summaryrefslogtreecommitdiff
path: root/framework/Web/UI/WebControls/TCaptchaValidator.php
diff options
context:
space:
mode:
Diffstat (limited to 'framework/Web/UI/WebControls/TCaptchaValidator.php')
-rw-r--r--framework/Web/UI/WebControls/TCaptchaValidator.php254
1 files changed, 127 insertions, 127 deletions
diff --git a/framework/Web/UI/WebControls/TCaptchaValidator.php b/framework/Web/UI/WebControls/TCaptchaValidator.php
index 9eca42fb..23943971 100644
--- a/framework/Web/UI/WebControls/TCaptchaValidator.php
+++ b/framework/Web/UI/WebControls/TCaptchaValidator.php
@@ -1,127 +1,127 @@
-<?php
-/**
- * TCaptchaValidator class file
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @link http://www.pradosoft.com/
- * @copyright Copyright &copy; 2005-2012 PradoSoft
- * @license http://www.pradosoft.com/license/
- * @version $Id$
- * @package System.Web.UI.WebControls
- */
-
-Prado::using('System.Web.UI.WebControls.TBaseValidator');
-Prado::using('System.Web.UI.WebControls.TCaptcha');
-
-/**
- * TCaptchaValidator class
- *
- * Notice: while this class is easy to use and implement, it does not provide full security.
- * In fact, it's easy to bypass the checks reusing old, already-validated tokens (reply attack).
- * A better alternative is provided by {@link TReCaptchaValidator}.
- *
- * TCaptchaValidator validates user input against a CAPTCHA represented by
- * a {@link TCaptcha} control. The input control fails validation if its value
- * is not the same as the token displayed in CAPTCHA. Note, if the user does
- * not enter any thing, it is still considered as failing the validation.
- *
- * To use TCaptchaValidator, specify the {@link setControlToValidate ControlToValidate}
- * to be the ID path of the input control (usually a {@link TTextBox} control}.
- * Also specify the {@link setCaptchaControl CaptchaControl} to be the ID path of
- * the CAPTCHA control that the user input should be compared with.
- *
- * @author Qiang Xue <qiang.xue@gmail.com>
- * @version $Id$
- * @package System.Web.UI.WebControls
- * @since 3.1.1
- */
-class TCaptchaValidator extends TBaseValidator
-{
- /**
- * Gets the name of the javascript class responsible for performing validation for this control.
- * This method overrides the parent implementation.
- * @return string the javascript class name
- */
- protected function getClientClassName()
- {
- return 'Prado.WebUI.TCaptchaValidator';
- }
-
- /**
- * @return string the ID path of the CAPTCHA control to validate
- */
- public function getCaptchaControl()
- {
- return $this->getViewState('CaptchaControl','');
- }
-
- /**
- * Sets the ID path of the CAPTCHA control to validate.
- * The ID path is the dot-connected IDs of the controls reaching from
- * the validator's naming container to the target control.
- * @param string the ID path
- */
- public function setCaptchaControl($value)
- {
- $this->setViewState('CaptchaControl',TPropertyValue::ensureString($value),'');
- }
-
- /**
- * This method overrides the parent's implementation.
- * The validation succeeds if the input control has the same value
- * as the one displayed in the corresponding CAPTCHA control.
- *
- * @return boolean whether the validation succeeds
- */
- protected function evaluateIsValid()
- {
- $value=$this->getValidationValue($this->getValidationTarget());
- $control=$this->findCaptchaControl();
- return $control->validate(trim($value));
- }
-
- /**
- * @return TCaptchaControl the CAPTCHA control to be validated against
- * @throws TConfigurationException if the CAPTCHA cannot be found according to {@link setCaptchaControl CaptchaControl}
- */
- protected function findCaptchaControl()
- {
- if(($id=$this->getCaptchaControl())==='')
- throw new TConfigurationException('captchavalidator_captchacontrol_required');
- else if(($control=$this->findControl($id))===null)
- throw new TConfigurationException('captchavalidator_captchacontrol_inexistent',$id);
- else if(!($control instanceof TCaptcha))
- throw new TConfigurationException('captchavalidator_captchacontrol_invalid',$id);
- else
- return $control;
- }
-
- /**
- * Returns an array of javascript validator options.
- * @return array javascript validator options.
- */
- protected function getClientScriptOptions()
- {
- $options=parent::getClientScriptOptions();
- $control=$this->findCaptchaControl();
- if($control->getCaseSensitive())
- {
- $options['TokenHash']=$this->generateTokenHash($control->getToken());
- $options['CaseSensitive']=true;
- }
- else
- {
- $options['TokenHash']=$this->generateTokenHash(strtoupper($control->getToken()));
- $options['CaseSensitive']=false;
- }
- return $options;
- }
-
- private function generateTokenHash($token)
- {
- for($h=0,$i=strlen($token)-1;$i>=0;--$i)
- $h+=ord($token[$i]);
- return $h;
- }
-}
-
+<?php
+/**
+ * TCaptchaValidator class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright &copy; 2005-2012 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Id$
+ * @package System.Web.UI.WebControls
+ */
+
+Prado::using('System.Web.UI.WebControls.TBaseValidator');
+Prado::using('System.Web.UI.WebControls.TCaptcha');
+
+/**
+ * TCaptchaValidator class
+ *
+ * Notice: while this class is easy to use and implement, it does not provide full security.
+ * In fact, it's easy to bypass the checks reusing old, already-validated tokens (reply attack).
+ * A better alternative is provided by {@link TReCaptchaValidator}.
+ *
+ * TCaptchaValidator validates user input against a CAPTCHA represented by
+ * a {@link TCaptcha} control. The input control fails validation if its value
+ * is not the same as the token displayed in CAPTCHA. Note, if the user does
+ * not enter any thing, it is still considered as failing the validation.
+ *
+ * To use TCaptchaValidator, specify the {@link setControlToValidate ControlToValidate}
+ * to be the ID path of the input control (usually a {@link TTextBox} control}.
+ * Also specify the {@link setCaptchaControl CaptchaControl} to be the ID path of
+ * the CAPTCHA control that the user input should be compared with.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Id$
+ * @package System.Web.UI.WebControls
+ * @since 3.1.1
+ */
+class TCaptchaValidator extends TBaseValidator
+{
+ /**
+ * Gets the name of the javascript class responsible for performing validation for this control.
+ * This method overrides the parent implementation.
+ * @return string the javascript class name
+ */
+ protected function getClientClassName()
+ {
+ return 'Prado.WebUI.TCaptchaValidator';
+ }
+
+ /**
+ * @return string the ID path of the CAPTCHA control to validate
+ */
+ public function getCaptchaControl()
+ {
+ return $this->getViewState('CaptchaControl','');
+ }
+
+ /**
+ * Sets the ID path of the CAPTCHA control to validate.
+ * The ID path is the dot-connected IDs of the controls reaching from
+ * the validator's naming container to the target control.
+ * @param string the ID path
+ */
+ public function setCaptchaControl($value)
+ {
+ $this->setViewState('CaptchaControl',TPropertyValue::ensureString($value),'');
+ }
+
+ /**
+ * This method overrides the parent's implementation.
+ * The validation succeeds if the input control has the same value
+ * as the one displayed in the corresponding CAPTCHA control.
+ *
+ * @return boolean whether the validation succeeds
+ */
+ protected function evaluateIsValid()
+ {
+ $value=$this->getValidationValue($this->getValidationTarget());
+ $control=$this->findCaptchaControl();
+ return $control->validate(trim($value));
+ }
+
+ /**
+ * @return TCaptchaControl the CAPTCHA control to be validated against
+ * @throws TConfigurationException if the CAPTCHA cannot be found according to {@link setCaptchaControl CaptchaControl}
+ */
+ protected function findCaptchaControl()
+ {
+ if(($id=$this->getCaptchaControl())==='')
+ throw new TConfigurationException('captchavalidator_captchacontrol_required');
+ else if(($control=$this->findControl($id))===null)
+ throw new TConfigurationException('captchavalidator_captchacontrol_inexistent',$id);
+ else if(!($control instanceof TCaptcha))
+ throw new TConfigurationException('captchavalidator_captchacontrol_invalid',$id);
+ else
+ return $control;
+ }
+
+ /**
+ * Returns an array of javascript validator options.
+ * @return array javascript validator options.
+ */
+ protected function getClientScriptOptions()
+ {
+ $options=parent::getClientScriptOptions();
+ $control=$this->findCaptchaControl();
+ if($control->getCaseSensitive())
+ {
+ $options['TokenHash']=$this->generateTokenHash($control->getToken());
+ $options['CaseSensitive']=true;
+ }
+ else
+ {
+ $options['TokenHash']=$this->generateTokenHash(strtoupper($control->getToken()));
+ $options['CaseSensitive']=false;
+ }
+ return $options;
+ }
+
+ private function generateTokenHash($token)
+ {
+ for($h=0,$i=strlen($token)-1;$i>=0;--$i)
+ $h+=ord($token[$i]);
+ return $h;
+ }
+}
+