0
/
leftypol_lainchan
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Captcha for TOR users only

This commit is contained in:
towards-a-new-leftypol 2024-05-08 17:15:48 -04:00
parent b118588a82
commit bdd813cd77
5 changed files with 73 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/config.php
View File

@ -33,6 +33,8 @@
// Enables captcha // Enables captcha
$config['securimage'] = false; $config['securimage'] = false;
// Limits captcha to TOR users
$config['captcha_tor_only'] = false;
// Global announcement -- the very simple version. // Global announcement -- the very simple version.
// This used to be wrongly named $config['blotter'] (still exists as an alias). // This used to be wrongly named $config['blotter'] (still exists as an alias).

31
inc/functions.php
View File

@ -2905,3 +2905,34 @@ function strategy_first($fun, $array) {
return array('defer'); return array('defer');
} }
} }
function ipIsLocal($ip) {
// Define the local IP ranges commonly used in private networks
$localRanges = [
'10.0.0.0/8', // Private network range 10.0.0.0 to 10.255.255.255
'172.16.0.0/12', // Private network range 172.16.0.0 to 172.31.255.255
'192.168.0.0/16', // Private network range 192.168.0.0 to 192.168.255.255
'127.0.0.0/8', // Loopback range for localhost
'169.254.0.0/16' // Link-local addresses
];
foreach ($localRanges as $range) {
if (ipInRange($ip, $range)) {
return true;
}
}
return false;
}
function ipInRange($ip, $range) {
// Split the range to get the base IP and the netmask
list($baseIP, $netmask) = explode('/', $range);
// Convert IPs into long format for easy comparison
$ipLong = ip2long($ip);
$rangeLong = ip2long($baseIP);
$maskLong = ~((1 << (32 - $netmask)) - 1);
// Check if the IP is in the given range
return (($ipLong & $maskLong) == ($rangeLong & $maskLong));
}

3
inc/instance-config.php
View File

@ -142,7 +142,8 @@ $config['spam_noticer']['website_name'] = "leftychan";
/* /*
* Basic captcha. See also: captchaconfig.php * Basic captcha. See also: captchaconfig.php
*/ */
$config['securimage'] = false; $config['securimage'] = true;
$config['captcha_tor_only'] = true;
/* /*
* Permissions * Permissions

6
post.php
View File

@ -511,7 +511,11 @@ function handle_post(){
} }
} }
if(isset($config['securimage']) && $config['securimage']){ if((isset($config['securimage']) && $config['securimage'])
&& (
!(isset($config['captcha_tor_only']) && $config['captcha_tor_only'])
|| ipIsLocal($_SERVER['REMOTE_ADDR'])
)){
if(!isset($_POST['captcha'])){ if(!isset($_POST['captcha'])){
error($config['error']['securimage']['missing']); error($config['error']['securimage']['missing']);

46
templates/post_form.html
View File

@ -5,13 +5,10 @@
method="post" method="post"
data-max-images="{{ config.max_images }}" data-max-images="{{ config.max_images }}"
> >
{{ antibot.html() }}
{% if id %}<input type="hidden" name="thread" value="{{ id }}">{% endif %} {% if id %}<input type="hidden" name="thread" value="{{ id }}">{% endif %}
{{ antibot.html() }}
{% if board.uri not in config.overboards|keys %} {% if board.uri not in config.overboards|keys %}
<input type="hidden" name="board" value="{{ board.uri }}"> <input type="hidden" name="board" value="{{ board.uri }}">
{% endif %} {% endif %}
{{ antibot.html() }}
{% if current_page %} {% if current_page %}
<input type="hidden" name="page" value="{{ current_page }}"> <input type="hidden" name="page" value="{{ current_page }}">
{% endif %} {% endif %}
@ -103,15 +100,39 @@
</tr> </tr>
{% endif %} {% endif %}
{% if config.securimage %} {% if config.securimage %}
<tr> <tr class="post_form_captcha_row">
<th> <th>
Captcha Captcha
</th> {% if config.captcha_tor_only %}
<td> <br/>
<img name="captcha-img" id="captcha-img" src="/captcha.php" onClick="this.src='/captcha.php?'+Date.now();document.getElementById('captcha').value = '';"><br /> <small>Tor Only</small>
<input type="text" name="captcha" id="captcha" size="25" maxlength="10" autocomplete="off"> {% endif %}
</td> </th>
</tr> <td>
<img name="captcha-img" id="captcha-img" src="/captcha.php" onClick="this.src='/captcha.php?'+Date.now();document.getElementById('captcha').value = '';"><br />
<input type="text" name="captcha" id="captcha" size="25" maxlength="10" autocomplete="off">
</td>
</tr>
{% if config.captcha_tor_only %}
<script>
(() => {
function isOnionDomain() {
const hostname = window.location.hostname;
return hostname.endsWith('.onion');
}
function removeCaptchaField() {
document.querySelectorAll('.post_form_captcha_row')
.forEach(e => e.parentNode.removeChild(e));
}
if (!isOnionDomain()) {
removeCaptchaField();
}
})();
</script>
{% else %}
{% endif %}
{% endif %} {% endif %}
{% if config.user_flag %} {% if config.user_flag %}
<tr> <tr>
@ -204,7 +225,6 @@
</td> </td>
</tr>{% endif %} </tr>{% endif %}
</table> </table>
{{ antibot.html(true) }}
<input type="hidden" name="hash" value="{{ antibot.hash() }}"> <input type="hidden" name="hash" value="{{ antibot.hash() }}">
</form> </form>