From d364319cbbf6875176913e7967d0d9a1e7338be9 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Sep 2025 13:43:11 +0000 Subject: [PATCH 1/5] Initial plan From c61693684d1785498e156ea2ddf7ce63e6d85d7b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Sep 2025 13:53:19 +0000 Subject: [PATCH 2/5] Remove Mage_Captcha module files and clean up references Co-authored-by: addison74 <8360474+addison74@users.noreply.github.com> --- app/code/core/Mage/Admin/Model/Observer.php | 1 - app/code/core/Mage/Captcha/Block/Captcha.php | 34 -- .../core/Mage/Captcha/Block/Captcha/Zend.php | 73 --- app/code/core/Mage/Captcha/Helper/Data.php | 130 ----- .../core/Mage/Captcha/Model/Config/Font.php | 30 -- .../Captcha/Model/Config/Form/Abstract.php | 42 -- .../Captcha/Model/Config/Form/Backend.php | 21 - .../Captcha/Model/Config/Form/Frontend.php | 21 - .../core/Mage/Captcha/Model/Config/Mode.php | 35 -- .../core/Mage/Captcha/Model/Interface.php | 39 -- app/code/core/Mage/Captcha/Model/Observer.php | 324 ----------- .../core/Mage/Captcha/Model/Resource/Log.php | 133 ----- app/code/core/Mage/Captcha/Model/Zend.php | 504 ------------------ .../Adminhtml/RefreshController.php | 39 -- .../Captcha/controllers/RefreshController.php | 29 - app/code/core/Mage/Captcha/etc/config.xml | 291 ---------- app/code/core/Mage/Captcha/etc/system.xml | 234 -------- .../sql/captcha_setup/install-1.7.0.0.0.php | 34 -- app/code/core/Mage/Core/Model/Config.php | 1 - .../default/default/layout/captcha.xml | 30 -- .../default/template/captcha/zend.phtml | 42 -- .../default/template/forgotpassword.phtml | 1 - .../default/default/template/login.phtml | 1 - .../template/resetforgottenpassword.phtml | 1 - .../openmage/template/forgotpassword.phtml | 1 - .../default/openmage/template/login.phtml | 1 - .../template/resetforgottenpassword.phtml | 1 - .../frontend/base/default/layout/captcha.xml | 116 ---- .../base/default/template/captcha/zend.phtml | 33 -- .../rwd/default/template/captcha/zend.phtml | 32 -- app/etc/modules/Mage_Captcha.xml | 21 - js/mage/captcha.js | 76 --- .../rwd/default/scss/module/_captcha.scss | 71 --- .../Traits/PhpStormMetaData/BlocksTrait.php | 2 - 34 files changed, 2444 deletions(-) delete mode 100644 app/code/core/Mage/Captcha/Block/Captcha.php delete mode 100644 app/code/core/Mage/Captcha/Block/Captcha/Zend.php delete mode 100644 app/code/core/Mage/Captcha/Helper/Data.php delete mode 100644 app/code/core/Mage/Captcha/Model/Config/Font.php delete mode 100644 app/code/core/Mage/Captcha/Model/Config/Form/Abstract.php delete mode 100644 app/code/core/Mage/Captcha/Model/Config/Form/Backend.php delete mode 100644 app/code/core/Mage/Captcha/Model/Config/Form/Frontend.php delete mode 100644 app/code/core/Mage/Captcha/Model/Config/Mode.php delete mode 100644 app/code/core/Mage/Captcha/Model/Interface.php delete mode 100644 app/code/core/Mage/Captcha/Model/Observer.php delete mode 100644 app/code/core/Mage/Captcha/Model/Resource/Log.php delete mode 100644 app/code/core/Mage/Captcha/Model/Zend.php delete mode 100644 app/code/core/Mage/Captcha/controllers/Adminhtml/RefreshController.php delete mode 100644 app/code/core/Mage/Captcha/controllers/RefreshController.php delete mode 100644 app/code/core/Mage/Captcha/etc/config.xml delete mode 100644 app/code/core/Mage/Captcha/etc/system.xml delete mode 100644 app/code/core/Mage/Captcha/sql/captcha_setup/install-1.7.0.0.0.php delete mode 100644 app/design/adminhtml/default/default/layout/captcha.xml delete mode 100644 app/design/adminhtml/default/default/template/captcha/zend.phtml delete mode 100644 app/design/frontend/base/default/layout/captcha.xml delete mode 100644 app/design/frontend/base/default/template/captcha/zend.phtml delete mode 100644 app/design/frontend/rwd/default/template/captcha/zend.phtml delete mode 100644 app/etc/modules/Mage_Captcha.xml delete mode 100644 js/mage/captcha.js delete mode 100644 skin/frontend/rwd/default/scss/module/_captcha.scss diff --git a/app/code/core/Mage/Admin/Model/Observer.php b/app/code/core/Mage/Admin/Model/Observer.php index ce3ae3892b3..a51f756bd85 100644 --- a/app/code/core/Mage/Admin/Model/Observer.php +++ b/app/code/core/Mage/Admin/Model/Observer.php @@ -35,7 +35,6 @@ public function actionPreDispatchAdmin($observer) 'resetpassword', 'resetpasswordpost', 'logout', - 'refresh', // captcha refresh ]; if (in_array($requestedActionName, $openActions)) { $request->setDispatched(true); diff --git a/app/code/core/Mage/Captcha/Block/Captcha.php b/app/code/core/Mage/Captcha/Block/Captcha.php deleted file mode 100644 index 3a72bd32208..00000000000 --- a/app/code/core/Mage/Captcha/Block/Captcha.php +++ /dev/null @@ -1,34 +0,0 @@ -isEnabled()) { - $blockPath = Mage::helper('captcha')->getCaptcha($this->getFormId())->getBlockName(); - $block = $this->getLayout()->createBlock($blockPath); - $block->setData($this->getData()); - return $block->toHtml(); - } - return ''; - } -} diff --git a/app/code/core/Mage/Captcha/Block/Captcha/Zend.php b/app/code/core/Mage/Captcha/Block/Captcha/Zend.php deleted file mode 100644 index 51b3ee1ef41..00000000000 --- a/app/code/core/Mage/Captcha/Block/Captcha/Zend.php +++ /dev/null @@ -1,73 +0,0 @@ -getIsAjax() ? '' : $this->_template; - } - - /** - * Returns URL to controller action which returns new captcha image - * - * @return string - */ - public function getRefreshUrl() - { - return Mage::getUrl( - Mage::app()->getStore()->isAdmin() ? 