diff --git a/bbs/ajax.mb_email.php b/bbs/ajax.mb_email.php index 6c50300cc..21a7df62c 100644 --- a/bbs/ajax.mb_email.php +++ b/bbs/ajax.mb_email.php @@ -5,8 +5,12 @@ include_once(G5_LIB_PATH.'/register.lib.php'); $mb_email = trim($_POST['reg_mb_email']); $mb_id = trim($_POST['reg_mb_id']); +set_session('ss_check_mb_email', ''); + if ($msg = empty_mb_email($mb_email)) die($msg); if ($msg = valid_mb_email($mb_email)) die($msg); if ($msg = prohibit_mb_email($mb_email)) die($msg); if ($msg = exist_mb_email($mb_email, $mb_id)) die($msg); + +set_session('ss_check_mb_email', $mb_email); ?> \ No newline at end of file diff --git a/bbs/ajax.mb_id.php b/bbs/ajax.mb_id.php index 6b0badd06..6ab21cb3f 100644 --- a/bbs/ajax.mb_id.php +++ b/bbs/ajax.mb_id.php @@ -4,9 +4,13 @@ include_once(G5_LIB_PATH.'/register.lib.php'); $mb_id = trim($_POST['reg_mb_id']); +set_session('ss_check_mb_id', ''); + if ($msg = empty_mb_id($mb_id)) die($msg); if ($msg = valid_mb_id($mb_id)) die($msg); if ($msg = count_mb_id($mb_id)) die($msg); if ($msg = exist_mb_id($mb_id)) die($msg); if ($msg = reserve_mb_id($mb_id)) die($msg); + +set_session('ss_check_mb_id', $mb_id); ?> \ No newline at end of file diff --git a/bbs/ajax.mb_nick.php b/bbs/ajax.mb_nick.php index 07fc5dcc9..74a289444 100644 --- a/bbs/ajax.mb_nick.php +++ b/bbs/ajax.mb_nick.php @@ -5,9 +5,13 @@ include_once(G5_LIB_PATH.'/register.lib.php'); $mb_nick = trim($_POST['reg_mb_nick']); $mb_id = trim($_POST['reg_mb_id']); +set_session('ss_check_mb_nick', ''); + if ($msg = empty_mb_nick($mb_nick)) die($msg); if ($msg = valid_mb_nick($mb_nick)) die($msg); if ($msg = count_mb_nick($mb_nick)) die($msg); if ($msg = exist_mb_nick($mb_nick, $mb_id)) die($msg); if ($msg = reserve_mb_nick($mb_nick)) die($msg); + +set_session('ss_check_mb_nick', $mb_nick); ?> \ No newline at end of file diff --git a/bbs/register_form_update.php b/bbs/register_form_update.php index b61c373d5..ef1392ca6 100644 --- a/bbs/register_form_update.php +++ b/bbs/register_form_update.php @@ -79,6 +79,17 @@ if ($w == '' || $w == 'u') { if ($msg = valid_mb_id($mb_id)) alert($msg, "", true, true); if ($msg = count_mb_id($mb_id)) alert($msg, "", true, true); + // 이름, 닉네임에 utf-8 이외의 문자가 포함됐다면 오류 + // 서버환경에 따라 정상적으로 체크되지 않을 수 있음. + $tmp_mb_name = iconv('UTF-8', 'UTF-8//IGNORE', $mb_name); + if($tmp_mb_name != $mb_name) { + alert('이름을 올바르게 입력해 주십시오.'); + } + $tmp_mb_nick = iconv('UTF-8', 'UTF-8//IGNORE', $mb_nick); + if($tmp_mb_nick != $mb_nick) { + alert('닉네임을 올바르게 입력해 주십시오.'); + } + if ($w == '' && !$mb_password) alert('비밀번호가 넘어오지 않았습니다.'); if($w == '' && $mb_password != $mb_password_re) @@ -103,6 +114,14 @@ if ($w == '' || $w == 'u') { if ($w=='') { if ($msg = exist_mb_id($mb_id)) alert($msg); + if (get_session('ss_check_mb_id') != $mb_id || get_session('ss_check_mb_nick') != $mb_nick || get_session('ss_check_mb_email') != $mb_email) { + set_session('ss_check_mb_id', ''); + set_session('ss_check_mb_nick', ''); + set_session('ss_check_mb_email', ''); + + alert('올바른 방법으로 이용해 주십시오.'); + } + // 본인확인 체크 if($config['cf_cert_use'] && $config['cf_cert_req']) { if(trim($_POST['cert_no']) != $_SESSION['ss_cert_no'] || !$_SESSION['ss_cert_no']) diff --git a/css/default.css b/css/default.css index 1d383334e..1656df554 100644 --- a/css/default.css +++ b/css/default.css @@ -122,12 +122,12 @@ a:hover, a:focus, a:active {color:#000;text-decoration:underline} /* 캡챠 자동등록(입력)방지 기본 */ #captcha {display:inline-block;position:relative} #captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} -#captcha #captcha_img {width:100px;height:41px;border:1px solid #e9e9e9} -#captcha #captcha_mp3 {position:absolute;top:0;left:101px;;margin:0;padding:0;width:23px;height:22px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_mp3 span {position:absolute;top:0;left:0;width:23px;height:22px;background:url('../plugin/kcaptcha/img/sound.gif')} -#captcha #captcha_reload {position:absolute;top:21px;left:101px;margin:0;padding:0;width:23px;height:22px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_reload span {position:absolute;top:0;left:0;width:23px;height:22px;background:url('../plugin/kcaptcha/img/reload.gif')} -#captcha #captcha_key {margin:0 0 0 25px;padding:0 5px;width:70px;height:41px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} +#captcha #captcha_img {width:160px;height:60px;border:1px solid #e9e9e9} +#captcha #captcha_mp3 {position:absolute;top:0;left:161px;;margin:0;padding:0;width:31px;height:31px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} +#captcha #captcha_mp3 span {position:absolute;top:0;left:0;width:31px;height:31px;background:url('../img/captcha') no-repeat;} +#captcha #captcha_reload {position:absolute;top:31px;left:161px;margin:0;padding:0;width:31px;height:31px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} +#captcha #captcha_reload span {position:absolute;top:0;left:0;width:31px;height:31px;background:url('../img/captcha') no-repeat 0 -30px;border-top:1px solid #ccc} +#captcha #captcha_key {margin:0 0 0 33px;padding:0 5px;width:70px;height:60px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} #captcha #captcha_info {display:block;margin:5px 0 0;font-size:0.95em;letter-spacing:-0.1em} /* ckeditor 단축키 */ diff --git a/css/mobile.css b/css/mobile.css index 0a6f471b8..87a0f2854 100644 --- a/css/mobile.css +++ b/css/mobile.css @@ -110,14 +110,16 @@ a:hover, a:focus, a:active {color:#000;text-decoration:underline} .img_fix {width:100%;height:auto} /* 캡챠 자동등록(입력)방지 기본 */ -#captcha {display:inline-block;position:relative} -#captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} +#captcha {display:inline-block;position:relative;} +#captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden;font-size:0} #captcha audio {display:block;margin:0 0 5px;width:187px} -#captcha #captcha_img {width:60px;height:30px;border:1px solid #e9e9e9} -#captcha #captcha_reload {margin:0;padding:0 5px;height:32px;border:0;background:#e4eaec;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_key {margin:0 0 0 4px;padding:0 5px;width:50px;height:30px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2em} +#captcha #captcha_img {width:160px;height:60px;border:1px solid #e9e9e9;margin-bottom:3px;margin-right:32px;} +#captcha #captcha_reload {position:absolute;top:31px;left:161px;width:31px;height:31px;background:url('../img/captcha') no-repeat 0 -30px;border:none;border-top:1px solid #ccc;overflow:hidden;cursor:pointer;text-indent:-9999px;} +#captcha #captcha_key {margin:0;padding:0 5px;width:70px;height:60px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} #captcha #captcha_info {display:block;margin:5px 0 0;font-size:0.95em;letter-spacing:-0.1em} -#captcha #captcha_mp3{margin:0;padding:0 5px;height:32px;border:0;background:#e4eaec;vertical-align:middle;overflow:hidden;cursor:pointer} +#captcha #captcha_mp3 {position:absolute;top:0;left:161px;width:31px;height:31px;background:url('../img/captcha') no-repeat; vertical-align:top;overflow:hidden;cursor:pointer;text-indent:-9999px;border:none} + + /*단축키일람 */ .btn_cke_sc{background:#333;color:#fff;padding:5px;border:none;margin-bottom:5px} diff --git a/img/captcha.png b/img/captcha.png new file mode 100644 index 000000000..fee7cec38 Binary files /dev/null and b/img/captcha.png differ diff --git a/plugin/kcaptcha/kcaptcha.lib.php b/plugin/kcaptcha/kcaptcha.lib.php index fddea6294..6c0ea5470 100644 --- a/plugin/kcaptcha/kcaptcha.lib.php +++ b/plugin/kcaptcha/kcaptcha.lib.php @@ -35,96 +35,98 @@ class KCAPTCHA{ $alphabet_length=strlen($alphabet); - do{ - /* - // generating random keystring - while(true){ - $this->keystring=''; - for($i=0;$i<$length;$i++){ - $this->keystring.