From 1f67ccf6737463c616bd9911df6bee59606bf5b9 Mon Sep 17 00:00:00 2001
From: Lastorder <18280396+Lastorder-DC@users.noreply.github.com>
Date: Mon, 8 May 2023 02:25:30 +0000
Subject: [PATCH] Seperate captcha class

---
 .../recaptcha.php}                            | 17 +---
 modules/spamfilter/drivers/turnstile.php      | 78 +++++++++++++++++++
 modules/spamfilter/spamfilter.controller.php  |  2 +-
 3 files changed, 83 insertions(+), 14 deletions(-)
 rename modules/spamfilter/{spamfilter.lib.php => drivers/recaptcha.php} (66%)
 create mode 100644 modules/spamfilter/drivers/turnstile.php

diff --git a/modules/spamfilter/spamfilter.lib.php b/modules/spamfilter/drivers/recaptcha.php
similarity index 66%
rename from modules/spamfilter/spamfilter.lib.php
rename to modules/spamfilter/drivers/recaptcha.php
index 04c65e7f9..168fd9c47 100644
--- a/modules/spamfilter/spamfilter.lib.php
+++ b/modules/spamfilter/drivers/recaptcha.php
@@ -2,8 +2,7 @@
 
 class spamfilter_captcha
 {
-	protected static $recaptcha_verify_url = 'https://www.google.com/recaptcha/api/siteverify';
-	protected static $turnstile_verify_url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
+	protected static $verify_url = 'https://www.google.com/recaptcha/api/siteverify';
 	protected static $config = null;
 	protected static $scripts_added = false;
 	protected static $instances_inserted = 0;
@@ -17,7 +16,6 @@ class spamfilter_captcha
 
 	public static function check()
 	{
-		$verify_url = self::$config->type === 'turnstile' ? self::$turnstile_verify_url : self::$recaptcha_verify_url;
 		$response = Context::get('g-recaptcha-response');
 		if (!$response)
 		{
@@ -26,7 +24,7 @@ class spamfilter_captcha
 
 		try
 		{
-			$verify_request = \Requests::post($verify_url, array(), array(
+			$verify_request = \Requests::post(self::$verify_url, array(), array(
 				'secret' => self::$config->secret_key,
 				'response' => $response,
 				'remoteip' => \RX_CLIENT_IP,
@@ -55,15 +53,8 @@ class spamfilter_captcha
 		if (!self::$scripts_added)
 		{
 			self::$scripts_added = true;
-			switch (self::$config->type) {
-				case 'recaptcha':
-					Context::loadFile(array('./modules/spamfilter/tpl/js/recaptcha.js', 'body'));
-					Context::addHtmlFooter('<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=reCaptchaCallback" async defer></script>');
-					break;
-				case 'turnstile':
-					Context::loadFile(array('./modules/spamfilter/tpl/js/turnstile.js', 'body'));
-					Context::addHtmlFooter('<script src="https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha&amp;render=explicit&amp;onload=turnstileCallback" async defer></script>');
-			}
+			Context::loadFile(array('./modules/spamfilter/tpl/js/recaptcha.js', 'body'));
+            Context::addHtmlFooter('<script src="https://www.google.com/recaptcha/api.js?render=explicit&amp;onload=reCaptchaCallback" async defer></script>');
 			$html = '<div id="recaptcha-config" data-sitekey="%s" data-theme="%s" data-size="%s" data-targets="%s"></div>';
 			$html = sprintf($html, escape(self::$config->site_key), self::$config->theme ?: 'auto', self::$config->size ?: 'normal', implode(',', array_keys($this->_target_actions)));
 			Context::addHtmlFooter($html);
diff --git a/modules/spamfilter/drivers/turnstile.php b/modules/spamfilter/drivers/turnstile.php
new file mode 100644
index 000000000..810d1f14a
--- /dev/null
+++ b/modules/spamfilter/drivers/turnstile.php
@@ -0,0 +1,78 @@
+<?php
+
+class spamfilter_captcha
+{
+	protected static $verify_url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
+	protected static $config = null;
+	protected static $scripts_added = false;
+	protected static $instances_inserted = 0;
+	protected static $sequence = 1;
+	protected $_target_actions = [];
+
+	public static function init($config)
+	{
+		self::$config = $config;
+	}
+
+	public static function check()
+	{
+		$response = Context::get('g-recaptcha-response');
+		if (!$response)
+		{
+			throw new Rhymix\Framework\Exception('msg_recaptcha_invalid_response');
+		}
+
+		try
+		{
+			$verify_request = \Requests::post(self::$verify_url, array(), array(
+				'secret' => self::$config->secret_key,
+				'response' => $response,
+				'remoteip' => \RX_CLIENT_IP,
+			));
+		}
+		catch (\Requests_Exception $e)
+		{
+			throw new Rhymix\Framework\Exception('msg_recaptcha_connection_error');
+		}
+
+        $verify = @json_decode($verify_request->body, true);
+		if (!$verify || !$verify['success'])
+		{
+			throw new Rhymix\Framework\Exception('msg_recaptcha_server_error');
+		}
+        if ($verify && isset($verify['error-codes']) && in_array('invalid-input-response', $verify['error-codes']))
+		{
+			throw new Rhymix\Framework\Exception('msg_recaptcha_invalid_response');
+        }
+
+        $_SESSION['recaptcha_authenticated'] = true;
+	}
+
+	public function addScripts()
+	{
+		if (!self::$scripts_added)
+		{
+			self::$scripts_added = true;
+			Context::loadFile(array('./modules/spamfilter/tpl/js/turnstile.js', 'body'));
+            Context::addHtmlFooter('<script src="https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha&amp;render=explicit&amp;onload=turnstileCallback" async defer></script>');
+			$html = '<div id="recaptcha-config" data-sitekey="%s" data-theme="%s" data-size="%s" data-targets="%s"></div>';
+			$html = sprintf($html, escape(self::$config->site_key), self::$config->theme ?: 'auto', self::$config->size ?: 'normal', implode(',', array_keys($this->_target_actions)));
+			Context::addHtmlFooter($html);
+		}
+	}
+
+	public function setTargetActions(array $target_actions)
+	{
+		$this->_target_actions = $target_actions;
+	}
+
+	public function isTargetAction(string $action): bool
+	{
+		return isset($this->_target_actions[$action]);
+	}
+
+	public function __toString()
+	{
+		return sprintf('<div id="recaptcha-instance-%d" class="g-recaptcha"></div>', self::$instances_inserted++);
+	}
+}
diff --git a/modules/spamfilter/spamfilter.controller.php b/modules/spamfilter/spamfilter.controller.php
index 467a4f578..e9ab8c990 100644
--- a/modules/spamfilter/spamfilter.controller.php
+++ b/modules/spamfilter/spamfilter.controller.php
@@ -260,7 +260,7 @@ class spamfilterController extends spamfilter
 
 		if (count($target_actions))
 		{
-			include_once __DIR__ . '/spamfilter.lib.php';
+			include_once __DIR__ . '/drivers/' . $config->captcha->type . '.php';
 			spamfilter_captcha::init($config->captcha);
 
 			if (strncasecmp('proc', $obj->act, 4) === 0)