wikimedia/mediawiki-extensions-ConfirmEdit
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit synced 2024-11-28 01:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix passCaptcha() when using it twice in one session

Browse source 
The captchaId will be deleted, so a second call to SimpleCaptcha::passCaptcha() will
be always false, even if the User solved it correctly.

Bug: T94276
Change-Id: I2bc7766c023d7bd3a6c471f83b87ef0f09cbfaea
This commit is contained in:
Florian 2015-04-02 18:27:37 +02:00
parent 542ff33de0
commit 04903530a0
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Captcha.php
View file

@ -3,6 +3,9 @@
class SimpleCaptcha {
private $showEditCaptcha = false;
/** @var boolean|null Was the CAPTCHA already passed and if yes, with which result? */
private $captchaSolved = null;
function getCaptcha() {
$a = mt_rand( 0, 100 );
$b = mt_rand( 0, 10 );
@ -803,15 +806,22 @@ class SimpleCaptcha {
function passCaptcha() {
global $wgRequest;
// Don't check the same CAPTCHA twice in one session, if the CAPTCHA was already checked - Bug T94276
if ( isset( $this->captchaSolved ) ) {
return $this->captchaSolved;
}
$info = $this->retrieveCaptcha( $wgRequest );
if ( $info ) {
if ( $this->keyMatch( $wgRequest->getVal( 'wpCaptchaWord' ), $info ) ) {
$this->log( "passed" );
$this->clearCaptcha( $info );
$this->captchaSolved = true;
return true;
} else {
$this->clearCaptcha( $info );
$this->log( "bad form input" );
$this->captchaSolved = false;
return false;
}
} else {