Browse Source

Remove captcha-related code, since login is done by AccountHub now

master
Skylar Ittner 3 months ago
parent
commit
106e697fc3
4 changed files with 4 additions and 44 deletions
  1. 0
    1
      langs/en/core.json
  2. 0
    23
      lib/Login.lib.php
  3. 4
    5
      required.php
  4. 0
    15
      settings.template.php

+ 0
- 1
langs/en/core.json View File

@@ -11,6 +11,5 @@
11 11
     "invalid parameters": "Invalid request parameters.",
12 12
     "login server error": "The login server returned an error: {arg}",
13 13
     "login server user data error": "The login server refused to provide account information.  Try again or contact technical support.",
14
-    "captcha error": "There was a problem with the CAPTCHA (robot test).  Try again.",
15 14
     "no access permission": "You do not have permission to access this system."
16 15
 }

+ 0
- 23
lib/Login.lib.php View File

@@ -45,29 +45,6 @@ class Login {
45 45
         return Login::LOGIN_OK;
46 46
     }
47 47
 
48
-    public static function verifyCaptcha(string $session, string $answer, string $url): bool {
49
-        $data = [
50
-            'session_id' => $session,
51
-            'answer_id' => $answer,
52
-            'action' => "verify"
53
-        ];
54
-        $options = [
55
-            'http' => [
56
-                'header' => "Content-type: application/x-www-form-urlencoded\r\n",
57
-                'method' => 'POST',
58
-                'content' => http_build_query($data)
59
-            ]
60
-        ];
61
-        $context = stream_context_create($options);
62
-        $result = file_get_contents($url, false, $context);
63
-        $resp = json_decode($result, TRUE);
64
-        if (!$resp['result']) {
65
-            return false;
66
-        } else {
67
-            return true;
68
-        }
69
-    }
70
-
71 48
     /**
72 49
      * Check the login server API for sanity
73 50
      * @return boolean true if OK, else false

+ 4
- 5
required.php View File

@@ -32,7 +32,6 @@ session_start(); // stick some cookies in it
32 32
 // renew session cookie
33 33
 setcookie(session_name(), session_id(), time() + $session_length, "/", false, false);
34 34
 
35
-$captcha_server = ($SETTINGS['captcha']['enabled'] === true ? preg_replace("/http(s)?:\/\//", "", $SETTINGS['captcha']['server']) : "");
36 35
 if ($_SESSION['mobile'] === TRUE) {
37 36
     header("Content-Security-Policy: "
38 37
             . "default-src 'self';"
@@ -42,8 +41,8 @@ if ($_SESSION['mobile'] === TRUE) {
42 41
             . "frame-src 'none'; "
43 42
             . "font-src 'self'; "
44 43
             . "connect-src *; "
45
-            . "style-src 'self' 'unsafe-inline' $captcha_server; "
46
-            . "script-src 'self' 'unsafe-inline' $captcha_server");
44
+            . "style-src 'self' 'unsafe-inline'; "
45
+            . "script-src 'self' 'unsafe-inline'");
47 46
 } else {
48 47
     header("Content-Security-Policy: "
49 48
             . "default-src 'self';"
@@ -53,8 +52,8 @@ if ($_SESSION['mobile'] === TRUE) {
53 52
             . "frame-src 'none'; "
54 53
             . "font-src 'self'; "
55 54
             . "connect-src *; "
56
-            . "style-src 'self' 'nonce-$SECURE_NONCE' $captcha_server; "
57
-            . "script-src 'self' 'nonce-$SECURE_NONCE' $captcha_server");
55
+            . "style-src 'self' 'nonce-$SECURE_NONCE'; "
56
+            . "script-src 'self' 'nonce-$SECURE_NONCE'");
58 57
 }
59 58
 
60 59
 //

+ 0
- 15
settings.template.php View File

@@ -15,7 +15,6 @@ $SETTINGS = [
15 15
     // Turning this on in production is a security risk and can sometimes break
16 16
     // things, such as JSON output where extra content is not expected.
17 17
     "debug" => false,
18
-
19 18
     // Database connection settings
20 19
     // See http://medoo.in/api/new for info
21 20
     "database" => [
@@ -26,10 +25,8 @@ $SETTINGS = [
26 25
         "password" => "",
27 26
         "charset" => "utf8"
28 27
     ],
29
-
30 28
     // Name of the app.
31 29
     "site_title" => "Web App Template",
32
-
33 30
     // Settings for connecting to the AccountHub server.
34 31
     "accounthub" => [
35 32
         // URL for the API endpoint
@@ -39,26 +36,14 @@ $SETTINGS = [
39 36
         // API key
40 37
         "key" => "123"
41 38
     ],
42
-
43 39
     // For supported values, see http://php.net/manual/en/timezones.php
44 40
     "timezone" => "America/Denver",
45
-
46
-    // Use Captcheck on login screen to slow down bots
47
-    // https://captcheck.netsyms.com
48
-    "captcha" => [
49
-        "enabled" => false,
50
-        "server" => "https://captcheck.netsyms.com"
51
-    ],
52
-
53 41
     // Language to use for localization. See langs folder to add a language.
54 42
     "language" => "en",
55
-
56 43
     // Shown in the footer of all the pages.
57 44
     "footer_text" => "",
58
-
59 45
     // Also shown in the footer, but with "Copyright <current_year>" in front.
60 46
     "copyright" => "Netsyms Technologies",
61
-
62 47
     // Base URL for building links relative to the location of the app.
63 48
     // Only used when there's no good context for the path.
64 49
     // The default is almost definitely fine.

Loading…
Cancel
Save