mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit
synced 2024-11-24 00:04:15 +00:00
Implement captchas for sending emails via Special:EmailUser.
This commit is contained in:
Happy-melon
parent
750e6771d6
commit
32102375f8
|
|
@ -16,6 +16,9 @@ To help protect against automated spam, please solve the simple sum below and en
|
|||
'captcha-createaccount' => 'To help protect against automated account creation, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
|
||||
'captcha-createaccount-fail' => "Incorrect or missing confirmation code.",
|
||||
'captcha-create' => 'To create the page, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
|
||||
'captcha-sendemail' => 'To help protect against automated spamming, please solve the simple sum below and enter the answer in the box ([[Special:Captcha/help|more info]]):',
|
||||
'captcha-sendemail-fail' => 'Incorrect or missing confirmation code.',
|
||||
'captcha-disabledinapi' => 'This action requires a captcha, so it cannot be performed through the API.',
|
||||
'captchahelp-title' => 'Captcha help',
|
||||
'captchahelp-cookies-needed' => "You will need to have cookies enabled in your browser for this to work.",
|
||||
'captchahelp-text' => "Web sites that accept postings from the public, like this wiki, are often abused by spammers who use automated tools to post their links to many sites.
|
||||
|
|
|
|||
|
|
@ -88,6 +88,7 @@ $wgCaptchaClass = 'SimpleCaptcha';
|
|||
$wgCaptchaTriggers = array();
|
||||
$wgCaptchaTriggers['edit'] = false; // Would check on every edit
|
||||
$wgCaptchaTriggers['create'] = false; // Check on page creation.
|
||||
$wgCaptchaTriggers['sendemail'] = false; // Special:Emailuser
|
||||
$wgCaptchaTriggers['addurl'] = true; // Check on edits that add URLs
|
||||
$wgCaptchaTriggers['createaccount'] = true; // Special:Userlogin&type=signup
|
||||
$wgCaptchaTriggers['badlogin'] = true; // Special:Userlogin after failure
|
||||
|
|
@ -190,6 +191,8 @@ $wgHooks['AbortNewAccount'][] = 'ConfirmEditHooks::confirmUserCreate';
|
|||
$wgHooks['LoginAuthenticateAudit'][] = 'ConfirmEditHooks::triggerUserLogin';
|
||||
$wgHooks['UserLoginForm'][] = 'ConfirmEditHooks::injectUserLogin';
|
||||
$wgHooks['AbortLogin'][] = 'ConfirmEditHooks::confirmUserLogin';
|
||||
$wgHooks['EmailUserForm'][] = 'ConfirmEditHooks::injectEmailUser';
|
||||
$wgHooks['EmailUser'][] = 'ConfirmEditHooks::confirmEmailUser';
|
||||
# Register API hook
|
||||
$wgHooks['APIEditBeforeSave'][] = 'ConfirmEditHooks::confirmEditAPI';
|
||||
|
||||
|
|
|
|||
|
|
@ -46,6 +46,14 @@ class ConfirmEditHooks {
|
|||
static function confirmUserLogin( $u, $pass, &$retval ) {
|
||||
return self::getInstance()->confirmUserLogin( $u, $pass, $retval );
|
||||
}
|
||||
|
||||
static function injectEmailUser( &$form ) {
|
||||
return self::getInstance()->injectEmailUser( $form );
|
||||
}
|
||||
|
||||
static function confirmEmailUser( $from, $to, $subject, $text, &$error ) {
|
||||
return self::getInstance()->confirmEmailUser( $from, $to, $subject, $text, $error );
|
||||
}
|
||||
}
|
||||
|
||||
class CaptchaSpecialPage extends UnlistedSpecialPage {
|
||||
|
|
@ -138,6 +146,28 @@ class SimpleCaptcha {
|
|||
return wfEmptyMsg( $name, $text ) ? wfMsg( 'captcha-edit' ) : $text;
|
||||
}
|
||||
|
||||
/**
|
||||
* Inject whazawhoo
|
||||
* @fixme if multiple thingies insert a header, could break
|
||||
* @param HTMLForm
|
||||
* @return bool true to keep running callbacks
|
||||
*/
|
||||
function injectEmailUser( &$form ) {
|
||||
global $wgCaptchaTriggers, $wgOut, $wgUser;
|
||||
if ( $wgCaptchaTriggers['sendemail'] ) {
|
||||
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
||||
wfDebug( "ConfirmEdit: user group allows skipping captcha on email sending\n" );
|
||||
return true;
|
||||
}
|
||||
$form->addFooterText(
|
||||
"<div class='captcha'>" .
|
||||
$wgOut->parse( $this->getMessage( 'sendemail' ) ) .
|
||||
$this->getForm() .
|
||||
"</div>\n" );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Inject whazawhoo
|
||||
* @fixme if multiple thingies insert a header, could break
|
||||
|
|
@ -564,6 +594,40 @@ class SimpleCaptcha {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check the captcha on Special:EmailUser
|
||||
* @param $from MailAddress
|
||||
* @param $to MailAddress
|
||||
* @param $subject String
|
||||
* @param $text String
|
||||
* @param $error String reference
|
||||
* @return Bool true to continue saving, false to abort and show a captcha form
|
||||
*/
|
||||
function confirmEmailUser( $from, $to, $subject, $text, &$error ) {
|
||||
global $wgCaptchaTriggers, $wgUser;
|
||||
if ( $wgCaptchaTriggers['sendemail'] ) {
|
||||
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
||||
wfDebug( "ConfirmEdit: user group allows skipping captcha on email sending\n" );
|
||||
return true;
|
||||
}
|
||||
if ( $this->isIPWhitelisted() )
|
||||
return true;
|
||||
|
||||
if ( defined( 'MW_API' ) ) {
|
||||
# API mode
|
||||
# Asking for captchas in the API is really silly
|
||||
$error = wfMsg( 'captcha-disabledinapi' );
|
||||
return false;
|
||||
}
|
||||
$this->trigger = "{$wgUser->getName()} sending email";
|
||||
if ( !$this->passCaptcha() ) {
|
||||
$error = wfMsg( 'captcha-sendemail-fail' );
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Given a required captcha run, test form input for correct
|
||||
* input on the open session.
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ To help protect against automated spam, please enter the words that appear below
|
|||
'fancycaptcha-createaccount' => 'To help protect against automated account creation, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
|
||||
'fancycaptcha-create' => 'To create the page, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
|
||||
'fancycaptcha-edit' => 'To edit this page, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
|
||||
'fancycaptcha-sendemail' => 'To help protect against automated spamming, please enter the words that appear below in the box ([[Special:Captcha/help|more info]]):',
|
||||
);
|
||||
|
||||
/** Message documentation (Message documentation)
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ To help protect against automated spam, please answer the question that appears
|
|||
'questycaptcha-createaccount' => 'To help protect against automated account creation, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
|
||||
'questycaptcha-create' => 'To create the page, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
|
||||
'questycaptcha-edit' => 'To edit this page, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
|
||||
'questycaptcha-sendemail' => 'To help protect against automated spamming, please answer the question that appears below ([[Special:Captcha/help|more info]]):',
|
||||
'questycaptchahelp-text' => "Web sites that accept contributions from the public, like this wiki, are often abused by spammers who use automated tools to add their links to many sites.
|
||||
While these spam links can be removed, they are a significant nuisance.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue