yii 如何使用captcha API

jogvjijk  于 2022-11-09  发布在  其他
关注(0)|答案(1)|浏览(182)

我想在Yii中使用recaptcha,这是制作组件http://www.yiiframework.com/wiki/165/understanding-autoloading-helper-classes-and-helper-functions/的方法
但现在的问题是,captchalib.php是做这项工作所需的文件,这是一个包含类、常量和函数的文件,这些都是相互关联的。
我想知道现在我如何使它成为组件并在Yii中使用,因为它既不是函数也不是类。有更好的方法吗?
下面是captchalib.php的代码

<?php
        /*
         * This is a PHP library that handles calling reCAPTCHA.
         *    - Documentation and latest version
         *          http://recaptcha.net/plugins/php/
         *    - Get a reCAPTCHA API Key
         *          https://www.google.com/recaptcha/admin/create
         *    - Discussion group
         *          http://groups.google.com/group/recaptcha
         *
         * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
         * AUTHORS:
         *   Mike Crawford
         *   Ben Maurer
         *
         * Permission is hereby granted, free of charge, to any person obtaining a copy
         * of this software and associated documentation files (the "Software"), to deal
         * in the Software without restriction, including without limitation the rights
         * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
         * copies of the Software, and to permit persons to whom the Software is
         * furnished to do so, subject to the following conditions:
         *
         * The above copyright notice and this permission notice shall be included in
         * all copies or substantial portions of the Software.
         *
         * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
         * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
         * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
         * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
         * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
         * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
         * THE SOFTWARE.
         */

        /**
         * The reCAPTCHA server URL's
         */
        define("RECAPTCHA_API_SERVER", "http://www.google.com/recaptcha/api");
        define("RECAPTCHA_API_SECURE_SERVER", "https://www.google.com/recaptcha/api");
        define("RECAPTCHA_VERIFY_SERVER", "www.google.com");

        /**
         * Encodes the given data into a query string format
         * @param $data - array of string elements to be encoded
         * @return string - encoded request
         */
        function _recaptcha_qsencode ($data) {
                $req = "";
                foreach ( $data as $key => $value )
                        $req .= $key . '=' . urlencode( stripslashes($value) ) . '&';

                // Cut the last '&'
                $req=substr($req,0,strlen($req)-1);
                return $req;
        }

        /**
         * Submits an HTTP POST to a reCAPTCHA server
         * @param string $host
         * @param string $path
         * @param array $data
         * @param int port
         * @return array response
         */
        function _recaptcha_http_post($host, $path, $data, $port = 80) {

                $req = _recaptcha_qsencode ($data);

                $http_request  = "POST $path HTTP/1.0\r\n";
                $http_request .= "Host: $host\r\n";
                $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
                $http_request .= "Content-Length: " . strlen($req) . "\r\n";
                $http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
                $http_request .= "\r\n";
                $http_request .= $req;

                $response = '';
                if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
                        die ('Could not open socket');
                }

                fwrite($fs, $http_request);

                while ( !feof($fs) )
                        $response .= fgets($fs, 1160); // One TCP-IP packet
                fclose($fs);
                $response = explode("\r\n\r\n", $response, 2);

                return $response;
        }

        /**
         * Gets the challenge HTML (javascript and non-javascript version).
         * This is called from the browser, and the resulting reCAPTCHA HTML widget
         * is embedded within the HTML form it was called from.
         * @param string $pubkey A public key for reCAPTCHA
         * @param string $error The error given by reCAPTCHA (optional, default is null)
         * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)

         * @return string - The HTML to be embedded in the user's form.
         */
        function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
        {
                if ($pubkey == null || $pubkey == '') {
                        die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
                }

                if ($use_ssl) {
                        $server = RECAPTCHA_API_SECURE_SERVER;
                } else {
                        $server = RECAPTCHA_API_SERVER;
                }

                $errorpart = "";
                if ($error) {
                   $errorpart = "&amp;error=" . $error;
                }
                return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>

                <noscript>
                        <iframe src="'. $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
                        <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
                        <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
                </noscript>';
        }

        /**
         * A ReCaptchaResponse is returned from recaptcha_check_answer()
         */
        class ReCaptchaResponse {
                var $is_valid;
                var $error;
        }

        /**
          * Calls an HTTP POST function to verify if the user's guess was correct
          * @param string $privkey
          * @param string $remoteip
          * @param string $challenge
          * @param string $response
          * @param array $extra_params an array of extra variables to post to the server
          * @return ReCaptchaResponse
          */
        function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array())
        {
                if ($privkey == null || $privkey == '') {
                        die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
                }

                if ($remoteip == null || $remoteip == '') {
                        die ("For security reasons, you must pass the remote ip to reCAPTCHA");
                }

                //discard spam submissions
                if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
                        $recaptcha_response = new ReCaptchaResponse();
                        $recaptcha_response->is_valid = false;
                        $recaptcha_response->error = 'incorrect-captcha-sol';
                        return $recaptcha_response;
                }

                $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify",
                                                  array (
                                                         'privatekey' => $privkey,
                                                         'remoteip' => $remoteip,
                                                         'challenge' => $challenge,
                                                         'response' => $response
                                                         ) + $extra_params
                                                  );

                $answers = explode ("\n", $response [1]);
                $recaptcha_response = new ReCaptchaResponse();

                if (trim ($answers [0]) == 'true') {
                        $recaptcha_response->is_valid = true;
                }
                else {
                        $recaptcha_response->is_valid = false;
                        $recaptcha_response->error = $answers [1];
                }
                return $recaptcha_response;

        }

        /**
         * gets a URL where the user can sign up for reCAPTCHA. If your application
         * has a configuration page where you enter a key, you should provide a link
         * using this function.
         * @param string $domain The domain where the page is hosted
         * @param string $appname The name of your application
         */
        function recaptcha_get_signup_url ($domain = null, $appname = null) {
                return "https://www.google.com/recaptcha/admin/create?" .  _recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname));
        }

        function _recaptcha_aes_pad($val) {
                $block_size = 16;
                $numpad = $block_size - (strlen ($val) % $block_size);
                return str_pad($val, strlen ($val) + $numpad, chr($numpad));
        }

        /* Mailhide related code */

        function _recaptcha_aes_encrypt($val,$ky) {
                if (! function_exists ("mcrypt_encrypt")) {
                        die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
                }
                $mode=MCRYPT_MODE_CBC;   
                $enc=MCRYPT_RIJNDAEL_128;
                $val=_recaptcha_aes_pad($val);
                return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
        }

        function _recaptcha_mailhide_urlbase64 ($x) {
                return strtr(base64_encode ($x), '+/', '-_');
        }

        /* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
        function recaptcha_mailhide_url($pubkey, $privkey, $email) {
                if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
                        die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
                             "you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
                }

                $ky = pack('H*', $privkey);
                $cryptmail = _recaptcha_aes_encrypt ($email, $ky);

                return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail);
        }

        /**
         * gets the parts of the email to expose to the user.
         * eg, given johndoe@example,com return ["john", "example.com"].
         * the email is then displayed as john...@example.com
         */
        function _recaptcha_mailhide_email_parts ($email) {
                $arr = preg_split("/@/", $email );

                if (strlen ($arr[0]) <= 4) {
                        $arr[0] = substr ($arr[0], 0, 1);
                } else if (strlen ($arr[0]) <= 6) {
                        $arr[0] = substr ($arr[0], 0, 3);
                } else {
                        $arr[0] = substr ($arr[0], 0, 4);
                }
                return $arr;
        }

        /**
         * Gets html to display an email address given a public an private key.
         * to get a key, go to:
         *
         * http://www.google.com/recaptcha/mailhide/apikey
         */
        function recaptcha_mailhide_html($pubkey, $privkey, $email) {
                $emailparts = _recaptcha_mailhide_email_parts ($email);
                $url = recaptcha_mailhide_url ($pubkey, $privkey, $email);

                return htmlentities($emailparts[0]) . "<a href='" . htmlentities ($url) .
                        "' onclick=\"window.open('" . htmlentities ($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ($emailparts [1]);

        }

        ?>
fivyi3re

fivyi3re1#

使用此代码。
类现在更新了许多私有和一些公共方法,并且常量现在被定义为类常量。
使用ReCaptcha.php名称保存此文件。
protected/components/ReCaptcha.php
由于私有构造函数,您将无法创建此类的直接示例,当您调用其静态方法check_answer()时,该类将返回ReCaptcha示例
现在,为了使用ReCaptcha服务。使用
参数值(_A);
要检查重新计算答案,请使用此
验证码响应=验证码::检查答案(参数值);
现在,这个$ReCaptchaResponse是对象示例,您可以使用它来查找
$验证码响应-〉有效;//(布尔值,true或false将可用)
$验证码响应-〉错误;// is_valid为false,您可以使用它来寻找实际传回的错误。
同样,如果php文件只包含php代码,建议保留结尾的php标签“?〉”

