firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

텍스트캡챠 적용

Browse Source
This commit is contained in:
gnuboard
2012-12-28 14:29:48 +09:00
parent f425ce9832
commit 66dfd975f9
24 changed files with 537 additions and 517 deletions
Download Patch File Download Diff File Expand all files Collapse all files

233
bbs/kcaptcha.php
View File

@ -1,233 +0,0 @@
<?php
# KCAPTCHA PROJECT VERSION 1.2.6
# Automatic test to tell computers and humans apart
# Copyright by Kruglov Sergei, 2006, 2007, 2008
# www.captcha.ru, www.kruglov.ru
# System requirements: PHP 4.0.6+ w/ GD
# KCAPTCHA is a free software. You can freely use it for building own site or software.
# If you use this software as a part of own sofware, you must leave copyright notices intact or add KCAPTCHA copyright notices to own.
# As a default configuration, KCAPTCHA has a small credits text at bottom of CAPTCHA image.
# You can remove it, but I would be pleased if you left it. ;)
# See kcaptcha_config.php for customization
class KCAPTCHA{
// generates keystring and image
function image(){
require(dirname(__FILE__).'/kcaptcha_config.php');
$fonts=array();
$fontsdir_absolute=dirname(__FILE__).'/'.$fontsdir;
if ($handle = opendir($fontsdir_absolute)) {
while (false !== ($file = readdir($handle))) {
if (preg_match('/\.png$/i', $file)) {
$fonts[]=$fontsdir_absolute.'/'.$file;
}
}
closedir($handle);
}
$alphabet_length=strlen($alphabet);
do{
/*
// generating random keystring
while(true){
$this->keystring='';
for($i=0;$i<$length;$i++){
$this->keystring.=$allowed_symbols{mt_rand(0,strlen($allowed_symbols)-1)};
}
if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp|ww/', $this->keystring)) break;
}
*/
$font_file=$fonts[mt_rand(0, count($fonts)-1)];
$font=imagecreatefrompng($font_file);
imagealphablending($font, true);
$fontfile_width=imagesx($font);
$fontfile_height=imagesy($font)-1;
$font_metrics=array();
$symbol=0;
$reading_symbol=false;
// loading font
for($i=0;$i<$fontfile_width && $symbol<$alphabet_length;$i++){
$transparent = (imagecolorat($font, $i, 0) >> 24) == 127;
if(!$reading_symbol && !$transparent){
$font_metrics[$alphabet{$symbol}]=array('start'=>$i);
$reading_symbol=true;
continue;
}
if($reading_symbol && $transparent){
$font_metrics[$alphabet{$symbol}]['end']=$i;
$reading_symbol=false;
$symbol++;
continue;
}
}
$img=imagecreatetruecolor($width, $height);
imagealphablending($img, true);
$white=imagecolorallocate($img, 255, 255, 255);
$black=imagecolorallocate($img, 0, 0, 0);
imagefilledrectangle($img, 0, 0, $width-1, $height-1, $white);
// draw text
$x=1;
for($i=0;$i<strlen($this->keystring);$i++){
$m=$font_metrics[$this->keystring{$i}];
$y=mt_rand(-$fluctuation_amplitude, $fluctuation_amplitude)+($height-$fontfile_height)/2+2;
if($no_spaces){
$shift=0;
if($i>0){
$shift=10000;
for($sy=7;$sy<$fontfile_height-20;$sy+=1){
for($sx=$m['start']-1;$sx<$m['end'];$sx+=1){
$rgb=imagecolorat($font, $sx, $sy);
$opacity=$rgb>>24;
if($opacity<127){
$left=$sx-$m['start']+$x;
$py=$sy+$y;
if($py>$height) break;
for($px=min($left,$width-1);$px>$left-12 && $px>=0;$px-=1){
$color=imagecolorat($img, $px, $py) & 0xff;
if($color+$opacity<190){
if($shift>$left-$px){
$shift=$left-$px;
}
break;
}
}
break;
}
}
}
if($shift==10000){
$shift=mt_rand(4,6);
}
}
}else{
$shift=1;
}
imagecopy($img, $font, $x-$shift, $y, $m['start'], 1, $m['end']-$m['start'], $fontfile_height);
$x+=$m['end']-$m['start']-$shift;
}
}while($x>=$width-10); // while not fit in canvas
$center=$x/2;
// credits. To remove, see configuration file
$img2=imagecreatetruecolor($width, $height+($show_credits?12:0));
$foreground=imagecolorallocate($img2, $foreground_color[0], $foreground_color[1], $foreground_color[2]);
$background=imagecolorallocate($img2, $background_color[0], $background_color[1], $background_color[2]);
imagefilledrectangle($img2, 0, 0, $width-1, $height-1, $background);
imagefilledrectangle($img2, 0, $height, $width-1, $height+12, $foreground);
$credits=empty($credits)?$_SERVER['HTTP_HOST']:$credits;
imagestring($img2, 2, $width/2-imagefontwidth(2)*strlen($credits)/2, $height-2, $credits, $background);
// periods
$rand1=mt_rand(750000,1200000)/10000000;
$rand2=mt_rand(750000,1200000)/10000000;
$rand3=mt_rand(750000,1200000)/10000000;
$rand4=mt_rand(750000,1200000)/10000000;
// phases
$rand5=mt_rand(0,31415926)/10000000;
$rand6=mt_rand(0,31415926)/10000000;
$rand7=mt_rand(0,31415926)/10000000;
$rand8=mt_rand(0,31415926)/10000000;
// amplitudes
$rand9=mt_rand(330,420)/110;
$rand10=mt_rand(330,450)/110;
//wave distortion
for($x=0;$x<$width;$x++){
for($y=0;$y<$height;$y++){
if ($wave) {
$sx=$x+(sin($x*$rand1+$rand5)+sin($y*$rand3+$rand6))*$rand9-$width/2+$center+1;
$sy=$y+(sin($x*$rand2+$rand7)+sin($y*$rand4+$rand8))*$rand10;
}
else {
$sx=$x-$width/2+$center+1;
$sy=$y+(sin($x*$rand2+$rand7)+sin($y*$rand4+$rand8))*1.5;
}
if($sx<0 || $sy<0 || $sx>=$width-1 || $sy>=$height-1){
continue;
}else{
$color=imagecolorat($img, $sx, $sy) & 0xFF;
$color_x=imagecolorat($img, $sx+1, $sy) & 0xFF;
$color_y=imagecolorat($img, $sx, $sy+1) & 0xFF;
$color_xy=imagecolorat($img, $sx+1, $sy+1) & 0xFF;
}
if($color==255 && $color_x==255 && $color_y==255 && $color_xy==255){
continue;
}else if($color==0 && $color_x==0 && $color_y==0 && $color_xy==0){
$newred=$foreground_color[0];
$newgreen=$foreground_color[1];
$newblue=$foreground_color[2];
}else{
$frsx=$sx-floor($sx);
$frsy=$sy-floor($sy);
$frsx1=1-$frsx;
$frsy1=1-$frsy;
$newcolor=(
$color*$frsx1*$frsy1+
$color_x*$frsx*$frsy1+
$color_y*$frsx1*$frsy+
$color_xy*$frsx*$frsy);
if($newcolor>255) $newcolor=255;
$newcolor=$newcolor/255;
$newcolor0=1-$newcolor;
$newred=$newcolor0*$foreground_color[0]+$newcolor*$background_color[0];
$newgreen=$newcolor0*$foreground_color[1]+$newcolor*$background_color[1];
$newblue=$newcolor0*$foreground_color[2]+$newcolor*$background_color[2];
}
imagesetpixel($img2, $x, $y, imagecolorallocate($img2, $newred, $newgreen, $newblue));
}
}
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Pragma: no-cache');
if(function_exists("imagejpeg")){
header("Content-Type: image/jpeg");
imagejpeg($img2, null, $jpeg_quality);
}else if(function_exists("imagegif")){
header("Content-Type: image/gif");
imagegif($img2);
}else if(function_exists("imagepng")){
header("Content-Type: image/x-png");
imagepng($img2);
}
}
// returns keystring
function getKeyString(){
return $this->keystring;
}
function setKeyString($str){
$this->keystring = $str;
}
}
?>

