From 0f519a8cedfa76ed7d7d8960de6fbf1b046194f7 Mon Sep 17 00:00:00 2001
From: Floorb <132411956+Neetpone@users.noreply.github.com>
Date: Sat, 30 Jul 2022 20:28:53 -0400
Subject: [PATCH] Simplify CAPTCHA and make it work properly.

---
 includes/captcha.php | 139 ++++++++++++++++++-------------------------
 public/captcha.php   |  13 ++--
 public/index.php     |   1 -
 3 files changed, 63 insertions(+), 90 deletions(-)

diff --git a/includes/captcha.php b/includes/captcha.php
index a7a9088..d0d979b 100644
--- a/includes/captcha.php
+++ b/includes/captcha.php
@@ -3,99 +3,76 @@
 use JetBrains\PhpStorm\ArrayShape;
 
 #[ArrayShape(['code' => "mixed|string", 'image_src' => "string"])]
-function captcha($color, $mode, $mul, $allowed) : array {
+function captcha($color, $mul, $allowed) : array {
     $bg_path = __DIR__ . '/../public/assets/img/captcha/';
     $font_path = __DIR__ . '/../public/assets/fonts/';
+    $fonts = [
+        $font_path . 'LMS Pretty Pony.ttf',
+        $font_path . 'PonyvilleMedium0.4.ttf'
+    ];
 
-    if ($mul == "on") {
-        $captcha_config = array(
-            'code' => '',
-            'min_length' => 5,
-            'max_length' => 6,
-            'backgrounds' => array(
-                $bg_path . 'text3.png',
-                $bg_path . 'text2.png',
-                $bg_path . 'text1.png'
-            ),
-            'fonts' => array(
-                $font_path . 'LMS Pretty Pony.ttf',
-                $font_path . 'PonyvilleMedium0.4.ttf',
-                $font_path . 'PonyvilleMedium0.4.ttf'
-            ),
-            'characters' => $allowed,
-            'min_font_size' => 20,
-            'max_font_size' => 28,
-            'color' => $color,
-            'angle_min' => 0,
-            'angle_max' => 5,
-            'shadow' => true,
-            'shadow_color' => '#fff',
-            'shadow_offset_x' => -2,
-            'shadow_offset_y' => 4
-        );
-    } else {
-        $captcha_config = array(
-            'code' => '',
-            'min_length' => 5,
-            'max_length' => 5,
-            'backgrounds' => array(
-                $bg_path . 'text2.png'
-            ),
-            'fonts' => array(
-                $font_path . 'times_new_yorker.ttf'
-            ),
-            'characters' => $allowed,
-            'min_font_size' => 28,
-            'max_font_size' => 28,
-            'color' => $color,
-            'angle_min' => 0,
-            'angle_max' => 10,
-            'shadow' => true,
-            'shadow_color' => '#fff',
-            'shadow_offset_x' => -1,
-            'shadow_offset_y' => 1
-        );
-    }
+    $backgrounds = [
+        $bg_path . 'text3.png',
+        $bg_path . 'text2.png',
+        $bg_path . 'text1.png'
+    ];
+
+    $captcha_config = [
+        'min_length' => 5,
+        'max_length' => 5,
+        'backgrounds' => $backgrounds,
+        'fonts' => $fonts,
+        'characters' => $allowed,
+        'min_font_size' => 28,
+        'max_font_size' => 28,
+        'color' => $color,
+        'angle_min' => 0,
+        'angle_max' => 10,
+        'shadow' => true,
+        'shadow_color' => '#fff',
+        'shadow_offset_x' => -1,
+        'shadow_offset_y' => 1
+    ];
 
     // Overwrite defaults with custom config values
     if (!empty($config) && is_array($config)) {
-        foreach ($config as $key => $value)
+        foreach ($config as $key => $value) {
             $captcha_config[$key] = $value;
-    }
-
-    // Restrict certain values
-    if ($captcha_config['min_length'] < 1)
-        $captcha_config['min_length'] = 1;
-    if ($captcha_config['angle_min'] < 0)
-        $captcha_config['angle_min'] = 0;
-    if ($captcha_config['angle_max'] > 10)
-        $captcha_config['angle_max'] = 10;
-    if ($captcha_config['angle_max'] < $captcha_config['angle_min'])
-        $captcha_config['angle_max'] = $captcha_config['angle_min'];
-    if ($captcha_config['min_font_size'] < 10)
-        $captcha_config['min_font_size'] = 10;
-    if ($captcha_config['max_font_size'] < $captcha_config['min_font_size'])
-        $captcha_config['max_font_size'] = $captcha_config['min_font_size'];
-
-
-    // Generate CAPTCHA code if not set by user
-    if (empty($captcha_config['code'])) {
-        $captcha_config['code'] = '';
-        $length = rand($captcha_config['min_length'], $captcha_config['max_length']);
-        while (strlen($captcha_config['code']) < $length) {
-            $captcha_config['code'] .= substr($captcha_config['characters'], rand() % (strlen($captcha_config['characters'])), 1);
         }
     }
 
-    // Generate HTML for image src
-    $image_src = '/captcha?_CAPTCHA&_R=' . urlencode(rand());
+    // Restrict certain values
+    if ($captcha_config['min_length'] < 1) {
+        $captcha_config['min_length'] = 1;
+    }
 
-    $_SESSION['_CAPTCHA']['config'] = serialize($captcha_config);
+    if ($captcha_config['angle_min'] < 0) {
+        $captcha_config['angle_min'] = 0;
+    }
 
-    return [
-        'code' => $captcha_config['code'],
-        'image_src' => $image_src
-    ];
+    if ($captcha_config['angle_max'] > 10) {
+        $captcha_config['angle_max'] = 10;
+    }
+
+    if ($captcha_config['angle_max'] < $captcha_config['angle_min']) {
+        $captcha_config['angle_max'] = $captcha_config['angle_min'];
+    }
+
+    if ($captcha_config['min_font_size'] < 10) {
+        $captcha_config['min_font_size'] = 10;
+    }
+
+    if ($captcha_config['max_font_size'] < $captcha_config['min_font_size']) {
+        $captcha_config['max_font_size'] = $captcha_config['min_font_size'];
+    }
+
+    $captcha_config['code'] = '';
+    $length = rand($captcha_config['min_length'], $captcha_config['max_length']);
+    while (strlen($captcha_config['code']) < $length) {
+        $captcha_config['code'] .= substr($captcha_config['characters'], rand() % (strlen($captcha_config['characters'])), 1);
+    }
+
+    return $captcha_config;
 }
 
 if (!function_exists('hex2rgb')) {
diff --git a/public/captcha.php b/public/captcha.php
index 4044e4d..9dc2328 100644
--- a/public/captcha.php
+++ b/public/captcha.php
@@ -4,10 +4,7 @@ define('IN_PONEPASTE', 1);
 require_once(__DIR__ . '/../includes/common.php');
 require_once(__DIR__ . '/../includes/captcha.php');
 
-$captcha_config = unserialize(@$_SESSION['_CAPTCHA']['config']);
-if (!$captcha_config) {
-    exit();
-}
+$captcha_config = captcha($captcha_config['colour'], $captcha_config['multiple'], $captcha_config['allowed']);
 
 // Pick random background, get info, and start captcha
 $background = $captcha_config['backgrounds'][rand(0, count($captcha_config['backgrounds']) - 1)];
@@ -34,13 +31,13 @@ $font_size = rand($captcha_config['min_font_size'], $captcha_config['max_font_si
 $text_box_size = imagettfbbox($font_size, $angle, $font, $captcha_config['code']);
 
 // Determine text position
-$box_width = abs($text_box_size[6] - $text_box_size[2]);
-$box_height = abs($text_box_size[5] - $text_box_size[1]);
+$box_width = (int) abs($text_box_size[6] - $text_box_size[2]);
+$box_height = (int) abs($text_box_size[5] - $text_box_size[1]);
 $text_pos_x_min = 0;
-$text_pos_x_max = ($bg_width) - ($box_width);
+$text_pos_x_max = (int) ($bg_width - $box_width);
 $text_pos_x = rand($text_pos_x_min, $text_pos_x_max);
 $text_pos_y_min = $box_height;
-$text_pos_y_max = ($bg_height) - ($box_height / 2);
+$text_pos_y_max = (int) ($bg_height - ($box_height / 2));
 $text_pos_y = rand($text_pos_y_min, $text_pos_y_max);
 
 // Draw shadow
diff --git a/public/index.php b/public/index.php
index bba83f7..61e45c8 100644
--- a/public/index.php
+++ b/public/index.php
@@ -67,7 +67,6 @@ $changefreq = 'weekly';
 
 if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
     if ($captcha_config['enabled']) {
-        $_SESSION['captcha'] = captcha($captcha_config['colour'], $captcha_config['mode'], $captcha_config['multiple'], $captcha_config['allowed']);
     }
 }