PageRenderTime 50ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/forum/includes/ucp/usercp_confirm.php

https://code.google.com/p/torrentpier/
PHP | 302 lines | 208 code | 40 blank | 54 comment | 46 complexity | 100436a060a0a97e8b3a26d8e2bf36f8 MD5 | raw file
Possible License(s): GPL-2.0
  1. <?php
  2. /***************************************************************************
  3. * usercp_confirm.php
  4. * -------------------
  5. * begin : Saturday, Jan 15, 2003
  6. * copyright : (C) 2001 The phpBB Group
  7. * email : support@phpbb.com
  8. *
  9. * $Id: usercp_confirm.php,v 1.1.2.2 2005/12/29 11:51:11 acydburn Exp $
  10. *
  11. ***************************************************************************/
  12. /***************************************************************************
  13. *
  14. * This program is free software; you can redistribute it and/or modify
  15. * it under the terms of the GNU General Public License as published by
  16. * the Free Software Foundation; either version 2 of the License, or
  17. * (at your option) any later version.
  18. *
  19. ***************************************************************************/
  20. if ( !defined('IN_PHPBB') )
  21. {
  22. die('Hacking attempt');
  23. exit;
  24. }
  25. class KCAPTCHA{
  26. // generates key-string and image
  27. function KCAPTCHA($code){
  28. # KCAPTCHA configuration file
  29. $alphabet = "0123456789abcdefghijklmnopqrstuvwxyz"; # do not change without changing font files!
  30. # symbols used to draw CAPTCHA
  31. //$allowed_symbols = "0123456789"; #digits
  32. $allowed_symbols = "23456789abcdeghkmnpqsuvxyz"; #alphabet without similar symbols (o=0, 1=l, i=j, t=f)
  33. # folder with fonts
  34. $fontsdir = 'fonts';
  35. # CAPTCHA string length
  36. $length = mt_rand(7,8); # random 5 or 6
  37. //$length = 8;
  38. # CAPTCHA image size (you do not need to change it, whis parameters is optimal)
  39. $width = 120;
  40. $height = 60;
  41. # symbol's vertical fluctuation amplitude divided by 2
  42. $fluctuation_amplitude = 7;
  43. # increase safety by prevention of spaces between symbols
  44. $no_spaces = true;
  45. # show credits
  46. $show_credits = false; # set to false to remove credits line. Credits adds 12 pixels to image height
  47. $credits = ''; # if empty, HTTP_HOST will be shown
  48. # CAPTCHA image colors (RGB, 0-255)
  49. //$foreground_color = array(0, 0, 0);
  50. //$background_color = array(220, 230, 255);
  51. $foreground_color = array(mt_rand(0,100), mt_rand(0,100), mt_rand(0,100));
  52. //$background_color = array(mt_rand(200,255), mt_rand(200,255), mt_rand(200,255));
  53. $background_color = array(239, 239, 239);
  54. # JPEG quality of CAPTCHA image (bigger is better quality, but larger file size)
  55. $jpeg_quality = 87;
  56. $fonts=array();
  57. $fontsdir_absolute=dirname(__FILE__).'/'.$fontsdir;
  58. if ($handle = opendir($fontsdir_absolute)) {
  59. while (false !== ($file = readdir($handle))) {
  60. if (preg_match('/\.png$/i', $file)) {
  61. $fonts[]=$fontsdir_absolute.'/'.$file;
  62. }
  63. }
  64. closedir($handle);
  65. }
  66. $alphabet_length=strlen($alphabet);
  67. while(true){
  68. // generating random keystring
  69. $this->keystring=$code;
  70. $font_file=$fonts[mt_rand(0, count($fonts)-1)];
  71. $font=imagecreatefrompng($font_file);
  72. imagealphablending($font, true);
