HumanVerification.php 2.8 KB
Newer Older
Dominik Hebeler's avatar
Dominik Hebeler committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Validator;
use Input;
use DB;
use Carbon;

class HumanVerification extends Controller
{
    public static function captcha(Request $request, $id, $url){
        if($request->getMethod() == 'POST'){
            $rules = ['captcha' => 'required|captcha'];
            $validator = Validator::make($request->all(), $rules);
            if($validator->fails()){
                return view('captcha')->with('title', 'Bestätigung notwendig')->with('id', $id)->with('url', base64_decode($url))->with('errorMessage', 'Bitte Captcha eingeben:');
            }else{
                # If we can unlock the Account of this user we will redirect him to the result page
                $id = $request->input('id');
                $url = $request->input('url');

                $user = DB::table('humanverification')->where('id', $id)->first();
                if($user !== null && $user->locked === "1"){
                    DB::table('humanverification')->where('id', $id)->update(['locked' => false]);
                    return redirect($url);
                }else{
                    return redirect('/');
                }
            }
        }
        return view('captcha')->with('title', 'Bestätigung notwendig')->with('id', $id)->with('url', base64_decode($url));
    }

    public static function remove(Request $request){
        if(!$request->has('mm')){
            abort(404, "Keine Katze gefunden.");
        }
        $id = md5($request->ip());
        if(HumanVerification::checkId($request, $request->input('mm'))){
            # Remove the entry from the database
            DB::table('humanverification')->where('id', $id)->where('updated_at', '<', Carbon::NOW()->subSeconds(2) )->delete();
        }
        return response(hex2bin('89504e470d0a1a0a0000000d494844520000000100000001010300000025db56ca00000003504c5445000000a77a3dda0000000174524e530040e6d8660000000a4944415408d76360000000020001e221bc330000000049454e44ae426082'), 200)
            ->header('Content-Type', 'image/png');
    }

    public static function removeGet(Request $request, $mm, $password, $url){
        $url = base64_decode($url);

        # If the user is correct and the password is we will delete any entry in the database
        $requiredPass = md5($mm . Carbon::NOW()->day . $url . env("PROXY_PASSWORD"));
        if(HumanVerification::checkId($request, $mm) && $requiredPass === $password){
            # Remove the entry from the database
            DB::table('humanverification')->where('id', $mm)->where('updated_at', '<', Carbon::NOW()->subSeconds(2) )->delete();
        }
        return redirect($url);
    }

    private static function checkId($request, $id){
        if(md5($request->ip()) === $id){
            return true;
        }else{
            return false;
        }
    }
}