/FormProcessor.php
PHP | 148 lines | 110 code | 31 blank | 7 comment | 24 complexity | 5bf264bd6e56194487a772f98ae0a8dc MD5 | raw file
- <?php
- /*
- * To change this template, choose Tools | Templates
- * and open the template in the editor.
- */
- class FormStatus {
- const VALID = 1;
- const INVALID = 2;
- const UNSURE = 3;
- }
- /**
- * The class that processes form.
- */
- class FormProcessor {
- private $raw = array();
- public $processed = array();
- private $secret = null;
- private $captcha = 'CAPTCHA PRIVATE KEY HERE';
- private $valid = null;
-
- public function __construct($secret) {
- $this->secret = $secret;
- }
-
- public function pipe($raw) {
- $this->raw = array_merge($this->raw, $raw);
- return $this;
- }
-
- public function valid() {
- if (isset($this->valid)) {
- return $this->valid;
- } else {
- $this->process();
- return $this->valid();
- }
- }
-
- public function process($alloted_time = 900000, $kill = false) {
- require_once 'Encryption\TW_Encryption.php';
-
- $crypt = new TW_Encryption();
-
- if (!isset($this->raw['spinner'])) {
- $this->valid = FormStatus::INVALID;
- return false;
- }
-
- $timestamp_label = $this->_hash_name('timestamp', $this->raw['spinner']);
- if (!isset($this->raw[$timestamp_label])) {
- $this->valid = FormStatus::INVALID;
- return false;
- }
-
- if (($this->raw[$timestamp_label] + $alloted_time) < time()) {
- if ($kill) {
- $this->valid = FormStatus::INVALID;
- return false;
- }
- $this->valid = FormStatus::UNSURE;
- }
-
- $calc_spinner = $this->_calculate_spinner($this->raw[$timestamp_label]);
- if ($calc_spinner != $this->raw['spinner']) {
- $this->valid = FormStatus::INVALID;
- return false;
- }
-
- if (isset($this->raw['recaptcha_challenge_field']) && isset($this->raw['recaptcha_challenge_field'])) {
- if (!$this->_check_recaptcha($this->raw['recaptcha_challenge_field'], $this->raw['recaptcha_response_field'])) {
- $this->valid = FormStatus::INVALID;
- return false;
- }
- }
-
-
- foreach($this->raw as $key => $value) {
- if ($key == $timestamp_label || $key == 'spinner' || $key == 'recaptcha_challenge_field' || $key == 'recaptcha_response_field') {
- continue;
- }
- $pKey = $this->_unhash_name($key, $this->raw['spinner']);
- $this->processed[$pKey] = $value;
- }
-
-
-
- $this->valid = FormStatus::VALID;
- return true;
- }
-
- private function _calculate_spinner($timestamp) {
- return hash('sha256', $timestamp . $this->secret);
- }
-
- function _hash_name($name, $spinner) {
- require_once 'Encryption\TW_Encryption.php';
- $array = false;
-
- if (strstr($name, '[]')) {
- $array = true;
- }
-
- $crypt = new TW_Encryption();
- $encoded = $this->_encode_name($crypt->encrypt($spinner, $name . $this->secret));
-
- return $encoded;
- }
-
- private function _encode_name($name) {
- return strtr(base64_encode($name), array('+' => '-', '/' => '_', '=' => ''));
- }
-
- private function _unhash_name($hash, $spinner) {
- require_once 'Encryption\TW_Encryption.php';
-
- $crypt = new TW_Encryption();
- if (strstr($hash, '_x')) {
- return strtr($crypt->decrypt($spinner, substr($this->_decode_name($hash), 0, -2)), array($this->secret => '')) . '_x';
- }
- if (strstr($hash, '_y')) {
- return strtr($crypt->decrypt($spinner, substr($this->_decode_name($hash), 0, -2)), array($this->secret => '')) . '_y';
- }
- return strtr($crypt->decrypt($spinner, $this->_decode_name($hash)), array($this->secret => ''));
- }
-
- private function _decode_name($name) {
- if(strstr($name, '_x')) {
- return base64_decode(str_pad(strtr(substr($name, 0, -2), array('-' => '+', '_' => '/')), strlen($name) % 4, '=')) . '_x';
- }
- if(strstr($name, '_y')) {
- return base64_decode(str_pad(strtr(substr($name, 0, -2), array('-' => '+', '_' => '/')), strlen($name) % 4, '=')) . '_y';
- }
- return base64_decode(str_pad(strtr($name, array('-' => '+', '_' => '/')), strlen($name) % 4, '='));
- }
-
- private function _check_recaptcha($challenge, $response) {
- require_once 'ReCAPTCHA\recaptchalib.php';
-
- $resp = recaptcha_check_answer ($this->captcha, $_SERVER["REMOTE_ADDR"], $challenge, $response);
- return $resp->is_valid;
- }
- }
- ?>