Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added some ReCAPTCHA files

  • Loading branch information...
commit e2de9b8e2b94cd5d56b7e18882940958f26f6062 1 parent 9336013
@Joony authored
View
BIN  Mnesia.nitrogen@localhost/DECISION_TAB.LOG
Binary file not shown
View
BIN  Mnesia.nitrogen@localhost/LATEST.LOG
Binary file not shown
View
BIN  Mnesia.nitrogen@localhost/users.DCD
Binary file not shown
View
BIN  ebin/db_users.beam
Binary file not shown
View
BIN  ebin/web_users_dashboard.beam
Binary file not shown
View
BIN  ebin/web_users_register.beam
Binary file not shown
View
10 src/db_users.erl
@@ -20,7 +20,7 @@
-module(db_users).
-include("wf.inc").
-include("config.inc").
--export([init/0, add_user/3, validate_user/2, delete_user/1, is_username_used/1, is_email_used/1, get_email_address/1, verify_email/1, invalidate_email/1, delete_email_verification_code/1, new_email_verification_code/1]).
+-export([init/0, add_user/3, validate_user/2, delete_user/1, is_username_used/1, is_email_used/1, get_email_address/1, update_email_address/2, verify_email/1, invalidate_email/1, delete_email_verification_code/1, new_email_verification_code/1]).
-include_lib("stdlib/include/qlc.hrl").
@@ -144,6 +144,14 @@ check(Username, EmailAddress, Input) ->
get_email_address(Username) ->
db_utils:do(qlc:q([X#users.email_address || X <- mnesia:table(users), X#users.username =:= Username])).
+update_email_address(Username, NewEmailAddress) ->
+ FUpdateEmailAddress = fun() ->
+ [EmailAddress] = mnesia:read(users, Username, write),
+ EmailAddressUpdate = EmailAddress#users{email_address=NewEmailAddress},
+ mnesia:write(EmailAddressUpdate)
+ end,
+ mnesia:transaction(FUpdateEmailAddress).
+ % TODO: invalidate the email address
verify_email(Code) ->
FGetUsername = fun() ->
View
5 src/pages/web_users_dashboard.erl
@@ -21,8 +21,9 @@
-include_lib ("nitrogen/include/wf.inc").
-compile(export_all).
-main() ->
- case wf:user() of
+main() ->
+ Username = wf:user(),
+ case Username of
undefined ->
wf:redirect("login");
_ ->
View
44 src/pages/web_users_register.erl
@@ -51,7 +51,7 @@ body() ->
#br {},
#password { id=password2 },
#br {},
- #recaptcha {},
+ #recaptcha { id=recaptcha, public_key="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" },
#br {},
#button { id=submit, text="Register", postback=register },
#flash { id=flash },
@@ -70,24 +70,28 @@ body() ->
event(register) ->
- io:format("response: ~s~n", [hd(wf:q(recaptcha_response_field))]),
- io:format("challenge ~s~n", [hd(wf:q(recaptcha_challenge_field))]),
-
-
-
- case db_users:add_user(hd(wf:q(username)), hd(wf:q(email_address)), hd(wf:q(password))) of
- ok ->
- io:format("New user: ~s has signed up~n", [wf:q(username)]),
- wf:user(hd(wf:q(username))),
- wf:redirect("dashboard");
- aborted ->
- wc:flash("Error: Registration failed, please try again.")
+ %io:format("response: ~s~n", [hd(wf:q(recaptcha_response_field))]),
+ %io:format("challenge: ~s~n", [hd(wf:q(recaptcha_challenge_field))]),
+ %io:format("ip: ~p~n", [inet_parse:ntoa(ip())]),
+ %io:format("answer: ~p~n", [util_recaptcha:recaptcha_check_answer(inet_parse:ntoa(ip()), hd(wf:q(recaptcha_challenge_field)), hd(wf:q(recaptcha_response_field)))]),
+ case util_recaptcha:check_answer(inet_parse:ntoa(util_ip:ip()), hd(wf:q(recaptcha_challenge_field)), hd(wf:q(recaptcha_response_field))) of
+ {"true", "success"} ->
+ case db_users:add_user(hd(wf:q(username)), hd(wf:q(email_address)), hd(wf:q(password))) of
+ ok ->
+ io:format("New user: ~s has signed up~n", [wf:q(username)]),
+ wf:user(hd(wf:q(username))),
+ wf:redirect("dashboard");
+ aborted ->
+ wf:flash("Error: Registration failed, please try again.")
+ end;
+ {"false", _} ->
+ %{_,{_,_,Error}} = util_recaptcha:get_error(ErrorCode),
+ %io:format("Error: ~p~n", [Error]),
+ %wf:update(recaptcha, #panel { id=recaptcha, body="<script type='text/javascript'>" ++ Error ++ "</script>" }),
+ wf:flash("Error: The CAPTCHA answer was incorrect, please try again.")
end;
event(_) -> ok.
-
-
-
is_username_used(_, _) ->
db_users:is_username_used(hd(wf:q(username))).
@@ -95,13 +99,7 @@ is_email_used(_, _) ->
db_users:is_email_used(hd(wf:q(email_address))).
check_username(_, _) ->
-% case string:chr(hd(wf:q(username)), $ ) of
-% 0 ->
-% true;
-% _ ->
-% false
-% end.
- case regexp:first_match(hd(wf:q(username)), "[^A-z0-9.]") of
+ case regexp:first_match(hd(wf:q(username)), "[^A-z0-9.]") of % not a letter, not a number, or not a period
nomatch ->
true;
_ ->
View
18 src/utils/util_ip.erl
@@ -0,0 +1,18 @@
+-module(util_ip).
+-compile(export_all).
+
+ip() ->
+ %% Parts adapted from mochiweb_request.erl
+ Socket = wf_platform:get_socket(),
+ case inet:peername(Socket) of
+ {ok, {Addr = {X, _, _, _}, _Port}} when X == 10;
+ Addr == {127,0,0,1} ->
+ case wf_platform:get_header(x_forwarded_for) of
+ undefined -> Addr;
+ Hosts -> case inet_parse:address(string:strip(lists:last(string:tokens(Hosts, ",")))) of
+ {ok, AddrFwd} -> AddrFwd;
+ _ -> Addr
+ end
+ end;
+ {ok, {Addr, _Port}} -> Addr
+ end.
View
67 src/utils/util_recaptcha.erl
@@ -0,0 +1,67 @@
+% Copyright (c) 2009 Buddy Moore
+%
+% Permission is hereby granted, free of charge, to any person
+% obtaining a copy of this software and associated documentation
+% files (the "Software"), to deal in the Software without
+% restriction, including without limitation the rights to use,
+% copy, modify, merge, publish, distribute, sublicense, and/or sell
+% copies of the Software, and to permit persons to whom the
+% Software is furnished to do so, subject to the following
+% conditions:
+%
+% The above copyright notice and this permission notice shall be
+% included in all copies or substantial portions of the Software.
+%
+% THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+% EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+% OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+% NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+% HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+% WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+% FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+% OTHER DEALINGS IN THE SOFTWARE.
+
+-module(util_recaptcha).
+
+-export([check_answer/3, get_error/1]).
+
+get_verify_url() ->
+ "http://api-verify.recaptcha.net/verify".
+
+get_challenge_url() ->
+ "http://api-secure.recaptcha.net/challenge".
+
+private_key() ->
+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+
+public_key() ->
+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+
+check_answer(RemoteIp, Challenge, Response) ->
+ %inets:start(),
+ Data = "privatekey=" ++ private_key() ++ "&remoteip=" ++ RemoteIp ++ "&challenge=" ++ Challenge ++ "&response=" ++ Response,
+
+ BodyStr =
+ case make_http_request(get_verify_url(), Data) of
+ {ok, saved_to_file} ->
+ "saved";
+ {ok, Result} ->
+ case Result of
+ {_Status, _Headers, Body} -> Body;
+ {_Status, Body} -> Body
+ end;
+ {error, _Reason} -> "error"
+ end,
+ Lines = string:tokens(BodyStr, "\r\n"),
+ [Line1 | Rest] = Lines,
+ [Line2 | _Rest2] = Rest,
+ {Line1, Line2}.
+
+make_http_request(URL, Data) ->
+ http:request(post, {URL, [{"Host", URL}, {"User-Agent", "reCAPTCHA/PHP"}, {"Content-Length", integer_to_list(string:len(Data))} ], "application/x-www-form-urlencoded", Data }, [], []).
+
+get_error(ErrorCode) ->
+ Data = "?k=" ++ public_key() ++ "&error=" ++ ErrorCode,
+ http:request(get_challenge_url() ++ Data).
+
+
View
26 wwwroot/verification.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>[[[page:title()]]]</title>
+<script src='/nitrogen/jquery.js' type='text/javascript' charset='utf-8'></script>
+<script src='/nitrogen/jquery-ui.js' type='text/javascript' charset='utf-8'></script>
+<script src='/nitrogen/livevalidation.js' type='text/javascript' charset='utf-8'></script>
+<script src='/nitrogen/nitrogen.js' type='text/javascript' charset='utf-8'></script>
+<link rel="stylesheet" href="/nitrogen/jquery-ui/jquery-ui.css" type="text/css" media="screen" charset="utf-8">
+<link rel="stylesheet" href="/nitrogen/elements.css" type="text/css" media="screen" charset="utf-8">
+</head>
+
+<body>
+
+<h1>[[[page:title()]]]</h1>
+
+[[[element_flash:render()]]]
+
+[[[page:body(Verified)]]]
+
+
+<script>
+[[[script]]]
+</script>
+</body>
+</html>
Please sign in to comment.
Something went wrong with that request. Please try again.