Skip to content

Commit

Permalink
Feature/guzzle (#1)
Browse files Browse the repository at this point in the history 
* Require guzzle

* Changing curl code to use guzzle

* Validate code refactor
  • Loading branch information
@3Dgoo
3Dgoo authored May 19, 2020
1 parent 2a02ecb commit d090d0f
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 40 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ A spam protection field for Silverstripe using the hCaptcha service.

* Silverstripe Framework 4.x
* [Silverstripe Spam Protection 3.x](https://github.com/silverstripe/silverstripe-spamprotection/)
* PHP CURL
* [Guzzle 6.5](https://github.com/guzzle/guzzle/tree/6.5)

## Installation (with composer)

Expand Down
1 change: 1 addition & 0 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
}
],
"require": {
"guzzlehttp/guzzle": "^6.5",
"silverstripe/framework": "^4.0",
"silverstripe/spamprotection": "^3.0"
},
Expand Down
77 changes: 38 additions & 39 deletions src/Forms/HCaptchaField.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,9 +79,9 @@ public function Field($properties = [])
*/
public function validate($validator)
{
$hCaptchaResponse = Controller::curr()->getRequest()->requestVar('h-captcha-response');
$valid = $this->processCaptcha();

if (!isset($hCaptchaResponse)) {
if (!$valid) {
$validator->validationError(
$this->name,
_t(
Expand All @@ -90,50 +90,45 @@ public function validate($validator)
),
'validation'
);

return false;
}

if (!function_exists('curl_init')) {
user_error('You must enable php-curl to use this field', E_USER_ERROR);
return $valid;
}


/**
* Validates the captcha against the hCaptcha API
* @return bool Returns boolean true if valid false if not
*/
private function processCaptcha()
{
$hCaptchaResponse = Controller::curr()->getRequest()->requestVar('h-captcha-response');

if (!isset($hCaptchaResponse) || !$hCaptchaResponse) {
return false;
}

$secretKey = $this->getSecretKey();
$url = 'https://hcaptcha.com/siteverify' .
'?secret=' . $secretKey .
'&response=' . rawurlencode($hCaptchaResponse) .
'&remoteip=' . rawurlencode($_SERVER['REMOTE_ADDR']);
$ch = curl_init($url);

curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, str_replace(',', '/', 'SilverStripe'));
$response = json_decode(curl_exec($ch), true);

if (is_array($response)) {
if (array_key_exists('success', $response) && $response['success'] == false) {
$validator->validationError(
$this->name,
_t(
'X3dgoo\\HCaptcha\\Forms\\HCaptchaField.EMPTY',
'Please answer the captcha. If you do not see the captcha please enable Javascript'
),
'validation'
);

return false;
}
} else {
$validator->validationError(
$this->name,
_t(
'X3dgoo\\HCaptcha\\Forms\\HCaptchaField.VALIDATE_ERROR',
'Captcha could not be validated'
),
'validation'
);

$client = new \GuzzleHttp\Client([
'base_uri' => 'https://hcaptcha.com/',
]);

$response = $client->request(
'GET',
'siteverify',
[
'query' => [
'secret' => $secretKey,
'response' => rawurlencode($hCaptchaResponse),
'remoteip' => rawurlencode($_SERVER['REMOTE_ADDR']),
],
]
);

$response = json_decode($response->getBody(), true);

if (!is_array($response)) {
$logger = Injector::inst()->get(LoggerInterface::class);
$logger->error(
'Captcha validation failed as request was not successful.'
Expand All @@ -142,6 +137,10 @@ public function validate($validator)
return false;
}

if (array_key_exists('success', $response) && $response['success'] === false) {
return false;
}

return true;
}

Expand Down

0 comments on commit d090d0f

Please sign in to comment.