From abaff59d4da29a14c3186829dee85aec11cff34a Mon Sep 17 00:00:00 2001
From: daraelmin <daraelmin@gmail.com>
Date: Sun, 4 Dec 2022 21:11:25 +0100
Subject: [PATCH 1/2] Fix #17860  - Add Captcha for public member's
 subscription  form

---
 htdocs/public/members/new.php | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php
index 7b5acf5c99d..444c835bfa8 100644
--- a/htdocs/public/members/new.php
+++ b/htdocs/public/members/new.php
@@ -83,7 +83,7 @@ $backtopage = GETPOST('backtopage', 'alpha');
 $action = GETPOST('action', 'aZ09');
 
 // Load translation files
-$langs->loadLangs(array("main", "members", "companies", "install", "other"));
+$langs->loadLangs(array("main", "members", "companies", "install", "other", "errors"));
 
 // Security check
 if (empty($conf->adherent->enabled)) {
@@ -257,6 +257,17 @@ if (empty($reshook) && $action == 'add') {
 		}
 	}
 
+	// Check Captcha code if is enabled
+	if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) {
+		$sessionkey = 'dol_antispam_value';
+		$ok = (array_key_exists($sessionkey, $_SESSION) === true && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
+		if (!$ok) {
+			$error++;
+			$errmsg .= $langs->trans("ErrorBadValueForCode")."<br>\n";
+			//$action = '';
+		}
+	}
+
 	$public = GETPOSTISSET('public') ? 1 : 0;
 
 	if (!$error) {
@@ -789,6 +800,20 @@ if (!empty($conf->global->MEMBER_SKIP_TABLE) || !empty($conf->global->MEMBER_NEW
 		print '</td></tr>';
 	}
 
+	// Display Captcha code if is enabled
+	if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) {
+		require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+		print '<tr><td class="titlefield"><label for="email"><span class="fieldrequired">'.$langs->trans("SecurityCode").'</span></label></td><td>';
+		print '<span class="span-icon-security inline-block">';
+		print '<input id="securitycode" placeholder="'.$langs->trans("SecurityCode").'" class="flat input-icon-security width150" type="text" maxlength="5" name="code" tabindex="3" />';
+		print '</span>';
+		print '<span class="nowrap inline-block">';
+		print '<img class="inline-block valignmiddle" src="'.DOL_URL_ROOT.'/core/antispamimage.php" border="0" width="80" height="32" id="img_securitycode" />';
+		print '<a class="inline-block valignmiddle" href="'.$php_self.'" tabindex="4" data-role="button">'.img_picto($langs->trans("Refresh"), 'refresh', 'id="captcha_refresh_img"').'</a>';
+		print '</span>';
+		print '</td></tr>';
+	}
+
 	print "</table>\n";
 
 	print dol_get_fiche_end();

From 6095a3556bc7f49ac4479a1745773db259684d46 Mon Sep 17 00:00:00 2001
From: daraelmin <daraelmin@gmail.com>
Date: Sun, 4 Dec 2022 21:12:51 +0100
Subject: [PATCH 2/2] Update new.php

---
 htdocs/public/members/new.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php
index 444c835bfa8..33e975f60e2 100644
--- a/htdocs/public/members/new.php
+++ b/htdocs/public/members/new.php
@@ -264,7 +264,7 @@ if (empty($reshook) && $action == 'add') {
 		if (!$ok) {
 			$error++;
 			$errmsg .= $langs->trans("ErrorBadValueForCode")."<br>\n";
-			//$action = '';
+			$action = '';
 		}
 	}