# HG changeset patch
# User Dan
# Date 1242422652 14400
# Node ID b13a42ebaefb6e32bbc6046301b23b82e296b4a3
# Parent  aa6f26d965776bfe296be8c96f1c8cbda5dabe5e
Added protection against obscene words in CAPTCHAs

diff -r aa6f26d96577 -r b13a42ebaefb plugins/SpecialUserFuncs.php
--- a/plugins/SpecialUserFuncs.php	Fri May 15 15:56:25 2009 -0400
+++ b/plugins/SpecialUserFuncs.php	Fri May 15 17:24:12 2009 -0400
@@ -1364,8 +1364,19 @@
     $paths->main_page();
   }
 
-  $session->make_captcha(7, $hash);  
+  $session->make_captcha(7, $hash);
   $code = $session->generate_captcha_code();
+  // Avoid letting our captchas end up on failblog.org
+  // BTW, the last one was a real-life encounter: http://files.ha.xx0r.info/murder.png
+  foreach ( array('shit', 'cock', 'fuck', 'nazi', 'cunt', 'pussy', 'penis', 'piss', 'tits', 'murder') as $word )
+  {
+    if ( stristr($code, $word) )
+    {
+      // but don't put too much effort into this (will only correct this once)
+      $code = $session->generate_captcha_code();
+      break;
+    }
+  }
   $q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
   if ( !$q )
     $db->_die();