echo '' . "\n";
foreach ($choices as $text => $capability) :
if ($capability == $checked_value) $checked = ' selected="selected" ';
echo "\t". '$text \n";
$checked = '';
endforeach;
echo "\t \n";
} // end function si_captcha_perm_dropdown
function si_captcha_check_requires() {
global $si_captcha_dir, $si_captcha_add_script;
$ok = 'ok';
// Test for some required things, print error message if not OK.
if ( !extension_loaded('gd') || !function_exists('gd_info') ) {
echo ''.__('ERROR: si-captcha.php plugin says GD image support not detected in PHP!', 'si-captcha').'
';
echo ''.__('Contact your web host and ask them why GD image support is not enabled for PHP.', 'si-captcha').'
';
$ok = 'no';
}
if ( !function_exists('imagepng') ) {
echo ''.__('ERROR: si-captcha.php plugin says imagepng function not detected in PHP!', 'si-captcha').'
';
echo ''.__('Contact your web host and ask them why imagepng function is not enabled for PHP.', 'si-captcha').'
';
$ok = 'no';
}
if ( !@strtolower(ini_get('safe_mode')) == 'on' && !file_exists("$si_captcha_dir/securimage.php") ) {
echo ''.__('ERROR: si-captcha.php plugin says captcha_library not found.', 'si-captcha').'
';
$ok = 'no';
}
if ($ok == 'no') return false;
$si_captcha_add_script = true;
return true;
} // end function si_captcha_check_requires
// this function adds the captcha to the comment form
function si_captcha_comment_form() {
global $si_captcha_url, $si_captcha_opt;
// skip the captcha if user is logged in and the settings allow
if (is_user_logged_in() && $si_captcha_opt['si_captcha_perm'] == 'true') {
// skip the CAPTCHA display if the minimum capability is met
if ( current_user_can( $si_captcha_opt['si_captcha_perm_level'] ) ) {
// skip capthca
return true;
}
}
// the captcha html
echo '
';
// Test for some required things, print error message right here if not OK.
if ($this->si_captcha_check_requires()) {
$si_aria_required = ($si_captcha_opt['si_captcha_aria_required'] == 'true') ? ' aria-required="true" ' : '';
// the captcha html - comment form 2.0
echo '
';
$this->si_captcha_captcha_html('si_image_com','com');
echo '
';
$label_string = ' ';
$label_string .= ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
$label_string .= ' ';
$required_string = ''.$si_captcha_opt['si_captcha_required_indicator']." \n";
$input_string = '
var sUrlInput = document.getElementById("comment");
var oParent = sUrlInput.parentNode;
var sSubstitue = document.getElementById("captchaImgDiv");
oParent.appendChild(sSubstitue, sUrlInput);
';
}
}else{
echo '';
}
return true;
} // end function si_captcha_comment_form 2.0
// this function adds the captcha to the comment form WP3
function si_captcha_comment_form_wp3() {
global $si_captcha_url, $si_captcha_opt;
// skip the captcha if user is logged in and the settings allow
if (is_user_logged_in() && $si_captcha_opt['si_captcha_perm'] == 'true') {
// skip the CAPTCHA display if the minimum capability is met
if ( current_user_can( $si_captcha_opt['si_captcha_perm_level'] ) ) {
// skip capthca
return true;
}
}
// the captch html
// Test for some required things, print error message right here if not OK.
if ($this->si_captcha_check_requires()) {
$si_aria_required = ($si_captcha_opt['si_captcha_aria_required'] == 'true') ? ' aria-required="true" ' : '';
// the captcha html - comment form 3.0+
if (is_user_logged_in()) {
echo '';
$this->si_captcha_captcha_html('si_image_com','com');
echo '
';
$label_string = '';
$label_string .= ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
$label_string .= ' ';
$required_string = ''.$si_captcha_opt['si_captcha_required_indicator']." \n";
$input_string = '
';
}
// prevent double captcha fields
remove_action('comment_form', array(&$this, 'si_captcha_comment_form'), 1);
return true;
} // end function si_captcha_comment_form_wp3
// this function adds the captcha to the login form
function si_captcha_login_form() {
global $si_captcha_url, $si_captcha_opt;
if ($si_captcha_opt['si_captcha_login'] != 'true') {
return true; // captcha setting is disabled for login
}
// Test for some required things, print error message right here if not OK.
if ($this->si_captcha_check_requires()) {
$si_aria_required = ($si_captcha_opt['si_captcha_aria_required'] == 'true') ? ' aria-required="true" ' : '';
// the captcha html - login form
echo '
';
$this->si_captcha_captcha_html('si_image_log','log');
echo '
';
echo ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
echo '
';
$this->si_captcha_captcha_html('si_image_log','log');
echo '';
echo ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
echo '
';
}
return true;
} // end function si_captcha_bp_login_form
// this function adds the captcha to the login sidebar form of all buddypress versions
function si_captcha_bp_login_sidebar_form() {
global $si_captcha_url, $si_captcha_opt;
if ($si_captcha_opt['si_captcha_login'] != 'true') {
return true; // captcha setting is disabled for login
}
// Test for some required things, print error message right here if not OK.
if ($this->si_captcha_check_requires()) {
$si_aria_required = ($si_captcha_opt['si_captcha_aria_required'] == 'true') ? ' aria-required="true" ' : '';
// the captcha html - buddypress sidebar login form
echo '
';
$this->si_captcha_captcha_html('si_image_side_login','log');
echo '
';
echo ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
echo '
';
$this->si_captcha_captcha_html('si_image_reg','reg');
echo '
';
echo ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
echo '
';
}
return true;
} // end function si_captcha_register_form
// for wpmu and buddypress before 1.1
function si_captcha_wpmu_signup_form( $errors ) {
global $si_captcha_url, $si_captcha_opt;
if ($si_captcha_opt['si_captcha_register'] != 'true') {
return true; // captcha setting is disabled for registration
}
$error = $errors->get_error_message('captcha');
if( isset($error) && $error != '') {
echo '' . $error . '
';
}
// Test for some required things, print error message right here if not OK.
if ($this->si_captcha_check_requires()) {
$si_aria_required = ($si_captcha_opt['si_captcha_aria_required'] == 'true') ? ' aria-required="true" ' : '';
// the captcha html - wpmu register form
echo '
';
$this->si_captcha_captcha_html('si_image_reg','reg');
echo '
';
echo ($si_captcha_opt['si_captcha_label_captcha'] != '') ? $si_captcha_opt['si_captcha_label_captcha'] : __('CAPTCHA Code', 'si-captcha');
echo '
OK - Writable ' . substr(sprintf('%o', fileperms($check_this_dir)), -4);
} else if(!file_exists($check_this_dir)) {
$si_cec .= 'permissions problem may have prevented this directory from being created.', 'si-captcha');
$si_cec .= ' ';
$si_cec .= __('Fixing the actual problem is recommended, but you can uncheck this setting on the si captcha options page: "Use CAPTCHA without PHP session" and the captcha will work this way just fine (as long as PHP sessions are working).', 'si-captcha');
} else {
$si_cec .= 'fix permissions )', 'si-captcha').'. ';
$si_cec .= __('Permissions are: ', 'si-captcha');
$si_cec .= ' ';
$si_cec .= substr(sprintf('%o', fileperms($check_this_dir)), -4);
$si_cec .= ' ';
$si_cec .=__('Fixing this may require assigning 0755 permissions or higher (e.g. 0777 on some hosts. Try 0755 first, because 0777 is sometimes too much and will not work.)', 'si-captcha');
$si_cec .= ' ';
$si_cec .= __('Fixing the actual problem is recommended, but you can uncheck this setting on the si captcha options page: "Use CAPTCHA without PHP session" and the captcha will work this way just fine (as long as PHP sessions are working).', 'si-captcha');
}
return $si_cec;
}
// this function checks the captcha posted with registration on BuddyPress 1.1+
// hooks into bp-core-signup.php do_action( 'bp_signup_validate' );
function si_captcha_bp_signup_validate() {
global $bp, $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt;
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$bp->signup->errors['captcha_code'] = __('Please complete the CAPTCHA.', 'si-captcha');
return;
}else if (!isset($_POST['si_code_reg']) || empty($_POST['si_code_reg'])) {
$bp->signup->errors['captcha_code'] = __('Could not find CAPTCHA token.', 'si-captcha');
return;
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_reg']) && is_string($_POST['si_code_reg']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_reg']) ){
$prefix = $_POST['si_code_reg'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
} else {
