Skip to content

Commit 0f45fe4

Browse files
remdexremdex
committed
Recaptch for password reminder window
1 parent 985956f commit 0f45fe4

File tree

3 files changed

+31
-2
lines changed

3 files changed

+31
-2
lines changed

lhc_web/design/defaulttheme/tpl/lhuser/forgotpassword.tpl.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@
1313

1414
<?php include(erLhcoreClassDesign::designtpl('lhkernel/csfr_token.tpl.php'));?>
1515

16+
<?php include(erLhcoreClassDesign::designtpl('lhkernel/recaptcha.tpl.php'));?>
17+
1618
<input type="submit" class="btn btn-primary btn-sm" value="<?php echo erTranslationClassLhTranslation::getInstance()->getTranslation('user/forgotpassword','Restore password')?>" name="Forgotpassword" />
1719

1820
</form>

lhc_web/modules/lhuser/forgotpassword.php

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,33 @@
2828
$Errors[] = erTranslationClassLhTranslation::getInstance()->getTranslation('user/forgotpassword','Invalid e-mail address!');
2929
}
3030

31+
$recaptchaData = erLhcoreClassModelChatConfig::fetch('recaptcha_data')->data_value;
32+
33+
if (is_array($recaptchaData) && isset($recaptchaData['enabled']) && $recaptchaData['enabled'] == 1) {
34+
$params = [
35+
'secret' => $recaptchaData['secret_key'],
36+
'response' => $_POST['g-recaptcha']
37+
];
38+
39+
$ch = curl_init();
40+
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
41+
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
42+
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
43+
curl_setopt($ch,CURLOPT_POST,1);
44+
curl_setopt($ch,CURLOPT_POSTFIELDS,$params);
45+
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT , 5);
46+
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
47+
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
48+
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Some hostings produces warning...
49+
$res = curl_exec($ch);
50+
51+
$res = json_decode($res,true);
52+
53+
if (!(isset($res['success']) && $res['success'] == 1 && isset($res['score']) && $res['score'] >= 0.1 && $res['action'] == 'login_action')) {
54+
$Errors[] = 'Invalid recaptcha!';
55+
}
56+
}
57+
3158
if (count($Errors) == 0) {
3259

3360
if (($userID = erLhcoreClassModelUser::fetchUserByEmail($form->Email)) !== false) {

lhc_web/modules/lhuser/login.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -87,10 +87,10 @@
8787
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT , 5);
8888
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
8989
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
90-
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Some hostings produces wargning...
90+
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Some hostings produces warning...
9191
$res = curl_exec($ch);
9292

93-
$res = json_decode($res,true);
93+
$res = json_decode($res,true);
9494

9595
if (!(isset($res['success']) && $res['success'] == 1 && isset($res['score']) && $res['score'] >= 0.1 && $res['action'] == 'login_action')) {
9696
$valid = false;

0 commit comments

Comments
 (0)