From c98dc16ccb4f7f574477a3bfb96e8f2ac987dcce Mon Sep 17 00:00:00 2001
From: Johan Cwiklinski <johan@x-tnd.be>
Date: Sun, 5 Nov 2023 23:44:30 +0100
Subject: [PATCH] Remove google captcha

---
 .composer-require-checker.config.json     |   3 +-
 app/Controllers/Reference.php             |  29 +++++-
 app/Gaptcha.php                           |  92 +++++++++++++++++++
 app/Templates/default/reference.html.twig |   8 +-
 app/init.php                              |  23 -----
 composer.json                             |   5 +-
 composer.lock                             | 106 +---------------------
 public/index.php                          |   3 +-
 8 files changed, 132 insertions(+), 137 deletions(-)
 create mode 100644 app/Gaptcha.php

diff --git a/.composer-require-checker.config.json b/.composer-require-checker.config.json
index aec5100e..659b667f 100644
--- a/.composer-require-checker.config.json
+++ b/.composer-require-checker.config.json
@@ -6,7 +6,8 @@
     "json",
     "pcre",
     "session",
-    "mbstring"
+    "mbstring",
+    "random"
   ],
   "symbol-whitelist": [
     "Twig\\Extension\\DebugExtension",
diff --git a/app/Controllers/Reference.php b/app/Controllers/Reference.php
index a6583a0a..483d545e 100644
--- a/app/Controllers/Reference.php
+++ b/app/Controllers/Reference.php
@@ -1,5 +1,6 @@
 <?php namespace GaletteTelemetry\Controllers;
 
+use GaletteTelemetry\Gaptcha;
 use GaletteTelemetry\Models\Reference as ReferenceModel;
 use PHPMailer\PHPMailer\PHPMailer;
 use Slim\Psr7\Request;
@@ -19,6 +20,9 @@ public function view(Request $request, Response $response): Response
             ];
         }
 
+        $gaptcha = new Gaptcha();
+        $_SESSION['gaptcha'] = serialize($gaptcha);
+
         $_SESSION['reference']['pagination'] = 15;
         $order_field = $_SESSION['reference']['orderby'];
         $order_sort  = $_SESSION['reference']['sort'];
@@ -84,7 +88,8 @@ public function view(Request $request, Response $response): Response
                 'orderby'       => $_SESSION['reference']['orderby'],
                 'sort'          => $_SESSION['reference']['sort'],
                 'filters'       => $current_filters,
-                'ref_countries' => $ref_countries
+                'ref_countries' => $ref_countries,
+                'gaptcha'       => $gaptcha
             ]
         );
         return $response;
@@ -95,12 +100,32 @@ public function register(Request $request, Response $response): Response
         $post = $request->getParsedBody();
 
         // clean data
-        unset($post['g-recaptcha-response']);
+        $posted_gaptcha = (int)$post['gaptcha'];
+        unset($post['gaptcha']);
         unset($post['csrf_name']);
         unset($post['csrf_value']);
 
+        if (empty($post['num_members'])) {
+            unset($post['num_members']);
+        }
+
         $ref_data = $post;
 
+        //check captcha
+        $gaptcha = unserialize($_SESSION['gaptcha']);
+        if (!$gaptcha->check($posted_gaptcha)) {
+            $this->container->get('flash')->addMessage(
+                'error',
+                'Invalid captcha'
+            );
+            return $response
+                ->withStatus(301)
+                ->withHeader(
+                    'Location',
+                    $this->routeparser->urlFor('reference')
+                );
+        }
+
         // alter data
         $ref_data['country'] = strtolower($ref_data['country']);
 
