使用google验证码防止注册机/发帖机for discuz7.2

http://bbs.mudbest.com目前已经采用google验证码方案,平时注册机/发帖机 盯得比较紧,点触验证码感觉还行,只是广告不太喜欢,看到google提供了一个验证码的接口。想到将将原来的discuz默认验证码更换掉成google的验证码,就是用户体验不怎么好。

1、首先到https://www.google.com/recaptcha/admin/create 注册应用。
2、打开http://code.google.com/p/recaptcha/downloads/list?q=label:phplib-Latest ,下载接口文件。
3、拿到注册应用后得到公用key和私有key。

google验证码

代码修改部分:

//打开discuz7.2的/include/common.inc.php文件。
require_once DISCUZ_ROOT.'./include/global.func.php';
//加载google验证码核心文件
//并设置好应用的 公有key 和 私有key
//>>>>>>>>>>>>>>>>>加载google验证码部分<<<<<<<<<<<<<<<<<<<<
require_once(DISCUZ_ROOT.'./include/recaptchalib.php');
$publickey = "6LcC8-wSAAAAAHxRk***pMW12312krfNqscyC_C1";
$privatekey = "6LcC8-wSAAAAADG***-Uy53434p0IKvgzGJG2toMD";
//>>>>>>>>>>>>>>>>>加载google验证码部分<<<<<<<<<<<<<<<<<<<<

打开discuz7.2的/include/global.func.php文件,将函数修改如下:

function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0) {
	$publickey = "6LcC8-wSAAAAAHxRk***pMW12312krfNqscyC_C1";
        $privatekey = "6LcC8-wSAAAAADG***-Uy53434p0IKvgzGJG2toMD";
	# the response from reCAPTCHA
	$resp = null;
	# the error code from reCAPTCHA, if any
	$error = null;
	
	if(empty($GLOBALS[$var])) {
		return FALSE;
	} else {
		global $_SERVER, $seclevel, $seccode, $seccodedata, $seccodeverify, $secanswer, $_DCACHE, $_DCOOKIE, $timestamp, $discuz_uid;
		if($allowget || ($_SERVER['REQUEST_METHOD'] == 'POST' && $GLOBALS['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) ||
			preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])))) {
        		if($seccodecheck) {
                                
        				$resp = recaptcha_check_answer ($privatekey,
        						$_SERVER["REMOTE_ADDR"],
        						$_POST["recaptcha_challenge_field"],
        						$_POST["recaptcha_response_field"]);
        			
        				if (!$resp->is_valid) {
        					showmessage('submit_seccode_invalid');
        					//echo "You got it!";
        				} 
        				/*
        				else {
        					# set the error code so that we can display it
        					$error = $resp->error;
        				}
        				*/
        			
        			/*
        			if(!$seclevel) {
        				$key = $seccodedata['type'] != 3 ? '' : $_DCACHE['settings']['authkey'].date('Ymd');
        				list($seccode, $expiration, $seccodeuid) = explode("\t", authcode($_DCOOKIE['secc'], 'DECODE', $key));
        				if($seccodeuid != $discuz_uid || $timestamp - $expiration > 600) {
        					showmessage('submit_seccode_invalid');
        				}
        				dsetcookie('secc', '');
        			} else {
        				$tmp = substr($seccode, 0, 1);
        			}
        			seccodeconvert($seccode);
        			if(strtoupper($seccodeverify) != $seccode) {
        				showmessage('submit_seccode_invalid');
        			}
				$seclevel && $seccode = random(6, 1) + $tmp * 1000000;
				
				*/
        		}
			if($secqaacheck) {
        			if(!$seclevel) {
        				list($seccode, $expiration, $seccodeuid) = explode("\t", authcode($_DCOOKIE['secq'], 'DECODE'));
        				if($seccodeuid != $discuz_uid || $timestamp - $expiration > 600) {
        					showmessage('submit_secqaa_invalid');
        				}
        				dsetcookie('secq', '');
        			}
        			require_once DISCUZ_ROOT.'./forumdata/cache/cache_secqaa.php';
        			if(md5($secanswer) != $_DCACHE['secqaa'][substr($seccode, 0, 1)]['answer']) {
        			        showmessage('submit_secqaa_invalid');
        			}
				$seclevel && $seccode = random(1, 1) * 1000000 + substr($seccode, -6);
        		}
			return TRUE;
		} else {
			showmessage('submit_invalid');
		}
	}
}

打开discuz7.2的/templates/default/post.htm模板文件,修改以下部分:

<!--
此部分代码是由下面移到上面
-->
<!--{if $action != 'edit' && ($secqaacheck || $seccodecheck)}-->{template seccheck}<!--{/if}-->

<button type="submit" id="postsubmit" prompt="post_submit"  value="true" name="{if $action == 'newthread'}topicsubmit{elseif $action == 'reply'}replysubmit{elseif $action == 'edit'}editsubmit{/if}" tabindex="1">
<!--{if $action == 'newthread'}-->
	<!--{if $special == 0}-->{lang post_newthread}
	<!--{elseif $special == 1}-->{lang post_newthreadpoll}
	<!--{elseif $special == 2}-->{lang post_newthreadtrade}
	<!--{elseif $special == 3}-->{lang post_newthreadreward}
	<!--{elseif $special == 4}-->{lang post_newthreadactivity}
	<!--{elseif $special == 5}-->{lang post_newthreaddebate}
	<!--{elseif $special == 127}-->
		<!--{if $buttontext}-->$buttontext<!--{else}-->{lang post_newthread}<!--{/if}-->
	<!--{/if}-->
<!--{elseif $action == 'reply' && !empty($addtrade)}-->{lang trade_add_post}
<!--{elseif $action == 'reply'}-->{lang join_thread}
<!--{elseif $action == 'edit'}-->{lang edit_thread}
<!--{/if}-->
</button>

修改seccheck.php文件,如果想以后能还原,建议备份该模板文件,该文件全部最终代码如下。

<style>
	#recaptcha_table{
		table-layout:auto;
	}
</style>
{eval echo recaptcha_get_html($publickey)}

5555

444

至此,google验证码已经在使用了。

Leave a Reply

(will not be published)