=$allowed_symbols{mt_rand(0,strlen($allowed_symbols)-1)}; - } - if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp|ww/', $this->keystring)) break; - } - */ - $font_file=$fonts[mt_rand(0, count($fonts)-1)]; - $font=imagecreatefrompng($font_file); - imagealphablending($font, true); - $fontfile_width=imagesx($font); - $fontfile_height=imagesy($font)-1; - $font_metrics=array(); - $symbol=0; - $reading_symbol=false; + $font_file=$fonts[mt_rand(0, count($fonts)-1)]; + $font=imagecreatefrompng($font_file); + imagealphablending($font, true); + $fontfile_width=imagesx($font); + $fontfile_height=imagesy($font)-1; + $font_metrics=array(); + $symbol=0; + $reading_symbol=false; - // loading font - for($i=0;$i<$fontfile_width && $symbol<$alphabet_length;$i++){ - $transparent = (imagecolorat($font, $i, 0) >> 24) == 127; + // loading font + for($i=0;$i<$fontfile_width && $symbol<$alphabet_length;$i++){ + $transparent = (imagecolorat($font, $i, 0) >> 24) == 127; - if(!$reading_symbol && !$transparent){ - $font_metrics[$alphabet{$symbol}]=array('start'=>$i); - $reading_symbol=true; - continue; - } + if(!$reading_symbol && !$transparent){ + $font_metrics[$alphabet{$symbol}]=array('start'=>$i); + $reading_symbol=true; + continue; + } - if($reading_symbol && $transparent){ - $font_metrics[$alphabet{$symbol}]['end']=$i; - $reading_symbol=false; - $symbol++; - continue; - } - } + if($reading_symbol && $transparent){ + $font_metrics[$alphabet{$symbol}]['end']=$i; + $reading_symbol=false; + $symbol++; + continue; + } + } - $img=imagecreatetruecolor($width, $height); - imagealphablending($img, true); - $white=imagecolorallocate($img, 255, 255, 255); - $black=imagecolorallocate($img, 0, 0, 0); + $img=imagecreatetruecolor($width, $height); + imagealphablending($img, true); + $white=imagecolorallocate($img, 255, 255, 255); + $black=imagecolorallocate($img, 0, 0, 0); - imagefilledrectangle($img, 0, 0, $width-1, $height-1, $white); + imagefilledrectangle($img, 0, 0, $width-1, $height-1, $white); - // draw text - $x=1; - for($i=0;$ikeystring);$i++){ - $m=$font_metrics[$this->keystring{$i}]; + // draw text + $x=1; + $odd=mt_rand(0,1); + if($odd==0) $odd=-1; + for($i=0;$i<$length;$i++){ + $m=$font_metrics[$this->keystring{$i}]; - $y=mt_rand(-$fluctuation_amplitude, $fluctuation_amplitude)+($height-$fontfile_height)/2+2; + $y=(($i%2)*$fluctuation_amplitude - $fluctuation_amplitude/2)*$odd + + mt_rand(-round($fluctuation_amplitude/3), round($fluctuation_amplitude/3)) + + ($height-$fontfile_height)/2; - if($no_spaces){ - $shift=0; - if($i>0){ - $shift=10000; - for($sy=7;$sy<$fontfile_height-20;$sy+=1){ - for($sx=$m['start']-1;$sx<$m['end'];$sx+=1){ - $rgb=imagecolorat($font, $sx, $sy); - $opacity=$rgb>>24; - if($opacity<127){ - $left=$sx-$m['start']+$x; - $py=$sy+$y; - if($py>$height) break; - for($px=min($left,$width-1);$px>$left-12 && $px>=0;$px-=1){ - $color=imagecolorat($img, $px, $py) & 0xff; - if($color+$opacity<190){ - if($shift>$left-$px){ - $shift=$left-$px; - } - break; - } - } - break; - } - } - } - if($shift==10000){ - $shift=mt_rand(4,6); - } + if($no_spaces){ + $shift=0; + if($i>0){ + $shift=10000; + for($sy=3;$sy<$fontfile_height-10;$sy+=1){ + for($sx=$m['start']-1;$sx<$m['end'];$sx+=1){ + $rgb=imagecolorat($font, $sx, $sy); + $opacity=$rgb>>24; + if($opacity<127){ + $left=$sx-$m['start']+$x; + $py=$sy+$y; + if($py>$height) break; + for($px=min($left,$width-1);$px>$left-200 && $px>=0;$px-=1){ + $color=imagecolorat($img, $px, $py) & 0xff; + if($color+$opacity<170){ // 170 - threshold + if($shift>$left-$px){ + $shift=$left-$px; + } + break; + } + } + break; + } + } + } + if($shift==10000){ + $shift=mt_rand(4,6); + } - } - }else{ - $shift=1; - } - imagecopy($img, $font, $x-$shift, $y, $m['start'], 1, $m['end']-$m['start'], $fontfile_height); - $x+=$m['end']-$m['start']-$shift; - } - }while($x>=$width-10); // while not fit in canvas + } + }else{ + $shift=1; + } + imagecopy($img, $font, $x-$shift, $y, $m['start'], 1, $m['end']-$m['start'], $fontfile_height); + $x+=$m['end']-$m['start']-$shift; + } + + //noise + $white=imagecolorallocate($font, 255, 255, 255); + $black=imagecolorallocate($font, 0, 0, 0); + for($i=0;$i<(($height-30)*$x)*$white_noise_density;$i++){ + imagesetpixel($img, mt_rand(0, $x-1), mt_rand(10, $height-15), $white); + } + for($i=0;$i<(($height-30)*$x)*$black_noise_density;$i++){ + imagesetpixel($img, mt_rand(0, $x-1), mt_rand(10, $height-15), $black); + } $center=$x/2; @@ -235,21 +237,17 @@ class KCAPTCHA{ // 캡챠 HTML 코드 출력 function captcha_html($class="captcha") { - if(is_mobile()) - $class .= ' m_captcha'; - $html .= "\n".''; //$html .= "\n".''; $html .= "\n".''; $html .= "\n".'
'; $html .= "\n".''; - if (is_mobile()) $html .= ''; //$html .= "\n".''; $html .= "\n".''; - if (!is_mobile()) $html .= "\n".''; + $html .= "\n".''; $html .= "\n".''; $html .= ''; - $html .= "\n".'자동등록방지 숫자를 순서대로 입력하세요.'; + $html .= "\n".'자동등록방지 영숫자를 순서대로 입력하세요.'; $html .= "\n".'
'; return $html; } diff --git a/plugin/kcaptcha/kcaptcha_config.php b/plugin/kcaptcha/kcaptcha_config.php index 7d8f70f02..cd42a3a46 100644 --- a/plugin/kcaptcha/kcaptcha_config.php +++ b/plugin/kcaptcha/kcaptcha_config.php @@ -6,21 +6,31 @@ $alphabet = "0123456789abcdefghijklmnopqrstuvwxyz"; # do not change without chan # symbols used to draw CAPTCHA $allowed_symbols = "0123456789"; #digits +//$allowed_symbols = "0123456789abcdef"; #digits // 스캔 방지를 위하여 abcdef 추가 151029 15:00 +//$allowed_symbols = "abcdeghkmnpqsuvxyz"; #digits //$allowed_symbols = "23456789abcdeghkmnpqsuvxyz"; #alphabet without similar symbols (o=0, 1=l, i=j, t=f) # folder with fonts -$fontsdir = 'fonts'; +$fontsdir = 'fonts'; # CAPTCHA string length //$length = mt_rand(5,6); # random 5 or 6 $length = 6; # CAPTCHA image size (you do not need to change it, whis parameters is optimal) -$width = 120; +$width = 160; $height = 60; # symbol's vertical fluctuation amplitude divided by 2 -$fluctuation_amplitude = 5; +//$fluctuation_amplitude = 5; +//$fluctuation_amplitude = 11; // 파동&진폭 151028 14:00 +$fluctuation_amplitude = 5; // 파동&진폭 원래대로 151029 15:00 + +#noise +//$white_noise_density=0; // no white noise +$white_noise_density=1/6; +//$black_noise_density=0; // no black noise +$black_noise_density=1/20; # increase safety by prevention of spaces between symbols $no_spaces = false; diff --git a/theme/basic/css/default.css b/theme/basic/css/default.css index 9b1f58887..075feb1fe 100644 --- a/theme/basic/css/default.css +++ b/theme/basic/css/default.css @@ -122,12 +122,12 @@ a:hover, a:focus, a:active {color:#000;text-decoration:underline} /* 캡챠 자동등록(입력)방지 기본 */ #captcha {display:inline-block;position:relative} #captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} -#captcha #captcha_img {width:100px;height:41px;border:1px solid #e9e9e9} -#captcha #captcha_mp3 {position:absolute;top:0;left:101px;;margin:0;padding:0;width:23px;height:22px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_mp3 span {position:absolute;top:0;left:0;width:23px;height:22px;background:url('../../../plugin/kcaptcha/img/sound.gif')} -#captcha #captcha_reload {position:absolute;top:21px;left:101px;margin:0;padding:0;width:23px;height:22px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_reload span {position:absolute;top:0;left:0;width:23px;height:22px;background:url('../../../plugin/kcaptcha/img/reload.gif')} -#captcha #captcha_key {margin:0 0 0 25px;padding:0 5px;width:70px;height:41px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} +#captcha #captcha_img {width:160px;height:60px;border:1px solid #e9e9e9} +#captcha #captcha_mp3 {position:absolute;top:0;left:161px;;margin:0;padding:0;width:31px;height:31px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer} +#captcha #captcha_mp3 span {position:absolute;top:0;left:0;width:31px;height:31px;background:url('../../../img/captcha') no-repeat;} +#captcha #captcha_reload {position:absolute;top:31px;left:161px;margin:0;padding:0;width:31px;height:31px;border:0;background:transparent;vertical-align:middle;overflow:hidden;cursor:pointer;} +#captcha #captcha_reload span {position:absolute;top:0;left:0;width:31px;height:31px;background:url('../../../img/captcha') no-repeat 0 -30px;border-top:1px solid #ccc} +#captcha #captcha_key {margin:0 0 0 33px;padding:0 5px;width:70px;height:60px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} #captcha #captcha_info {display:block;margin:5px 0 0;font-size:0.95em;letter-spacing:-0.1em} /* ckeditor 단축키 */ diff --git a/theme/basic/css/mobile.css b/theme/basic/css/mobile.css index 75892a80d..48562eecd 100644 --- a/theme/basic/css/mobile.css +++ b/theme/basic/css/mobile.css @@ -110,14 +110,14 @@ a:hover, a:focus, a:active {color:#000;text-decoration:underline} .img_fix {width:100%;height:auto} /* 캡챠 자동등록(입력)방지 기본 */ -#captcha {display:inline-block;position:relative} -#captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} +#captcha {display:inline-block;position:relative;} +#captcha legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden;font-size:0} #captcha audio {display:block;margin:0 0 5px;width:187px} -#captcha #captcha_img {width:60px;height:30px;border:1px solid #e9e9e9} -#captcha #captcha_reload {margin:0;padding:0 5px;height:32px;border:0;background:#e4eaec;vertical-align:middle;overflow:hidden;cursor:pointer} -#captcha #captcha_key {margin:0 0 0 4px;padding:0 5px;width:50px;height:30px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2em} +#captcha #captcha_img {width:160px;height:60px;border:1px solid #e9e9e9;margin-bottom:3px;margin-right:32px;} +#captcha #captcha_reload {position:absolute;top:31px;left:161px;width:31px;height:31px;background:url('../../../img/captcha') no-repeat 0 -30px;border:none;border-top:1px solid #ccc;overflow:hidden;cursor:pointer;text-indent:-9999px;} +#captcha #captcha_key {margin:0;padding:0 5px;width:70px;height:60px;border:1px solid #b8c9c2;background:#f7f7f7;font-size:1.333em;font-weight:bold;text-align:center;line-height:2.8em} #captcha #captcha_info {display:block;margin:5px 0 0;font-size:0.95em;letter-spacing:-0.1em} -#captcha #captcha_mp3{margin:0;padding:0 5px;height:32px;border:0;background:#e4eaec;vertical-align:middle;overflow:hidden;cursor:pointer} +#captcha #captcha_mp3 {position:absolute;top:0;left:161px;width:31px;height:31px;background:url('../../../img/captcha') no-repeat; vertical-align:top;overflow:hidden;cursor:pointer;text-indent:-9999px;border:none} /*단축키일람 */ .btn_cke_sc{background:#333;color:#fff;padding:5px;border:none;margin-bottom:5px}