$bp->signup->errors['captcha_code'] = __('That CAPTCHA was incorrect.', 'si-captcha');
return;
}
} else {
$bp->signup->errors['captcha_code'] = __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error();
return;
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_reg']) || empty($_SESSION['securimage_code_si_reg'])) {
$bp->signup->errors['captcha_code'] = __('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha');
return;
}else{
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$bp->signup->errors['captcha_code'] = __('Please complete the CAPTCHA.', 'si-captcha');
return;
} else {
$captcha_code = trim(strip_tags($_POST['captcha_code']));
}
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'reg'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
} else {
$bp->signup->errors['captcha_code'] = __('That CAPTCHA was incorrect. Make sure you have not disabled cookies.', 'si-captcha');
return;
}
}
} // end if captcha use session
return;
} // end function si_captcha_bp_signup_validate
// this function checks the captcha posted with registration on wpmu and buddypress before 1.1
function si_captcha_wpmu_signup_post($errors) {
global $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt;
if ($_POST['stage'] == 'validate-user-signup') {
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '. __('Please complete the CAPTCHA.', 'si-captcha'));
return $errors;
}else if (!isset($_POST['si_code_reg']) || empty($_POST['si_code_reg'])) {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '. __('Could not find CAPTCHA token.', 'si-captcha'));
return $errors;
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_reg']) && is_string($_POST['si_code_reg']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_reg']) ){
$prefix = $_POST['si_code_reg'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
} else {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '. __('That CAPTCHA was incorrect.', 'si-captcha'));
return $errors;
}
} else {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '. __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error() );
return $errors;
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_reg']) || empty($_SESSION['securimage_code_si_reg'])) {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '.__('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha'));
return $errors;
}else{
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '.__('Please complete the CAPTCHA.', 'si-captcha'));
return $errors;
} else {
$captcha_code = trim(strip_tags($_POST['captcha_code']));
}
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'reg'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
} else {
$errors['errors']->add('captcha', ''.__('ERROR', 'si-captcha').' : '.__('That CAPTCHA was incorrect. Make sure you have not disabled cookies.', 'si-captcha'));
}
}
} // end if captcha use session
}
return($errors);
} // end function si_captcha_wpmu_signup_post
// this function checks the captcha posted with registration
function si_captcha_register_post($errors) {
global $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt;
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$errors->add('captcha_blank', ''.__('ERROR', 'si-captcha').' : '. __('Please complete the CAPTCHA.', 'si-captcha'));
return $errors;
}else if (!isset($_POST['si_code_reg']) || empty($_POST['si_code_reg'])) {
$errors->add('captcha_no_token', ''.__('ERROR', 'si-captcha').' : '. __('Could not find CAPTCHA token.', 'si-captcha'));
return $errors;
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_reg']) && is_string($_POST['si_code_reg']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_reg']) ){
$prefix = $_POST['si_code_reg'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
} else {
$errors->add('captcha_wrong', ''.__('ERROR', 'si-captcha').' : '. __('That CAPTCHA was incorrect.', 'si-captcha'));
return $errors;
}
} else {
$errors->add('captcha_no_file', ''.__('ERROR', 'si-captcha').' : '. __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error() );
return $errors;
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_reg']) || empty($_SESSION['securimage_code_si_reg'])) {
$errors->add('captcha_no_cookie', ''.__('ERROR', 'si-captcha').' : '.__('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha'));
return $errors;
}else{
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
