Use recaptcha and validate email

eduranm · Jun 17, 2016 · 3409019 · 3409019
1 parent 321db6d
commit 3409019
Show file tree

Hide file tree

Showing 10 changed files with 215 additions and 331 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,6 @@
 cache/
 .DS_Store
+database/*
+node_modules/*
+.po
+logs
diff --git a/ci/application/config/autoload.php b/ci/application/config/autoload.php
@@ -52,7 +52,7 @@
 |	$autoload['libraries'] = array('database', 'session', 'xmlrpc');
 */
 
-$autoload['libraries'] = array('session', 'template');
+$autoload['libraries'] = array('session', 'template', 'recaptcha');
 
 
 /*

diff --git a/ci/application/config/config.php b/ci/application/config/config.php
@@ -180,7 +180,7 @@
 | your log files will fill up very fast.
 |
 */
-$config['log_threshold'] = 1;
+$config['log_threshold'] = 0;
 
 /*
 |--------------------------------------------------------------------------
@@ -358,5 +358,8 @@
 $config['proxy_ips'] = '';
 
 $config['enable_profiler'] = ENVIRONMENT === "production" ? FALSE : TRUE;
+$config['valitation_email'] = '';
+
+
 /* End of file config.php */
 /* Location: ./application/config/config.php */
diff --git a/ci/application/config/parser.php b/ci/application/config/parser.php
@@ -88,4 +88,4 @@
 |
 */
 
-$config['parser_assign_refs'] = array('config', 'load', 'session', 'uri', 'input', 'user_agent', 'lang');
+$config['parser_assign_refs'] = array('config', 'load', 'session', 'uri', 'input', 'user_agent', 'lang', 'recaptcha');
diff --git a/ci/application/config/recaptcha.php b/ci/application/config/recaptcha.php
@@ -1,10 +1,17 @@
-<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
-$recaptcha['development']['public_key']   = '6LexnuoSAAAAACzbXNAf3Ul1qgBeubEWOIxbqk0b';
-$recaptcha['development']['private_key']  = '6LexnuoSAAAAAMsVr9HWpykARQhecRJ-NAeRgf74';
-$recaptcha['production']['public_key']   = '6LeOneoSAAAAAPxWX1XOJFFDSHHel811saFQvELE';
-$recaptcha['production']['private_key']  = '6LeOneoSAAAAAKcZfvAKicQd6_spDKVxDe0vxkkI';
-$config['public_key']   = $recaptcha[ENVIRONMENT]['public_key'];
-$config['private_key']  = $recaptcha[ENVIRONMENT]['private_key'];
-// Set Recaptcha theme, default red (red/white/blackglass/clean)
-$config['recaptcha_theme']  = 'white';
-?>
+<?php
+defined('BASEPATH') OR exit('No direct script access allowed');
+/**
+ * Recaptcha configuration settings
+ * 
+ * recaptcha_sitekey: Recaptcha site key to use in the widget
+ * recaptcha_secretkey: Recaptcha secret key which is used for communicating between your server to Google's
+ * lang: Language code, if blank "en" will be used
+ * 
+ * recaptcha_sitekey and recaptcha_secretkey can be obtained from https://www.google.com/recaptcha/admin/
+ * Language code can be obtained from https://developers.google.com/recaptcha/docs/language
+ * 
+ * @author Damar Riyadi <[email protected]>
+ */
+$config['recaptcha_sitekey'] = '';
+$config['recaptcha_secretkey'] = '';
+$config['lang'] = "es";
diff --git a/ci/application/controllers/revista.php b/ci/application/controllers/revista.php
@@ -339,16 +339,39 @@ public function articulo($revista='', $articulo='', $mail=''){
 	}
 