  73. $fontfile_width=imagesx($font);
  74. $fontfile_height=imagesy($font)-1;
  75. $font_metrics=array();
  76. $symbol=0;
  77. $reading_symbol=false;
  78. // loading font
  79. for($i=0;$i<$fontfile_width && $symbol<$alphabet_length;$i++){
  80. $transparent = (imagecolorat($font, $i, 0) >> 24) == 127;
  81. if(!$reading_symbol && !$transparent){
  82. $font_metrics[$alphabet{$symbol}]=array('start'=>$i);
  83. $reading_symbol=true;
  84. continue;
  85. }
  86. if($reading_symbol && $transparent){
  87. $font_metrics[$alphabet{$symbol}]['end']=$i;
  88. $reading_symbol=false;
  89. $symbol++;
  90. continue;
  91. }
  92. }
  93. $img=imagecreatetruecolor($width, $height);
  94. imagealphablending($img, true);
  95. $white=imagecolorallocate($img, 255, 255, 255);
  96. $black=imagecolorallocate($img, 0, 0, 0);
  97. imagefilledrectangle($img, 0, 0, $width-1, $height-1, $white);
  98. // draw text
  99. $x=1;
  100. for($i=0;$i<strlen($this->keystring);$i++){
  101. $m=$font_metrics[$this->keystring{$i}];
  102. $y=mt_rand(-$fluctuation_amplitude, $fluctuation_amplitude)+($height-$fontfile_height)/2+2;
  103. if($no_spaces){
  104. $shift=0;
  105. if($i>0){
  106. $shift=1000;
  107. for($sy=7;$sy<$fontfile_height-20;$sy+=1){
  108. //for($sx=$m['start']-1;$sx<$m['end'];$sx+=1){
  109. for($sx=$m['start']-1;$sx<$m['end'];$sx+=1){
  110. $rgb=imagecolorat($font, $sx, $sy);
  111. $opacity=$rgb>>24;
  112. if($opacity<127){
  113. $left=$sx-$m['start']+$x;
  114. $py=$sy+$y;
  115. if($py>$height) break;
  116. for($px=min($left,$width-1);$px>$left-12 && $px>=0;$px-=1){
  117. $color=imagecolorat($img, $px, $py) & 0xff;
  118. if($color+$opacity<190){
  119. if($shift>$left-$px){
  120. $shift=$left-$px;
  121. }
  122. break;
  123. }
  124. }
  125. break;
  126. }
  127. }
  128. }
  129. if($shift==1000){
  130. $shift = mt_rand(4,6);
  131. }
  132. }
  133. }else{
  134. $shift=1;
  135. }
  136. imagecopy($img,$font,$x-$shift,$y,$m['start'],1,$m['end']-$m['start'],$fontfile_height);
  137. $x+=$m['end']-$m['start']-$shift;
  138. }
  139. if($x<$width-10) break; // fit in canvas
  140. }
  141. $center=$x/2;
  142. // credits. To remove, see configuration file
  143. $img2=imagecreatetruecolor($width, $height+($show_credits?12:0));
  144. $foreground=imagecolorallocate($img2, $foreground_color[0], $foreground_color[1], $foreground_color[2]);
  145. $background=imagecolorallocate($img2, $background_color[0], $background_color[1], $background_color[2]);
  146. imagefilledrectangle($img2, 0, $height, $width-1, $height+12, $foreground);
  147. $credits=empty($credits)?$_SERVER['HTTP_HOST']:$credits;
  148. imagestring($img2, 2, $width/2-ImageFontWidth(2)*strlen($credits)/2, $height-2, $credits, $background);
  149. // periods
  150. $rand1=mt_rand(750000,1200000)/10000000;
  151. $rand2=mt_rand(750000,1200000)/10000000;
  152. $rand3=mt_rand(750000,1200000)/10000000;
  153. $rand4=mt_rand(750000,1200000)/10000000;
  154. // phases
  155. $rand5=mt_rand(0,3141592)/500000;
  156. $rand6=mt_rand(0,3141592)/500000;
  157. $rand7=mt_rand(0,3141592)/500000;
  158. $rand8=mt_rand(0,3141592)/500000;
  159. // amplitudes
  160. $rand9=mt_rand(330,420)/110;
  161. $rand10=mt_rand(330,450)/110;
  162. //wave distortion
  163. for($x=0;$x<$width;$x++){
  164. for($y=0;$y<$height;$y++){
  165. $sx=$x+(sin($x*$rand1+$rand5)+sin($y*$rand3+$rand6))*$rand9-$width/2+$center+1;
  166. $sy=$y+(sin($x*$rand2+$rand7)+sin($y*$rand4+$rand8))*$rand10;
  167. if($sx<0 || $sy<0 || $sx>=$width-1 || $sy>=$height-1){
  168. $color=255;
  169. $color_x=255;
  170. $color_y=255;
  171. $color_xy=255;
  172. }else{
  173. $color=imagecolorat($img, $sx, $sy) & 0xFF;
  174. $color_x=imagecolorat($img, $sx+1, $sy) & 0xFF;
  175. $color_y=imagecolorat($img, $sx, $sy+1) & 0xFF;
  176. $color_xy=imagecolorat($img, $sx+1, $sy+1) & 0xFF;
  177. }
  178. if($color==0 && $color_x==0 && $color_y==0 && $color_xy==0){
  179. $newred=$foreground_color[0];
  180. $newgreen=$foreground_color[1];
  181. $newblue=$foreground_color[2];
  182. }else if($color==255 && $color_x==255 && $color_y==255 && $color_xy==255){
  183. $newred=$background_color[0];
  184. $newgreen=$background_color[1];
  185. $newblue=$background_color[2];
  186. }else{
  187. $frsx=$sx-floor($sx);
  188. $frsy=$sy-floor($sy);
  189. $frsx1=1-$frsx;
  190. $frsy1=1-$frsy;
  191. $newcolor=(
  192. $color*$frsx1*$frsy1+
  193. $color_x*$frsx*$frsy1+
  194. $color_y*$frsx1*$frsy+
  195. $color_xy*$frsx*$frsy);
  196. if($newcolor>255) $newcolor=255;
  197. $newcolor=$newcolor/255;
  198. $newcolor0=1-$newcolor;
  199. $newred=$newcolor0*$foreground_color[0]+$newcolor*$background_color[0];
  200. $newgreen=$newcolor0*$foreground_color[1]+$newcolor*$background_color[1];
  201. $newblue=$newcolor0*$foreground_color[2]+$newcolor*$background_color[2];
  202. }
  203. imagesetpixel($img2, $x, $y, imagecolorallocate($img2, $newred, $newgreen, $newblue));
  204. }
  205. }
  206. if(function_exists("imagejpeg")){
  207. header("Content-Type: image/jpeg");
  208. imagejpeg($img2, null, $jpeg_quality);
  209. }else if(function_exists("imagegif")){
  210. header("Content-Type: image/gif");
  211. imagegif($img2);
  212. }else if(function_exists("imagepng")){
  213. header("Content-Type: image/x-png");
  214. imagepng($img2);
  215. }
  216. }
  217. // returns keystring
  218. function getKeyString(){
  219. return $this->keystring;
  220. }
  221. }
  222. if ( !defined('IN_PHPBB') )
  223. {
  224. die('Hacking attempt');
  225. exit;
  226. }
  227. // Note to potential users of this code ...
  228. //
  229. // Remember this is released under the _GPL_ and is subject
  230. // to that licence. Do not incorporate this within software
  231. // released or distributed in any way under a licence other
  232. // than the GPL. We will be watching ... ;)
  233. // Do we have an id? No, then just exit
  234. if (empty($_GET['id']))
  235. {
  236. exit;
  237. }
  238. $confirm_id = htmlspecialchars($_GET['id']);
  239. // Define available charset
  240. $chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
  241. if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
  242. {
  243. $confirm_id = '';
  244. }
  245. // Try and grab code for this id and session
  246. $sql = 'SELECT code
  247. FROM ' . CONFIRM_TABLE . "
  248. WHERE session_id = '" . $userdata['session_id'] . "'
  249. AND confirm_id = '$confirm_id'";
  250. $result = $db->sql_query($sql);
  251. // If we have a row then grab data else create a new id
  252. if ($row = $db->sql_fetchrow($result))
  253. {
  254. $db->sql_freeresult($result);
  255. $code = $row['code'];
  256. }
  257. else
  258. {
  259. exit;
  260. }
  261. $code = strtolower($code);
  262. $captcha = new KCAPTCHA($code);