$errors->add('captcha_blank', ''.__('ERROR', 'si-captcha').' : '.__('Please complete the CAPTCHA.', 'si-captcha'));
return $errors;
} else {
$captcha_code = trim(strip_tags($_POST['captcha_code']));
}
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'reg'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
} else {
$errors->add('captcha_wrong', ''.__('ERROR', 'si-captcha').' : '.__('That CAPTCHA was incorrect. Make sure you have not disabled cookies.', 'si-captcha'));
}
}
} // end if captcha use session
return($errors);
} // end function si_captcha_register_post
function si_captcha_lostpassword_post() {
global $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt;
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
wp_die( __('Error: You did not enter a CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}else if (!isset($_POST['si_code_reg']) || empty($_POST['si_code_reg'])) {
wp_die( ''.__('ERROR', 'si-captcha').' : '. __('Could not find CAPTCHA token.', 'si-captcha'));
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_reg']) && is_string($_POST['si_code_reg']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_reg']) ){
$prefix = $_POST['si_code_reg'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
return;
} else {
wp_die( __('Error: You entered in the wrong CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}
} else {
wp_die( ''.__('ERROR', 'si-captcha').' : '. __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error() );
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_reg']) || empty($_SESSION['securimage_code_si_reg'])) {
wp_die( ''.__('ERROR', 'si-captcha').' : '.__('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha'));
}else{
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
wp_die( __('Error: You did not enter a CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
} else {
$captcha_code = trim(strip_tags($_POST['captcha_code']));
}
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'reg'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
return;
} else {
wp_die( __('Error: You entered in the wrong CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}
}
} // end if captcha use session
} // function si_captcha_lostpassword_post
// this function checks the captcha posted with the comment
function si_captcha_comment_post($comment) {
global $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt;
// added for compatibility with WP Wall plugin
// this does NOT add CAPTCHA to WP Wall plugin,
// it just prevents the "Error: You did not enter a Captcha phrase." when submitting a WP Wall comment
if ( function_exists('WPWall_Widget') && isset($_POST['wpwall_comment']) ) {
// skip capthca
return $comment;
}
// skip the captcha if user is logged in and the settings allow
if (is_user_logged_in() && $si_captcha_opt['si_captcha_perm'] == 'true') {
// skip the CAPTCHA display if the minimum capability is met
if ( current_user_can( $si_captcha_opt['si_captcha_perm_level'] ) ) {
// skip capthca
return $comment;
}
}
// skip captcha for comment replies from admin menu
if ( isset($_POST['action']) && $_POST['action'] == 'replyto-comment' &&
( check_ajax_referer( 'replyto-comment', '_ajax_nonce', false ) || check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment', false )) ) {
// skip capthca
return $comment;
}
// Skip captcha for trackback or pingback
if ( $comment['comment_type'] != '' && $comment['comment_type'] != 'comment' ) {
// skip capthca
return $comment;
}
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
wp_die( __('Error: You did not enter a CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}else if (!isset($_POST['si_code_com']) || empty($_POST['si_code_com'])) {
wp_die( ''.__('ERROR', 'si-captcha').' : '. __('Could not find CAPTCHA token.', 'si-captcha'));
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_com']) && is_string($_POST['si_code_com']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_com']) ){
$prefix = $_POST['si_code_com'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
return($comment);
} else {
wp_die( __('Error: You entered in the wrong CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}
} else {
wp_die( ''.__('ERROR', 'si-captcha').' : '. __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error() );
