Business
/
NickelBox
Watch 1
Star 0
Fork 0
Code Issues 7 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Remove captcha-related code, since login is done by AccountHub now

master
Skylar Ittner 5 months ago
parent
e0802f582b
commit
106e697fc3
4 changed files with 4 additions and 44 deletions
Split View Show Diff Stats
  1. 0
    1
      langs/en/core.json
  2. 0
    23
      lib/Login.lib.php
  3. 4
    5
      required.php
  4. 0
    15
      settings.template.php

+ 0
- 1
langs/en/core.json View File 

@@ -11,6 +11,5 @@
11 11 
     "invalid parameters": "Invalid request parameters.",
12 12 
     "login server error": "The login server returned an error: {arg}",
13 13 
     "login server user data error": "The login server refused to provide account information.  Try again or contact technical support.",
14 
-    "captcha error": "There was a problem with the CAPTCHA (robot test).  Try again.",
15 14 
     "no access permission": "You do not have permission to access this system."
16 15 
 }

+ 0
- 23
lib/Login.lib.php View File 

@@ -45,29 +45,6 @@ class Login {
45 45 
         return Login::LOGIN_OK;
46 46 
     }
47 47
48 
-    public static function verifyCaptcha(string $session, string $answer, string $url): bool {
49 
-        $data = [
50 
-            'session_id' => $session,
51 
-            'answer_id' => $answer,
52 
-            'action' => "verify"
53 
-        ];
54 
-        $options = [
55 
-            'http' => [
56 
-                'header' => "Content-type: application/x-www-form-urlencoded\r\n",
57 
-                'method' => 'POST',
58 
-                'content' => http_build_query($data)
59 
-            ]
60 
-        ];
61 
-        $context = stream_context_create($options);
62 
-        $result = file_get_contents($url, false, $context);
63 
-        $resp = json_decode($result, TRUE);
64 
-        if (!$resp['result']) {
65 
-            return false;
66 
-        } else {
67 
-            return true;
68 
-        }
69 
-    }
70 
-
71 48 
     /**
72 49 
      * Check the login server API for sanity
73 50 
      * @return boolean true if OK, else false

+ 4
- 5
required.php View File 

@@ -32,7 +32,6 @@ session_start(); // stick some cookies in it
32 32 
 // renew session cookie
33 33 
 setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
34 34
35 
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
36 35 
 if ($_SESSION['mobile'] === TRUE) {
37 36 
     header("Content-Security-Policy: "
38 37 
             . "default-src 'self';"
 
@@ -42,8 +41,8 @@ if ($_SESSION['mobile'] === TRUE) {
42 41 
             . "frame-src 'none'; "
43 42 
             . "font-src 'self'; "
44 43 
             . "connect-src *; "
45 
-            . "style-src 'self' 'unsafe-inline' $captcha_server; "
46 
-            . "script-src 'self' 'unsafe-inline' $captcha_server");
44 
+            . "style-src 'self' 'unsafe-inline'; "
45 
+            . "script-src 'self' 'unsafe-inline'");
47 46 
 } else {
48 47 
     header("Content-Security-Policy: "
49 48 
             . "default-src 'self';"
 
@@ -53,8 +52,8 @@ if ($_SESSION['mobile'] === TRUE) {
53 52 
             . "frame-src 'none'; "
54 53 
             . "font-src 'self'; "
55 54 
             . "connect-src *; "
56 
-            . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
57 
-            . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
55 
+            . "style-src 'self' 'nonce-$SECURE_NONCE'; "
56 
+            . "script-src 'self' 'nonce-$SECURE_NONCE'");
58 57 
 }
59 58
60 59 
 //

+ 0
- 15
settings.template.php View File 

@@ -15,7 +15,6 @@ $SETTINGS = [
15 15 
     // Turning this on in production is a security risk and can sometimes break
16 16 
     // things, such as JSON output where extra content is not expected.
17 17 
     "debug" => false,
18 
-
19 18 
     // Database connection settings
20 19 
     // See http://medoo.in/api/new for info
21 20 
     "database" => [
 
@@ -26,10 +25,8 @@ $SETTINGS = [
26 25 
         "password" => "",
27 26 
         "charset" => "utf8"
28 27 
     ],
29 
-
30 28 
     // Name of the app.
31 29 
     "site_title" => "Web App Template",
32 
-
33 30 
     // Settings for connecting to the AccountHub server.
34 31 
     "accounthub" => [
35 32 
         // URL for the API endpoint
 
@@ -39,26 +36,14 @@ $SETTINGS = [
39 36 
         // API key
40 37 
         "key" => "123"
41 38 
     ],
42 
-
43 39 
     // For supported values, see http://php.net/manual/en/timezones.php
44 40 
     "timezone" => "America/Denver",
45 
-
46 
-    // Use Captcheck on login screen to slow down bots
47 
-    // https://captcheck.netsyms.com
48 
-    "captcha" => [
49 
-        "enabled" => false,
50 
-        "server" => "https://captcheck.netsyms.com"
51 
-    ],
52 
-
53 41 
     // Language to use for localization. See langs folder to add a language.
54 42 
     "language" => "en",
55 
-
56 43 
     // Shown in the footer of all the pages.
57 44 
     "footer_text" => "",
58 
-
59 45 
     // Also shown in the footer, but with "Copyright <current_year>" in front.
60 46 
     "copyright" => "Netsyms Technologies",
61 
-
62 47 
     // Base URL for building links relative to the location of the app.
63 48 
     // Only used when there's no good context for the path.
64 49 
     // The default is almost definitely fine.

Write Preview
Loading…
Cancel
Save