_request .= "\r\n";
$http_request .= $req;
 
$response = '';
if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
die ('Could not open socket');
}
 
fwrite($fs, $http_request);
 
while ( !feof($fs) )
$response .= fgets($fs, 1160); // One TCP-IP packet
fclose($fs);
$response = explode("\r\n\r\n", $response, 2);
 
return $response;
}
 
 
 
/**
* Gets the challenge HTML (javascript and non-javascript version).
* This is called from the browser, and the resulting reCAPTCHA HTML widget
* is embedded within the HTML form it was called from.
* @param string $pubkey A public key for reCAPTCHA
* @param string $error The error given by reCAPTCHA (optional, default is null)
* @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)
 
* @return string - The HTML to be embedded in the user's form.
*/
function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
{
if ($pubkey == null || $pubkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
if ($use_ssl) {
$server = RECAPTCHA_API_SECURE_SERVER;
} else {
$server = RECAPTCHA_API_SERVER;
}
 
$errorpart = "";
if ($error) {
$errorpart = "&amp;error=" . $error;
}
return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>
 
<noscript>
<iframe src="'. $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
</noscript>';
}
 
 
 
 
/**
* A ReCaptchaResponse is returned from recaptcha_check_answer()
*/
class ReCaptchaResponse {
var $is_valid;
var $error;
}
 
 
/**
* Calls an HTTP POST function to verify if the user's guess was correct
* @param string $privkey
* @param string $remoteip
* @param string $challenge
* @param string $response
* @param array $extra_params an array of extra variables to post to the server
* @return ReCaptchaResponse
*/
function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array())
{
if ($privkey == null || $privkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
 
if ($remoteip == null || $remoteip == '') {
die ("For security reasons, you must pass the remote ip to reCAPTCHA");
}
 
//discard spam submissions
if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
$recaptcha_response = new ReCaptchaResponse();
$recaptcha_response->is_valid = false;
$recaptcha_response->error = 'incorrect-captcha-sol';
return $recaptcha_response;
}
 
$response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify",
array (
'privatekey' => $privkey,
'remoteip' => $remoteip,
'challenge' => $challenge,
'response' => $response
) + $extra_params
);
 
$answers = explode ("\n", $response [1]);
$recaptcha_response = new ReCaptchaResponse();
 
if (trim ($answers [0]) == 'true') {
$recaptcha_response->is_valid = true;
}
else {
$recaptcha_response->is_valid = false;
$recaptcha_response->error = $answers [1];
}
return $recaptcha_response;
 
}
 
/**
* gets a URL where the user can sign up for reCAPTCHA. If your application
* has a configuration page where you enter a key, you should provide a link
* using this function.
* @param string $domain The domain where the page is hosted
* @param string $appname The name of your application
*/
function recaptcha_get_signup_url ($domain = null, $appname = null) {
return "https://www.google.com/recaptcha/admin/create?" . _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname));
}
 
function _recaptcha_aes_pad($val) {
$block_size = 16;
$numpad = $block_size - (strlen ($val) % $block_size);
return str_pad($val, strlen ($val) + $numpad, chr($numpad));
}
 
/* Mailhide related code */
 
function _recaptcha_aes_encrypt($val,$ky) {
if (! function_exists ("mcrypt_encrypt")) {
die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
}
$mode=MCRYPT_MODE_CBC;
$enc=MCRYPT_RIJNDAEL_128;
$val=_recaptcha_aes_pad($val);
return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
}
 
 
function _recaptcha_mailhide_urlbase64 ($x) {
return strtr(base64_encode ($x), '+/', '-_');
}
 
/* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
function recaptcha_mailhide_url($pubkey, $privkey, $email) {
if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
"you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
}
 
$ky = pack('H*', $privkey);
$cryptmail = _recaptcha_aes_encrypt ($email, $ky);
return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail);
}
 
/**
* gets the parts of the email to expose to the user.
* eg, given johndoe@example,com return ["john", "example.com"].
* the email is then displayed as john...@example.com
*/
function _recaptcha_mailhide_email_parts ($email) {
$arr = preg_split("/@/", $email );
 
if (strlen ($arr[0]) <= 4) {
$arr[0] = substr ($arr[0], 0, 1);
} else if (strlen ($arr[0]) <= 6) {
$arr[0] = substr ($arr[0], 0, 3);
} else {
$arr[0] = substr ($arr[0], 0, 4);
}
return $arr;
}
 
/**
* Gets html to display an email address given a public an private key.
* to get a key, go to:
*
* http://www.google.com/recaptcha/mailhide/apikey
*/
function recaptcha_mailhide_html($pubkey, $privkey, $email) {
$emailparts = _recaptcha_mailhide_email_parts ($email);
$url = recaptcha_mailhide_url ($pubkey, $privkey, $email);
return htmlentities($emailparts[0]) . "<a href='" . htmlentities ($url) .
"' onclick=\"window.open('" . htmlentities ($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ($emailparts [1]);
 
}
 
 
?>
/register-do.php
1,6 → 1,7
<?php
 
require '_taios.php';
require_once '_recaptchalib.php';
 
$page = new Taios_Page('Login');
 
/register.php
1,6 → 1,7
<?php
 
require '_taios.php';
require_once '_recaptchalib.php';
 
$page = new Taios_Page('Register');
$page->drawHeader();
44,6 → 45,10
</tr>
<tr>
<td class="bold"></td>
<td><?php echo recaptcha_get_html($recaptura_publickey); ?></td>
</tr>
<tr>
<td class="bold"></td>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
/styles.css
4,19 → 4,22
font-family: Droid Sans, Tahoma, sans-serif;
font-size: 11pt;
margin: 0px;
padding: 0px;
}
 
h1 {
font-size: 28pt;
margin: 6px;
margin: 8px;
margin-top: 0px;
color: #000089;
border-bottom: 1px solid #000000;
color: #FFFFFF;
border-bottom: 1px solid #FFFFFF;
}
 
h2 {
font-size: 20pt;
margin: 6px;
margin: 8px;
margin-left: 8px;
color: #00004B;
}
23,7 → 26,7
 
h3 {
font-size: 16pt;
margin: 6px;
margin: 8px;
margin-left: 10px;
color: #000055;
}
30,7 → 33,7
 
h4 {
font-size: 12pt;
margin: 6px;
margin: 8px;
margin-left: 12px;
color: #00005F;
}
37,7 → 40,7
 
h5 {
font-size: 10pt;
margin: 6px;
margin: 8px;
margin-left: 14px;
color: #000069;
}
44,7 → 47,7
 
p, table, span {
font-size: 11pt;
margin: 6px;
margin: 8px;
margin-left: 16px;
}
 
88,21 → 91,16
}
 
.sidebar {
left: 0px;
top: 0px;
position: fixed;
float: left;
width: 146px;
padding: 0px;
padding-left: 32px;
border-right: 1px solid #000089;
background-color: #FFFF73;
background-image: url('data/sidebar-gradient.png');
background-repeat: repeat-x;
background-position: center bottom;
border-right: 0px solid #000089;
background-color: #032865;
color: #FFFFFF;
}
 
.sidebar-header {
left: 0px;
width: 140px;
padding: 6px;
text-align: right;
111,10 → 109,12
.sidebar-menu {
text-align: right;
padding: 6px;
color: #FFFFFF;
}
 
.sidebar-menu h3 {
margin: 6px;
color: #FFFFFF;
}
 
.sidebar-menu p {
122,9 → 122,13
margin: 4px;
}
 
.sidebar-menu a {
color: #FFFFFF;
}
 
.content {
left: 200px;
top: 0px;
left: 180px;
position: absolute;
margin-right: 32px;
}
/_taios.php
169,7 → 169,9
function replaceBBCode($str)
{
$newstr = str_replace("\n", '</p><p>', $str);
$newstr = str_replace("<", "[", $str);
$newstr = str_replace(">", "]", $newstr);
$newstr = str_replace("\n", '</p><p>', $newstr);
$newstr = str_replace(' ', '&nbsp;&nbsp;', $newstr);
$newstr = str_replace(' :)', ' <img src="' . $this->url . 'data/smilies/face-smile.png" class="smiley" />', $newstr);
$newstr = str_replace(' :p', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />', $newstr);
/photos/index.php
8,9 → 8,17
 
write('<p>Here we have all sorts of photos from Tim32.</p><br />');
 
$dirs = array();
$dir = dir('albums/');
while (($file = $dir->read()) !== false)
{
array_push($dirs, $file);
}
 
asort($dirs);
 
foreach ($dirs as $file)
{
if ($file[0] != '.')
{
write('<p><a href="album.php?dir=' . $file . '">' . $file . '</a></p>');
/photos/album.php
39,6 → 39,11
 
write('<p class="bold"><a href="index.php">Back to Photos</a></p><br />');
 
if (file_exists("albums/" . $dirName . "/description.txt"))
{
write('<p>' . $page->replaceBBCode(file_get_contents("albums/" . $dirName . "/description.txt")) . '</p><br />');
}
 
write('<table>');
write('<tr>');
 
47,6 → 52,8
$dir = dir('albums/' . $dirName);
while (($file = $dir->read()) !== false)
{
if (getimagesize('albums/' . $dirName . '/' . $file))
{
if ($file[0] != '.')
{
if ($i >= 4)
62,6 → 69,7
$i++;
}
}
}
 
write('</tr>');
/index.php
6,10 → 6,10
$page->drawHeader();
write('<h3>Pages</h3>');
$page->drawMenuItem('Biggles', '/~biggles/');
$page->drawMenuItem('Freddie', '/~freddie/');
$page->drawMenuItem('Freddie (FredFace)', '/~freddie/');
$page->drawMenuItem('Muzer', '/~muzer/');
$page->drawMenuItem('Sh4rk', '/~szabot/');
$page->drawMenuItem('Tom', '/~tom/');
$page->drawMenuItem('Tom (TomMan)', '/~tom/');
$page->drawMiddle();
 
?>
/404.php
16,6 → 16,7
 
<p class="bold">404 - Page not found</p>
<p>The page you requested could not be found.</p>
<br />
 
<h4>Useful Links</h4>
 
/admin/all-accounts.php
17,7 → 17,7
write('<td class="bold">ID</td>');
write('<td class="bold">AccessID</td>');
write('<td class="bold">Username</td>');
write('<td class="bold">Password</td>');
write('<td class="bold">SHA1 Password</td>');
write('<td class="bold">Name</td>');
write('<td class="bold">Email Address</td>');
write('<td class="bold">Challenge ID</td>');
/wiki/index.php
12,6 → 12,8
$page->drawHeader();
$page->drawMiddle();
 
write('<p><i>The wiki is still under construction.</i></p>');
 
if ($page->isUserGM($page->getLoggedInUser()))
{
write('<p><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
/forums/index.php
4,8 → 4,6
 
$page = new Taios_Page('Forums', '../');
 
write('<p><i>The forums are still under construction.</i></p>');
 
$parentID = $_GET['parentID'];
if (empty($parentID))
{
19,6 → 17,8
$page->drawHeader();
$page->drawMiddle();
 
write('<p><i>The forums are still under construction.</i></p>');
 
write('<p class="bold">');
if ($parentID != -1)
{