<?php
    /*
     * This is a PHP library that handles calling reCAPTCHA.
     *    - Documentation and latest version
     *          http://recaptcha.net/plugins/php/
     *    - Get a reCAPTCHA API Key
     *          https://www.google.com/recaptcha/admin/create
     *    - Discussion group
     *          http://groups.google.com/group/recaptcha
     *
     * Copyright (c) 2007 reCAPTCHA -- http://recaptcha.net
     * AUTHORS:
     *   Mike Crawford
     *   Ben Maurer
     *
     * Permission is hereby granted, free of charge, to any person obtaining a copy
     * of this software and associated documentation files (the "Software"), to deal
     * in the Software without restriction, including without limitation the rights
     * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     * copies of the Software, and to permit persons to whom the Software is
     * furnished to do so, subject to the following conditions:
     *
     * The above copyright notice and this permission notice shall be included in
     * all copies or substantial portions of the Software.
     *
     * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
     * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     * THE SOFTWARE.
     */

    /**
     * A ReCaptcha Library with pubic properties is returned from
     * ReCaptcha::check_answer()
     */
    class ReCaptcha {

        public $is_valid;
        public $error;

        /**
         * The reCAPTCHA API server URL
         */
        const RECAPTCHA_API_SERVER = "http://www.google.com/recaptcha/api";

        /**
         * The reCAPTCHA API SECURE server URL
         */
        const RECAPTCHA_API_SECURE_SERVER = "https://www.google.com/recaptcha/api";

        /**
         * The reCAPTCHA VERIFY server URL
         */
        const RECAPTCHA_VERIFY_SERVER = "www.google.com";

        /**
         * A private constructor,
         * prevents direct creation of object from outside the class.
         */
        private function __construct() {
        }

        /**
         * Encodes the given data into a query string format
         * @param $data - array of string elements to be encoded
         * @return string - encoded request
         */
        private static function _recaptcha_qsencode ($data) {
                $req = "";
                foreach ( $data as $key => $value )
                        $req .= $key . '=' . urlencode( stripslashes($value) ) . '&';

                // Cut the last '&'
                $req=substr($req,0,strlen($req)-1);
                return $req;
        }

        /**
         * Submits an HTTP POST to a reCAPTCHA server
         * @param string $host
         * @param string $path
         * @param array $data
         * @param int port
         * @return array response
         */
        private static function _recaptcha_http_post($host, $path, $data, $port = 80) {

                $req = self::_recaptcha_qsencode ($data);

                $http_request  = "POST $path HTTP/1.0\r\n";
                $http_request .= "Host: $host\r\n";
                $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
                $http_request .= "Content-Length: " . strlen($req) . "\r\n";
                $http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
                $http_request .= "\r\n";
                $http_request .= $req;

                $response = '';
                if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
                        die ('Could not open socket');
                }

                fwrite($fs, $http_request);

                while ( !feof($fs) )
                        $response .= fgets($fs, 1160); // One TCP-IP packet
                fclose($fs);
                $response = explode("\r\n\r\n", $response, 2);

                return $response;
        }

        /**
         * Gets the challenge HTML (javascript and non-javascript version).
         * This is called from the browser, and the resulting reCAPTCHA HTML widget
         * is embedded within the HTML form it was called from.
         * @param string $pubkey A public key for reCAPTCHA
         * @param string $error The error given by reCAPTCHA (optional, default is null)
         * @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)

         * @return string - The HTML to be embedded in the user's form.
         */
        public static function get_html ($pubkey, $error = null, $use_ssl = false)
        {
                if ($pubkey == null || $pubkey == '') {
                        die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
                }

                if ($use_ssl) {
                        $server = self::RECAPTCHA_API_SECURE_SERVER;
                } else {
                        $server = self::RECAPTCHA_API_SERVER;
                }

                $errorpart = "";
                if ($error) {
                   $errorpart = "&amp;error=" . $error;
                }
                return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>

                <noscript>
                        <iframe src="'. $server . '/noscript?k=' . $pubkey . $errorpart . '" height="300" width="500" frameborder="0"></iframe><br/>
                        <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
                        <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
                </noscript>';
        }

