mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-04-10 01:51:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix reCaptcha issue with wrong keys (#3207)

Browse Source
This commit is contained in:
FrancescoUK
2021-10-07 21:35:30 +01:00
committed by GitHub
parent 35b850a19b
commit 8d87f35fd8
1 changed files with 47 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
application/controllers/Login.php
View File

@@ -5,6 +5,7 @@ class Login extends CI_Controller
public function index()
{
$this->load->library('migration');
if($this->Employee->is_logged_in())
{
redirect('home');
@@ -15,12 +16,6 @@ class Login extends CI_Controller
$this->form_validation->set_rules('username', 'lang:login_username', 'required|callback_login_check');
if($this->config->item('gcaptcha_enable'))
{
$this->form_validation->set_rules('g-recaptcha-response', 'lang:login_gcaptcha', 'required|callback_gcaptcha_check');
}
if($this->form_validation->run() == FALSE)
{
$this->load->view('login');
@@ -34,22 +29,22 @@ class Login extends CI_Controller
public function login_check($username)
{
$password = $this->input->post('password');
if(!$this->_installation_check())
if(!$this->installation_check())
{
$this->form_validation->set_message('login_check', $this->lang->line('login_invalid_installation'));
return FALSE;
}
if (!$this->migration->is_latest())
if(!$this->migration->is_latest())
{
set_time_limit(3600);
// trigger any required upgrade before starting the application
$this->migration->latest();
}
$password = $this->input->post('password');
if(!$this->Employee->login($username, $password))
{
$this->form_validation->set_message('login_check', $this->lang->line('login_invalid_username_and_password'));
@@ -57,33 +52,55 @@ class Login extends CI_Controller
return FALSE;
}
return TRUE;
}
public function gcaptcha_check($recaptchaResponse)
{
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config->item('gcaptcha_secret_key') . '&response=' . $recaptchaResponse . '&remoteip=' . $this->input->ip_address();
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_URL, $url);
$result = curl_exec($ch);
curl_close($ch);
$status = json_decode($result, TRUE);
if(empty($status['success']))
if($this->config->item('gcaptcha_enable'))
{
$this->form_validation->set_message('gcaptcha_check', $this->lang->line('login_invalid_gcaptcha'));
$g_recaptcha_response = $this->input->post('g-recaptcha-response');
return FALSE;
if(!$this->gcaptcha_check($g_recaptcha_response))
{
$this->form_validation->set_message('login_check', $this->lang->line('login_invalid_gcaptcha'));
return FALSE;
}
}
return TRUE;
}
private function _installation_check()
private function gcaptcha_check($response)
{
if(!empty($response))
{
$check = array(
'secret' => $this->config->item('gcaptcha_secret_key'),
'response' => $response,
'remoteip' => $this->input->ip_address()
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($check));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
$status = json_decode($result, TRUE);
if(!empty($status['success']))
{
return TRUE;
}
}
return FALSE;
}
private function installation_check()
{
// get PHP extensions and check that the required ones are installed
$extensions = implode(', ', get_loaded_extensions());