-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathinternal.php
54 lines (42 loc) · 1.75 KB
/
internal.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?
include("dao.php");
header('Content-Type: application/json');
if(!isset($_POST['robot_identifier']))
exit(json_encode(array('success' => false, 'message' => "Missing robot identifier!")));
if(!isset($_POST['g-recaptcha-response']))
exit(json_encode(array('success' => false, 'message' => "Missing g recaptcha response!")));
$id = $_POST['robot_identifier'];
$captcha = $_POST['g-recaptcha-response'];
$ip = $_SERVER['REMOTE_ADDR'];
if(!isValid($captcha, $ip))
exit(json_encode(array('success' => false, 'message' => "reCaptcha was not valid!")));
$dao = new dao();
$result = $dao->getRecaptchaListing($id);
$dao->deleteRecaptchaListing($id);
$dao->finishRecaptchaCompletionListing($id);
if(!$result['found'])
exit(json_encode(array('success' => false, 'message' => "Generation data not found on server!")));
exit(json_encode(array('success' => true, 'robot_identifier' => $_POST['robot_identifier'], 'result' => array('access' => $result['access'], 'refresh' => $result['refresh']))));
function isValid($captcha, $ip) {
try {
$url = 'https://www.google.com/recaptcha/api/siteverify';
$data = ['secret' => RECAPTCHA_SECRET,
'response' => $captcha,
'remoteip' => $ip];
$options = [
'http' => [
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
]
];
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
return json_decode($result)->success;
}
catch (Exception $e) {
$dao->insertError("internal.php", "isValid", "failed to verify captcha with google");
return null;
}
}
?>