 	public function solicitudDocumento(){
-		$this->output->enable_profiler(false);
-		if(!empty($_POST['email']) && !empty($_POST['from']) && !empty($_POST['revista']) && !empty($_POST['articulo'])):
+		$this->output->enable_profiler(FALSE);
+		$send_email = TRUE;
+		$result = array(
+					'type' => 'error',
+					'title' => _('No se pudo enviar la solicitud')
+				);
+		if(empty($_POST['email']) || empty($_POST['from']) || empty($_POST['revista']) || empty($_POST['articulo'])):
+			$send_email =FALSE;
+		endif;
+
+		$verify_email = verifyEmail($_POST['email'], $this->config->item('valitation_email'), true);
+		if($verify_email[0] == 'invalid'):
+			$send_email =FALSE;
+			$result['title'] = _('Correo electrónico no valido');
+		endif;
+
+		$captcha_answer = $this->input->post('g-recaptcha-response');
+		$response = $this->recaptcha->verifyResponse($captcha_answer);
+
+		if(!$response['success']):
+			$send_email =FALSE;
+			$result['title'] = _('Verificación incorrecta');
+		endif;
+
+		if ($send_email):
 			$biblatDB = $this->load->database('biblat', TRUE);
 			$config['mailtype'] = 'html';
 			$this->load->library('email');
 			$this->email->initialize($config);
 			$this->email->from('[email protected]', 'Solicitud Biblat');
 			$this->email->to('[email protected]');
-			//$this->email->to('[email protected]');
-			//$this->email->cc('[email protected]');
+			// $this->email->to('[email protected]');
+			// $this->email->cc('[email protected]');
 			$this->email->subject('Solicitud de documento Biblat');
 			$data = $_POST;
 			$data['fichaDocumento'] = $this->articulo($data['revista'], $data['articulo'], 'true');
@@ -376,11 +399,6 @@ public function solicitudDocumento(){
 					'type' => 'success',
 					'title' => _('La solicitud ha sido enviada')
 				);
-		else:
-			$result = array(
-					'type' => 'error',
-					'title' => _('No se pudo enviar la solicitud')
-				);
 		endif;
 		echo json_encode($result);
 	}

diff --git a/ci/application/helpers/custom_helper.php b/ci/application/helpers/custom_helper.php
@@ -434,3 +434,73 @@ function adjustColorLightenDarken($color_code,$percentage_adjuster = 0) {
 	}
 endif;
 
+if ( ! function_exists('verifyEmail') ):
+
+	function verifyEmail($toemail, $fromemail, $getdetails = false){
+		$email_arr = explode("@", $toemail);
+		$domain = array_slice($email_arr, -1);
+		$domain = $domain[0];
+		// Trim [ and ] from beginning and end of domain string, respectively
+		$domain = ltrim($domain, "[");
+		$domain = rtrim($domain, "]");
+		if( "IPv6:" == substr($domain, 0, strlen("IPv6:")) ) {
+			$domain = substr($domain, strlen("IPv6") + 1);
+		}
+		$mxhosts = array();
+		if( filter_var($domain, FILTER_VALIDATE_IP) )
+			$mx_ip = $domain;
+		else
+			getmxrr($domain, $mxhosts, $mxweight);
+		if(!empty($mxhosts) )
+			$mx_ip = $mxhosts[array_search(min($mxweight), $mxhosts)];
+		else {
+			if( filter_var($domain, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ) {
+				$record_a = dns_get_record($domain, DNS_A);
+			}
+			elseif( filter_var($domain, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) ) {
+				$record_a = dns_get_record($domain, DNS_AAAA);
+			}
+			if( !empty($record_a) )
+				$mx_ip = $record_a[0]['ip'];
+			else {
+				$result   = "invalid";
+				$details .= "No suitable MX records found.";
+				return ( (true == $getdetails) ? array($result, $details) : $result );
+			}
+		}
+
+		$connect = @fsockopen($mx_ip, 25);
+		if($connect){
+			if(preg_match("/^220/i", $out = fgets($connect, 1024))){
+				fputs ($connect , "HELO $mx_ip\r\n");
+				$out = fgets ($connect, 1024);
+				$details .= $out."\n";
+
+				fputs ($connect , "MAIL FROM: <$fromemail>\r\n");
+				$from = fgets ($connect, 1024);
+				$details .= $from."\n";
+				fputs ($connect , "RCPT TO: <$toemail>\r\n");
+				$to = fgets ($connect, 1024);
+				$details .= $to."\n";
+				fputs ($connect , "QUIT");
+				fclose($connect);
+				if(!preg_match("/^250/i", $from) || !preg_match("/^250/i", $to)){
+					$result = "invalid";
+				}
+				else{
+					$result = "valid";
+				}
+			}
+		}
+		else{
+			$result = "invalid";
+			$details .= "Could not connect to server";
+		}
+		if($getdetails){
+			return array($result, $details);
+		}
+		else{
+			return $result;
+		}
+	}
+endif;
-Original file line number
+Diff line change
@@ Expand Up / @@ -52,7 +52,7 @@ @@
     |	$autoload['libraries'] = array('database', 'session', 'xmlrpc');
     */
-    $autoload['libraries'] = array('session', 'template');
+    $autoload['libraries'] = array('session', 'template', 'recaptcha');
     /*
@@ Expand Down @@