42
bbs/kcaptcha_config.php
View File

@ -1,42 +0,0 @@
<?php
# KCAPTCHA configuration file
$alphabet = "0123456789abcdefghijklmnopqrstuvwxyz"; # do not change without changing font files!
# symbols used to draw CAPTCHA
$allowed_symbols = "0123456789"; #digits
//$allowed_symbols = "23456789abcdeghkmnpqsuvxyz"; #alphabet without similar symbols (o=0, 1=l, i=j, t=f)
# folder with fonts
$fontsdir = 'fonts';
# CAPTCHA string length
$length = mt_rand(5,6); # random 5 or 6
//$length = 5;
# CAPTCHA image size (you do not need to change it, whis parameters is optimal)
$width = 120;
$height = 60;
# symbol's vertical fluctuation amplitude divided by 2
$fluctuation_amplitude = 5;
# increase safety by prevention of spaces between symbols
$no_spaces = true;
# show credits
$show_credits = false; # set to false to remove credits line. Credits adds 12 pixels to image height
$credits = 'www.captcha.ru'; # if empty, HTTP_HOST will be shown
# CAPTCHA image colors (RGB, 0-255)
//$foreground_color = array(0, 0, 0);
//$background_color = array(220, 230, 255);
$foreground_color = array(mt_rand(0,100), mt_rand(0,100), mt_rand(0,100));
$background_color = array(mt_rand(200,255), mt_rand(200,255), mt_rand(200,255));
# JPEG quality of CAPTCHA image (bigger is better quality, but larger file size)
$jpeg_quality = 90;
$wave = false;
?>

11
bbs/kcaptcha_image.php
View File

@ -1,11 +0,0 @@
<?php
include_once("_common.php");
//error_reporting (E_ALL);
include('kcaptcha.php');
//session_start();
$captcha = new KCAPTCHA();
$captcha->setKeyString(get_session("captcha_keystring"));
$captcha->getKeyString();
$captcha->image();
?>

13
bbs/kcaptcha_result.php
View File

@ -1,13 +0,0 @@
<?
// 캡챠 세션값과 비교하여 맞는지? 틀린지? 결과값을 출력합니다.
include_once("_common.php");
header("Content-Type: text/html; charset=$g4[charset]");
$count = (int)get_session("captcha_count");
if ($count >= 5) { // 설정값 이상이면 자동등록방지 입력 문자가 맞아도 오류 처리
echo false;
} else {
set_session("captcha_count", $count + 1);
echo (get_session("captcha_keystring") == $_POST['captcha_key']) ? true : false;
}
?>

19
bbs/kcaptcha_session.php
View File

@ -1,19 +0,0 @@
<?
include_once("_common.php");
header("Content-Type: text/html; charset=$g4[charset]");
require(dirname(__FILE__).'/kcaptcha_config.php');
include('kcaptcha.php');
while(true){
$keystring='';
for($i=0;$i<$length;$i++){
$keystring.=$allowed_symbols{mt_rand(0,strlen($allowed_symbols)-1)};
}
if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp|ww/', $keystring)) break;
}
set_session("captcha_count", 0);
set_session("captcha_keystring", $keystring);
$captcha = new KCAPTCHA();
$captcha->setKeyString(get_session("captcha_keystring"));
?>

10
bbs/login_check.php
View File

@ -1,6 +1,8 @@
<? <?
include_once('./_common.php'); include_once('./_common.php');
$g4['title'] = "로그인 검사";
$mb_id = $_POST['mb_id']; $mb_id = $_POST['mb_id'];
$mb_password = $_POST['mb_password']; $mb_password = $_POST['mb_password'];
@ -23,23 +25,23 @@ $mb = get_member($mb_id);
// 회원아이디를 입력해 보고 맞으면 또 패스워드를 입력해보는 경우를 방지하기 위해서입니다. // 회원아이디를 입력해 보고 맞으면 또 패스워드를 입력해보는 경우를 방지하기 위해서입니다.
// 불법사용자의 경우 회원아이디가 틀린지, 패스워드가 틀린지를 알기까지는 많은 시간이 소요되기 때문입니다. // 불법사용자의 경우 회원아이디가 틀린지, 패스워드가 틀린지를 알기까지는 많은 시간이 소요되기 때문입니다.
if (!$mb['mb_id'] || (sql_password($mb_password) != $mb['mb_password'])) { if (!$mb['mb_id'] || (sql_password($mb_password) != $mb['mb_password'])) {
alert('가입된 회원 아니거나 패스워드가 틀립니다.\n\n패스워드는 대소문자를 구분합니다.'); alert('가입된 회원아이디가 아니거나 패스워드가 틀립니다.\n패스워드는 대소문자를 구분합니다.');
} }
// 차단된 아이디인가? // 차단된 아이디인가?
if ($mb['mb_intercept_date'] && $mb['mb_intercept_date'] <= date("Ymd", $g4['server_time'])) { if ($mb['mb_intercept_date'] && $mb['mb_intercept_date'] <= date("Ymd", $g4['server_time'])) {
$date = preg_replace("/([0-9]{4})([0-9]{2})([0-9]{2})/", "\\1년 \\2월 \\3일", $mb['mb_intercept_date']); $date = preg_replace("/([0-9]{4})([0-9]{2})([0-9]{2})/", "\\1년 \\2월 \\3일", $mb['mb_intercept_date']);
alert('회원님의 아이디는 접근이 금지되어 있습니다.\n\n처리일 : '.$date); alert('회원님의 아이디는 접근이 금지되어 있습니다.\n처리일 : '.$date);
} }
// 탈퇴한 아이디인가? // 탈퇴한 아이디인가?
if ($mb['mb_leave_date'] && $mb['mb_leave_date'] <= date("Ymd", $g4['server_time'])) { if ($mb['mb_leave_date'] && $mb['mb_leave_date'] <= date("Ymd", $g4['server_time'])) {
$date = preg_replace("/([0-9]{4})([0-9]{2})([0-9]{2})/", "\\1년 \\2월 \\3일", $mb['mb_leave_date']); $date = preg_replace("/([0-9]{4})([0-9]{2})([0-9]{2})/", "\\1년 \\2월 \\3일", $mb['mb_leave_date']);
alert('탈퇴한 아이디이므로 접근하실 수 없습니다.\n\n탈퇴일 : '.$date); alert('탈퇴한 아이디이므로 접근하실 수 없습니다.\n탈퇴일 : '.$date);
} }
if ($config['cf_use_email_certify'] && !preg_match("/[1-9]/", $mb['mb_email_certify'])) if ($config['cf_use_email_certify'] && !preg_match("/[1-9]/", $mb['mb_email_certify']))
alert('메일인증을 받으셔야 로그인 하실 수 있습니다.\n\n회원님의 메일주소는 '.$mb['mb_email'].' 입니다.'); alert('메일인증을 받으셔야 로그인 하실 수 있습니다.\n회원님의 메일주소는 '.$mb['mb_email'].' 입니다.');
$member_skin_path = $g4['path'].'/skin/member/'.$config['cf_member_skin']; $member_skin_path = $g4['path'].'/skin/member/'.$config['cf_member_skin'];
@include_once($member_skin_path.'/login_check.skin.php'); @include_once($member_skin_path.'/login_check.skin.php');

61
bbs/norobot.inc.php
View File

@ -1,61 +0,0 @@
<?
if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
/*
** $norobot_str 와 $_SESSION[ss_norobot_key] 을 반환함
*/
// 자동등록기를 막아볼까요?
$is_norobot = false;
if ($config[cf_use_norobot]) {
// 임의의 md5 문자열을 생성
$tmp_str = substr(md5($g4[server_time]),0,12);
// 난수 발생기
list($usec, $sec) = explode(' ', microtime());
$seed = (float)$sec + ((float)$usec * 100000);
srand($seed);
$keylen = strlen($tmp_str);
$div = (int)($keylen / 2);
while (count($arr) < 4)
{
unset($arr);
for ($i=0; $i<$keylen; $i++)
{
$rnd = rand(1, $keylen);
$arr[$rnd] = $rnd;
if ($rnd > $div) break;
}
}
// 배열에 저장된 숫자를 차례대로 정렬
sort($arr);
$norobot_key = '';
$norobot_str = '';
$m = 0;
for ($i=0; $i<count($arr); $i++)
{
for ($k=$m; $k<$arr[$i]-1; $k++)
$norobot_str .= $tmp_str[$k];
$norobot_str .= '<font size=3 color=#FF0000><b>'.$tmp_str[$k].'</b></font>';
$norobot_key .= $tmp_str[$k];
$m = $k + 1;
}
if ($m < $keylen) {
for ($k=$m; $k<$keylen; $k++)
$norobot_str .= $tmp_str[$k];
}
$norobot_str = '<font color=#999999>'.$norobot_str.'</font>';
// 입력, 답변이면서 회원이 아닐 경우만 자동등록방지 사용
if (($w == '' || $w == 'r') && !$member[mb_id]) {
set_session("ss_norobot_key", $norobot_key);
$is_norobot = true;
}
else
set_session("ss_norobot_key", "");
}
?>
<script> var md5_norobot_key = '<?=md5($norobot_key)?>'; </script>

31
bbs/norobot_check.inc.php
View File

@ -1,31 +0,0 @@
<?
if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
// norobot.inc.php 가 선행된 후 사용
// 자동등록방지 검사
if ($config[cf_use_norobot]) {
/*
// 우선 이 URL 로 부터 온것인지 검사
$parse = parse_url($_SERVER[HTTP_REFERER]);
// 3.35
// 포트번호가 존재할 경우의 처리 (mumu님께서 알려주셨습니다)
$parse2 = explode(':', $_SERVER[HTTP_HOST]);
if ($parse[host] != $parse2[0]) {
//if ($parse[host] != $_SERVER[HTTP_HOST]) {
alert('올바른 접근이 아닌것 같습니다.', './');
}
*/
$key = $_SESSION[ss_norobot_key];
if (($w=='' || $w=='c') && !$member[mb_id]) {
if ($key) {
if ($key != $_POST[wr_key]) {
alert('정상적인 등록이 아닌것 같습니다.');
}
} else {
alert('정상적인 접근이 아닌것 같습니다.');
}
}
}
?>

54
bbs/norobot_image.php
View File

@ -1,54 +0,0 @@
<?
include_once('./_common.php');
function echo_check_image($str, $width, $height, $background_color, $text_color, $grid_color)
{
$number = $str;
$background_color = str_replace('#', '', $background_color);
$text_color = str_replace('#', '', $text_color);
$grid_color = str_replace('#', '', $grid_color);
// WebColor -> RGB
$BR = hexdec(substr($background_color, 0, 2));
$BG = hexdec(substr($background_color, 2, 2));
$BB = hexdec(substr($background_color, 4, 2));
$TR = hexdec(substr($text_color, 0, 2));
$TG = hexdec(substr($text_color, 2, 2));
$TB = hexdec(substr($text_color, 4, 2));
$GR = hexdec(substr($grid_color, 0, 2));
$GG = hexdec(substr($grid_color, 2, 2));
$GB = hexdec(substr($grid_color, 4, 2));
$im = @imagecreate($width, $height) or die("Cannot Initialize new GD image stream");
header ("Content-type: image/png");
$background_color = imagecolorallocate($im, $BR, $BG, $BB);
$text_color = imagecolorallocate($im, $TR, $TG, $TB);
$grid_color = imagecolorallocate($im, $GR, $GG, $GB);
image_random_grid($im, $width, $height, 5, $grid_color);
imagestring($im, rand(4,6), rand(5,15), rand(1,3), $number, $text_color);
imagepng($im);
imagedestroy($im);
}
function image_random_grid($im, $w, $h, $s, $color)
{
for($i=1; $i<$w/$s; $i++) {
$tmp = rand($s-$s/3, $s+$s/3);
imageline($im, $i*$tmp, 0, $i*$tmp, $h, $color);
}
for($i=1; $i<$h/$s; $i++) {
$tmp = rand($s-$s/3, $s+$s/3);
imageline($im, 0, $i*$tmp, $w, $i*$tmp, $color);
}
}
//echo_check_image(rand(4,6), 65, 20, "#FF33CC", "#FFFFFF", "#FF79DE");
echo_check_image($_SESSION['ss_norobot_key'], 80, 19, '#FF33CC', '#FFFFFF', '#FF79DE');
?>

22
bbs/write.php
View File

@ -1,7 +1,8 @@
<? <?
include_once('./_common.php'); include_once('./_common.php');
if ($editor->lib)
include_once($editor->lib); if (isset($editor->lib)) include_once($editor->lib);
if (isset($captcha->lib)) include_once($captcha->lib);
set_session('ss_bo_table', $bo_table); set_session('ss_bo_table', $bo_table);
set_session('ss_wr_id', $wr_id); set_session('ss_wr_id', $wr_id);
@ -360,9 +361,15 @@ if ($is_admin) {
$write_max = (int)$board['bo_write_max']; $write_max = (int)$board['bo_write_max'];
} }
if ($is_dhtml_editor && $editor->js) { if ($is_dhtml_editor && isset($editor->js)) {
array_push($g4['js_file'], $editor->js); $g4['js_file'][] = $editor->js;
array_push($g4['js_file'], $editor->config_js); if (isset($editor->config_js)) {
$g4['js_file'][] = $editor->config_js;
}
}
if (isset($captcha->js)) {
$g4['js_file'][] = $captcha->js;
} }
include_once($g4['path'].'/head.sub.php'); include_once($g4['path'].'/head.sub.php');
@ -396,6 +403,11 @@ if ($file_length < 0) {
} }
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------
if ($g4['https_url'])
$action_url = "{$g4['https_url']}/{$g4['bbs']}/write_update.php";
else
$action_url = "{$g4['bbs_path']}/write_update.php";
include_once ($board_skin_path.'/write.skin.php'); include_once ($board_skin_path.'/write.skin.php');
include_once('./board_tail.php'); include_once('./board_tail.php');

15
bbs/write_update.php
View File

@ -1,6 +1,8 @@
<? <?
include_once('./_common.php'); include_once('./_common.php');
if (isset($captcha->lib)) include_once($captcha->lib);
// 090710 // 090710
if (substr_count($wr_content, '&#') > 50) { if (substr_count($wr_content, '&#') > 50) {
alert('내용에 올바르지 않은 코드가 다수 포함되어 있습니다.'); alert('내용에 올바르지 않은 코드가 다수 포함되어 있습니다.');
@ -124,17 +126,8 @@ if ($w == "" || $w == "r")
alert('동일한 내용을 연속해서 등록할 수 없습니다.'); alert('동일한 내용을 연속해서 등록할 수 없습니다.');
} }
// 자동등록방지 검사 if (!chk_captcha()) {
//include_once ("./norobot_check.inc.php"); alert('자동등록방지의 답변으로 입력한 숫자가 틀렸습니다.');
if (!$is_member) {
if ($w=='' || $w=='r') {
$key = get_session("captcha_keystring");
if (!($key && $key == $_POST['wr_key'])) {
session_unregister("captcha_keystring");
alert('정상적인 접근이 아닌것 같습니다.');
}
}
} }
if (!isset($_POST['wr_subject']) || !trim($_POST['wr_subject'])) if (!isset($_POST['wr_subject']) || !trim($_POST['wr_subject']))

2
common.php
View File

@ -466,7 +466,7 @@ if (!get_cookie('ck_first_referer')) set_cookie('ck_first_referer', $_SERVER['H
// 회원, 비회원 구분 // 회원, 비회원 구분
$is_member = $is_guest = false; $is_member = $is_guest = false;
$is_admin = ""; $is_admin = "";
if (array_key_exists('mb_id', $member)) { if (isset($member['mb_id'])) {
$is_member = true; $is_member = true;
$is_admin = is_admin($member['mb_id']); $is_admin = is_admin($member['mb_id']);
$member['mb_dir'] = substr($member['mb_id'],0,2); $member['mb_dir'] = substr($member['mb_id'],0,2);

8
extend/tcaptcha.extend.php Normal file
View File

@ -0,0 +1,8 @@
<?
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
$captcha = (object)array(
'lib' => $g4['path']."/plugin/tcaptcha/tcaptcha.lib.php",
'js' => $g4['path']."/plugin/tcaptcha/tcaptcha.js"
);
?>

2
head.sub.php
View File

@ -4,7 +4,7 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
$begin_time = get_microtime(); $begin_time = get_microtime();
if (!$g4['title']) if (!isset($g4['title']))
$g4['title'] = $config['cf_title']; $g4['title'] = $config['cf_title'];
// 쪽지를 받았나? // 쪽지를 받았나?

2
plugin/ckeditor/ckeditor.lib.php
View File

@ -1,4 +1,6 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
function editor_textarea($id, $content="", $class="") function editor_textarea($id, $content="", $class="")
{ {
global $g4; global $g4;

4
plugin/tcaptcha/_common.php Normal file
View File

@ -0,0 +1,4 @@
<?
$g4_path = "../.."; // common.php 의 상대 경로
include_once("$g4_path/common.php");
?>

32
plugin/tcaptcha/chk_answer.ajax.php Normal file
View File

@ -0,0 +1,32 @@
<?
include_once("./_common.php");
include_once("$g4[path]/plugin/tcaptcha/tcaptcha.lib.php");
$user_token = trim($_POST['user_token']);
$tcaptcha_token = get_session("ss_tcaptcha_token");
if (!$user_token) {
die("{\"error\":\"자동등록방지용 사용자 토큰값이 없습니다.\"}");
}
if ($user_token != $tcaptcha_token) {
die("{\"error\":\"자동등록방지용 토큰값이 틀립니다.\"}");
}
$tcaptcha_error_count = (int)get_session("ss_tcaptcha_error_count");
if ($tcaptcha_error_count >= _ANSWER_COUNT_) {
die("{\"error\":\"입력하신 답변 횟수가 "._ANSWER_COUNT_."회를 넘었습니다.\n\n문제를 클릭하신후 다시 답변해 주십시오.\"}");
}
$user_answer = $_POST['user_answer'];
$is_answer = (get_session("ss_tcaptcha_answer") == $user_answer);
if ($is_answer == false) {
$tcaptcha_error_count++;
set_session("ss_tcaptcha_error_count", $tcaptcha_error_count);
// 토큰을 다시 생성
$token = _token();
set_session("ss_tcaptcha_token", $token);
die("{\"error\":\"입력하신 답이 틀렸습니다.\",\"token\":\"$token\"}");
}
die("{\"error\":\"\"}");
?>

8
plugin/tcaptcha/run.php Normal file
View File

@ -0,0 +1,8 @@
<?php
include_once("./_common.php");
include_once("$g4[path]/plugin/tcaptcha/tcaptcha.lib.php");
$tcaptcha = new tcaptcha("kr");
$tcaptcha->run();
die("{\"tcaptcha\":\"{$tcaptcha->question}\",\"token\":\"{$tcaptcha->token}\"}");
?>

33
plugin/tcaptcha/sample.php Normal file
View File

@ -0,0 +1,33 @@
<?php
include_once("./_common.php");
include_once("$g4[path]/head.sub.php");
?>
<script src="<?="{$g4['path']}/plugin/tcaptcha/tcaptcha.js"?>"></script>
<h2>텍스트 캡챠 샘플 페이지</h2>
<br />
<br />
<br />
<form method="post" onsubmit="return form_submit(this);">
<h2>문) <span id="tcaptcha"></span></h2>
<div>
답) 반드시 숫자로 입력하세요. <input type='text' id='user_answer' name='user_answer' size='3' maxlength='3' title='자동가입방지' required='required' />
<input type='hidden' id='user_token' name='user_token' />
<input type='submit' />
</div>
</form>
<script>
function form_submit(f)
{
if (!chk_tcaptcha(f.user_answer, f.user_token)) {
return false;
}
alert("정답");
return true;
}
</script>
<?
include_once("$g4[path]/tail.sub.php");
?>

45
plugin/tcaptcha/tcaptcha.js Normal file
View File

@ -0,0 +1,45 @@
function chk_tcaptcha(user_answer, user_token)
{
if (typeof(user_answer) == "undefined") return false;
if (typeof(user_token ) == "undefined") return false;
var error = false;
$.ajax({
type: "POST",
url: g4_path+"/plugin/tcaptcha/chk_answer.ajax.php",
async: false,
data: {
"user_answer": user_answer.value,
"user_token" : user_token.value
},
dataType: "json",
success: function(data, textStatus, jqXHR) {
error = data.error;
if (data.token) {
$("#user_token").val(data.token);
}
}
});
if (error) {
//alert('답이 틀렸거나 입력 횟수가 넘었습니다.\n\n문제를 클릭하신후 답을 다시 입력해 주십시오.');
alert(error);
user_answer.select();
return false;
}
return true;
}
$(function() {
$("#tcaptcha").click(function() {
$.ajax({
url: g4_path+"/plugin/tcaptcha/run.php?t="+(new Date).getTime(),
dataType: "json",
success: function(data, textStatus, jqXHR) {
$("#tcaptcha").html(data.tcaptcha);
$("#user_token").val(data.token);
}
})
})
.css("cursor", "pointer");
});

360
plugin/tcaptcha/tcaptcha.lib.php Normal file
View File

@ -0,0 +1,360 @@
<?php
define('_ANSWER_COUNT_', 3);
$text_number = new stdClass;
$text_number->kr = new stdClass;
$text_number->en = new stdClass;
//$text_number->kr = (object)array('a'=>1);
// 기수 cardinal (양을 나타낼때 사용하는 수)
$text_number->kr = (object)array(
'number' => array(
array("","","","","","","","","","",""),
array("","하나","","","","다섯","여섯","일곱","여덟","아홉","")
),
// 서수 ordinal (순서를 나타낼때 사용하는 수)
'ordinal' => array("","첫번째","두번째","세번째","네번째","다섯번째","여섯번째","일곱번째","여덟번째","아홉번째","열번째"),
'high' => array("다음 중 가장 큰 수는? %s.", "%s 중에서 가장 큰 수는?"),
'low' => array("다음 중 가장 작은 수는? %s.", "%s 중에서 가장 작은 수는?"),
'position0' => array("다음 중 %s 숫자는? %s."), // 인수가 두개 있으며 첫번째에 위치가, 두번째 인수에 질문이 나열된다.
'position1' => array("%s 중 %s 숫자는?"), // 인수가 두개 있으며 첫번째에 인수가 두반째에 위치에 대한 질문이 나열된다.
'add' => array("%s 더하기 %s ?", "%s + %s = ?"),
'subtract' => array("%s 빼기 %s ?", "%s - %s = ?"),
'multiply' => array("%s 곱하기 %s ?"),
//'multiply' => array("%s 곱하기 %s ?", "%s 의 %s 배는 ?"),
'and' => "그리고",
);
/*
// 서수 ordinal (순서를 나타낼때 사용하는 수)
$text_number->kr->ordinal = array("영","첫번째","두번째","세번째","네번째","다섯번째","여섯번째","일곱번째","여덟번째","아홉번째","열번째");
$text_number->kr->plus = array("+","","더하기");
$text_number->kr->minus = array("-","","빼기");
$text_number->kr->multiply = array("x","×","*","곱하기");
$text_number->kr->high = array("다음 중 가장 큰 수는? %s.", "%s 중에서 가장 큰 수는?");
$text_number->kr->low = array("다음 중 가장 작은 수는? %s.", "%s 중에서 가장 작은 수는?");
$text_number->kr->position0 =array("다음 중 %s 숫자는? %s."); // 인수가 두개 있으며 첫번째에 위치가, 두번째 인수에 질문이 나열된다.
$text_number->kr->position1 =array("%s 중 %s 숫자는?"); // 인수가 두개 있으며 첫번째에 인수가 두반째에 위치에 대한 질문이 나열된다.
$text_number->kr->add = array("%s 더하기 %s ?", "%s + %s = ?");
$text_number->kr->subtract = array("%s 빼기 %s ?", "%s - %s = ?");
$text_number->kr->and = "그리고";
*/
$text_number->en = (object)array(
'number' => array(
array("zero","one","two","three","four","five","six","seven","eight","nine","ten"),
array("zero","first","second","third","fourth","fifth","sixth","seventh","eighth","ninth","tenth")
),
'ordinal' => array("zero","1st","2nd","3rd","4th","5th","6th","7th","8th","9th","10th"),
'high' => array("%s : which of these is the largest?"),
'low' => array("%s : which of these is the smallest?"),
'position0' => array("lists %s postion number ? %s."), // 인수가 두개 있으며 첫번째에 위치가, 두번째 인수에 질문이 나열된다.
'position1' => array("%s lists %s postion number ?"), // 인수가 두개 있으며 첫번째에 인수가 두반째에 위치에 대한 질문이 나열된다.
'add' => array("%s add %s ?", "%s plus %s ?", "%s + %s = ?"),
'subtract' => array("%s subtract %s ?", "%s minus %s ?", "%s - %s = ?"),
'multiply' => array("%s multiply %s ?"),
'and' => "and"
);
class tcaptcha
{
var $language;
var $tnum; // text number 의 약어
var $min_count = 3; // 최소 문제 갯수
var $max_count = 4; // 최대 문제 갯수
var $select; // 결과값 배열
var $arabia; // 결과값 아라비아 숫자 배열
var $count; // 결과값 수
var $high; // 결과값 배열 중 가장 큰 값
var $low; // 결과값 배열 중 가장 작은 값
var $position; // 몇번째 숫자는 값이 얼마인가?
var $question; // 문제
var $answer; // 더하기, 빼기 시에 답
function tcaptcha($language='') {
if (trim($language) == '')
$language = 'kr';
$this->set_language($language);
}
function set_language($language) {
$this->language = $language;
}
function set_min_count($min_count) {
$this->min_count = $min_count;
}
function set_max_count($max_count) {
$this->max_count = $max_count;
}
function random_question() {
$this->count = $count = rand($this->min_count, $this->max_count); // 숫자를 몇개 뿌려줄것인지?
$select = array(); // 선택된 값들
$arabia = array(); // 선택된 값들의 아라비아 숫자
$high = 0;
$low = 9999;
while ($count != count($select)) {
$choice = rand(0, count($this->tnum->number)-1); // 여러개의 숫자 형식중 하나를 선택한다.
$number = $this->tnum->number[$choice];
$index = rand(1, count($number)-1); // 영은 빼고
if (in_array($index, $arabia)) continue;
if (rand(0, 3) < 3) { // 아라비아 숫자도 들어가도록 한다.
array_push($select, $number[$index]);
} else {
array_push($select, $index);
}
array_push($arabia, $index);
if ($index > $high) {
$high = $index;
}
if ($index < $low) {
$low = $index;
}
}
$this->select = $select;
$this->arabia = $arabia;
$this->high = $high; // 배열중 가장 큰 값
$this->low = $low; // 배열중 가장 작은 값
return $select;
}
// 숫자의 중간에 , 나 and 를 넣는다.
function comma_question($question) {
$str = "";
$and = false;
$comma = "";
for ($qi=0; $qi<count($question)-1; $qi++) {
$comma = ", ";
if ($and == false) {
if (rand(0,2) == 0) {
$comma = " {$this->tnum->and} ";
$and = true;
}
}
//$unicode_array = utf8_to_unicode($question[$qi]);
//array_walk($unicode_array, create_function('&$v,$k', '$v = "&#" . $v . ";";'));
//print_r($unicode_array);
//$unicode = implode("", $unicode_array);
$str = $str . "<strong>" . $question[$qi] . "</strong>" . $comma;
}
return $str . "<strong>" . $question[$qi] . "</strong>";
}
// 가장 큰수나 가장 작은수의 질문을 만든다.
function series_question($question, $highlow) {
$question = $this->comma_question($question);
$highlow_array = $this->tnum->$highlow;
return sprintf($highlow_array[rand(0, count($highlow_array)-1)], $question);
}
// 몇번째 어떤수가 있는지의 질문을 만든다.
function position_question($question) {