diff --git a/app/Gaptcha.php b/app/Gaptcha.php
new file mode 100644
index 00000000..1984425c
--- /dev/null
+++ b/app/Gaptcha.php
@@ -0,0 +1,92 @@
+<?php
+
+namespace GaletteTelemetry;
+
+use NumberFormatter;
+
+class Gaptcha
+{
+    public const OP_ADD = 1;
+    public const OP_SUB = 2;
+
+    private int $max = 12;
+    private int $min = 1;
+
+    /** @var integer */
+    private int $current_left;
+    /** @var integer */
+    private int $current_right;
+    /** @var integer */
+    private int $current_op;
+    /** @var integer */
+    private int $gaptcha;
+
+    /**
+     * Default constructor
+     */
+    public function __construct()
+    {
+        $this->current_left = rand($this->min, $this->max);
+        $this->current_right = rand($this->min, $this->max);
+        $this->current_op = rand(1, 2);
+        switch ($this->current_op) {
+            case self::OP_ADD:
+                $this->gaptcha = $this->current_left + $this->current_right;
+                break;
+            case self::OP_SUB:
+                $this->gaptcha = $this->current_left - $this->current_right;
+                break;
+        }
+    }
+
+    /**
+     * Get questions phrase
+     *
+     * @return string
+     */
+    public function getQuestion(): string
+    {
+        $add_questions = [
+            'How much is %1$s plus %2$s?',
+            'How much is %1$s added to %2$s?',
+            'I have %1$s Galettes, a friend give me %2$s more. How many Galettes do I have?'
+        ];
+        $sub_questions = [
+            'How much is %1$s minus %2$s?',
+            'How much is %1$s on which we retire %2$s?',
+            'How much is %2$s retired to %1$s?',
+            'I have %1$s Galettes, I give %2$s of them. How many Galettes do I have?'
+        ];
+
+        $questions = ($this->current_op === self::OP_ADD) ? $add_questions : $sub_questions;
+        return $questions[rand(0, (count($questions) - 1))];
+    }
+
+
+    /**
+     * Generate captcha question to display
+     *
+     * @return string
+     */
+    public function generateQuestion(): string
+    {
+        $formatter = new NumberFormatter('en', NumberFormatter::SPELLOUT);
+        return sprintf(
+            $this->getQuestion(),
+            $formatter->format($this->current_left),
+            $formatter->format($this->current_right)
+        );
+    }
+
+    /**
+     * Checks captcha validity
+     *
+     * @param integer $gaptcha User entry
+     *
+     * @return boolean
+     */
+    public function check(int $gaptcha): bool
+    {
+        return $gaptcha === $this->gaptcha;
+    }
+}
diff --git a/app/Templates/default/reference.html.twig b/app/Templates/default/reference.html.twig
index 6ec9b439..64f65e54 100644
--- a/app/Templates/default/reference.html.twig
+++ b/app/Templates/default/reference.html.twig
@@ -184,9 +184,11 @@
                    <textarea name="comment" id="comment" rows="3" placeholder="Your message"></textarea>
                </div>
 
-               {% if mode != 'DEV' %}
-                   <div class="g-recaptcha" data-sitekey="{{ recaptchasitekey }}"></div>
-               {% endif %}
+                <div class="field">
+                    <label for="gaptcha" title="">Captcha</label>
+                    <p><span class="ui medium red text">{{ gaptcha.generateQuestion() }} (numbers only)</span></p>
+                    <input type="gaptcha" name="gaptcha" id="gaptcha" value="" required="required" class="required" autocomplete="1">
+                </div>
 
                 <input type="hidden" name="uuid" value="{{ uuid }}" />
                 {% include "partials/csrf.html.twig" %}
diff --git a/app/init.php b/app/init.php
index 0ef1746e..057b8fc5 100644
--- a/app/init.php
+++ b/app/init.php
@@ -208,29 +208,6 @@ function ($c) use ($config) {
     }
 );
 
-//setup recaptcha
-if (TELEMETRY_MODE == 'DEV') {
-    $recaptcha = function (ServerRequestInterface $request, RequestHandler $handler) {
-        //does nothing
-        $response = $handler->handle($request);
-        return $response;
-    };
-} else {
-    $container->set(
-        Captcha::class,
-        function ($c) {
-            return new Captcha($c->get(ReCaptcha::class));
-        }
-    );
-    $container->set(
-        ReCaptcha::class,
-        function ($c) use ($config) {
-            return new ReCaptcha($config['recaptcha']['secret']);
-        }
-    );
-    $recaptcha = $container->get(Captcha::class);
-}
-
 $app->addErrorMiddleware(true, true, true);
 
 $container->set(
diff --git a/composer.json b/composer.json
index 647ff169..1f06dd71 100644
--- a/composer.json
+++ b/composer.json
@@ -25,8 +25,6 @@
         "illuminate/pagination": "^10.29",
         "mledoze/countries": "^5.0",
         "slim/flash": "^0.4.0",
-        "google/recaptcha": "^1.1",
-        "geggleto/psr7-recaptcha": "^0.0.1",
         "phpmailer/phpmailer": "^6.8",
         "slim/csrf": "^1.3",
         "justinrainbow/json-schema": "^5.2",
@@ -34,7 +32,8 @@
         "symfony/cache": "^6.3",
         "php-di/slim-bridge": "^3.4",
         "slim/psr7": "^1.6",
-        "middlewares/trailing-slash": "^2.0"
+        "middlewares/trailing-slash": "^2.0",
+        "ext-intl": "*"
     },
     "require-dev": {
         "squizlabs/php_codesniffer": "^3.7",
diff --git a/composer.lock b/composer.lock
index 053c3f6f..8c9750b3 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "be1923043be2fc5c78d108c7fbfd2307",
+    "content-hash": "17bcf5cb48cebe95263a3c801406ba6f",
     "packages": [
         {
             "name": "brick/math",
@@ -441,107 +441,6 @@
             },
             "time": "2020-11-24T22:02:12+00:00"
         },
-        {
-            "name": "geggleto/psr7-recaptcha",
-            "version": "0.0.1",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/geggleto/psr7-recaptcha.git",
-                "reference": "648c0e62c12289892d88b5165c5bce6f50213c6a"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/geggleto/psr7-recaptcha/zipball/648c0e62c12289892d88b5165c5bce6f50213c6a",
-                "reference": "648c0e62c12289892d88b5165c5bce6f50213c6a",
-                "shasum": ""
-            },
-            "require": {
-                "google/recaptcha": "~1.1",
-                "psr/http-message": "^1.0"
-            },
-            "require-dev": {
-                "phpunit/phpunit": "^4.0",
-                "slim/slim": "^3.0-RC2"
-            },
-            "type": "library",
-            "autoload": {
-                "psr-4": {
-                    "Geggleto\\Service\\": "src"
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Glenn Eggleton",
-                    "email": "geggleto@gmail.com"
-                }
-            ],
-            "keywords": [
-                "framework",
-                "middleware",
-                "slim"
-            ],
-            "support": {
-                "issues": "https://github.com/geggleto/psr7-recaptcha/issues",
-                "source": "https://github.com/geggleto/psr7-recaptcha/tree/master"
-            },
-            "time": "2015-11-16T15:35:16+00:00"
-        },
-        {
-            "name": "google/recaptcha",
-            "version": "1.3.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/google/recaptcha.git",
-                "reference": "d59a801e98a4e9174814a6d71bbc268dff1202df"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/google/recaptcha/zipball/d59a801e98a4e9174814a6d71bbc268dff1202df",
-                "reference": "d59a801e98a4e9174814a6d71bbc268dff1202df",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=8"
-            },
-            "require-dev": {
-                "friendsofphp/php-cs-fixer": "^3.14",
-                "php-coveralls/php-coveralls": "^2.5",
-                "phpunit/phpunit": "^10"
-            },
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "1.3.x-dev"
-                }
-            },
-            "autoload": {
-                "psr-4": {
-                    "ReCaptcha\\": "src/ReCaptcha"
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "BSD-3-Clause"
-            ],
-            "description": "Client library for reCAPTCHA, a free service that protects websites from spam and abuse.",
-            "homepage": "https://www.google.com/recaptcha/",
-            "keywords": [
-                "Abuse",
-                "captcha",
-                "recaptcha",
-                "spam"
-            ],
-            "support": {
-                "forum": "https://groups.google.com/forum/#!forum/recaptcha",
-                "issues": "https://github.com/google/recaptcha/issues",
-                "source": "https://github.com/google/recaptcha"
-            },
-            "time": "2023-02-18T17:41:46+00:00"
-        },
         {
             "name": "illuminate/collections",
             "version": "v10.29.0",
@@ -4843,7 +4742,8 @@
     "prefer-lowest": false,
     "platform": {
         "php": ">=8.1",
-        "ext-pgsql": "*"
+        "ext-pgsql": "*",
+        "ext-intl": "*"
     },
     "platform-dev": [],
     "plugin-api-version": "2.6.0"
diff --git a/public/index.php b/public/index.php
index fe87c96f..2d3cf7e1 100644
--- a/public/index.php
+++ b/public/index.php
@@ -1,6 +1,6 @@
 <?php
 
-global $container, $recaptcha;
+global $container;
 
 use Slim\App;
 
@@ -33,7 +33,6 @@
 
 //Reference registration
 $app->post('/reference', 'GaletteTelemetry\Controllers\Reference:register')
-   ->add($recaptcha)
    ->add($container->get('csrf'))
    ->setName('registerReference');
 /** /References */