        /**
          * Calls an HTTP POST function to verify if the user's guess was correct
          * @param string $privkey
          * @param string $remoteip
          * @param string $challenge
          * @param string $response
          * @param array $extra_params an array of extra variables to post to the server
          * @return ReCaptcha
          */
        public static function check_answer ($privkey, $remoteip, $challenge, $response, $extra_params = array())
        {
                if ($privkey == null || $privkey == '') {
                        die ("To use reCAPTCHA you must get an API key from <a href='https://www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
                }

                if ($remoteip == null || $remoteip == '') {
                        die ("For security reasons, you must pass the remote ip to reCAPTCHA");
                }

                //discard spam submissions
                if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) {
                        $recaptcha_response = new self();
                        $recaptcha_response->is_valid = false;
                        $recaptcha_response->error = 'incorrect-captcha-sol';
                        return $recaptcha_response;
                }

                $response = self::_recaptcha_http_post (self::RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/verify",
                                                  array (
                                                         'privatekey' => $privkey,
                                                         'remoteip' => $remoteip,
                                                         'challenge' => $challenge,
                                                         'response' => $response
                                                         ) + $extra_params
                                                  );

                $answers = explode ("\n", $response [1]);
                $recaptcha_response = new self();

                if (trim ($answers [0]) == 'true') {
                        $recaptcha_response->is_valid = true;
                }
                else {
                        $recaptcha_response->is_valid = false;
                        $recaptcha_response->error = $answers [1];
                }
                return $recaptcha_response;

        }

        /**
         * gets a URL where the user can sign up for reCAPTCHA. If your application
         * has a configuration page where you enter a key, you should provide a link
         * using this function.
         * @param string $domain The domain where the page is hosted
         * @param string $appname The name of your application
         */
        public static function get_signup_url ($domain = null, $appname = null) {
                return "https://www.google.com/recaptcha/admin/create?" .  self::_recaptcha_qsencode (array ('domains' => $domain, 'app' => $appname));
        }

        private static function _recaptcha_aes_pad($val) {
                $block_size = 16;
                $numpad = $block_size - (strlen ($val) % $block_size);
                return str_pad($val, strlen ($val) + $numpad, chr($numpad));
        }

        /* Mailhide related code */

        /**
         * Gets html to display an email address given a public an private key.
         * to get a key, go to:
         *
         * http://www.google.com/recaptcha/mailhide/apikey
         */
        public static function mailhide_html($pubkey, $privkey, $email) {
                $emailparts = self::_recaptcha_mailhide_email_parts ($email);
                $url = self::mailhide_url ($pubkey, $privkey, $email);

                return htmlentities($emailparts[0]) . "<a href='" . htmlentities ($url) .
                        "' onclick=\"window.open('" . htmlentities ($url) . "', '', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300'); return false;\" title=\"Reveal this e-mail address\">...</a>@" . htmlentities ($emailparts [1]);

        }

        private static function _recaptcha_aes_encrypt($val,$ky) {
                if (! function_exists ("mcrypt_encrypt")) {
                        die ("To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.");
                }
                $mode=MCRYPT_MODE_CBC;
                $enc=MCRYPT_RIJNDAEL_128;
                $val=self::_recaptcha_aes_pad($val);
                return mcrypt_encrypt($enc, $ky, $val, $mode, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
        }

        private static function _recaptcha_mailhide_urlbase64 ($x) {
                return strtr(base64_encode ($x), '+/', '-_');
        }

        /* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
        public static function mailhide_url($pubkey, $privkey, $email) {
                if ($pubkey == '' || $pubkey == null || $privkey == "" || $privkey == null) {
                        die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
                             "you can do so at <a href='http://www.google.com/recaptcha/mailhide/apikey'>http://www.google.com/recaptcha/mailhide/apikey</a>");
                }

                $ky = pack('H*', $privkey);
                $cryptmail = self::_recaptcha_aes_encrypt ($email, $ky);

                return "http://www.google.com/recaptcha/mailhide/d?k=" . $pubkey . "&c=" . self::_recaptcha_mailhide_urlbase64 ($cryptmail);
        }

        /**
         * gets the parts of the email to expose to the user.
         * eg, given johndoe@example,com return ["john", "example.com"].
         * the email is then displayed as john...@example.com
         */
        private static function _recaptcha_mailhide_email_parts ($email) {
                $arr = preg_split("/@/", $email );

                if (strlen ($arr[0]) <= 4) {
                        $arr[0] = substr ($arr[0], 0, 1);
                } else if (strlen ($arr[0]) <= 6) {
                        $arr[0] = substr ($arr[0], 0, 3);
                } else {
                        $arr[0] = substr ($arr[0], 0, 4);
                }
                return $arr;
        }
    }

相关问题