'adminhtml/refresh/refresh' : 'captcha/refresh', - ['_secure' => Mage::app()->getStore()->isCurrentlySecure()], - ); - } - - /** - * Renders captcha HTML (if required) - * - * @return string - */ - protected function _toHtml() - { - if (Mage::helper('captcha')->isEnabled() && $this->getCaptchaModel()->isRequired()) { - $this->getCaptchaModel()->generate(); - return parent::_toHtml(); - } - return ''; - } - - /** - * Returns captcha model - * - * @return Mage_Captcha_Model_Zend - */ - public function getCaptchaModel() - { - return Mage::helper('captcha')->getCaptcha($this->getFormId()); - } -} diff --git a/app/code/core/Mage/Captcha/Helper/Data.php b/app/code/core/Mage/Captcha/Helper/Data.php deleted file mode 100644 index aa684aa5680..00000000000 --- a/app/code/core/Mage/Captcha/Helper/Data.php +++ /dev/null @@ -1,130 +0,0 @@ -getStore()->isAdmin() ? 'admin/captcha/enable' : 'customer/captcha/enable'; - return Mage::getStoreConfigFlag($path); - } - - /** - * Get Captcha - * - * @param string $formId - * @return Mage_Captcha_Model_Zend - */ - public function getCaptcha($formId) - { - if (!array_key_exists($formId, $this->_captcha)) { - $type = $this->getConfigNode('type'); - $this->_captcha[$formId] = Mage::getModel('captcha/' . $type, ['formId' => $formId]); - } - return $this->_captcha[$formId]; - } - - /** - * Returns value of the node with respect to current area (frontend or backend) - * - * @param string $id The last part of XML_PATH_$area_CAPTCHA_ constant (case-insensitive) - * @param Mage_Core_Model_Store $store - * @return Mage_Core_Model_Config_Element - */ - public function getConfigNode($id, $store = null) - { - $areaCode = Mage::app()->getStore($store)->isAdmin() ? 'admin' : 'customer'; - return Mage::getStoreConfig($areaCode . '/captcha/' . $id, $store); - } - - /** - * Get list of available fonts - * Return format: - * [['arial'] => ['label' => 'Arial', 'path' => '/www/magento/fonts/arial.ttf']] - * - * @return array - */ - public function getFonts() - { - $node = Mage::getConfig()->getNode(self::XML_PATH_CAPTCHA_FONTS); - $fonts = []; - if ($node) { - foreach ($node->children() as $fontName => $fontNode) { - $fonts[$fontName] = [ - 'label' => (string) $fontNode->label, - 'path' => Mage::getBaseDir('base') . DS . $fontNode->path, - ]; - } - } - return $fonts; - } - - /** - * Get captcha image directory - * - * @param mixed $website - * @return string - */ - public function getImgDir($website = null) - { - $websiteCode = Mage::app()->getWebsite($website)->getCode(); - $captchaDir = Mage::getBaseDir('media') . DS . 'captcha' . DS . $websiteCode . DS; - $io = new Varien_Io_File(); - $io->checkAndCreateFolder($captchaDir, 0755); - return $captchaDir; - } - - /** - * Get captcha image base URL - * - * @param mixed $website - * @return string - */ - public function getImgUrl($website = null) - { - $websiteCode = Mage::app()->getWebsite($website)->getCode(); - return Mage::getBaseUrl('media') . 'captcha' . '/' . $websiteCode . '/'; - } -} diff --git a/app/code/core/Mage/Captcha/Model/Config/Font.php b/app/code/core/Mage/Captcha/Model/Config/Font.php deleted file mode 100644 index 9a81faacce7..00000000000 --- a/app/code/core/Mage/Captcha/Model/Config/Font.php +++ /dev/null @@ -1,30 +0,0 @@ -getFonts() as $fontName => $fontData) { - $optionArray[] = ['label' => $fontData['label'], 'value' => $fontName]; - } - return $optionArray; - } -} diff --git a/app/code/core/Mage/Captcha/Model/Config/Form/Abstract.php b/app/code/core/Mage/Captcha/Model/Config/Form/Abstract.php deleted file mode 100644 index 78e5595aae3..00000000000 --- a/app/code/core/Mage/Captcha/Model/Config/Form/Abstract.php +++ /dev/null @@ -1,42 +0,0 @@ -getNode($this->_configPath); - if ($backendNode) { - foreach ($backendNode->children() as $formNode) { - /** @var Mage_Core_Model_Config_Element $formNode */ - if (!empty($formNode->label)) { - $optionArray[] = ['label' => (string) $formNode->label, 'value' => $formNode->getName()]; - } - } - } - return $optionArray; - } -} diff --git a/app/code/core/Mage/Captcha/Model/Config/Form/Backend.php b/app/code/core/Mage/Captcha/Model/Config/Form/Backend.php deleted file mode 100644 index cb1e08d805d..00000000000 --- a/app/code/core/Mage/Captcha/Model/Config/Form/Backend.php +++ /dev/null @@ -1,21 +0,0 @@ - Mage::helper('captcha')->__('Always'), - 'value' => Mage_Captcha_Helper_Data::MODE_ALWAYS, - ], - [ - 'label' => Mage::helper('captcha')->__('After number of attempts to login'), - 'value' => Mage_Captcha_Helper_Data::MODE_AFTER_FAIL, - ], - ]; - } -} diff --git a/app/code/core/Mage/Captcha/Model/Interface.php b/app/code/core/Mage/Captcha/Model/Interface.php deleted file mode 100644 index db64f1a08ad..00000000000 --- a/app/code/core/Mage/Captcha/Model/Interface.php +++ /dev/null @@ -1,39 +0,0 @@ -getCaptcha($formId); - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) { - Mage::getSingleton('customer/session')->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - $controller->getResponse()->setRedirect(Mage::getUrl('*/*/forgotpassword')); - } - } - return $this; - } - - /** - * Check Captcha On User Login Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkUserLogin($observer) - { - $formId = 'user_login'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $controller = $observer->getControllerAction(); - $loginParams = $controller->getRequest()->getPost('login'); - $login = $loginParams['username'] ?? null; - if ($captchaModel->isRequired($login)) { - $word = $this->_getCaptchaString($controller->getRequest(), $formId); - if (!$captchaModel->isCorrect($word)) { - Mage::getSingleton('customer/session')->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - Mage::getSingleton('customer/session')->setUsername($login); - $beforeUrl = Mage::getSingleton('customer/session')->getBeforeAuthUrl(); - $url = $beforeUrl ? $beforeUrl : Mage::helper('customer')->getLoginUrl(); - $controller->getResponse()->setRedirect($url); - } - } - $captchaModel->logAttempt($login); - return $this; - } - - /** - * Check Captcha On Register User Page - * - * @return $this - */ - public function checkUserCreate(Varien_Event_Observer $observer) - { - $formId = 'user_create'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) { - Mage::getSingleton('customer/session')->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - Mage::getSingleton('customer/session')->setCustomerFormData($controller->getRequest()->getPost()); - $controller->getResponse()->setRedirect(Mage::getUrl('*/*/create')); - } - } - return $this; - } - - /** - * Check Captcha On Checkout as Guest Page - * - * @return $this - */ - public function checkGuestCheckout(Varien_Event_Observer $observer) - { - $formId = 'guest_checkout'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $checkoutMethod = Mage::getSingleton('checkout/type_onepage')->getQuote()->getCheckoutMethod(); - if ($checkoutMethod == Mage_Checkout_Model_Type_Onepage::METHOD_GUEST) { - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) { - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - $result = ['error' => 1, 'message' => Mage::helper('captcha')->__('Incorrect CAPTCHA.')]; - $controller->getResponse()->setBody(Mage::helper('core')->jsonEncode($result)); - } - } - } - return $this; - } - - /** - * Check Captcha On Checkout Register Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkRegisterCheckout($observer) - { - $formId = 'register_during_checkout'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $checkoutMethod = Mage::getSingleton('checkout/type_onepage')->getQuote()->getCheckoutMethod(); - if ($checkoutMethod == Mage_Checkout_Model_Type_Onepage::METHOD_REGISTER) { - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) { - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - $result = ['error' => 1, 'message' => Mage::helper('captcha')->__('Incorrect CAPTCHA.')]; - $controller->getResponse()->setBody(Mage::helper('core')->jsonEncode($result)); - } - } - } - return $this; - } - - /** - * Check Captcha On User Login Backend Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkUserLoginBackend($observer) - { - $formId = 'backend_login'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $loginParams = Mage::app()->getRequest()->getPost('login', []); - $login = $loginParams['username'] ?? null; - if ($captchaModel->isRequired($login)) { - if (!$captchaModel->isCorrect($this->_getCaptchaString(Mage::app()->getRequest(), $formId))) { - $captchaModel->logAttempt($login); - Mage::throwException(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - } - } - $captchaModel->logAttempt($login); - return $this; - } - - /** - * Returns backend session - * - * @return Mage_Adminhtml_Model_Session - */ - protected function _getBackendSession() - { - return Mage::getSingleton('adminhtml/session'); - } - - /** - * Check Captcha On User Login Backend Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkUserForgotPasswordBackend($observer) - { - $formId = 'backend_forgotpassword'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $controller = $observer->getControllerAction(); - $email = (string) $observer->getControllerAction()->getRequest()->getParam('email'); - $params = $observer->getControllerAction()->getRequest()->getParams(); - - if (!empty($email) && !empty($params)) { - if ($captchaModel->isRequired()) { - if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) { - $this->_getBackendSession()->setEmail((string) $controller->getRequest()->getPost('email')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - $this->_getBackendSession()->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->getResponse()->setRedirect(Mage::getUrl('*/*/forgotpassword')); - } - } - } - return $this; - } - - /** - * Reset Attempts For Frontend - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function resetAttemptForFrontend($observer) - { - return $this->_resetAttempt($observer->getModel()->getEmail()); - } - - /** - * Reset Attempts For Backend - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function resetAttemptForBackend($observer) - { - return $this->_resetAttempt($observer->getUser()->getUsername()); - } - - /** - * Delete Unnecessary logged attempts - * - * @return $this - */ - public function deleteOldAttempts() - { - Mage::getResourceModel('captcha/log')->deleteOldAttempts(); - return $this; - } - - /** - * Delete Expired Captcha Images - * - * @return $this - */ - public function deleteExpiredImages() - { - foreach (Mage::app()->getWebsites(true) as $website) { - $expire = time() - Mage::helper('captcha')->getConfigNode('timeout', $website->getDefaultStore()) * 60; - $imageDirectory = Mage::helper('captcha')->getImgDir($website); - foreach (new DirectoryIterator($imageDirectory) as $file) { - if ($file->isFile() && pathinfo($file->getFilename(), PATHINFO_EXTENSION) == 'png') { - if ($file->getMTime() < $expire) { - unlink($file->getPathname()); - } - } - } - } - return $this; - } - - /** - * Reset Attempts - * - * @param string $login - * @return $this - */ - protected function _resetAttempt($login) - { - Mage::getResourceModel('captcha/log')->deleteUserAttempts($login); - return $this; - } - - /** - * Get Captcha String - * - * @param Mage_Core_Controller_Request_Http $request - * @param string $formId - * @return string - */ - protected function _getCaptchaString($request, $formId) - { - $captchaParams = $request->getPost(Mage_Captcha_Helper_Data::INPUT_NAME_FIELD_VALUE); - return $captchaParams[$formId] ?? ''; - } - - /** - * Check Captcha On Share Wishlist Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkWishlistSharing($observer) - { - $formId = 'wishlist_sharing'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - $request = $controller->getRequest(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($request, $formId))) { - Mage::getSingleton('wishlist/session')->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - Mage::getSingleton('wishlist/session')->setSharingForm($request->getPost()); - $wishlistId = (int) $request->getParam('wishlist_id'); - $controller->getResponse() - ->setRedirect(Mage::getUrl('wishlist/index/share/wishlist_id/' . $wishlistId)); - } - } - return $this; - } - - /** - * Check Captcha On Email Product To A Friend Page - * - * @param Varien_Event_Observer $observer - * @return $this - */ - public function checkSendfriendSend($observer) - { - $formId = 'sendfriend_send'; - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - if ($captchaModel->isRequired()) { - $controller = $observer->getControllerAction(); - $request = $controller->getRequest(); - if (!$captchaModel->isCorrect($this->_getCaptchaString($request, $formId))) { - Mage::getSingleton('catalog/session')->addError(Mage::helper('captcha')->__('Incorrect CAPTCHA.')); - $controller->setFlag('', Mage_Core_Controller_Varien_Action::FLAG_NO_DISPATCH, true); - Mage::getSingleton('catalog/session')->setFormData($request->getPost()); - $id = (int) $request->getParam('id'); - $catId = $request->getParam('cat_id'); - if ($catId !== null) { - $id .= '/cat_id/' . (int) $catId; - } - $controller->getResponse()->setRedirect(Mage::getUrl('*/*/send/id/' . $id)); - } - } - return $this; - } -} diff --git a/app/code/core/Mage/Captcha/Model/Resource/Log.php b/app/code/core/Mage/Captcha/Model/Resource/Log.php deleted file mode 100644 index 07644b84e56..00000000000 --- a/app/code/core/Mage/Captcha/Model/Resource/Log.php +++ /dev/null @@ -1,133 +0,0 @@ -_setMainTable('captcha/log'); - } - - /** - * Save or Update count Attempts - * - * @param string|null $login - * @return $this - */ - public function logAttempt($login) - { - if ($login != null) { - $this->_getWriteAdapter()->insertOnDuplicate( - $this->getMainTable(), - [ - 'type' => self::TYPE_LOGIN, 'value' => $login, 'count' => 1, - 'updated_at' => Mage::getSingleton('core/date')->gmtDate(), - ], - ['count' => new Zend_Db_Expr('count+1'), 'updated_at'], - ); - } - $ip = Mage::helper('core/http')->getRemoteAddr(); - if ($ip != null) { - $this->_getWriteAdapter()->insertOnDuplicate( - $this->getMainTable(), - [ - 'type' => self::TYPE_REMOTE_ADDRESS, 'value' => $ip, 'count' => 1, - 'updated_at' => Mage::getSingleton('core/date')->gmtDate(), - ], - ['count' => new Zend_Db_Expr('count+1'), 'updated_at'], - ); - } - return $this; - } - - /** - * Delete User attempts by login - * - * @param string $login - * @return $this - */ - public function deleteUserAttempts($login) - { - if ($login != null) { - $this->_getWriteAdapter()->delete( - $this->getMainTable(), - ['type = ?' => self::TYPE_LOGIN, 'value = ?' => $login], - ); - } - $ip = Mage::helper('core/http')->getRemoteAddr(); - if ($ip != null) { - $this->_getWriteAdapter()->delete( - $this->getMainTable(), - ['type = ?' => self::TYPE_REMOTE_ADDRESS, 'value = ?' => $ip], - ); - } - - return $this; - } - - /** - * Get count attempts by ip - * - * @return string|int - */ - public function countAttemptsByRemoteAddress() - { - $ip = Mage::helper('core/http')->getRemoteAddr(); - if (!$ip) { - return 0; - } - $read = $this->_getReadAdapter(); - $select = $read->select()->from($this->getMainTable(), 'count')->where('type = ?', self::TYPE_REMOTE_ADDRESS) - ->where('value = ?', $ip); - return $read->fetchOne($select); - } - - /** - * Get count attempts by user login - * - * @param string $login - * @return string|int - */ - public function countAttemptsByUserLogin($login) - { - if (!$login) { - return 0; - } - $read = $this->_getReadAdapter(); - $select = $read->select()->from($this->getMainTable(), 'count')->where('type = ?', self::TYPE_LOGIN) - ->where('value = ?', $login); - return $read->fetchOne($select); - } - - /** - * Delete attempts with expired in update_at time - */ - public function deleteOldAttempts() - { - $this->_getWriteAdapter()->delete( - $this->getMainTable(), - ['updated_at < ?' => Mage::getSingleton('core/date')->gmtDate(null, time() - 60 * 30)], - ); - } -} diff --git a/app/code/core/Mage/Captcha/Model/Zend.php b/app/code/core/Mage/Captcha/Model/Zend.php deleted file mode 100644 index f7f666d4c3f..00000000000 --- a/app/code/core/Mage/Captcha/Model/Zend.php +++ /dev/null @@ -1,504 +0,0 @@ -_formId = $params['formId']; - $this->setExpiration($this->getTimeout()); - } - - /** - * Returns key with respect of current form ID - * - * @param string $key - * @return string - */ - protected function _getFormIdKey($key) - { - return $this->_formId . '_' . $key; - } - - /** - * Get Block Name - * - * @return string - */ - public function getBlockName() - { - return 'captcha/captcha_zend'; - } - - /** - * Whether captcha is required to be inserted to this form - * - * @param null|string $login - * @return bool - */ - public function isRequired($login = null) - { - $nonAuthForms = ['wishlist_sharing', 'sendfriend_send']; - - if ((!in_array($this->_formId, $nonAuthForms) && $this->_isUserAuth()) - || !$this->_isEnabled() || !in_array($this->_formId, $this->_getTargetForms()) - ) { - return false; - } - - return ($this->_isShowAlways() || $this->_isOverLimitAttempts($login) - || $this->getSession()->getData($this->_getFormIdKey('show_captcha')) - ); - } - - /** - * Check is overlimit attempts - * - * @param string $login - * @return bool - */ - protected function _isOverLimitAttempts($login) - { - return ($this->_isOverLimitIpAttempt() || $this->_isOverLimitLoginAttempts($login)); - } - - /** - * Returns number of allowed attempts for same login - * - * @return int - */ - protected function _getAllowedAttemptsForSameLogin() - { - return (int) $this->_getHelper()->getConfigNode('failed_attempts_login'); - } - - /** - * Returns number of allowed attempts from same IP - * - * @return int - */ - protected function _getAllowedAttemptsFromSameIp() - { - return (int) $this->_getHelper()->getConfigNode('failed_attempts_ip'); - } - - /** - * Check is overlimit saved attempts from one ip - * - * @return bool - */ - protected function _isOverLimitIpAttempt() - { - $countAttemptsByIp = Mage::getResourceModel('captcha/log')->countAttemptsByRemoteAddress(); - return $countAttemptsByIp >= $this->_getAllowedAttemptsFromSameIp(); - } - - /** - * Is Over Limit Login Attempts - * - * @param string $login - * @return bool - */ - protected function _isOverLimitLoginAttempts($login) - { - if ($login != false) { - $countAttemptsByLogin = Mage::getResourceModel('captcha/log')->countAttemptsByUserLogin($login); - return ($countAttemptsByLogin >= $this->_getAllowedAttemptsForSameLogin()); - } - return false; - } - - /** - * Check is user auth - * - * @return bool - */ - protected function _isUserAuth() - { - return Mage::app()->getStore()->isAdmin() - ? Mage::getSingleton('admin/session')->isLoggedIn() - : Mage::getSingleton('customer/session')->isLoggedIn(); - } - - /** - * Whether to respect case while checking the answer - * - * @return string - */ - public function isCaseSensitive() - { - return (string) $this->_getHelper()->getConfigNode('case_sensitive'); - } - - /** - * Get font to use when generating captcha - * - * @return string - */ - public function getFont() - { - return $this->_getFontPath(); - } - - /** - * After this time isCorrect() is going to return FALSE even if word was guessed correctly - * - * @return int - */ - public function getTimeout() - { - if (!$this->_expiration) { - /** - * as "timeout" configuration parameter specifies timeout in minutes - we multiply it on 60 to set - * expiration in seconds - */ - $this->_expiration = (int) $this->_getHelper()->getConfigNode('timeout') * 60; - } - return $this->_expiration; - } - - /** - * Get captcha image directory - * - * @return string - */ - public function getImgDir() - { - return $this->_helper->getImgDir(); - } - - /** - * Get captcha image base URL - * - * @return string - */ - public function getImgUrl() - { - return $this->_helper->getImgUrl(); - } - - /** - * Checks whether captcha was guessed correctly by user - * - * @param string $word - * @return bool - */ - public function isCorrect($word) - { - $storedWord = $this->getWord(); - $this->_clearWord(); - - if (!$word || !$storedWord) { - return false; - } - - if (!$this->isCaseSensitive()) { - $storedWord = strtolower($storedWord); - $word = strtolower($word); - } - return $word == $storedWord; - } - - /** - * Returns session instance - * - * @return Mage_Customer_Model_Session - */ - public function getSession() - { - return Mage::getSingleton('customer/session'); - } - - /** - * Return full URL to captcha image - * - * @return string - */ - public function getImgSrc() - { - return $this->getImgUrl() . $this->getId() . $this->getSuffix(); - } - - /** - * log Attempt - * - * @param string $login - * @return $this - */ - public function logAttempt($login) - { - if ($this->_isEnabled() && in_array($this->_formId, $this->_getTargetForms())) { - Mage::getResourceModel('captcha/log')->logAttempt($login); - if ($this->_isOverLimitLoginAttempts($login)) { - $this->getSession()->setData($this->_getFormIdKey('show_captcha'), 1); - } - } - return $this; - } - - /** - * Returns path for the font file, chosen to generate captcha - * - * @return string - */ - protected function _getFontPath() - { - $font = (string) $this->_getHelper()->getConfigNode('font'); - $fonts = $this->_getHelper()->getFonts(); - - if (isset($fonts[$font])) { - $fontPath = $fonts[$font]['path']; - } else { - $fontData = array_shift($fonts); - $fontPath = $fontData['path']; - } - - return $fontPath; - } - - /** - * Returns captcha helper - * - * @return Mage_Captcha_Helper_Data - */ - protected function _getHelper() - { - if (empty($this->_helper)) { - $this->_helper = Mage::helper('captcha'); - } - return $this->_helper; - } - - /** - * Generate word used for captcha render - * - * @return string - */ - protected function _generateWord() - { - $word = ''; - $symbols = $this->_getSymbols(); - $wordLen = $this->_getWordLen(); - for ($i = 0; $i < $wordLen; $i++) { - $word .= $symbols[array_rand($symbols)]; - } - return $word; - } - - /** - * Get symbols array to use for word generation - * - * @return array - */ - protected function _getSymbols() - { - return str_split((string) $this->_getHelper()->getConfigNode('symbols')); - } - - /** - * Returns length for generating captcha word. This value may be dynamic. - * - * @return int - */ - protected function _getWordLen() - { - $from = 0; - $to = 0; - $length = (string) $this->_getHelper()->getConfigNode('length'); - if (!is_numeric($length)) { - if (preg_match('/(\d+)-(\d+)/', $length, $matches)) { - $from = (int) $matches[1]; - $to = (int) $matches[2]; - } - } else { - $from = (int) $length; - $to = (int) $length; - } - - if (($to < $from) || ($from < 1) || ($to < 1)) { - $from = self::DEFAULT_WORD_LENGTH_FROM; - $to = self::DEFAULT_WORD_LENGTH_TO; - } - - return mt_rand($from, $to); - } - - /** - * Whether to show captcha for this form every time - * - * @return bool - */ - protected function _isShowAlways() - { - // setting the allowed attempts to 0 is like setting mode to always - if ($this->_getAllowedAttemptsForSameLogin() == 0 || $this->_getAllowedAttemptsFromSameIp() == 0) { - return true; - } - - if ((string) $this->_getHelper()->getConfigNode('mode') == Mage_Captcha_Helper_Data::MODE_ALWAYS) { - return true; - } - - $alwaysFor = $this->_getHelper()->getConfigNode('always_for'); - foreach ($alwaysFor as $nodeFormId => $isAlwaysFor) { - if ($isAlwaysFor && $this->_formId == $nodeFormId) { - return true; - } - } - - return false; - } - - /** - * Whether captcha is enabled at this area - * - * @return string - */ - protected function _isEnabled() - { - return (string) $this->_getHelper()->getConfigNode('enable'); - } - - /** - * Retrieve list of forms where captcha must be shown - * - * For frontend this list is based on current website - * - * @return array - */ - protected function _getTargetForms() - { - $formsString = (string) $this->_getHelper()->getConfigNode('forms'); - return explode(',', $formsString); - } - - /** - * Get captcha word - * - * @return string|null - */ - public function getWord() - { - $sessionData = $this->getSession()->getData($this->_getFormIdKey(self::SESSION_WORD)); - if (!is_array($sessionData)) { - return null; - } - return time() < $sessionData['expires'] ? $sessionData['data'] : null; - } - - /** - * Set captcha word - * - * @param string $word - * @return Zend_Captcha_Word - */ - protected function _setWord($word) - { - $this->getSession()->setData( - $this->_getFormIdKey(self::SESSION_WORD), - ['data' => $word, 'expires' => time() + $this->getTimeout()], - ); - $this->_word = $word; - return $this; - } - - /** - * Set captcha word - * - * @return $this - */ - protected function _clearWord() - { - $this->getSession()->unsetData($this->_getFormIdKey(self::SESSION_WORD)); - $this->_word = ''; - return $this; - } - - /** - * Override function to generate less curly captcha that will not cut off - * - * @see Zend_Captcha_Image::_randomSize() - * @return int - */ - protected function _randomSize() - { - return mt_rand(280, 300) / 100; - } - - /** - * Overlap of the parent method - * - * Now deleting old captcha images make crontab script - * @see Mage_Captcha_Model_Observer::deleteExpiredImages - */ - protected function _gc() - { - //do nothing - } -} diff --git a/app/code/core/Mage/Captcha/controllers/Adminhtml/RefreshController.php b/app/code/core/Mage/Captcha/controllers/Adminhtml/RefreshController.php deleted file mode 100644 index dbc538fd8a1..00000000000 --- a/app/code/core/Mage/Captcha/controllers/Adminhtml/RefreshController.php +++ /dev/null @@ -1,39 +0,0 @@ -getRequest()->getPost('formId'); - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $this->getLayout()->createBlock($captchaModel->getBlockName())->setFormId($formId)->setIsAjax(true)->toHtml(); - $this->getResponse()->setBody(json_encode(['imgSrc' => $captchaModel->getImgSrc()])); - $this->setFlag('', self::FLAG_NO_POST_DISPATCH, true); - } - - /** - * Check is allowed access to action - * - * @return true - */ - protected function _isAllowed() - { - return true; - } -} diff --git a/app/code/core/Mage/Captcha/controllers/RefreshController.php b/app/code/core/Mage/Captcha/controllers/RefreshController.php deleted file mode 100644 index 0778dd2118f..00000000000 --- a/app/code/core/Mage/Captcha/controllers/RefreshController.php +++ /dev/null @@ -1,29 +0,0 @@ -getRequest()->getPost('formId'); - $captchaModel = Mage::helper('captcha')->getCaptcha($formId); - $this->getLayout()->createBlock($captchaModel->getBlockName())->setFormId($formId)->setIsAjax(true)->toHtml(); - $this->getResponse()->setBody(json_encode(['imgSrc' => $captchaModel->getImgSrc()])); - $this->setFlag('', self::FLAG_NO_POST_DISPATCH, true); - } -} diff --git a/app/code/core/Mage/Captcha/etc/config.xml b/app/code/core/Mage/Captcha/etc/config.xml deleted file mode 100644 index 2ab26afa918..00000000000 --- a/app/code/core/Mage/Captcha/etc/config.xml +++ /dev/null @@ -1,291 +0,0 @@ - - - - - - 1.7.0.0.0 - - - - - - - Mage_Captcha - - - - - - Mage_Captcha_Model - captcha_resource - - - Mage_Captcha_Model_Resource - - - captcha_log
- - - - - - - Mage_Captcha_Helper - - - - - - - captcha/observer - checkUserLogin - - - - - - - captcha/observer - checkForgotPassword - - - - - - - captcha/observer - checkUserCreate - - - - - - - captcha/observer - checkWishlistSharing - - - - - - - captcha/observer - checkUserForgotPasswordBackend - - - - - - - captcha/observer - checkUserLoginBackend - - - - - - - captcha/observer - checkGuestCheckout - - - captcha/observer - checkRegisterCheckout - - - - - - - captcha/observer - resetAttemptForFrontend - - - - - - - captcha/observer - resetAttemptForBackend - - - - - - - captcha/observer - checkSendfriendSend - - - - - - - - - standard - - Mage_Captcha - captcha - - - - - - - - Mage_Captcha.csv - - - - - - - - captcha.xml - - - - - - - - - - Mage_Captcha_Adminhtml - - - - - - - - - - captcha.xml - - - - - - - - - captcha - - - - - - zend - 0 - linlibertine - after_fail - backend_forgotpassword - 3 - 10 - 7 - 4-5 - ABCDEFGHJKMnpqrstuvwxyz23456789 - 0 - - 1 - - - - - - zend - 0 - linlibertine - after_fail - user_forgotpassword - 3 - 1000 - 7 - 4-5 - ABCDEFGHJKMnpqrstuvwxyz23456789 - 0 - - 1 - 1 - 1 - 1 - 1 - 1 - - - - - - - - lib/LinLibertineFont/LinLibertine_Bd-2.8.1.ttf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */30 * * * * - - - captcha/observer::deleteOldAttempts - - - - - */10 * * * * - - - captcha/observer::deleteExpiredImages - - - - - - diff --git a/app/code/core/Mage/Captcha/etc/system.xml b/app/code/core/Mage/Captcha/etc/system.xml deleted file mode 100644 index 86e916daac9..00000000000 --- a/app/code/core/Mage/Captcha/etc/system.xml +++ /dev/null @@ -1,234 +0,0 @@ - - - - - - - - - 50 - 1 - 1 - 0 - - - - select - adminhtml/system_config_source_yesno - 1 - 1 - 0 - 0 - - - - select - captcha/config_font - 2 - 1 - 0 - 0 - 1 - - - - multiselect - captcha/config_form_backend - 3 - 1 - 0 - 0 - 1 - - - - select - captcha/config_mode - 4 - 1 - 0 - 0 - 1 - - - - If 0 is specified, CAPTCHA on the Login form will be always available. - 5 - 1 - 0 - 0 - - after_fail - 1 - - required-entry validate-digits - - - - 6 - 1 - 0 - 0 - - after_fail - 1 - - required-entry validate-digits - - - - 7 - 1 - 0 - 0 - 1 - required-entry validate-digits - - - - Please specify 8 symbols at the most. Range allowed (e.g. 3-5) - 8 - 1 - 0 - 0 - 1 - required-entry - - - - Similar looking characters (e.g. "i", "l", "1") decrease chance of correct recognition by customer.]]> - 9 - 1 - 0 - 0 - 1 - required-entry validate-alphanum - - - - select - adminhtml/system_config_source_yesno - 10 - 1 - 0 - 0 - 1 - - - - - - - - - - 110 - 1 - 1 - 0 - - - - select - adminhtml/system_config_source_yesno - 1 - 1 - 1 - 0 - - - - select - captcha/config_font - 2 - 1 - 1 - 0 - 1 - - - - multiselect - captcha/config_form_frontend - CAPTCHA for "Create user" and "Forgot password" forms is always enabled if chosen - 3 - 1 - 1 - 0 - 1 - - - - select - captcha/config_mode - 4 - 1 - 1 - 0 - 1 - - - - If 0 is specified, CAPTCHA on the Login form will be always available. - 5 - 1 - 1 - 0 - - 1 - after_fail - - required-entry validate-digits - - - - 6 - 1 - 1 - 0 - 1 - required-entry validate-digits - - - - Please specify 8 symbols at the most. Range allowed (e.g. 3-5) - 7 - 1 - 1 - 0 - 1 - required-entry - - - - Similar looking characters (e.g. "i", "l", "1") decrease chance of correct recognition by customer.]]> - 8 - 1 - 1 - 0 - 1 - required-entry validate-alphanum - - - - select - adminhtml/system_config_source_yesno - 9 - 1 - 1 - 0 - 1 - - - - - - - diff --git a/app/code/core/Mage/Captcha/sql/captcha_setup/install-1.7.0.0.0.php b/app/code/core/Mage/Captcha/sql/captcha_setup/install-1.7.0.0.0.php deleted file mode 100644 index 4a0179f3dcc..00000000000 --- a/app/code/core/Mage/Captcha/sql/captcha_setup/install-1.7.0.0.0.php +++ /dev/null @@ -1,34 +0,0 @@ -startSetup(); - -$table = $installer->getConnection() - ->newTable($installer->getTable('captcha/log')) - ->addColumn('type', Varien_Db_Ddl_Table::TYPE_TEXT, 32, [ - 'nullable' => false, - 'primary' => true, - ], 'Type') - ->addColumn('value', Varien_Db_Ddl_Table::TYPE_TEXT, 32, [ - 'nullable' => false, - 'unsigned' => true, - 'primary' => true, - ], 'Value') - ->addColumn('count', Varien_Db_Ddl_Table::TYPE_INTEGER, null, [ - 'unsigned' => true, - 'nullable' => false, - 'default' => '0', - ], 'Count') - ->addColumn('updated_at', Varien_Db_Ddl_Table::TYPE_TIMESTAMP, null, [], 'Update Time') - ->setComment('Count Login Attempts'); -$installer->getConnection()->createTable($table); - -$installer->endSetup(); diff --git a/app/code/core/Mage/Core/Model/Config.php b/app/code/core/Mage/Core/Model/Config.php index 57f7d0d27ac..af8d819cece 100644 --- a/app/code/core/Mage/Core/Model/Config.php +++ b/app/code/core/Mage/Core/Model/Config.php @@ -67,7 +67,6 @@ class Mage_Core_Model_Config extends Mage_Core_Model_Config_Base 'Mage_Oauth' => 49, 'Mage_Authorizenet' => 50, 'Mage_Bundle' => 51, - 'Mage_Captcha' => 52, 'Mage_Centinel' => 53, 'Mage_ConfigurableSwatches' => 54, 'Mage_Newsletter' => 55, diff --git a/app/design/adminhtml/default/default/layout/captcha.xml b/app/design/adminhtml/default/default/layout/captcha.xml deleted file mode 100644 index bc95fb92537..00000000000 --- a/app/design/adminhtml/default/default/layout/captcha.xml +++ /dev/null @@ -1,30 +0,0 @@ - - - - - - - backend_login - 226 - 50 - - - - - - - backend_forgotpassword - 226 - 50 - - - - diff --git a/app/design/adminhtml/default/default/template/captcha/zend.phtml b/app/design/adminhtml/default/default/template/captcha/zend.phtml deleted file mode 100644 index 343d06ecb5d..00000000000 --- a/app/design/adminhtml/default/default/template/captcha/zend.phtml +++ /dev/null @@ -1,42 +0,0 @@ - -getCaptchaModel() ?> -
-
-
-
- -
-
- <?php echo $this->__('Reload captcha') ?> - -
-
-isCaseSensitive()) :?> -
-

__('Attention: Captcha is case sensitive.') ?>

-
- - diff --git a/app/design/adminhtml/default/default/template/forgotpassword.phtml b/app/design/adminhtml/default/default/template/forgotpassword.phtml index 95a7b421986..19030c4ab90 100644 --- a/app/design/adminhtml/default/default/template/forgotpassword.phtml +++ b/app/design/adminhtml/default/default/template/forgotpassword.phtml @@ -21,7 +21,6 @@ -
diff --git a/app/design/adminhtml/default/default/template/login.phtml b/app/design/adminhtml/default/default/template/login.phtml index dbed2573db0..08f3c1b486c 100644 --- a/app/design/adminhtml/default/default/template/login.phtml +++ b/app/design/adminhtml/default/default/template/login.phtml @@ -21,7 +21,6 @@ -
diff --git a/app/design/adminhtml/default/default/template/resetforgottenpassword.phtml b/app/design/adminhtml/default/default/template/resetforgottenpassword.phtml index 5b58c0aae26..454453e5e1c 100644 --- a/app/design/adminhtml/default/default/template/resetforgottenpassword.phtml +++ b/app/design/adminhtml/default/default/template/resetforgottenpassword.phtml @@ -21,7 +21,6 @@ -