* http://www.mediawiki.org/
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
* http://www.gnu.org/copyleft/gpl.html
*
* @package MediaWiki
* @subpackage Extensions
*/
if ( defined( 'MEDIAWIKI' ) ) {
global $wgExtensionFunctions, $wgGroupPermissions;
$wgExtensionFunctions[] = 'ceSetup';
# Internationalisation file
if ( !function_exists( 'extAddMessages' ) ) {
require( dirname(__FILE__) . '/../ExtensionFunctions.php' );
}
require_once( 'ConfirmEdit.i18n.php' );
/**
* The 'skipcaptcha' permission key can be given out to
* let known-good users perform triggering actions without
* having to go through the captcha.
*
* By default, sysops and registered bot accounts will be
* able to skip, while others have to go through it.
*/
$wgGroupPermissions['*' ]['skipcaptcha'] = false;
$wgGroupPermissions['user' ]['skipcaptcha'] = false;
$wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false;
$wgGroupPermissions['bot' ]['skipcaptcha'] = true; // registered bots
$wgGroupPermissions['sysop' ]['skipcaptcha'] = true;
global $wgCaptcha, $wgCaptchaClass, $wgCaptchaTriggers;
$wgCaptcha = null;
$wgCaptchaClass = 'SimpleCaptcha';
/**
* Currently the captcha works only for page edits.
*
* If the 'edit' trigger is on, *every* edit will trigger the captcha.
* This may be useful for protecting against vandalbot attacks.
*
* If using the default 'addurl' trigger, the captcha will trigger on
* edits that include URLs that aren't in the current version of the page.
* This should catch automated linkspammers without annoying people when
* they make more typical edits.
*/
$wgCaptchaTriggers = array();
$wgCaptchaTriggers['edit'] = false; // Would check on every edit
$wgCaptchaTriggers['addurl'] = true; // Check on edits that add URLs
$wgCaptchaTriggers['createaccount'] = true; // Special:Userlogin&type=signup
/**
* Allow users who have confirmed their e-mail addresses to post
* URL links without being harassed by the captcha.
*/
global $ceAllowConfirmedEmail;
$ceAllowConfirmedEmail = false;
/**
* Regex to whitelist URLs to known-good sites...
* For instance:
* $wgCaptchaWhitelist = '#^https?://([a-z0-9-]+\\.)?(wikimedia|wikipedia)\.org/#i';
* @fixme Use the 'spam-whitelist' thingy instead?
*/
$wgCaptchaWhitelist = false;
/**
* Additional regexes to check for. Use full regexes; can match things
* other than URLs such as junk edits.
*
* If the new version matches one and the old version doesn't,
* toss up the captcha screen.
*
* @fixme Add a message for local admins to add items as well.
*/
$wgCaptchaRegexes = array();
/** Register special page */
global $wgSpecialPages;
$wgSpecialPages['Captcha'] = array( /*class*/ 'SpecialPage', /*name*/'Captcha', false,
/*listed*/ false, /*function*/ false, /*file*/ false );
/**
* Set up message strings for captcha utilities.
*/
function ceSetup() {
# Add messages
global $wgConfirmEditMessages;
extAddMessages( $wgConfirmEditMessages );
global $wgHooks, $wgCaptcha, $wgCaptchaClass, $wgSpecialPages;
$wgCaptcha = new $wgCaptchaClass();
$wgHooks['EditFilter'][] = array( &$wgCaptcha, 'confirmEdit' );
$wgHooks['UserCreateForm'][] = array( &$wgCaptcha, 'injectUserCreate' );
$wgHooks['AbortNewAccount'][] = array( &$wgCaptcha, 'confirmUserCreate' );
}
/**
* Entry point for Special:Captcha
*/
function wfSpecialCaptcha( $par = null ) {
global $wgCaptcha;
switch( $par ) {
case "image":
return $wgCaptcha->showImage();
case "help":
default:
return $wgCaptcha->showHelp();
}
}
class SimpleCaptcha {
/**
* Insert a captcha prompt into the edit form.
* This sample implementation generates a simple arithmetic operation;
* it would be easy to defeat by machine.
*
* Override this!
*
* @return string HTML
*/
function getForm() {
$a = mt_rand(0, 100);
$b = mt_rand(0, 10);
$op = mt_rand(0, 1) ? '+' : '-';
$test = "$a $op $b";
$answer = ($op == '+') ? ($a + $b) : ($a - $b);
$index = $this->storeCaptcha( array( 'answer' => $answer ) );
return "
= " .
wfElement( 'input', array(
'name' => 'wpCaptchaWord',
'id' => 'wpCaptchaWord',
'tabindex' => 1 ) ) . // tab in before the edit textarea
"
\n" .
wfElement( 'input', array(
'type' => 'hidden',
'name' => 'wpCaptchaId',
'id' => 'wpCaptchaId',
'value' => $index ) );
}
/**
* Insert the captcha prompt into an edit form.
* @param OutputPage $out
*/
function editCallback( &$out ) {
$out->addWikiText( wfMsg( "captcha-short" ) );
$out->addHTML( $this->getForm() );
}
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
* @param SimpleTemplate $template
* @return bool true to keep running callbacks
*/
function injectUserCreate( &$template ) {
global $wgCaptchaTriggers, $wgOut;
if( $wgCaptchaTriggers['createaccount'] ) {
$template->set( 'header',
"