Commit bac6204c authored by Dominik Hebeler's avatar Dominik Hebeler

fixed humanverification

parent d44392ae
...@@ -108,7 +108,13 @@ class HumanVerification extends Controller ...@@ -108,7 +108,13 @@ class HumanVerification extends Controller
private static function removeUser($request, $uid) private static function removeUser($request, $uid)
{ {
$redis = Redis::connection('redisCache'); $redis = Redis::connection('redisCache');
$id = hash("sha512", HumanVerification::getIP($request)); $ip = $request->ip();
$id = "";
if (HumanVerification::isTor($ip)) {
$id = hash("sha512", "999.999.999.999");
} else {
$id = hash("sha512", $ip);
}
$userList = $redis->smembers(HumanVerification::PREFIX . "." . $id); $userList = $redis->smembers(HumanVerification::PREFIX . "." . $id);
$pipe = $redis->pipeline(); $pipe = $redis->pipeline();
...@@ -168,16 +174,23 @@ class HumanVerification extends Controller ...@@ -168,16 +174,23 @@ class HumanVerification extends Controller
private static function checkId($request, $id) private static function checkId($request, $id)
{ {
if (hash("sha512", HumanVerification::getIP($request) . $_SERVER["AGENT"] . "uid") === $id) { $uid = "";
$ip = $request->ip();
if ($HumanVerification::isTor($ip)) {
$uid = hash("sha512", "999.999.999.999" . $ip . $_SERVER["AGENT"] . "uid");
} else {
$uid = hash("sha512", $ip . $_SERVER["AGENT"] . "uid");
}
if ($uid === $id) {
return true; return true;
} else { } else {
return false; return false;
} }
} }
private static function getIP($request) private static function isTor($ip)
{ {
$ip = $request->ip();
$serverAddress = empty($_SERVER['SERVER_ADDR']) ? "144.76.88.77" : $_SERVER['SERVER_ADDR']; $serverAddress = empty($_SERVER['SERVER_ADDR']) ? "144.76.88.77" : $_SERVER['SERVER_ADDR'];
$queryUrl = "https://tor.metager.org?password=" . urlencode(env("TOR_PASSWORD")) . "&ra=" . urlencode($ip) . "&sa=" . urlencode($serverAddress) . "&sp=443"; $queryUrl = "https://tor.metager.org?password=" . urlencode(env("TOR_PASSWORD")) . "&ra=" . urlencode($ip) . "&sa=" . urlencode($serverAddress) . "&sp=443";
...@@ -189,9 +202,9 @@ class HumanVerification extends Controller ...@@ -189,9 +202,9 @@ class HumanVerification extends Controller
curl_close($ch); curl_close($ch);
if ($httpcode === 200) { if ($httpcode === 200) {
return "999.999.999.999"; return true;
} else { } else {
return $ip; return false;
} }
} }
} }
...@@ -26,9 +26,16 @@ class HumanVerification ...@@ -26,9 +26,16 @@ class HumanVerification
$prefix = "humanverification"; $prefix = "humanverification";
$redis = Redis::connection('redisCache'); $redis = Redis::connection('redisCache');
try { try {
$ip = $this->getIP(); $ip = $request->ip();
$id = hash("sha512", $ip); $id = "";
$uid = hash("sha512", $ip . $_SERVER["AGENT"] . "uid"); $uid = "";
if ($this->isTor($ip)) {
$id = hash("sha512", "999.999.999.999");
$uid = hash("sha512", "999.999.999.999" . $ip . $_SERVER["AGENT"] . "uid");
} else {
$id = hash("sha512", $ip);
$uid = hash("sha512", $ip . $_SERVER["AGENT"] . "uid");
}
unset($_SERVER["AGENT"]); unset($_SERVER["AGENT"]);
/** /**
...@@ -182,9 +189,8 @@ class HumanVerification ...@@ -182,9 +189,8 @@ class HumanVerification
} }
private function getIP() private function isTor($ip)
{ {
$ip = \Request::ip();
$serverAddress = empty($_SERVER['SERVER_ADDR']) ? "144.76.88.77" : $_SERVER['SERVER_ADDR']; $serverAddress = empty($_SERVER['SERVER_ADDR']) ? "144.76.88.77" : $_SERVER['SERVER_ADDR'];
$queryUrl = "https://tor.metager.org?password=" . urlencode(env("TOR_PASSWORD")) . "&ra=" . urlencode($ip) . "&sa=" . urlencode($serverAddress) . "&sp=443"; $queryUrl = "https://tor.metager.org?password=" . urlencode(env("TOR_PASSWORD")) . "&ra=" . urlencode($ip) . "&sa=" . urlencode($serverAddress) . "&sp=443";
...@@ -196,9 +202,9 @@ class HumanVerification ...@@ -196,9 +202,9 @@ class HumanVerification
curl_close($ch); curl_close($ch);
if ($httpcode === 200) { if ($httpcode === 200) {
return "999.999.999.999"; return true;
} else { } else {
return $ip; return false;
} }
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment