MDL-14073 New param for download_file_content: skipcertcheck. ssl now…

… used in recaptchalib
abgreeve · Mar 31, 2008 · 83947a3 · 83947a3
1 parent 0d6a810
commit 83947a3
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 17 deletions.
diff --git a/lib/filelib.php b/lib/filelib.php
@@ -15,9 +15,10 @@
  * @param int $connecttimeout timeout for connection to server; this is the timeout that
  *   usually happens if the remote server is completely down (default 20 seconds);
  *   may not work when using proxy
+ * @param bool $skipcertverify If true, the peer's SSL certificate will not be checked. Only use this when already in a trusted location.
  * @return mixed false if request failed or content of the file as string if ok.
  */
-function download_file_content($url, $headers=null, $postdata=null, $fullresponse=false, $timeout=300, $connecttimeout=20) {
+function download_file_content($url, $headers=null, $postdata=null, $fullresponse=false, $timeout=300, $connecttimeout=20, $skipcertverify=false) {
     global $CFG;
 
     // some extra security
@@ -111,6 +112,11 @@ function download_file_content($url, $headers=null, $postdata=null, $fullrespons
         curl_setopt($ch, CURLOPT_HTTPHEADER, $headers2);
     }
 
+
+    if ($skipcertverify) {
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+    }
+
     // use POST if requested
     if (is_array($postdata)) {
         foreach ($postdata as $k=>$v) {

diff --git a/lib/form/recaptcha.php b/lib/form/recaptcha.php
@@ -23,16 +23,21 @@ class MoodleQuickForm_recaptcha extends HTML_QuickForm_input {
      * @var string
      */
     var $_helpbutton='';
+
+    var $_https=false;
 
     /**
      * <code>
      * $form->addElement('textarea_counter', 'message', 'Message',
      *   array('cols'=>60, 'rows'=>10), 160);
      * </code>
      */
-    function HTML_QuickForm_recaptcha($elementName = null, $elementLabel = null, $attributes = null) {
+    function MoodleQuickForm_recaptcha($elementName = null, $elementLabel = null, $attributes = null) {
         parent::HTML_QuickForm_input($elementName, $elementLabel, $attributes);
         $this->_type = 'recaptcha';
+        if (!empty($attributes['https'])) {
+            $this->_https = $attributes['https'];
+        }
     }
 
     /**
@@ -85,7 +90,7 @@ function toHtml() {
 <div class="recaptcha_only_if_audio"><a href="javascript:Recaptcha.switch_type(\'image\')">' . $strgetanimagecaptcha . '</a></div>
 </div>'; 
 
-        return $html . recaptcha_get_html($CFG->recaptchapublickey, $error);
+        return $html . recaptcha_get_html($CFG->recaptchapublickey, $error, $this->_https);
     }
 
     /**
@@ -126,7 +131,8 @@ function verify($challenge_field, $response_field) {
         $response = recaptcha_check_answer($CFG->recaptchaprivatekey,
                                            $_SERVER['REMOTE_ADDR'],
                                            $challenge_field,
-                                           $response_field);
+                                           $response_field,
+                                           $this->_https);
         if (!$response->is_valid) {
             $attributes = $this->getAttributes();
             $attributes['error_message'] = $response->error;

diff --git a/lib/recaptchalib.php b/lib/recaptchalib.php
@@ -64,8 +64,13 @@ function _recaptcha_qsencode ($data) {
  * @param int port
  * @return array response
  */
-function _recaptcha_http_post($host, $path, $data, $port = 80) {
+function _recaptcha_http_post($host, $path, $data, $port = 80, $https=false) {
         global $CFG;
+        $protocol = 'http';
+        if ($https) {
+            $protocol = 'https';
+        }
+
         require_once $CFG->libdir . '/filelib.php';
 
         $req = _recaptcha_qsencode ($data);
@@ -76,7 +81,7 @@ function _recaptcha_http_post($host, $path, $data, $port = 80) {
         $headers['Content-Length'] = strlen($req);
         $headers['User-Agent'] = 'reCAPTCHA/PHP';
 
-        $results = download_file_content('http://' . $host . $path, $headers, $data);
+        $results = download_file_content("$protocol://" . $host . $path, $headers, $data, false, 300, 20, true);
 
         if ($results) {
             return array(1 => $results);
@@ -118,7 +123,7 @@ function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false) {
         }
 
     require_once $CFG->libdir . '/filelib.php';
-    $html = download_file_content($server . '/noscript?k=' . $pubkey . $errorpart);
+    $html = download_file_content($server . '/noscript?k=' . $pubkey . $errorpart, null, null, false, 300, 20, true);
     preg_match('/image\?c\=([A-Za-z0-9\-\_]*)\"/', $html, $matches);
     $challenge_hash = $matches[1];
     $image_url = $server . '/image?c=' . $challenge_hash;
@@ -185,7 +190,7 @@ class ReCaptchaResponse {
   * @param string $response
   * @return ReCaptchaResponse
   */
-function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response)
+function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response, $https=false)
 {
 	if ($privkey == null || $privkey == '') {
 		die ("To use reCAPTCHA you must get an API key from <a href='http://recaptcha.net/api/getkey'>http://recaptcha.net/api/getkey</a>");
@@ -205,14 +210,15 @@ function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response)
                 return $recaptcha_response;
         }
 
-        $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/verify",
-                                          array (
-                                                 'privatekey' => $privkey,
-                                                 'remoteip' => $remoteip,
-                                                 'challenge' => $challenge,
-                                                 'response' => $response
-                                                 )
-                                          );
+        $response = _recaptcha_http_post(RECAPTCHA_VERIFY_SERVER, "/verify",
+                                         array (
+                                                'privatekey' => $privkey,
+                                                'remoteip' => $remoteip,
+                                                'challenge' => $challenge,
+                                                'response' => $response
+                                                ),
+                                         $https        
+                                        );
 
         $answers = explode ("\n", $response [1]);
         $recaptcha_response = new ReCaptchaResponse();

diff --git a/login/signup_form.php b/login/signup_form.php
@@ -64,7 +64,7 @@ function definition() {
         }
 
         if (signup_captcha_enabled()) {
-            $mform->addElement('recaptcha', 'recaptcha_element', get_string('recaptcha', 'auth'));
+            $mform->addElement('recaptcha', 'recaptcha_element', get_string('recaptcha', 'auth'), array('https' => $CFG->loginhttps));
             $mform->setHelpButton('recaptcha_element', array('recaptcha', get_string('recaptcha', 'auth'))); 
         }