Commit afb017dd authored by Dominik Hebeler's avatar Dominik Hebeler

Merge branch '971-captcha-not-working-on-tor-browser' into 'development'

Resolve "Captcha not working on Tor Browser"

Closes #971

See merge request !1604
parents 58f94118 b667ff78
......@@ -105,12 +105,13 @@ class HumanVerification extends Controller
private static function saveUser($user)
{
$userList = Cache::get(HumanVerification::PREFIX . "." . $user["id"], []);
$userList[$user["uid"]] = $user;
if ($user["whitelist"]) {
$user["expiration"] = now()->addWeeks(2);
} else {
$user["expiration"] = now()->addHours(72);
}
$userList[$user["uid"]] = $user;
Cache::put(HumanVerification::PREFIX . "." . $user["id"], $userList, now()->addWeeks(2));
}
......@@ -208,4 +209,53 @@ class HumanVerification extends Controller
return $possibleSpammer;
}
public function botOverview(Request $request){
$id = "";
$uid = "";
$ip = $request->ip();
if (\App\Http\Controllers\HumanVerification::couldBeSpammer($ip)) {
$id = hash("sha512", "999.999.999.999");
$uid = hash("sha512", "999.999.999.999" . $ip . $_SERVER["AGENT"] . "uid");
} else {
$id = hash("sha512", $ip);
$uid = hash("sha512", $ip . $_SERVER["AGENT"] . "uid");
}
$userList = Cache::get(HumanVerification::PREFIX . "." . $id);
$user = $userList[$uid];
return view('humanverification.botOverview')
->with('title', "Bot Overview")
->with('ip', $ip)
->with('userList', $userList)
->with('user', $user);
}
public function botOverviewChange(Request $request) {
$id = "";
$uid = "";
$ip = $request->ip();
if (\App\Http\Controllers\HumanVerification::couldBeSpammer($ip)) {
$id = hash("sha512", "999.999.999.999");
$uid = hash("sha512", "999.999.999.999" . $ip . $_SERVER["AGENT"] . "uid");
} else {
$id = hash("sha512", $ip);
$uid = hash("sha512", $ip . $_SERVER["AGENT"] . "uid");
}
$userList = Cache::get(HumanVerification::PREFIX . "." . $id);
$user = $userList[$uid];
if($request->filled("locked")){
$user["locked"] = boolval($request->input('locked'));
}elseif($request->filled("whitelist")) {
$user["whitelist"] = boolval($request->input('whitelist'));
}elseif($request->filled("unusedResultPages")) {
$user["unusedResultPages"] = intval($request->input('unusedResultPages'));
}
HumanVerification::saveUser($user);
return redirect('admin/bot');
}
}
......@@ -66,20 +66,21 @@ class HumanVerification
} else {
$user = $users[$uid];
}
# Lock out everyone in a Bot network
# Find out how many requests this IP has made
$sum = 0;
// Defines if this is the only user using that IP Adress
$alone = true;
foreach ($users as $uid => $userTmp) {
foreach ($users as $uidTmp => $userTmp) {
if (!$userTmp["whitelist"]) {
$sum += $userTmp["unusedResultPages"];
if ($userTmp["uid"] != $uid) {
if ($userTmp["uid"] !== $uid) {
$alone = false;
}
}
}
# A lot of automated requests are from websites that redirect users to our result page.
# We will detect those requests and put a captcha
$referer = URL::previous();
......@@ -97,7 +98,7 @@ class HumanVerification
if ((!$alone && $sum >= 50 && !$user["whitelist"]) || $refererLock) {
$user["locked"] = true;
}
# If the user is locked we will force a Captcha validation
if ($user["locked"]) {
$captcha = Captcha::create("default", true);
......
@extends('layouts.subPages')
@section('title', $title )
@section('content')
<style>
table form {
padding-top: 8px;
padding-bottom: 8px;
}
td:nth-child(1) {
padding-right: 8px;
}
</style>
<table>
<tbody>
<tr>
<td>IP-Adresse</td>
<td><pre>{{$ip}}</pre></td>
</tr>
<tr>
<td>ID</td>
<td><pre>{{$user["id"]}}</pre></td>
</tr>
<tr>
<td>User-ID</td>
<td><pre>{{$user["uid"]}}</pre></td>
</tr>
<tr>
<td>Unused Resultpages</td>
<td>
<form action="" method="post">
<input onchange="this.form.submit()" type="number" name="unusedResultPages" id="unusedResultPages" value="{{$user["unusedResultPages"]}}">
</form>
</td>
</tr>
<tr>
<td>Whitelist</td>
<td>
<form action="" method="post">
<select name="whitelist" id="locked" onchange="this.form.submit()">
<option value="1" @if($user["whitelist"]) selected @endif>True</option>
<option value="0" @if(!$user["whitelist"]) selected @endif>False</option>
</select>
</form>
</td>
</tr>
<tr>
<td>Locked</td>
<td>
<form action="" method="post">
<select name="locked" id="locked" onchange="this.form.submit()">
<option value="1" @if($user["locked"]) selected @endif>True</option>
<option value="0" @if(!$user["locked"]) selected @endif>False</option>
</select>
</form>
</td>
</tr>
<tr>
<td>Locked Key</td>
<td><pre>{{$user["lockedKey"]}}</pre></td>
</tr>
<tr>
<td>Expiration</td>
<td><pre>{{$user["expiration"]}}</pre></td>
</tr>
</tbody>
</table>
{{ dd($userList) }}
@endsection
......@@ -179,6 +179,8 @@ Route::group(
Route::get('ip', function () {
dd(Request::ip(), $_SERVER["AGENT"]);
});
Route::get('bot', 'HumanVerification@botOverview');
Route::post('bot', 'HumanVerification@botOverviewChange');
});
Route::get('settings', function () {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment