Commit b667ff78 authored by Dominik Hebeler's avatar Dominik Hebeler

fixed an error in situations with multiple users on the same ip

parent bc05d9d9
...@@ -113,7 +113,6 @@ class HumanVerification extends Controller ...@@ -113,7 +113,6 @@ class HumanVerification extends Controller
} }
$userList[$user["uid"]] = $user; $userList[$user["uid"]] = $user;
Cache::put(HumanVerification::PREFIX . "." . $user["id"], $userList, now()->addWeeks(2)); Cache::put(HumanVerification::PREFIX . "." . $user["id"], $userList, now()->addWeeks(2));
dd($user);
} }
private static function deleteUser($user) private static function deleteUser($user)
......
...@@ -66,20 +66,21 @@ class HumanVerification ...@@ -66,20 +66,21 @@ class HumanVerification
} else { } else {
$user = $users[$uid]; $user = $users[$uid];
} }
# Lock out everyone in a Bot network # Lock out everyone in a Bot network
# Find out how many requests this IP has made # Find out how many requests this IP has made
$sum = 0; $sum = 0;
// Defines if this is the only user using that IP Adress // Defines if this is the only user using that IP Adress
$alone = true; $alone = true;
foreach ($users as $uid => $userTmp) { foreach ($users as $uidTmp => $userTmp) {
if (!$userTmp["whitelist"]) { if (!$userTmp["whitelist"]) {
$sum += $userTmp["unusedResultPages"]; $sum += $userTmp["unusedResultPages"];
if ($userTmp["uid"] != $uid) { if ($userTmp["uid"] !== $uid) {
$alone = false; $alone = false;
} }
} }
} }
# A lot of automated requests are from websites that redirect users to our result page. # A lot of automated requests are from websites that redirect users to our result page.
# We will detect those requests and put a captcha # We will detect those requests and put a captcha
$referer = URL::previous(); $referer = URL::previous();
...@@ -97,7 +98,7 @@ class HumanVerification ...@@ -97,7 +98,7 @@ class HumanVerification
if ((!$alone && $sum >= 50 && !$user["whitelist"]) || $refererLock) { if ((!$alone && $sum >= 50 && !$user["whitelist"]) || $refererLock) {
$user["locked"] = true; $user["locked"] = true;
} }
# If the user is locked we will force a Captcha validation # If the user is locked we will force a Captcha validation
if ($user["locked"]) { if ($user["locked"]) {
$captcha = Captcha::create("default", true); $captcha = Captcha::create("default", true);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment