makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-24 02:48:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/14241] Prevent empty q&a as a result of improper settings

Browse source 
Improper setup of the q&a captcha in combination with the admin choosing a
default language that does not have any questions and answers set might
result in the user being presented empty questions and answers. This
change will try to fall back to any question in case the admin incorrectly
set the default language and has no questions & answers set. If that does
not work, the captcha will not allow passing it and suggest to contact the
board admin to resolve this issue.

PHPBB3-14241
This commit is contained in:
Marc Alexander 2016-03-11 10:51:07 +01:00
parent 9288a50bcf
commit 4c5c289f75
2 changed files with 25 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/language/en/captcha_qa.php
View file

@ -40,6 +40,7 @@ $lang = array_merge($lang, array(
'CAPTCHA_QA' => 'Q&A',
'CONFIRM_QUESTION_EXPLAIN' => 'This question is a means of preventing automated form submissions by spambots.',
'CONFIRM_QUESTION_WRONG' => 'You have provided an invalid answer to the question.',
'CONFIRM_QUESTION_MISSING' => 'Questions for the captcha could not be retrieved. Please contact a board administrator.',
'QUESTION_ANSWERS' => 'Answers',
'ANSWERS_EXPLAIN' => 'Please enter valid answers to the question, one per line.',
@ -60,5 +61,4 @@ $lang = array_merge($lang, array(
'QA_ERROR_MSG' => 'Please fill in all fields and enter at least one answer.',
'QA_LAST_QUESTION' => 'You cannot delete all questions while the plugin is active.',
));

26
phpBB/phpbb/captcha/plugins/qa.php
View file

@ -100,6 +100,28 @@ class qa
$db->sql_freeresult($result);
}
// final fallback to any language
if (!sizeof($this->question_ids))
{
$this->question_lang = '';
$sql = 'SELECT q.question_id, q.lang_iso
FROM ' . $this->table_captcha_questions . ' q, ' . $this->table_captcha_answers . ' a
WHERE q.question_id = a.question_id
GROUP BY lang_iso';
$result = $db->sql_query($sql, 7200);
while ($row = $db->sql_fetchrow($result))
{
if (empty($this->question_lang))
{
$this->question_lang = $row['lang_iso'];
}
$this->question_ids[$row['question_id']] = $row['question_id'];
}
$db->sql_freeresult($result);
}
// okay, if there is a confirm_id, we try to load that confirm's state. If not, we try to find one
if (!$this->load_answer() && (!$this->load_confirm_id() || !$this->load_answer()))
{
@ -200,7 +222,7 @@ class qa
{
global $template;
if ($this->is_solved())
if ($this->is_solved() || !count($this->question_ids))
{
return false;
}
@ -370,7 +392,7 @@ class qa
if (!sizeof($this->question_ids))
{
return false;
return $user->lang['CONFIRM_QUESTION_MISSING'];
}
if (!$this->confirm_id)