[ZendTo] Re: AreYouAHuman v reCAPTCHA
Mike Brudenell
mike.brudenell at york.ac.uk
Mon Feb 17 09:24:35 GMT 2014
Hi, Paul -
Many thanks for that; we might see if we can tweak your code to meet our
needs. We have been required to ensure that the reCAPTCHA version is
available so need either to present both or a toggle to flip between them.
Cheers,
Mike B-)
On 14 February 2014 21:29, Paul Winnick <pwinnick at temple.edu> wrote:
> Hi Mike,
>
>
>
> We had a similar situation where we preferred using AreYouAHuman but
> needed to provide Google's reCAPTCHA as an alternative for users that met
> the following conditions.
>
>
>
> 1. Web browser does not support HTML5.
>
> 2. Adobe Flash player is not installed.
>
>
>
> We added the *code* below to *pickupcheck.tpl* and *pickup.php*, which
> does a quick check for HTML5 & Flash compatibility then uses a simple PHP
> variable to determine whether AreYouAHuman or reCaptcha should be used.
> You'll also want to make sure your key information for both AreYouAHuman
> and reCAPTCHA is specified in preferences.php.
>
>
>
> *pickupcheck.tpl*
>
>
>
> <tr>
>
> <td colspan="2" align="center">
>
> To confirm that you are a <i>real</i> person (and not a computer),
> please play the quick game below then click "Pickup Files":<br /> <br
> />
>
> <!-- Start HTML5/Flash check -->
>
> <script type="text/javascript" src="js/modernizr.js"></script>
>
> <script type="text/javascript" src="js/flash_detect.js"></script>
>
> <script>
>
> var supportsAYAH = "{$supportsAYAH}";
>
> if (!(Modernizr.canvas)) {
>
> if (!FlashDetect.installed) {
>
> if (supportsAYAH != "no") {
>
> * window.location =
> "{$zendToURL}pickup.php?claimID={$claimID}&claimPasscode={$claimPasscode}&emailAddr={$emailAddr}&supportsAYAH=no";*
>
> }
>
> }
>
> }
>
> </script>
>
> <!-- End HTML5/Flash check -->
>
> {$recaptchaHTML}
>
> <br />
>
> </td>
>
> </tr>
>
>
>
>
>
> *pickup.php*
>
>
>
> $supportsAYAH =
> isset($_POST['supportsAYAH'])?$_POST['supportsAYAH']:(isset($_GET['supportsAYAH'])?$_GET['supportsAYAH']:NULL);
>
> $smarty->assign('supportsAYAH', $supportsAYAH);
>
>
>
> $ayah = new AYAH();
>
> $captcha = $theDropbox->captcha();
>
>
>
> // Check their recaptcha result. If they passed, then write an AuthData
>
> // record with their IP in the Name field. This is then used by
> download.php.
>
> // If they failed, re-present the pickup page as if they just went there
>
> // again, but with an error message at the top telling them they were
> wrong.
>
> if ( $authSuccess ||
>
> ( isset($_POST['Action']) && $_POST['Action'] == "Pickup" )
>
> ) {
>
> $resp = FALSE;
>
> if (!$authSuccess) {
>
> if ($captcha == 'areyouahuman' *&& $supportsAYAH == '') {*
>
> * //if ($captcha == 'areyouahuman') {*
>
> $resp = $ayah->scoreResult();
>
> } elseif ($supportsAYAH == 'no' || $captcha == '') {
>
> //elseif ($captcha == 'google' || $captcha == '') {
>
> // Using Google or an old version without this set
>
> $reCaptchaPrivateKey = $theDropbox->recaptchaPrivateKey();
>
> if ($reCaptchaPrivateKey == 'disabled') {
>
> $resp = TRUE;
>
> } else {
>
> $resp = recaptcha_check_answer($reCaptchaPrivateKey,
>
> $_SERVER["REMOTE_ADDR"],
>
> $_POST["recaptcha_challenge_field"],
>
> $_POST["recaptcha_response_field"]);
>
> $resp = $resp->is_valid;
>
> }
>
> } else {
>
> // Must be disabled
>
> $resp = TRUE;
>
> }
>
> }
>
>
>
> if ($authSuccess || $resp) {
>
> // They have passed the CAPTCHA so write an AuthData record for them.
>
> if (!$authSuccess) {
>
> // But only if they haven't already been auth-ed once.
>
> $auth = $theDropbox->WriteAuthData($_SERVER['REMOTE_ADDR'], '',
> '');
>
> }
>
> if ( $auth == '') {
>
> // Write failed.
>
> NSSError("Database failure writing authentication key. Please
> contact your system administrator.","Internal Error");
>
> displayPickupCheck($theDropbox, $smarty, $ayah, $auth,
> $supportsAYAH);
>
> //displayPickupCheck($theDropbox, $smarty, $ayah, $auth);
>
> exit(0);
>
> }
>
> } else {
>
> // The CAPTCHA response was wrong, so re-present the page with an
> error
>
> NSSError($smarty->getConfigVariable('ErrorNotPerson'),"Test failed");
>
> displayPickupCheck($theDropbox, $smarty, $ayah, $auth,
> $supportsAYAH);
>
> //displayPickupCheck($theDropbox, $smarty, $ayah, $auth);
>
> exit(0);
>
> }
>
>
>
> // They have passed the test and we have written their AuthData record.
