File Quform/Validator/Recaptcha.php

  1: <?php
  2: 
  3: /**
  4:  * @copyright Copyright (c) 2009-2022 ThemeCatcher (https://www.themecatcher.net)
  5:  */
  6: class Quform_Validator_Recaptcha extends Quform_Validator_Abstract
  7: {
  8:     const MISSING_INPUT_SECRET = 'recaptchaMissingInputSecret';
  9:     const INVALID_INPUT_SECRET = 'recaptchaInvalidInputSecret';
 10:     const MISSING_INPUT_RESPONSE = 'recaptchaMissingInputResponse';
 11:     const INVALID_INPUT_RESPONSE = 'recaptchaInvalidInputResponse';
 12:     const ERROR = 'recaptchaError';
 13:     const SCORE_TOO_LOW = 'recaptchaScoreTooLow';
 14: 
 15:     /**
 16:      * Mapping of reCAPTCHA error codes to message template keys
 17:      *
 18:      * @var array
 19:      */
 20:     protected $errorCodes = array(
 21:         'missing-input-secret' => self::MISSING_INPUT_SECRET,
 22:         'invalid-input-secret' => self::INVALID_INPUT_SECRET,
 23:         'missing-input-response' => self::MISSING_INPUT_RESPONSE,
 24:         'invalid-input-response' => self::INVALID_INPUT_RESPONSE
 25:     );
 26: 
 27:     /**
 28:      * @param   string   $value  The reCAPTCHA response
 29:      * @return  boolean          True if valid false otherwise
 30:      */
 31:     public function isValid($value)
 32:     {
 33:         $this->reset();
 34: 
 35:         $provider = $this->config('provider');
 36: 
 37:         if ($provider == 'hcaptcha') {
 38:             $url = 'https://hcaptcha.com/siteverify';
 39:         } elseif ($provider == 'turnstile') {
 40:             $url = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
 41:         } else {
 42:             $url = 'https://www.google.com/recaptcha/api/siteverify';
 43:         }
 44: 
 45:         $params = array(
 46:             'secret' => $this->config('secretKey'),
 47:             'response' => $value,
 48:             'remoteip' => Quform::getClientIp()
 49:         );
 50: 
 51:         $response = wp_remote_post($url, array('body' => $params));
 52:         $response = wp_remote_retrieve_body($response);
 53:         $response = json_decode($response, true);
 54: 
 55:         if ( ! is_array($response) || ! isset($response['success'])) {
 56:             $this->error(self::ERROR);
 57:             return false;
 58:         }
 59: 
 60:         if ( ! $response['success']) {
 61:             if (isset($response['error-codes']) && is_array($response['error-codes']) && count($response['error-codes'])) {
 62:                 foreach ($response['error-codes'] as $error) {
 63:                     if (array_key_exists($error, $this->errorCodes)) {
 64:                         $this->error($this->errorCodes[$error]);
 65:                     } else {
 66:                         $this->error(self::ERROR);
 67:                     }
 68: 
 69:                     return false;
 70:                 }
 71:             } else {
 72:                 $this->error(self::ERROR);
 73:                 return false;
 74:             }
 75:         }
 76: 
 77:         if ( ! in_array($provider, array('hcaptcha', 'turnstile'), true) && $this->config('version') == 'v3') {
 78:             if (isset($response['score'], $response['action']) && $response['action'] == 'quform' && is_numeric($response['score'])) {
 79:                 $threshold = (float) $this->config('threshold');
 80: 
 81:                 if ($response['score'] < $threshold) {
 82:                     $this->error(self::SCORE_TOO_LOW);
 83:                     return false;
 84:                 }
 85:             } else {
 86:                 $this->error(self::ERROR);
 87:                 return false;
 88:             }
 89:         }
 90: 
 91:         return true;
 92:     }
 93: 
 94:     /**
 95:      * Get all message templates or the single message with the given key
 96:      *
 97:      * @param   string|null   $key
 98:      * @return  array|string
 99:      */
100:     public static function getMessageTemplates($key = null)
101:     {
102:         $messageTemplates = array(
103:             self::MISSING_INPUT_SECRET => __('The secret parameter is missing',  'quform'),
104:             self::INVALID_INPUT_SECRET => __('The secret parameter is invalid or malformed',  'quform'),
105:             self::MISSING_INPUT_RESPONSE => __('The response parameter is missing',  'quform'),
106:             self::INVALID_INPUT_RESPONSE => __('The response parameter is invalid or malformed',  'quform'),
107:             self::ERROR => __('An error occurred, please try again',  'quform'),
108:             self::SCORE_TOO_LOW => __('Sorry, your submission failed our automated spam checks',  'quform'),
109:         );
110: 
111:         if (is_string($key)) {
112:             return array_key_exists($key, $messageTemplates) ? $messageTemplates[$key] : null;
113:         }
114: 
115:         return $messageTemplates;
116:     }
117: 
118:     /**
119:      * Get the default config for this validator
120:      *
121:      * @param   string|null  $key  Get the config by key, if omitted the full config is returned
122:      * @return  array
123:      */
124:     public static function getDefaultConfig($key = null)
125:     {
126:         $config = apply_filters('quform_default_config_validator_recaptcha', array(
127:             'secretKey' => '',
128:             'version' => 'v2',
129:             'threshold' => '0.5',
130:             'messages' => array(
131:                 self::MISSING_INPUT_SECRET => '',
132:                 self::INVALID_INPUT_SECRET => '',
133:                 self::MISSING_INPUT_RESPONSE => '',
134:                 self::INVALID_INPUT_RESPONSE => '',
135:                 self::ERROR => '',
136:                 self::SCORE_TOO_LOW => ''
137:             )
138:         ));
139: 
140:         $config['type'] = 'recaptcha';
141: 
142:         if (Quform::isNonEmptyString($key)) {
143:             return Quform::get($config, $key);
144:         }
145: 
146:         return $config;
147:     }
148: }
149:
Classes

Interfaces
