Enano CMS (1.1.x): comparison plugins/SpecialUserFuncs.php

equal deleted inserted replaced

-:7eef739a5b81
+:6ae6e387a0e3
 echo $session->make_captcha();
 return;
 }
 $hash = $paths->getParam(0);
-if ( !$hash || !preg_match('#^([0-9a-f]*){32,32}$#i', $hash) )
+if ( !$hash || !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
 {
 $paths->main_page();
 }
-// Determine code length
+$code = $session->generate_captcha_code();
-$ip = ip2hex($_SERVER['REMOTE_ADDR']);
+$q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
-if ( !$ip )
-die('(very desperate) Hacking attempt');
-$q = $db->sql_query('SELECT CHAR_LENGTH(salt) AS len FROM ' . table_prefix . 'session_keys WHERE session_key = \'' . $db->escape($hash) . '\' AND source_ip = \'' . $db->escape($ip) . '\';');
 if ( !$q )
-$db->_die('SpecialUserFuncs selecting CAPTCHA code');
+$db->_die();
-if ( $db->numrows() < 1 )
-die('Invalid hash or hacking attempt by IP');
-// Generate code
-$row = $db->fetchrow();
-$db->free_result();
-$len = intval($row['len']);
-if ( $len < 4 )
-$len = 7;
-$code = $session->generate_captcha_code($len);
-// Update database with new code
-$q = $db->sql_query('UPDATE ' . table_prefix . 'session_keys SET salt = \'' . $code . '\' WHERE session_key = \'' . $db->escape($hash) . '\' AND source_ip = \'' . $db->escape($ip) . '\';');
-if ( !$q )
-$db->_die('SpecialUserFuncs generating new CAPTCHA confirmation code');
 require ( ENANO_ROOT.'/includes/captcha.php' );
-$captcha = new captcha($code);
+$captcha = captcha_object($hash, 'freecap');
+$captcha->debug = true;
 $captcha->make_image();
 exit;
 }
 function page_Special_PasswordReset()
 {

changeset 401	6ae6e387a0e3
parent 387	92664d2efab8
child 402	d907601ccad2