>
>
>
> $theDropbox->SetupPage();
>
> $smarty->assign('auth', $auth); // And save their auth key!
>
>
>
> if ( $thePickup = new NSSDropoff($theDropbox) ) {
>
> //
>
> // Start the page and add some Javascript for automatically
>
> // filling-in the download form and submitting it when the
>
> // user clicks on a file in the displayed dropoff.
>
> //
>
> $theDropbox->SetupPage($thePickup->HTMLOnLoadJavascript());
>
> $smarty->display($thePickup->HTMLWrite());
>
> } else {
>
> $smarty->display('error.tpl');
>
> }
>
> } else {
>
> // It's not a pickup attempt, it's going to display the CAPTCHA form
>
> // instead which will pass us back to me again.
>
> displayPickupCheck($theDropbox, $smarty, $ayah, '', $supportsAYAH);
>
> //displayPickupCheck($theDropbox, $smarty, $ayah, '');
>
> }
>
> } else {
>
> $smarty->display('error.tpl');
>
> }
>
>
>
> function displayPickupCheck($theDropbox, $smarty, $ayah, $auth,
> $supportsAYAH) {
>
> //function displayPickupCheck($theDropbox, $smarty, $ayah, $auth) {
>
> $theDropbox->SetupPage();
>
> $claimID =
> isset($_POST['claimID'])?$_POST['claimID']:(isset($_GET['claimID'])?$_GET['claimID']:NULL);
>
> $claimPasscode =
> isset($_POST['claimPasscode'])?$_POST['claimPasscode']:(isset($_GET['claimPasscode'])?$_GET['claimPasscode']:NULL);
>
> $emailAddr =
> isset($_POST['emailAddr'])?$_POST['emailAddr']:(isset($_GET['emailAddr'])?$_GET['emailAddr']:NULL);
>
>
>
> $claimID = preg_replace('/[^a-zA-Z0-9]/', '', $claimID);
>
> $claimPasscode = preg_replace('/[^a-zA-Z0-9]/', '', $claimPasscode);
>
> if ( isset($recipEmail) && !
> preg_match($theDropbox->validEmailRegexp(),$recipEmail) ) {
>
> $emailAddr = 'INVALID';
>
> }
>
>
>
> $smarty->assign('claimID', $claimID);
>
> $smarty->assign('claimPasscode', $claimPasscode);
>
> $smarty->assign('emailAddr', $emailAddr);
>
> $smarty->assign('auth', $auth);
>
>
>
> // Check if the visitor's Web browser supports HTML5 or Flash. If not,
> use reCaptcha.
>
> if ($supportsAYAH == "no") {
>
> $reCaptchaPublicKey= $theDropbox->recaptchaPublicKey();
>
> $smarty->assign('recaptchaHTML',
>
> recaptcha_get_html($reCaptchaPublicKey,"",$_SERVER['HTTPS']));
>
> } else {
>
> $smarty->assign('recaptchaHTML', $ayah->getPublisherHTML());
>
> }
>
> //if ($theDropbox->captcha() == 'areyouahuman') {
>
> // $smarty->assign('recaptchaHTML', $ayah->getPublisherHTML());
>
> //} else {
>
> // $reCaptchaPublicKey= $theDropbox->recaptchaPublicKey();
>
> // $smarty->assign('recaptchaHTML',
>
> //
> recaptcha_get_html($reCaptchaPublicKey,"",$_SERVER['HTTPS']));
>
> //}
>
> $smarty->display('pickupcheck.tpl');
>
> }
>
>
>
>
>
>
>
> *Paul Winnick*
>
> Systems Administrator
>
> Temple University
>
> Computer Services
>
> PHONE: 215-204-3205
>
> EMAIL: pwinnick at temple.edu
>
>
>
> *From:* zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] *On Behalf
> Of *Mike Brudenell
> *Sent:* Tuesday, February 11, 2014 10:51 AM
> *To:* ZendTo Users
> *Subject:* [ZendTo] AreYouAHuman v reCAPTCHA
>
>
>
> Dear all,
>
>
>
> Does anyone have a patch that enables *both* the AreYouAHuman "games"
> *and* Google reCAPTCHA to be offered within ZendTo? (Either be showing
> both, or showing one and a button/link to toggle to the other?)
>
>
>
> We are currently using AreYouAHuman but for various reasons we now need to
> offer the choice or else revert to reCAPTCHA only.
>
>
>
> I've peered at the PHP and templates but haven't been able to figure
> anything out...
>
>
>
> Cheers,
>
> Mike B-)
>
>
>
> --
> IT Services, The University of York, Heslington, York YO10 5DD, UK
> Tel: +44-1904-323811
> Disclaimer: <http://www.york.ac.uk/docs/disclaimer/email.htm>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
--
IT Services, The University of York, Heslington, York YO10 5DD, UK
Tel: +44-1904-323811
Disclaimer: <http://www.york.ac.uk/docs/disclaimer/email.htm>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20140217/3a087640/attachment-0001.html
More information about the ZendTo
mailing list