Skip to content
Snippets Groups Projects

The Bugs that I had fixed on the Master branch for the human verification

Merged The Bugs that I had fixed on the Master branch for the human verification
development into 790-cliqz-integration
Merged Dominik Hebeler requested to merge development into 790-cliqz-integration
Compare
and
5 files
+ 115
88
Compare changes
  • Side-by-side
  • Inline
Files
5
app/Http/Controllers/HumanVerification.php
+ 49
28
@@ -2,66 +2,87 @@
@@ -2,66 +2,87 @@
namespace App\Http\Controllers;
namespace App\Http\Controllers;
 
use Captcha;
 
use Carbon;
 
use DB;
 
use Illuminate\Hashing\BcryptHasher as Hasher;
use Illuminate\Http\Request;
use Illuminate\Http\Request;
use Validator;
use Input;
use Input;
use DB;
use Carbon;
class HumanVerification extends Controller
class HumanVerification extends Controller
{
{
public static function captcha(Request $request, $id, $url){
public static function captcha(Request $request, Hasher $hasher, $id, $url = null)
if($request->getMethod() == 'POST'){
{
$rules = ['captcha' => 'required|captcha'];
if ($url != null) {
$validator = Validator::make($request->all(), $rules);
$url = base64_decode(str_replace("<<SLASH>>", "/", $url));
if($validator->fails()){
} else {
return view('captcha')->with('title', 'Bestätigung notwendig')->with('id', $id)->with('url', base64_decode($url))->with('errorMessage', 'Bitte Captcha eingeben:');
$url = $request->input('url');
}else{
}
# If we can unlock the Account of this user we will redirect him to the result page
$id = $request->input('id');
$url = $request->input('url');
$user = DB::table('humanverification')->where('id', $id)->first();
if ($request->getMethod() == 'POST') {
if($user !== null && $user->locked === 1){
$user = DB::table('humanverification')->where('id', $id)->first();
 
 
$lockedKey = $user->lockedKey;
 
$key = $request->input('captcha');
 
$key = strtolower($key);
 
if (!$hasher->check($key, $lockedKey)) {
 
$captcha = Captcha::create("default", true);
 
DB::table('humanverification')->where('id', $id)->update(['lockedKey' => $captcha["key"]]);
 
return view('captcha')->with('title', 'Bestätigung notwendig')
 
->with('id', $id)
 
->with('url', $url)
 
->with('image', $captcha["img"])
 
->with('errorMessage', 'Bitte Captcha eingeben:');
 
} else {
 
# If we can unlock the Account of this user we will redirect him to the result page
 
if ($user !== null && $user->locked === 1) {
DB::table('humanverification')->where('id', $id)->update(['locked' => false]);
DB::table('humanverification')->where('id', $id)->update(['locked' => false]);
return redirect($url);
return redirect($url);
}else{
} else {
return redirect('/');
return redirect('/');
}
}
}
}
}
}
return view('captcha')->with('title', 'Bestätigung notwendig')->with('id', $id)->with('url', base64_decode($url));
$captcha = Captcha::create("default", true);
 
DB::table('humanverification')->where('id', $id)->update(['lockedKey' => $captcha["key"]]);
 
return view('captcha')->with('title', 'Bestätigung notwendig')
 
->with('id', $id)
 
->with('url', $url)
 
->with('image', $captcha["img"]);
}
}
public static function remove(Request $request){
public static function remove(Request $request)
if(!$request->has('mm')){
{
 
if (!$request->has('mm')) {
abort(404, "Keine Katze gefunden.");
abort(404, "Keine Katze gefunden.");
}
}
$id = md5($request->ip());
$id = md5($request->ip());
if(HumanVerification::checkId($request, $request->input('mm'))){
if (HumanVerification::checkId($request, $request->input('mm'))) {
# Remove the entry from the database
# Remove the entry from the database
DB::table('humanverification')->where('id', $id)->where('updated_at', '<', Carbon::NOW()->subSeconds(2) )->delete();
DB::table('humanverification')->where('id', $id)->where('updated_at', '<', Carbon::NOW()->subSeconds(2))->delete();
}
}
return response(hex2bin('89504e470d0a1a0a0000000d494844520000000100000001010300000025db56ca00000003504c5445000000a77a3dda0000000174524e530040e6d8660000000a4944415408d76360000000020001e221bc330000000049454e44ae426082'), 200)
return response(hex2bin('89504e470d0a1a0a0000000d494844520000000100000001010300000025db56ca00000003504c5445000000a77a3dda0000000174524e530040e6d8660000000a4944415408d76360000000020001e221bc330000000049454e44ae426082'), 200)
->header('Content-Type', 'image/png');
->header('Content-Type', 'image/png');
}
}
public static function removeGet(Request $request, $mm, $password, $url){
public static function removeGet(Request $request, $mm, $password, $url)
$url = base64_decode($url);
{
 
$url = base64_decode(str_replace("<<SLASH>>", "/", $url));
# If the user is correct and the password is we will delete any entry in the database
# If the user is correct and the password is we will delete any entry in the database
$requiredPass = md5($mm . Carbon::NOW()->day . $url . env("PROXY_PASSWORD"));
$requiredPass = md5($mm . Carbon::NOW()->day . $url . env("PROXY_PASSWORD"));
if(HumanVerification::checkId($request, $mm) && $requiredPass === $password){
if (HumanVerification::checkId($request, $mm) && $requiredPass === $password) {
# Remove the entry from the database
# Remove the entry from the database
DB::table('humanverification')->where('id', $mm)->where('updated_at', '<', Carbon::NOW()->subSeconds(2) )->delete();
DB::table('humanverification')->where('id', $mm)->where('updated_at', '<', Carbon::NOW()->subSeconds(2))->delete();
}
}
return redirect($url);
return redirect($url);
}
}
private static function checkId($request, $id){
private static function checkId($request, $id)
if(md5($request->ip()) === $id){
{
 
if (md5($request->ip()) === $id) {
return true;
return true;
}else{
} else {
return false;
return false;
}
}
}
}