Fossil

Check-in [64231a67]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improvements to comments on recently added CAPTCHA code.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:64231a679d0e1da770004c36a47f78fca4f2ac78
User & Date: drh 2012-11-21 01:08:56
Context
2012-11-21
15:11
Add the WIKI_LINKSONLY formatting option for the wiki formatter. check-in: 4615bc8f user: drh tags: trunk
01:08
Improvements to comments on recently added CAPTCHA code. check-in: 64231a67 user: drh tags: trunk
00:51
Optionally require a CAPTCHA (controlled by Admin/Access) when a user who is not logged in tries to edit wiki, or a ticket, or an attachment. check-in: 82b8587a user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/captcha.c.

438
439
440
441
442
443
444
445






446
447
448
449
450
451
452
453
454
455
456
457



458
459
460
461
462
463
464
...
469
470
471
472
473
474
475
476
477



478
479
480
481
482
483
484
  z = blob_buffer(&b);
  memcpy(zRes, z, 8);
  zRes[8] = 0;
  return zRes;
}

/*
** Return true if a CAPTCHA is required.






*/
int captcha_needed(void){
  if( g.zLogin!=0 ) return 0;
  return db_get_boolean("require-captcha", 1);
}

/*
** If a captcha is required but the correct captcha code is not supplied
** in the query parameters, then return false (0).  
**
** If no captcha is required or if the correct captcha is supplied, return
** true (non-zero).



*/
int captcha_is_correct(void){
  const char *zSeed;
  const char *zEntered;
  const char *zDecode;
  if( !captcha_needed() ){
    return 1;  /* No captcha needed */
................................................................................
  if( zEntered==0 || strlen(zEntered)!=8 ) return 0;
  zDecode = captcha_decode((unsigned int)atoi(zSeed));
  if( strcmp(zDecode,zEntered)!=0 ) return 0;
  return 1;
}

/*
** Generate a new CAPTCHA seed.  Write it as a hidden variable named
** "captchaseed".  Then return the rendered captcha text.



*/
void captcha_generate(void){
  unsigned int uSeed;
  const char *zDecoded;
  char *zCaptcha;

  if( !captcha_needed() ) return;







|
>
>
>
>
>
>








|



>
>
>







 







|
|
>
>
>







438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
...
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
  z = blob_buffer(&b);
  memcpy(zRes, z, 8);
  zRes[8] = 0;
  return zRes;
}

/*
** Return true if a CAPTCHA is required for editing wiki or tickets or for
** adding attachments.
**
** A CAPTCHA is required in those cases if the user is not logged in (if they
** are user "nobody") and if the "require-captcha" setting is true.  The
** "require-captcha" setting is controlled on the Admin/Access page.  It 
** defaults to true.
*/
int captcha_needed(void){
  if( g.zLogin!=0 ) return 0;
  return db_get_boolean("require-captcha", 1);
}

/*
** If a captcha is required but the correct captcha code is not supplied
** in the query parameters, then return false (0).
**
** If no captcha is required or if the correct captcha is supplied, return
** true (non-zero).
**
** The query parameters examined are "captchaseed" for the seed value and
** "captcha" for text that the user types in response to the captcha prompt.
*/
int captcha_is_correct(void){
  const char *zSeed;
  const char *zEntered;
  const char *zDecode;
  if( !captcha_needed() ){
    return 1;  /* No captcha needed */
................................................................................
  if( zEntered==0 || strlen(zEntered)!=8 ) return 0;
  zDecode = captcha_decode((unsigned int)atoi(zSeed));
  if( strcmp(zDecode,zEntered)!=0 ) return 0;
  return 1;
}

/*
** Generate a captcha display together with the necessary hidden parameter
** for the seed and the entry box into which the user will type the text of
** the captcha.  This is typically done at the very bottom of a form.
**
** This routine is a no-op if no captcha is required.
*/
void captcha_generate(void){
  unsigned int uSeed;
  const char *zDecoded;
  char *zCaptcha;

  if( !captcha_needed() ) return;