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_com']) || empty($_SESSION['securimage_code_si_com'])) {
wp_die( ''.__('ERROR', 'si-captcha').' : '.__('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha'));
}else{
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
wp_die( __('Error: You did not enter a CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}
$captcha_code = trim(strip_tags($_POST['captcha_code']));
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'com'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
return($comment);
} else {
wp_die( __('Error: You entered in the wrong CAPTCHA phrase. Press your browser\'s back button and try again.', 'si-captcha'));
}
}
} // end if captcha use session
} // end function si_captcha_comment_post
function si_wp_authenticate_username_password($user, $username, $password) {
global $si_captcha_dir, $si_captcha_dir_ns, $si_captcha_opt, $wp_version;
if ( is_a($user, 'WP_User') ) { return $user; }
if ( empty($username) || empty($password) || isset($_POST['captcha_code']) && empty($_POST['captcha_code'])) {
$error = new WP_Error();
if ( empty($username) )
$error->add('empty_username', __('ERROR : The username field is empty.'));
if ( empty($password) )
$error->add('empty_password', __('ERROR : The password field is empty.'));
if (isset($_POST['captcha_code']) && empty($_POST['captcha_code'])) {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
$error->add('empty_captcha', ''.__('ERROR', 'si-captcha').' : '.__('Please complete the CAPTCHA.', 'si-captcha'));
}
return $error;
}
// begin si captcha check
if($si_captcha_opt['si_captcha_disable_session'] == 'true') {
//captcha without sessions
if (empty($_POST['captcha_code']) || $_POST['captcha_code'] == '') {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '. __('Please complete the CAPTCHA.', 'si-captcha'));
}else if (!isset($_POST['si_code_log']) || empty($_POST['si_code_log'])) {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '. __('Could not find CAPTCHA token.', 'si-captcha'));
}else{
$prefix = 'xxxxxx';
if ( isset($_POST['si_code_log']) && is_string($_POST['si_code_log']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_POST['si_code_log']) ){
$prefix = $_POST['si_code_log'];
}
if ( is_readable( $si_captcha_dir_ns . $prefix . '.php' ) ) {
include( $si_captcha_dir_ns . $prefix . '.php' );
if ( 0 == strcasecmp( trim(strip_tags($_POST['captcha_code'])), $captcha_word ) ) {
// captcha was matched
@unlink ($si_captcha_dir_ns . $prefix . '.php');
} else {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '. __('That CAPTCHA was incorrect.', 'si-captcha'));
}
} else {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '. __('Could not read CAPTCHA token file.', 'si-captcha') . $this->si_captcha_token_error() );
}
}
}else{
//captcha with PHP sessions
if (!isset($_SESSION['securimage_code_si_log']) || empty($_SESSION['securimage_code_si_log'])) {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '.__('Could not read CAPTCHA cookie. Make sure you have cookies enabled and not blocking in your web browser settings. Or another plugin is conflicting. See plugin FAQ.', 'si-captcha'));
}else{
$captcha_code = trim(strip_tags($_POST['captcha_code']));
require_once "$si_captcha_dir/securimage.php";
$img = new Securimage();
$img->form_id = 'log'; // makes compatible with multi-forms on same page
$valid = $img->check("$captcha_code");
// Check, that the right CAPTCHA password has been entered, display an error message otherwise.
if($valid == true) {
// ok can continue
} else {
remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
return new WP_Error('captcha_error', ''.__('ERROR', 'si-captcha').' : '.__('That CAPTCHA was incorrect. Make sure you have not disabled cookies.', 'si-captcha'));
}
}
} // end if captcha use session
// end si captcha check
$userdata = get_user_by('login', $username);
if ( !$userdata ) {
return new WP_Error('invalid_username', sprintf(__('ERROR : Invalid username. Lost your password ?'), site_url('wp-login.php?action=lostpassword', 'login')));
}
// for WP 3.0+ ONLY!
if( version_compare($wp_version,'3','>=') ) { // wp 3.0 +
if ( is_multisite() ) {
// Is user marked as spam?
if ( 1 == $userdata->spam)
return new WP_Error('invalid_username', __('ERROR : Your account has been marked as a spammer.'));
// Is a user's blog marked as spam?
if ( !is_super_admin( $userdata->ID ) && isset($userdata->primary_blog) ) {
$details = get_blog_details( $userdata->primary_blog );
if ( is_object( $details ) && $details->spam == 1 )
return new WP_Error('blog_suspended', __('Site Suspended.'));
}
}
}
$userdata = apply_filters('wp_authenticate_user', $userdata, $password);
if ( is_wp_error($userdata) ) {
return $userdata;
}
if ( !wp_check_password($password, $userdata->user_pass, $userdata->ID) ) {
return new WP_Error('incorrect_password', sprintf(__('ERROR : Incorrect password. Lost your password ?'), site_url('wp-login.php?action=lostpassword', 'login')));
}
$user = new WP_User($userdata->ID);
return $user;
} // end function si_wp_authenticate_username_password
function si_captcha_captcha_html($label = 'si_image', $form_id = 'com') {
global $si_captcha_url, $si_captcha_dir, $si_captcha_url_ns, $si_captcha_dir_ns, $si_captcha_opt;
$capt_disable_sess = 0;
if ($si_captcha_opt['si_captcha_disable_session'] == 'true')
$capt_disable_sess = 1;
// url for no session captcha image
$securimage_show_url = $si_captcha_url .'/securimage_show.php?';
$securimage_size = 'width="175" height="60"';
if($si_captcha_opt['si_captcha_captcha_small'] == 'true' || $label == 'si_image_side_login' ) {
$securimage_show_url .= 'si_sm_captcha=1&';
$securimage_size = 'width="132" height="45"';
}
$parseUrl = parse_url($si_captcha_url);
$securimage_url = $parseUrl['path'];
if($si_captcha_opt['si_captcha_captcha_difficulty'] == 'low') $securimage_show_url .= 'difficulty=1&';
if($si_captcha_opt['si_captcha_captcha_difficulty'] == 'high') $securimage_show_url .= 'difficulty=2&';
if($si_captcha_opt['si_captcha_no_trans'] == 'true') $securimage_show_url .= 'no_trans=1&';
$securimage_show_url .= 'si_form_id=' .$form_id;
if($capt_disable_sess) {
// clean out old captcha no session temp files
$this->si_captcha_clean_temp_dir($si_captcha_dir_ns, 30);
// pick new prefix token
$prefix_length = 16;
$prefix_characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz';
$prefix = '';
$prefix_count = strlen($prefix_characters);
while ($prefix_length--) {
$prefix .= $prefix_characters[mt_rand(0, $prefix_count-1)];
}
$securimage_show_rf_url = $securimage_show_url . '&prefix=';
$securimage_show_url .= '&prefix='.$prefix;
}
echo '' . __('Settings', 'si-captcha') . ' ';
array_unshift( $links, $settings_link );
}
return $links;
} // end function si_captcha_plugin_action_links
function si_captcha_init() {
global $wpmu;
if (function_exists('load_plugin_textdomain')) {
if ($wpmu == 1) {
load_plugin_textdomain('si-captcha', false, dirname(plugin_basename(__FILE__)).'/si-captcha-for-wordpress/languages' );
} else {
load_plugin_textdomain('si-captcha', false, dirname(plugin_basename(__FILE__)).'/languages' );
}
}
} // end function si_captcha_init
function si_captcha_start_session() {
// a PHP session cookie is set so that the captcha can be remembered and function
// this has to be set before any header output
//echo "before starting session si captcha";
if( !isset( $_SESSION ) ) { // play nice with other plugins
if ( !defined('XMLRPC_REQUEST') ) { // buddypress fix
session_cache_limiter ('private, must-revalidate');
session_start();
//echo "session started si captcha";
}
}
} // function si_captcha_start_session
// needed for making temp directories for attachments and captcha session files
function si_captcha_init_temp_dir($dir) {
$dir = trailingslashit( $dir );
// make the temp directory
wp_mkdir_p( $dir );
//@chmod( $dir, 0733 );
$htaccess_file = $dir . '.htaccess';
if ( !file_exists( $htaccess_file ) ) {
if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
fwrite( $handle, "Deny from all\n" );
fclose( $handle );
