From b8fabd90f85f717c39b8b752a82b94a742636225 Mon Sep 17 00:00:00 2001 From: andreubisquerra Date: Thu, 18 Feb 2021 19:02:16 +0100 Subject: [PATCH 1/3] NEW Use captcha on public page to create ticket --- htdocs/core/class/html.formticket.class.php | 12 ++++++++++++ htdocs/public/ticket/create_ticket.php | 11 +++++++++++ 2 files changed, 23 insertions(+) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index c310c352690..f1022d01ba2 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -247,6 +247,18 @@ class FormTicket $doleditor->Create(); print ''; + if ($conf->global->MAIN_SECURITY_ENABLECAPTCHA) { + require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''.img_picto($langs->trans("Refresh"), 'refresh', 'id="captcha_refresh_img"').''; + print ''; + print ''; + } // Attached files if (!empty($this->withfile)) { diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index 1c81faca1ad..06984316cef 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -142,6 +142,17 @@ if (empty($reshook) && $action == 'create_ticket' && GETPOST('add', 'alpha')) { array_push($object->errors, $langs->trans("ErrorBadEmailAddress", $langs->transnoentities("email"))); $action = ''; } + + // Check Captcha code if is enabled + if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { + $sessionkey = 'dol_antispam_value'; + $ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code']))); + if (!$ok) { + $error++; + array_push($object->errors, $langs->trans("ErrorBadValueForCode")); + $action = ''; + } + } if (!$error) { $object->db->begin(); From 6e7fd67f379e6f7173c6b1a6f0397c01ae43e0aa Mon Sep 17 00:00:00 2001 From: andreubisquerra Date: Thu, 18 Feb 2021 19:27:50 +0100 Subject: [PATCH 2/3] Fix travis --- htdocs/public/ticket/create_ticket.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index 06984316cef..46cc1d082e8 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -142,7 +142,7 @@ if (empty($reshook) && $action == 'create_ticket' && GETPOST('add', 'alpha')) { array_push($object->errors, $langs->trans("ErrorBadEmailAddress", $langs->transnoentities("email"))); $action = ''; } - + // Check Captcha code if is enabled if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { $sessionkey = 'dol_antispam_value'; From 26134930b3313339364927d504549d2cacd1e0c2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 19 Feb 2021 18:05:12 +0100 Subject: [PATCH 3/3] Update html.formticket.class.php --- htdocs/core/class/html.formticket.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index f1022d01ba2..c1837af4c56 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -247,7 +247,7 @@ class FormTicket $doleditor->Create(); print ''; - if ($conf->global->MAIN_SECURITY_ENABLECAPTCHA) { + if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; print ''; print '';