Add hCaptcha support

This commit is contained in:
Trevor Slocum 2021-03-10 10:45:54 -08:00
parent 0f6c8b2a93
commit 23bf4e3937
5 changed files with 53 additions and 7 deletions

View file

@ -16,6 +16,7 @@ See [TinyIB Installations](https://gitlab.com/tslocum/tinyib/wikis/Home) for dem
- YouTube, Vimeo and SoundCloud embedding.
- CAPTCHA
- A simple, self-hosted implementation is included.
- [hCaptcha](https://hcaptcha.com) is supported.
- [ReCAPTCHA](https://www.google.com/recaptcha/about/) is supported but [not recommended](https://nearcyan.com/you-probably-dont-need-recaptcha/).
- Reference links. `>>###`
- Delete posts via password.

View file

@ -207,6 +207,10 @@ if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
}
if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.'));
}
if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.'));
}

View file

@ -232,7 +232,27 @@ function deletePost($id) {
}
function checkCAPTCHA($mode) {
if ($mode === 'recaptcha') {
if ($mode === 'hcaptcha') {
$captcha = isset($_POST['h-captcha-response']) ? $_POST['h-captcha-response'] : '';
if ($captcha == '') {
fancyDie('Failed CAPTCHA. Reason:<br>Please click the checkbox labeled "I am human".');
}
$data = array(
'secret' => TINYIB_HCAPTCHA_SECRET,
'response' => $captcha
);
$verify = curl_init();
curl_setopt($verify, CURLOPT_URL, "https://hcaptcha.com/siteverify");
curl_setopt($verify, CURLOPT_POST, true);
curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($verify, CURLOPT_RETURNTRANSFER, true);
$verifyResponse = curl_exec($verify);
$responseData = json_decode($verifyResponse);
if (!isset($responseData->success) || !$responseData->success) {
fancyDie('Failed CAPTCHA.');
}
} else if ($mode === 'recaptcha') {
require_once 'inc/recaptcha/autoload.php';
$captcha = isset($_POST['g-recaptcha-response']) ? $_POST['g-recaptcha-response'] : '';

View file

@ -4,7 +4,13 @@ if (!defined('TINYIB_BOARD')) {
}
function pageHeader() {
$js_captcha = (TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') ? '<script src="https://www.google.com/recaptcha/api.js" async defer></script>' : '';
$js_captcha = '';
if (TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') {
$js_captcha .= '<script src="https://www.hcaptcha.com/1/api.js" async defer></script>';
}
if (TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') {
$js_captcha .= '<script src="https://www.google.com/recaptcha/api.js" async defer></script>';
}
$return = <<<EOF
<!DOCTYPE html>
@ -149,7 +155,12 @@ EOF;
$captcha_html = '';
if (TINYIB_CAPTCHA && !$raw_post) {
if (TINYIB_CAPTCHA === 'recaptcha') {
if (TINYIB_CAPTCHA === 'hcaptcha') {
$captcha_inner_html = '
<div style="min-height: 82px;">
<div class="h-captcha" data-sitekey="' . TINYIB_HCAPTCHA_SITE . '"></div>
</div>';
} else if (TINYIB_CAPTCHA === 'recaptcha') {
$captcha_inner_html = '
<div style="min-height: 80px;">
<div class="g-recaptcha" data-sitekey="' . TINYIB_RECAPTCHA_SITE . '"></div>
@ -793,7 +804,13 @@ function manageLogInForm() {
$txt_login = __('Log In');
$txt_login_prompt = __('Enter an administrator or moderator password');
$captcha_inner_html = '';
if (TINYIB_MANAGECAPTCHA === 'recaptcha') {
if (TINYIB_MANAGECAPTCHA === 'hcaptcha') {
$captcha_inner_html = '
<br>
<div style="min-height: 82px;">
<div class="h-captcha" data-sitekey="' . TINYIB_HCAPTCHA_SITE . '"></div>
</div><br><br>';
} else if (TINYIB_MANAGECAPTCHA === 'recaptcha') {
$captcha_inner_html = '
<br>
<div style="min-height: 80px;">

View file

@ -23,8 +23,8 @@ define('TINYIB_MODPASS', ''); // Moderators only have access to delete (
define('TINYIB_BOARD', 'b'); // Unique identifier for this board using only letters and numbers
define('TINYIB_BOARDDESC', 'TinyIB'); // Displayed at the top of every page
define('TINYIB_ALWAYSNOKO', false); // Redirect to thread after posting
define('TINYIB_CAPTCHA', ''); // Reduce spam by requiring users to pass a CAPTCHA when posting: simple / recaptcha (click Rebuild All in the management panel after enabling) ['' to disable]
define('TINYIB_MANAGECAPTCHA', ''); // Improve security by requiring users to pass a CAPTCHA when logging in to the management panel: simple / recaptcha ['' to disable]
define('TINYIB_CAPTCHA', ''); // Reduce spam by requiring users to pass a CAPTCHA when posting: simple / hcaptcha / recaptcha (click Rebuild All in the management panel after enabling) ['' to disable]
define('TINYIB_MANAGECAPTCHA', ''); // Improve security by requiring users to pass a CAPTCHA when logging in to the management panel: simple / hcaptcha / recaptcha ['' to disable]
define('TINYIB_REPORT', false); // Allow users to report posts
define('TINYIB_REQMOD', ''); // Require moderation before displaying posts: files / all ['' to disable]
define('TINYIB_DISALLOWTHREADS', ''); // When set, users attempting to post a new thread are shown this message instead ['' to disable]
@ -100,7 +100,11 @@ define('TINYIB_MAXH', 250); // Height
define('TINYIB_TRIPSEED', ''); // Enter some random text (used when generating secure tripcodes, hashing passwords and hashing IP addresses)
// CAPTCHA
// The following only apply when TINYIB_CAPTCHA is set to recaptcha
// The following settings apply when TINYIB_CAPTCHA is set to hcaptcha
// For API keys visit https://dashboard.hcaptcha.com/signup
define('TINYIB_HCAPTCHA_SITE', ''); // Site key
define('TINYIB_HCAPTCHA_SECRET', ''); // Secret key
// The following settings apply when TINYIB_CAPTCHA is set to recaptcha
// For API keys visit https://www.google.com/recaptcha
define('TINYIB_RECAPTCHA_SITE', ''); // Site key
define('TINYIB_RECAPTCHA_SECRET', '');// Secret key