diff --git a/core/class/template.class.php b/core/class/template.class.php index 82554bf5..e1f4a518 100644 --- a/core/class/template.class.php +++ b/core/class/template.class.php @@ -53,6 +53,8 @@ class template { $letters = array('u','t','s','r','q','p','o','n','m','l','k','j','i','h','g','f','e','d','c','b','a'); $firstNumber = rand ( 0 , count($letters)-1 ); $secondNumber = rand ( 0 , count($letters)-1 ); + $result = $firstNumber + $secondNumber; + $result = password_hash($result, PASSWORD_BCRYPT); // Début du wrapper $html = '
'; // Label @@ -72,7 +74,13 @@ class template { '', helper::sprintAttributes($attributes) ); + // Champ résultat caché + $html .= self::hidden($attributes['id'] . 'Result', [ + 'value' => $result, + 'before' => false + ]); // Champs cachés contenant les nombres + /* $html .= self::hidden($attributes['id'] . 'FirstNumber', [ 'value' => $firstNumber, 'before' => false @@ -81,6 +89,7 @@ class template { 'value' => $secondNumber, 'before' => false ]); + */ // Fin du wrapper $html .= '
'; // Retourne le html diff --git a/core/layout/common.css b/core/layout/common.css index 852b1fa3..aa62b04e 100755 --- a/core/layout/common.css +++ b/core/layout/common.css @@ -1368,8 +1368,10 @@ th.col12 { padding-left: 10px; padding-right: 10px; } + #userLoginCaptcha, -#formcaptcha { +#formcaptcha, +#blogArticlecaptcha { width: 20%; text-align: center; margin: auto; diff --git a/core/module/user/user.php b/core/module/user/user.php index 77b0526c..89460fbe 100644 --- a/core/module/user/user.php +++ b/core/module/user/user.php @@ -336,7 +336,8 @@ class user extends common { if($this->isPost()) { // Check la captcha if( - $this->getInput('userLoginCaptcha', helper::FILTER_INT) !== $this->getInput('userLoginCaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('userLoginCaptchaSecondNumber', helper::FILTER_INT)) + //$this->getInput('userLoginCaptcha', helper::FILTER_INT) !== $this->getInput('userLoginCaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('userLoginCaptchaSecondNumber', helper::FILTER_INT)) + password_verify($this->getInput('userLoginCaptcha', helper::FILTER_INT), $this->getInput('userLoginCaptchaResult') ) === false ) { self::$inputNotices['blogArticlecaptcha'] = 'Incorrect'; } diff --git a/module/blog/blog.php b/module/blog/blog.php index e69db419..53604c12 100644 --- a/module/blog/blog.php +++ b/module/blog/blog.php @@ -342,7 +342,8 @@ class blog extends common { // Check la captcha if( $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') - AND $this->getInput('blogArticlecaptcha', helper::FILTER_INT) !== $this->getInput('blogArticlecaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('blogArticlecaptchaSecondNumber', helper::FILTER_INT)) + //AND $this->getInput('blogArticlecaptcha', helper::FILTER_INT) !== $this->getInput('blogArticlecaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('blogArticlecaptchaSecondNumber', helper::FILTER_INT)) + AND password_verify($this->getInput('blogArticlecaptcha', helper::FILTER_INT), $this->getInput('blogArticlecaptchaResult') ) === false ) { self::$inputNotices['blogArticlecaptcha'] = 'Incorrect'; } diff --git a/module/form/form.php b/module/form/form.php index 6a0f2714..39876b7c 100644 --- a/module/form/form.php +++ b/module/form/form.php @@ -282,7 +282,8 @@ class form extends common { // Check la captcha if( $this->getData(['module', $this->getUrl(0), 'config', 'captcha']) - AND $this->getInput('formcaptcha', helper::FILTER_INT) !== $this->getInput('formcaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('formcaptchaSecondNumber', helper::FILTER_INT)) + // AND $this->getInput('formcaptcha', helper::FILTER_INT) !== $this->getInput('formcaptchaFirstNumber', helper::FILTER_INT) + $this->getInput('formcaptchaSecondNumber', helper::FILTER_INT)) + AND password_verify($this->getInput('formcaptcha', helper::FILTER_INT), $this->getInput('formcaptchaResult') ) === false ) { self::$inputNotices['formcaptcha'] = 'Incorrect';