Fixed Botprotection

172b0fd3 · Dominik Hebeler · cab04187 · 172b0fd3 · 172b0fd3
Commit 172b0fd3 authored Feb 27, 2019 by Dominik Hebeler
--- a/app/Http/Controllers/HumanVerification.php
+++ b/app/Http/Controllers/HumanVerification.php
@@ -51,6 +51,7 @@ class HumanVerification extends Controller
            ->with('id', $id)
            ->with('url', $url)
            ->with('image', $captcha["img"]);
+
    }

    public static function remove(Request $request)

--- a/app/Http/Middleware/HumanVerification.php
+++ b/app/Http/Middleware/HumanVerification.php
@@ -35,7 +35,7 @@ class HumanVerification
             * If someone that uses a bot finds this out we
             * might have to change it at some point.
             */
-            if ($request->filled('password') || $request->filled('key') || $request->filled('appversion') || !env('BOT_PROTECTION', false)) {
+            if ($request->has('password') || $request->has('key') || $request->has('appversion') || !env('BOT_PROTECTION', false)) {
                $update = false;
                return $next($request);
            }
@@ -126,10 +126,8 @@ class HumanVerification
                # The user currently isn't locked

                # We have different security gates:
-                #   50, 75, 85, >=90 => Captcha validated Result Pages
+                #   50 and then every 25 => Captcha validated Result Pages
                # If the user shows activity on our result page the counter will be deleted
-                # Maybe I'll add a ban if the user reaches 100
-
                if ($user["unusedResultPages"] === 50 || ($user["unusedResultPages"] > 50 && $user["unusedResultPages"] % 25 === 0)) {
                    $user["locked"] = true;
                }
@@ -138,8 +136,8 @@ class HumanVerification
        } catch (\Illuminate\Database\QueryException $e) {
            // Failure in contacting metager3.de
        } finally {
-            // Update the user in the database
            if ($update) {
+                // Update the user in the database
                if ($newUser) {
                    DB::table('humanverification')->insert(
                        [
@@ -171,5 +169,6 @@ class HumanVerification
        }
        $request->request->add(['verification_id' => $user["uid"], 'verification_count' => $user["unusedResultPages"]]);
        return $next($request);
+
    }
 }