$question = $this->comma_question($question);
$position = rand(0, $this->count-1);
$ordinal = $this->get_ordinal_value($position+1);
$this->position = $this->arabia[$position]; // 몇번째 숫자는?의 답
// 포지션 배열에 따라 인수의 위치가 다르다.
if (rand(0,1) == 0) {
$position_array = $this->tnum->position0;
return sprintf($position_array[rand(0, count($position_array)-1)], $ordinal, $question);
} else {
$position_array = $this->tnum->position1;
return sprintf($position_array[rand(0, count($position_array)-1)], $question, $ordinal);
}
}
// 더하기 계산 문제
function add_question($question) {
$add_array = $this->tnum->add;
$rand = rand(0, count($add_array)-1);
$first_number = $this->arabia[0];
$second_number = $this->arabia[1];
$this->answer = $first_number + $second_number;
return sprintf($add_array[rand(0, count($add_array)-1)], $question[0], $question[1] );
}
// a, b 변수값을 바꾼다.
function swap(&$a, &$b)
{
$temp = $a;
$a = $b;
$b = $temp;
}
// 빼기 계산 문제
function subtract_question($question) {
$subtract_array = $this->tnum->subtract;
$rand = rand(0, count($subtract_array)-1);
$first_number = $this->arabia[0];
$second_number = $this->arabia[1];
if ($first_number < $second_number) {
$this->swap($first_number, $second_number);
$this->swap($question[0], $question[1]);
}
$this->answer = $first_number - $second_number;
return sprintf($subtract_array[$rand], $question[0], $question[1] );
}
// 곱하기 계산 문제
function multiply_question($question) {
$multiply_array = $this->tnum->multiply;
$rand = rand(0, count($multiply_array)-1);
$first_number = $this->arabia[0];
$second_number = $this->arabia[1];
$this->answer = $first_number * $second_number;
return sprintf($multiply_array[$rand], $question[0], $question[1] );
}
// 서수값을 반환
function get_ordinal_value($index) {
return $this->tnum->ordinal[$index];
}
// ajax 비교를 위한 코드 : 답을 저장해 놓는다.
function set_session($answer) {
$this->token = _token();
set_session("ss_tcaptcha_token", $this->token);
set_session("ss_tcaptcha_answer", $answer);
set_session("ss_tcaptcha_error_count", 0);
}
function run() {
global $text_number;
$this->tnum = $text_number->{$this->language};
$random_question = $this->random_question();
switch (rand(0,5)) {
case 0 :
$question = $this->series_question( $random_question, 'high' );
$this->set_session($this->high);
break;
case 1 :
$question = $this->series_question( $random_question, 'low' );
$this->set_session($this->low);
break;
case 2 :
$question = $this->add_question( $random_question );
$this->set_session($this->answer);
break;
case 3 :
$question = $this->subtract_question( $random_question );
$this->set_session($this->answer);
break;
case 4 :
$question = $this->multiply_question( $random_question );
$this->set_session($this->answer);
break;
default :
$question = $this->position_question( $random_question );
$this->set_session($this->position);
break;
}
$this->question = $question;
return $question;
}
}
function html_unicode($unicode)
{
return "&#".$unicode.";";
}
function utf8_to_unicode( $str )
{
$unicode = array();
$values = array();
$lookingFor = 1;
for ($i = 0; $i < strlen( $str ); $i++ ) {
$thisValue = ord( $str[ $i ] );
if ( $thisValue < 128 ) $unicode[] = $thisValue;
else {
if ( count( $values ) == 0 ) $lookingFor = ( $thisValue < 224 ) ? 2 : 3;
$values[] = $thisValue;
if ( count( $values ) == $lookingFor ) {
$number = ( $lookingFor == 3 ) ?
( ( $values[0] % 16 ) * 4096 ) + ( ( $values[1] % 64 ) * 64 ) + ( $values[2] % 64 ):
( ( $values[0] % 32 ) * 64 ) + ( $values[1] % 64 );
$unicode[] = $number;
$values = array();
$lookingFor = 1;
} // if
} // if
} // for
return $unicode;
}
function unicode_to_utf8($dec)
{
$unicode_hex = dechex($dec);
$unicode = hexdec($unicode_hex);
$utf8 = "";
if ($unicode < 128) {
$utf8 = chr($unicode);
} elseif ( $unicode < 2048 ) {
$utf8 .= chr( 192 + ( ( $unicode - ( $unicode % 64 ) ) / 64 ) );
$utf8 .= chr( 128 + ( $unicode % 64 ) );
} else {
$utf8 .= chr( 224 + ( ( $unicode - ( $unicode % 4096 ) ) / 4096 ) );
$utf8 .= chr( 128 + ( ( ( $unicode % 4096 ) - ( $unicode % 64 ) ) / 64 ) );
$utf8 .= chr( 128 + ( $unicode % 64 ) );
}
return $utf8;
}
function chk_captcha()
{
$token = get_session("ss_tcaptcha_token");
if ($token && $token == $_POST['user_token']) {
$answer = get_session("ss_tcaptcha_answer");
if ($answer && $answer == $_POST['user_answer']) {
return true;
}
}
set_session("ss_tcaptcha_token", "");
return false;
}
function chk_js_captcha()
{
return "if (!chk_tcaptcha(f.user_answer, f.user_token)) { return false; }\n";
}
function run_captcha($encoding='kr')
{
$captcha = new tcaptcha($encoding);
$str = "<fieldset id=\"captcha\">\n";
$str .= "<legend>자동등록방지</legend>\n";
$str .= "<div><a href=\"javascript:;\" id=\"tcaptcha\">".$captcha->run()."</a></div>\n";
$str .= "<span>답은 반드시 숫자로 입력하세요.</span>\n";
$str .= "<input type=\"text\" id=\"user_answer\" name=\"user_answer\" title=\"자동등록방지 숫자\" size=\"10\" required=\"required\" />\n";
$str .= "<input type=\"hidden\" id=\"user_token\" name=\"user_token\" />";
$str .= "</fieldset>\n";
return $str;
}
?>

2
skin/board/neo/view.skin.php
View File

@ -7,7 +7,7 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
<aside> <aside>
<h2>상단 링크</h2> <h2>상단 링크</h2>
<!-- 링크 버튼 --> <!-- 링크 버튼 -->
<? if ($update_href || $deleter_href) {?> <? if ($update_href || $delete_href) {?>
<ul> <ul>
<? if ($update_href) { ?> <? if ($update_href) { ?>
<li><a href="<?=$update_href?>">수정</a></li> <li><a href="<?=$update_href?>">수정</a></li>

28
skin/board/neo/write.skin.php
View File

@ -8,7 +8,7 @@ var char_min = parseInt(<?=$write_min?>); // 최소
var char_max = parseInt(<?=$write_max?>); // 최대 var char_max = parseInt(<?=$write_max?>); // 최대
</script> </script>
<form id="fwrite" name="fwrite" action="./write_update.php" onsubmit="return fwrite_submit(this);" method="post" enctype="multipart/form-data"> <form id="fwrite" name="fwrite" method="post" action="<?=$action_url?>" onsubmit="return fwrite_submit(this);" enctype="multipart/form-data">
<input type="hidden" name="w" value="<?=$w?>"> <input type="hidden" name="w" value="<?=$w?>">
<input type="hidden" name="bo_table" value="<?=$bo_table?>"> <input type="hidden" name="bo_table" value="<?=$bo_table?>">
<input type="hidden" name="wr_id" value="<?=$wr_id?>"> <input type="hidden" name="wr_id" value="<?=$wr_id?>">
@ -26,7 +26,7 @@ var char_max = parseInt(<?=$write_max?>); // 최대
<? if ($is_name) { ?> <? if ($is_name) { ?>
<tr> <tr>
<th scope="row"><label for="wr_name">이름</label></th> <th scope="row"><label for="wr_name">이름</label></th>
<td><input type="text" id="wr_name" name="wr_name" maxlength="20" class="required" value="<?=$name?>" title="이름"></td> <td><input type="text" id="wr_name" name="wr_name" maxlength="20" class="required" required="required" value="<?=$name?>" title="이름"></td>
</tr> </tr>
<? } ?> <? } ?>
@ -204,15 +204,9 @@ if ($option) {
</tbody> </tbody>
</table> </table>
<? if ($is_guest) { ?> <?
<fieldset id="captcha"> echo run_captcha();
<legend>자동등록방지</legend> ?>
<div><img id="kcaptcha_image" alt="" /></div>
<label for="wr_key">자동등록방지</label>
<input type="text" id="wr_key" name="wr_key" required>
왼쪽의 글자를 입력하세요.
</fieldset>
<? } ?>
<div class="btn_confirm"> <div class="btn_confirm">
<input type="submit" id="btn_submit" value="글쓰기" accesskey="s"> <input type="submit" id="btn_submit" value="글쓰기" accesskey="s">
@ -338,18 +332,8 @@ function fwrite_submit(f)
return false; return false;
} }
if (!check_kcaptcha(f.wr_key)) {
return false;
}
//document.getElementById('btn_submit').disabled = true;
//document.getElementById('btn_list').disabled = true;
<? <?
if ($g4['https_url']) echo chk_js_captcha();
echo "f.action = '{$g4['https_url']}/{$g4['bbs']}/write_update.php';";
else
echo "f.action = './write_update.php';";
?> ?>
return true; return true;

17
skin/outlogin/neo/outlogin.skin.1.php
View File

@ -23,10 +23,16 @@ if ($g4['https_url']) {
else { else {
$outlogin_url = $urlencode; $outlogin_url = $urlencode;
} }
if ($g4['https_url'])
$action_url = "{$g4['https_url']}/$g4[bbs]/login_check.php";
else
$action_url = "{$g4['bbs_path']}/login_check.php";
?> ?>
<!-- 로그인 전 외부로그인 시작 --> <!-- 로그인 전 외부로그인 시작 -->
<form name="fhead" method="post" onsubmit="return fhead_submit(this);" autocomplete="off"> <form name="fhead" method="post" action="<?=$action_url?>" onsubmit="return fhead_submit(this);" autocomplete="off">
<fieldset> <fieldset>
<legend>로그인</legend> <legend>로그인</legend>
<input type="hidden" name="url" value="<?=$outlogin_url?>"> <input type="hidden" name="url" value="<?=$outlogin_url?>">
@ -46,6 +52,7 @@ else {
<script> <script>
function fhead_submit(f) function fhead_submit(f)
{ {
/*
if (!f.mb_id.value) { if (!f.mb_id.value) {
alert("회원아이디를 입력하십시오."); alert("회원아이디를 입력하십시오.");
f.mb_id.focus(); f.mb_id.focus();
@ -57,13 +64,7 @@ function fhead_submit(f)
f.mb_password.focus(); f.mb_password.focus();
return false; return false;
} }
*/
<?
if ($g4['https_url'])
echo "f.action = '$g4[https_url]/$g4[bbs]/login_check.php';";
else
echo "f.action = '$g4[bbs_path]/login_check.php';";
?>
return true; return true;
} }