From d8838ab5dbcab38ab548ad7b74047bf507217063 Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Mon, 7 Nov 2011 03:05:57 +1100
Subject: [PATCH] made my star image a bit nicer
 added the captcha plugin, which actually depends on
 securimage/phpcaptcha from http://www.phpcaptcha.org/ - works quite
 well, and this way i dont have to carry the phpcaptcha code with my
 source tree.

added the capture bits to the reigstration page, but registration page
itself isnt functional
---
 gwvplib/gwvpauth.php               |   46 ++++++++++++++++++++++++++++++++----
 gwvplib/gwvpemail.php              |    8 ++++++
 gwvplib/gwvplib.php                |    1 +
 gwvplib/gwvpuseradmin.php          |   10 ++++++++
 gwvplib/plugins/captcha_plugin.php |   40 +++++++++++++++++++++++++++++++
 www/images/star.jpg                |  Bin 654 -> 464 bytes
 6 files changed, 100 insertions(+), 5 deletions(-)
 create mode 100644 gwvplib/gwvpemail.php
 create mode 100644 gwvplib/plugins/captcha_plugin.php

diff --git a/gwvplib/gwvpauth.php b/gwvplib/gwvpauth.php
index f7e036d..ad42b2b 100644
--- a/gwvplib/gwvpauth.php
+++ b/gwvplib/gwvpauth.php
@@ -9,10 +9,15 @@ function gwvp_AuthCallMe()
 	session_start();
 
 	if(isset($_REQUEST["q"])) {
-		$query = $_REQUEST["q"];
-		if($query == "login") return "gwvp_AuthHandleLogin";
-		if($query == "logout") return "gwvp_AuthHandleLogout";
-		if($query == "register") return "gwvp_RegistrationCall";
+		$query = explode("/", $_REQUEST["q"]);
+		if($query[0] == "login") return "gwvp_AuthHandleLogin";
+		if($query[0] == "logout") return "gwvp_AuthHandleLogout";
+		if($query[0] == "register") {
+			if(isset($query[1])) {
+				return "qwvp_attemptRegistration";
+			}
+			return "gwvp_RegistrationCall";
+		}
 	}
 	$login = gwvp_isLoggedIn();
 	
@@ -134,13 +139,24 @@ function gwvp_AuthHandleLogin()
 
 function gwvp_RegistrationPageBody()
 {
+	global $BASE_URL;
+	
+	// TODO: registration page needs to be prettier - mostly the image for the captcha
+	
 	?>
-<form method="post">
+<form method="post" action="<?php echo $BASE_URL?>/register/try">
 	<table>
 		<tr>
 			<td>Name</td>
 			<td><input name="name" type="text"></td>
 			<td>Your Full Name</td>
+			<td rowspan="4">
+				<?php if(gwvp_haveCaptcha()) {?>
+				<img id="captcha" src="<?php echo $BASE_URL?>/securimage/" alt="CAPTCHA Image" /><br>
+				<input type="text" name="captcha_code" size="10" maxlength="6" />
+				<a href="#" onclick="document.getElementById('captcha').src = '<?php echo $BASE_URL?>/securimage/' + Math.random(); return false">[ Different Image ]</a>
+				<?php } ?>
+			</td>
 		</tr>
 		<tr>
 			<td>Email</td>
@@ -152,6 +168,8 @@ function gwvp_RegistrationPageBody()
 			<td><input name="username" type="text"></td>
 			<td>The Name Used to Refer to you on the site</td>
 		</tr>
+		
+		
 		<tr>
 			<td><input type="submit" name="register" value="Register"></td>
 		</tr>
@@ -160,6 +178,24 @@ function gwvp_RegistrationPageBody()
 	<?php
 }
 
+function qwvp_attemptRegistration()
+{
+	if(gwvp_haveCaptcha()) {
+		$securimage = new Securimage();
+		if ($securimage->check($_POST['captcha_code']) == false) {
+		  // the code was incorrect
+		  // you should handle the error so that the form processor doesn't continue
+		
+		  // or you can use the following code if there is no validation or you do not know how
+		  echo "The security code entered was incorrect.<br /><br />";
+		  echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again.";
+		} else {
+			echo "code was right";
+		}
+		
+	}
+}
+
 function gwvp_checkBasicAuthLogin()
 {
 	$user = false;
diff --git a/gwvplib/gwvpemail.php b/gwvplib/gwvpemail.php
new file mode 100644
index 0000000..6e6a17b
--- /dev/null
+++ b/gwvplib/gwvpemail.php
@@ -0,0 +1,8 @@
+<?php
+
+function gwvp_sendValidationEmail()
+{
+	// TODO: code this 
+}
+
+?>
\ No newline at end of file
diff --git a/gwvplib/gwvplib.php b/gwvplib/gwvplib.php
index 24b2d77..d70dc3f 100644
--- a/gwvplib/gwvplib.php
+++ b/gwvplib/gwvplib.php
@@ -11,6 +11,7 @@ require_once("gwvpdatabase.php");
 require_once("gwvpconfig.php");
 require_once("gwvpgitcontrol.php");
 require_once("gwvpinputcheck.php");
+require_once("gwvpemail.php");
 
 // this is loaded second last
 require_once("gwvppluginloader.php");
diff --git a/gwvplib/gwvpuseradmin.php b/gwvplib/gwvpuseradmin.php
index 1d3e83d..7db0c8d 100644
--- a/gwvplib/gwvpuseradmin.php
+++ b/gwvplib/gwvpuseradmin.php
@@ -55,6 +55,7 @@ function gwvp_AddUserPage()
 	$pass2 = $_REQUEST["pass2"];
 	$username = $_REQUEST["username"];
 	$desc = $_REQUEST["desc"];
+	$sendvalid = isset($_REQUEST["sendvalidation"]);
 	
 	// now for some validation
 	$sendback = false;
@@ -83,6 +84,12 @@ function gwvp_AddUserPage()
 		$message .= "Passwords dont match. ";
 	}
 	
+	if($pass1 == "" && $pass2 == "" && !$sendvalid) {
+		$starpass = true;
+		$sendback = true;
+		$message .= "Password was blank. ";
+	}
+	
 	// otherwise, its all good, proceed with user creation
 	if($sendback) {
 		$_SESSION["sendback_owner"] = "users";
@@ -433,6 +440,7 @@ function gwvp_UserAdminPageBody()
 		echo "<td>Password Confirm</td><td><input type=\"text\" name=\"pass2\">$starpass</td></tr>";
 		echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"$presetusername>$starusername</td>";
 		echo "<td>Description</td><td><input type=\"text\" name=\"desc\"$presetdesc></td></tr>";
+		echo "<tr><td colspan=\"4\"><input type=\"checkbox\" name=\"sendvalidation\"> Set account locked and send validation email for initial passsword (not implemented)</td></tr>";
 		echo "<tr><td><input type=\"submit\" name=\"Create\" value=\"Create\" class=\"buttons\"></td></tr>";
 		echo "</table>";
 		echo "</form>";
@@ -572,6 +580,8 @@ function gwvp_UserAdminPageBody()
 		}
 		trim($ugroups);
 		
+		if($ugroups == "") $ugroups = "-";
+		
 		switch($LOGIN_TYPE) {
 			case "anon":
 				echo "<tr><td>$username</td><td>$ugroups</td><td>$desc</td></tr>";
diff --git a/gwvplib/plugins/captcha_plugin.php b/gwvplib/plugins/captcha_plugin.php
new file mode 100644
index 0000000..e952271
--- /dev/null
+++ b/gwvplib/plugins/captcha_plugin.php
@@ -0,0 +1,40 @@
+<?php
+global $CALL_ME_FUNCTIONS;
+
+$CALL_ME_FUNCTIONS["zzcaptchaimage"] = "gwvp_captchaCallMe";
+
+
+function gwvp_haveCaptcha()
+{
+	$thisloc = realpath(dirname(__FILE__));
+	if(file_exists("$thisloc/securimage/securimage_show.php")) {
+		include_once("$thisloc/securimage/securimage.php");
+		return true;
+	}
+	else return false;
+	
+}
+
+function gwvp_captchaImage()
+{
+	if(gwvp_haveCaptcha()) {
+		$thisloc = realpath(dirname(__FILE__));
+		include("$thisloc/securimage/securimage_show.php");		
+	}
+}
+
+function gwvp_captchaCallMe()
+{
+	if(isset($_REQUEST["q"])) {
+		$query = $_REQUEST["q"];
+		$qspl = explode("/", $query);
+		if($qspl[0] == "securimage") {
+			error_log("calling captchaimage");
+			return "gwvp_captchaImage";
+		}
+	}
+	
+	return false;
+}
+
+?>
\ No newline at end of file
diff --git a/www/images/star.jpg b/www/images/star.jpg
index 8bb9bcd5286a6c5e515c10eadce404ee534120e6..8c32dd392187828dbd3e413dd689dd84a5cc6654 100644
GIT binary patch
delta 288
zcmeBUy}&$SXT1P}05hW!1Ct;lvmoRDBMhPpjEoGZfCDJ3Ai%)H#K_EwkYQwIVqs%o
z6%-OtGz<i3WJK4<!U`0Y6J%guVMk~KvIK=il~o;+8V_Flf2*E>hnW#*JF_5zJ;RF6
zZ}x4|-yStP>_x<zTetd>RJA@AbiRmLD(^DEM#%E_GREoGPL;jd9CX)OcGm3N(=Lmn
z_zY#UdzQXw@^A2$FFC)F>!#b?EZ*eh$(yrQE$yF@?RZRm;iQ(@2_ByuA3vMHrx-1M
vd(}ao9G$YP&@F2}P0idP=~BAMVEQ5tI|rFR7Z>YhY}LzKb-Zud@&7jgq*hwH

delta 479
zcmcb>+{Zd$XT1o62s5J+1Ct;lvmoRDBMcG@j10_-49I|$jhzE1qbb0^#Kg$Lz{<=D
zm1SgNW?^Mu6BJ?>Rx)(tPz)4RH8ybqDivo00c0~+*qE4s5-NfWj7&fS;Bxgqz90j$
zqM;*;P$R3bh*IFe|F;-;fG%JXWENzwXL!BmnD>|cT1PwT^M7}nIoC(uUcKq#pSr*E
z=eysSczv^4;FtS5izC<W%<8%RCMDl_;^*ARy~d}XglWtTt+d%}8OhX85hpqO&+6^>
zo2!$aMIGIt|4iO=#<tJy9J7o%?>W?`PFX+w{B()BBVsbYf;Xhc74K)SvAg|yHP`p=
zJU6{I?tSdXEt=lrrt+#qrE#&Uw>V?;Jc(bmIsq1HKC|yK?t7-arOKA`<!8}7lV8Vf
z+b6eEL?P&C_t&^t?KfvvO}lbC)Ij28j(6Dlx_)c6;+r?mt1#H!_>;MuU1_7Hfr?Ix
zc!Y#mol;;zW6s{GZH6`-D?YKx&J5WYs(z;-vO`|B|9R+t27a?V<K%~FM;@i`G!eR)
u&2w#TWV2|ff@r8rLG$C!%Vr&FxM$hw6}2a`@zeYpn=+TpddbxP|0V#LR<5Z4

-- 
1.7.0.4