perdedora/leftypol
1
0
Fork 0
forked from leftypol/leftypol
Code Pull requests Activity

post.php: make dynamic captcha less prone to misuse

Browse source
This commit is contained in:
Zankaria 2024-07-29 20:48:22 +02:00
parent 40475158eb
commit 8f98665a1c
1 changed files with 19 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

38
post.php
View file

@ -727,27 +727,27 @@ function handle_post()
if (!$dropped_post) { if (!$dropped_post) {
if ($config['dynamic_captcha'] !== false && $_SERVER['REMOTE_ADDR'] === $config['dynamic_captcha']) { if ($config['dynamic_captcha'] !== false) {
if ($config['recaptcha']) { if ($_SERVER['REMOTE_ADDR'] === $config['dynamic_captcha']) {
if (!isset($_POST['g-recaptcha-response'])) { if ($config['recaptcha']) {
error($config['error']['bot']); if (!isset($_POST['g-recaptcha-response'])) {
} error($config['error']['bot']);
if (!check_recaptcha($config['recaptcha_private'], $_POST['g-recaptcha-response'], null)) { }
error($config['error']['captcha']); if (!check_recaptcha($config['recaptcha_private'], $_POST['g-recaptcha-response'], null)) {
} error($config['error']['captcha']);
} elseif ($config['turnstile']) { }
if (!isset($_POST['cf-turnstile-response'])) { } elseif ($config['turnstile']) {
error($config['error']['bot']); if (!isset($_POST['cf-turnstile-response'])) {
} error($config['error']['bot']);
$expected_action = $post['op'] ? 'post-thread' : 'post-reply'; }
if (!check_turnstile($config['turnstile_private'], $_POST['cf-turnstile-response'], null, $expected_action)) { $expected_action = $post['op'] ? 'post-thread' : 'post-reply';
error($config['error']['captcha']); if (!check_turnstile($config['turnstile_private'], $_POST['cf-turnstile-response'], null, $expected_action)) {
error($config['error']['captcha']);
}
} }
} }
} } else {
// Check for CAPTCHA right after opening the board so the "return" link is in there.
// Check for CAPTCHA right after opening the board so the "return" link is in there.
if ($config['dynamic_captcha'] === false) {
if ($config['recaptcha']) { if ($config['recaptcha']) {
if (!isset($_POST['g-recaptcha-response'])) { if (!isset($_POST['g-recaptcha-response'])) {
error($config['error']['bot']); error($config['error']['bot']);