}
}
$php_file = $dir . 'index.php';
if ( !file_exists( $php_file ) ) {
if ( $handle = @fopen( $php_file, 'w' ) ) {
fwrite( $handle, '' );
fclose( $handle );
}
}
} // end function si_captcha_init_temp_dir
// needed for emptying temp directories for attachments and captcha session files
function si_captcha_clean_temp_dir($dir, $minutes = 60) {
// deletes all files over xx minutes old in a temp directory
if ( ! is_dir( $dir ) || ! is_readable( $dir ) || ! is_writable( $dir ) )
return false;
$count = 0;
if ( $handle = @opendir( $dir ) ) {
while ( false !== ( $file = readdir( $handle ) ) ) {
if ( $file == '.' || $file == '..' || $file == '.htaccess' || $file == 'index.php')
continue;
$stat = @stat( $dir . $file );
if ( ( $stat['mtime'] + $minutes * 60 ) < time() ) {
@unlink( $dir . $file );
$count += 1;
}
}
closedir( $handle );
}
return $count;
}
// functions for form vars
function si_stripslashes($string) {
//if (get_magic_quotes_gpc()) {
// wordpress always needs stripslashes
return stripslashes($string);
//} else {
//return $string;
// }
} // end function si_stripslashes
function si_captcha_convert_css($string,$css) {
global $si_captcha_option_defaults;
if( preg_match("/^style=\"(.*)\"$/i", $string, $matches) ){
return $matches[1];
}
if( preg_match("/^class=\"(.*)\"$/i", $string) ){
return (isset($si_captcha_option_defaults[$css])) ? $si_captcha_option_defaults[$css] : $string;
}
return $string;
} // end function si_captcha_convert_css
function si_captcha_admin_head() {
// only load this header stuff on the admin settings page
if(isset($_GET['page']) && is_string($_GET['page']) && preg_match('/si-captcha.php$/',$_GET['page']) ) {
?>
'."\n";
// only load this css on the blog pages where login/register could be
if( $si_captcha_opt['si_captcha_external_style'] == 'true' )
return;
?>
domain ) && !empty( $current_blog->path ) )
$url = (is_ssl() ? 'https://' : 'http://') . $current_blog->domain . $current_blog->path . ($wpmu == 1 ? MUPLUGINDIR : PLUGINDIR) . $si_dir;
// set the type of request (SSL or not)
if ( is_ssl() ) {
$url = preg_replace('|http://|', 'https://', $url);
}
return $url;
}
} // end of class
} // end of if class
// backwards compatibility
// Pre-2.8 compatibility
if ( ! function_exists( 'esc_html' ) ) {
function esc_html( $text ) {
return wp_specialchars( $text );
}
}
// Pre-2.8 compatibility
if ( ! function_exists( 'esc_attr' ) ) {
function esc_attr( $text ) {
return attribute_escape( $text );
}
}
if (class_exists("siCaptcha")) {
$si_image_captcha = new siCaptcha();
}
if (isset($si_image_captcha)) {
global $wp_version;
// WordPress MU detection
// 0 Regular WordPress installation
// 1 WordPress MU Forced Activated
// 2 WordPress MU Optional Activation
$wpmu = 0;
if (basename(dirname(__FILE__)) == "mu-plugins") // forced activated
$wpmu = 1;
else if (basename(dirname(__FILE__)) == "si-captcha-for-wordpress" && function_exists('is_site_admin')) // optionally activated
$wpmu = 2;
$si_captcha_dir = WP_PLUGIN_DIR . '/si-captcha-for-wordpress/captcha';
if ($wpmu == 1) {
if ( defined( 'MUPLUGINDIR' ) )
$si_captcha_dir = MUPLUGINDIR . '/si-captcha-for-wordpress/captcha';
else
$si_captcha_dir = WP_CONTENT_DIR . '/mu-plugins/si-captcha-for-wordpress/captcha';
}
$si_captcha_url = $si_image_captcha->get_captcha_url_si();
// only used for the no-session captcha setting
$si_captcha_url_ns = $si_captcha_url . '/temp/';
$si_captcha_dir_ns = $si_captcha_dir . '/temp/';
$si_image_captcha->si_captcha_init_temp_dir($si_captcha_dir_ns);
//Actions
add_action('init', array(&$si_image_captcha, 'si_captcha_init'));
// get the options now
$si_image_captcha->si_captcha_get_options();
