Uploaded image for project: 'phpBB'
  1. phpBB
  2. PHPBB-9829

Recaptcha plugin result interpretation fault

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • 3.0.8-RC1
    • 3.0.6, 3.0.7, 3.0.7-PL1
    • User Control Panel (UCP)
    • None

      crrodriguez:
      Hi:

      There is a massive bug in the included recaptcha plugin

      The problem is in /includes/captcha/plugins/phpbb_recaptcha_plugin.php
      function recaptcha_check_answer

      it says:

      if (trim($answers[0]) === 'true')

      { $this->solved = true; return false; }
      else
      {
      if ($answers[1] === 'incorrect-captcha-sol') { return $user->lang['RECAPTCHA_INCORRECT']; }
      }


      The important part is when the code checks $answers[1] , that's awfully broken, it must NOT check the returning error string but the returning error code

      This makes captcha easily bypassable by a text browser/bot, as they do not support javascript, and when captcha is not resolved the challenge response defaults to "manual_challenge", there is no point in checking the error string, you only want $answers[0] being true, every other return value regardless its contents must return incorrect captcha.


      fix:

      if (trim($answers[0]) === 'true'){ $this->solved = true; return false; }

      else

      { return $user->lang['RECAPTCHA_INCORRECT']; }

            bantu Andreas Fischer [X] (Inactive)
            Kellanved Kellanved [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: