* @url https://www.jomsocial.com/license-agreement
* The PHP code portions are distributed under the GPL license. If not otherwise stated, all images, manuals, cascading style sheets, and included JavaScript *are NOT GPL, and are released under the IJOOMLA Proprietary Use License v1.0
* More info at https://www.jomsocial.com/license-agreement
*/
use Joomla\CMS\Factory;
use Joomla\CMS\Http\Http;
use Joomla\Registry\Registry;
// Disallow direct access to this file
defined('_JEXEC') or die('Restricted access');
class RecaptchaCCaptchaHelper
{
public $enabled = false;
public $v3 = false;
public $ip;
private $theme;
private $privateKey;
private $publicKey;
private $apiUrl;
private $verifyUrl;
/*
* Load config data and object vars
*/
public function __construct()
{
// Config data
$config = CFactory::getConfig();
$this->enabled = $config->get('nocaptcha', false);
$this->v3 = $config->get('recaptchav3', false);
$this->privateKey = $config->get('nocaptchaprivate');
$this->publicKey = $config->get('nocaptchapublic');
$this->theme = $config->get('nocaptchatheme');
$this->apiUrl = $config->get('recaptcha_server');
$this->verifyUrl = $config->get('recaptcha_server_verify');
// Grab the IP, remember load balancers
// @todo is there a framework way to do it?
$this->ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
// If any of the vital vars is missing, disable the whole thing
if (!$this->privateKey || !$this->publicKey || !$this->apiUrl || !$this->verifyUrl) {
$this->enabled = false;
}
}
/*
* Return the Recaptcha HTML if enabled
*/
public function html()
{
if (!$this->enabled) {
return '';
}
return $this->v3 ? $this->htmlV3() : $this->htmlV2();
}
protected function htmlV2()
{
// start output buffer, if recaptcha is enabled add HTML and JS to the buffer
ob_start(); ?>
addScriptOptions('joms_recaptcha_v3', true);
$doc->addScriptOptions('joms_recaptcha_v3_key', $this->publicKey);
$html = '
';
return $html;
}
/*
* Send a verification request
*/
public function verify()
{
// if Recaptcha is not enabled, return true
if (!$this->enabled) return true;
return $this->v3 ? $this->verifyV3() : $this->verifyV2();
}
protected function verifyV2()
{
// get the Recaptcha response from the form data
$response = Factory::getApplication()->input->get('g-recaptcha-response');
if (!$response) return false;
// send it to verification server for confirmation
$http = new Http();
$result = $http->post(
$this->verifyUrl,
array(
'secret' => $this->privateKey,
'remoteip' => $this->ip,
'response' => $response,
)
);
$result = json_decode($result->body);
return ($result->success === true) ? true : false;
}
protected function verifyV3()
{
// get the Recaptcha response from the form data
$token = Factory::getApplication()->input->get('g-recaptcha-response');
if (!$token) return false;
// send it to verification server for confirmation
$http = new Http();
try {
$response = $http->post(
$this->verifyUrl,
array(
'secret' => $this->privateKey,
'remoteip' => $this->ip,
'response' => $token,
)
);
} catch (Exception $e) {
return false;
}
if ($response->code !== 200) {
return false;
}
$result = new Registry($response->body);
if (!$result->get('success')) {
return false;
}
$score = (float) $result->get('score');
if ($score > 0.5) {
return true;
}
return false;
}
}