세션 폴더에 접근할수 문제 수정 및 세션 저장경로 수정#175

2022-05-23 18:37:23 +09:00
parent 5a4ddbc455
commit f4aa0d0cd8
11 changed files with 124 additions and 17 deletions
--- a/plugin/kcaptcha/kcaptcha.lib.php
+++ b/plugin/kcaptcha/kcaptcha.lib.php
@ -274,9 +274,15 @@ function chk_captcha()
        return false;
    }

-    if (!isset($_POST['captcha_key'])) return false;
-    if (!trim($_POST['captcha_key'])) return false;
-    if ($_POST['captcha_key'] != get_session('ss_captcha_key')) {
+    $post_captcha_key = (isset($_POST['captcha_key']) && $_POST['captcha_key']) ? trim($_POST['captcha_key']) : '';
+    if (!trim($post_captcha_key)) return false;
+
+    if( $post_captcha_key && function_exists('get_string_encrypt') ){
+        $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
+        $post_captcha_key = get_string_encrypt($ip.$post_captcha_key);
+    }
+
+    if ($post_captcha_key != get_session('ss_captcha_key')) {
        $_SESSION['ss_captcha_count'] = $captcha_count + 1;
        return false;
    }
--- a/plugin/kcaptcha/kcaptcha_image.php
+++ b/plugin/kcaptcha/kcaptcha_image.php
@ -3,6 +3,11 @@ include_once("_common.php");
 include_once('captcha.lib.php');

 $captcha = new KCAPTCHA();
-$captcha->setKeyString(get_session("ss_captcha_key"));
+$ss_captcha_key = get_session("ss_captcha_key");
+if( $ss_captcha_key && !preg_match('/^[0-9]/', $ss_captcha_key) && function_exists('get_string_decrypt') ){
+    $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
+    $ss_captcha_key = str_replace($ip, '', get_string_decrypt($ss_captcha_key));
+}
+$captcha->setKeyString($ss_captcha_key);
 $captcha->getKeyString();
 $captcha->image();
--- a/plugin/kcaptcha/kcaptcha_mp3.php
+++ b/plugin/kcaptcha/kcaptcha_mp3.php
@ -8,6 +8,10 @@ function make_mp3()
    $number = get_session("ss_captcha_key");

    if ($number == "") return;
+    $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
+    if( $number && function_exists('get_string_decrypt') ){
+        $number = str_replace($ip, '', get_string_decrypt($number));
+    }
    if ($number == get_session("ss_captcha_save")) return;

    $mp3s = array();
@ -16,7 +20,6 @@ function make_mp3()
        $mp3s[] = $file;
    }

-    $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
    $mp3_file = 'cache/kcaptcha-'.$ip.'_'.G5_SERVER_TIME.'.mp3';

    $contents = '';
@ -35,6 +38,9 @@ function make_mp3()
        }
    }

+    if( $number && function_exists('get_string_encrypt') ){
+        $number = get_string_encrypt($ip.$number);
+    }
    set_session("ss_captcha_save", $number);

    return G5_DATA_URL.'/'.$mp3_file;
--- a/plugin/kcaptcha/kcaptcha_result.php
+++ b/plugin/kcaptcha/kcaptcha_result.php
@ -9,5 +9,10 @@ if ($count >= 5) { // 설정값 이상이면 자동등록방지 입력 문자가
    echo false;
 } else {
    set_session("ss_captcha_count", $count + 1);
+
+    if( $captcha_key && function_exists('get_string_encrypt') ){
+        $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
+        $captcha_key = get_string_encrypt($ip.$captcha_key);
+    }
    echo (get_session("ss_captcha_key") === $captcha_key) ? true : false;
 }
--- a/plugin/kcaptcha/kcaptcha_session.php
+++ b/plugin/kcaptcha/kcaptcha_session.php
@ -11,6 +11,11 @@ while(true){
    if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp|ww/', $keystring)) break;
 }

+if( $keystring && function_exists('get_string_encrypt') ){
+    $ip = md5(sha1($_SERVER['REMOTE_ADDR']));
+    $keystring = get_string_encrypt($ip.$keystring);
+}
+
 set_session("ss_captcha_count", 0);
 set_session("ss_captcha_key", $keystring);
 $captcha = new KCAPTCHA();