if ( isset($si_captcha_opt['si_captcha_disable_session']) && $si_captcha_opt['si_captcha_disable_session'] == 'true') {
// add javascript (conditionally to footer)
// http://scribu.net/wordpress/optimal-script-loading.html
add_action( 'wp_footer', array(&$si_image_captcha,'si_captcha_add_script'));
} else {
// start the PHP session
// buddypress had session error on member and groups pages, so start session here instead of init
add_action('plugins_loaded', array(&$si_image_captcha, 'si_captcha_start_session'));
}
// si captcha admin options
add_action('admin_menu', array(&$si_image_captcha,'si_captcha_add_tabs'),1);
add_action('admin_head', array(&$si_image_captcha,'si_captcha_admin_head'),1);
if( $si_captcha_opt['si_captcha_external_style'] != 'true' && !is_admin() ) {
// css is added to footer, then jquery appends it to head
add_action( 'wp_footer', array(&$si_image_captcha,'si_captcha_add_css'));
}
// adds "Settings" link to the plugin action page
add_filter( 'plugin_action_links', array(&$si_image_captcha,'si_captcha_plugin_action_links'),10,2);
if ($si_captcha_opt['si_captcha_comment'] == 'true') {
// for WP 3.0+
if( version_compare($wp_version,'3','>=') && !function_exists('sfc_commentform_submit') ) { // wp 3.0 +
// SFC Comment plugin was removing the captcha when logged into facebook
add_action( 'comment_form_after_fields', array(&$si_image_captcha, 'si_captcha_comment_form_wp3'), 1);
add_action( 'comment_form_logged_in_after', array(&$si_image_captcha, 'si_captcha_comment_form_wp3'), 1);
}
// for WP before WP 3.0
add_action('comment_form', array(&$si_image_captcha, 'si_captcha_comment_form'), 1);
add_filter('preprocess_comment', array(&$si_image_captcha, 'si_captcha_comment_post'), 1);
}
if ($si_captcha_opt['si_captcha_register'] == 'true') {
add_action('login_head', array( &$si_image_captcha, 'si_captcha_login_head') );
add_action('register_form', array(&$si_image_captcha, 'si_captcha_register_form'), 10);
add_filter('registration_errors', array(&$si_image_captcha, 'si_captcha_register_post'), 10);
}
if ($wpmu && $si_captcha_opt['si_captcha_register'] == 'true') {
// for buddypress 1.1 only
add_action('bp_before_registration_submit_buttons', array( &$si_image_captcha, 'si_captcha_bp_signup_form' ));
// for buddypress 1.1 only
add_action('bp_signup_validate', array( &$si_image_captcha, 'si_captcha_bp_signup_validate' ));
// for wpmu and (buddypress versions before 1.1)
add_action('signup_extra_fields', array( &$si_image_captcha, 'si_captcha_wpmu_signup_form' ));
// for wpmu and (buddypress versions before 1.1)
add_filter('wpmu_validate_user_signup', array( &$si_image_captcha, 'si_captcha_wpmu_signup_post'));
}
if ($si_captcha_opt['si_captcha_login'] == 'true') {
add_action('login_form', array( &$si_image_captcha, 'si_captcha_login_form' ) );
add_action('login_head', array( &$si_image_captcha, 'si_captcha_login_head' ) );
add_action('bp_login_bar_logged_out', array( &$si_image_captcha, 'si_captcha_bp_login_form' ) );
add_action('bp_sidebar_login_form', array( &$si_image_captcha, 'si_captcha_bp_login_sidebar_form' ) );
add_filter('authenticate', array( &$si_image_captcha, 'si_wp_authenticate_username_password'), 9, 3);
}
if ($si_captcha_opt['si_captcha_lostpwd'] == 'true') {
add_action('lostpassword_form', array( &$si_image_captcha, 'si_captcha_register_form'), 10);
add_action('lostpassword_post', array( &$si_image_captcha, 'si_captcha_lostpassword_post'), 10);
}
// add_action('bbp_template_notices', array( &$si_image_captcha, 'si_captcha_register_form'), 10);
// options deleted when this plugin is deleted in WP 2.7+
if ( function_exists('register_uninstall_hook') )
register_uninstall_hook(__FILE__, 'si_captcha_unset_options');
}
?>