Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
open-source
MetaGer
Commits
b667ff78
Commit
b667ff78
authored
Jun 22, 2020
by
Dominik Hebeler
Browse files
fixed an error in situations with multiple users on the same ip
parent
bc05d9d9
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
app/Http/Controllers/HumanVerification.php
View file @
b667ff78
...
...
@@ -113,7 +113,6 @@ class HumanVerification extends Controller
}
$userList
[
$user
[
"uid"
]]
=
$user
;
Cache
::
put
(
HumanVerification
::
PREFIX
.
"."
.
$user
[
"id"
],
$userList
,
now
()
->
addWeeks
(
2
));
dd
(
$user
);
}
private
static
function
deleteUser
(
$user
)
...
...
app/Http/Middleware/HumanVerification.php
View file @
b667ff78
...
...
@@ -66,20 +66,21 @@ class HumanVerification
}
else
{
$user
=
$users
[
$uid
];
}
# Lock out everyone in a Bot network
# Find out how many requests this IP has made
$sum
=
0
;
// Defines if this is the only user using that IP Adress
$alone
=
true
;
foreach
(
$users
as
$uid
=>
$userTmp
)
{
foreach
(
$users
as
$uid
Tmp
=>
$userTmp
)
{
if
(
!
$userTmp
[
"whitelist"
])
{
$sum
+=
$userTmp
[
"unusedResultPages"
];
if
(
$userTmp
[
"uid"
]
!=
$uid
)
{
if
(
$userTmp
[
"uid"
]
!=
=
$uid
)
{
$alone
=
false
;
}
}
}
# A lot of automated requests are from websites that redirect users to our result page.
# We will detect those requests and put a captcha
$referer
=
URL
::
previous
();
...
...
@@ -97,7 +98,7 @@ class HumanVerification
if
((
!
$alone
&&
$sum
>=
50
&&
!
$user
[
"whitelist"
])
||
$refererLock
)
{
$user
[
"locked"
]
=
true
;
}
# If the user is locked we will force a Captcha validation
if
(
$user
[
"locked"
])
{
$captcha
=
Captcha
::
create
(
"default"
,
true
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment