Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-9829

Recaptcha plugin result interpretation fault

    XMLWordPrintable

Details

    Description

      crrodriguez:
      Hi:

      There is a massive bug in the included recaptcha plugin

      The problem is in /includes/captcha/plugins/phpbb_recaptcha_plugin.php
      function recaptcha_check_answer

      it says:

      if (trim($answers[0]) === 'true')

      { $this->solved = true; return false; }
      else
      {
      if ($answers[1] === 'incorrect-captcha-sol') { return $user->lang['RECAPTCHA_INCORRECT']; }
      }


      The important part is when the code checks $answers[1] , that's awfully broken, it must NOT check the returning error string but the returning error code

      This makes captcha easily bypassable by a text browser/bot, as they do not support javascript, and when captcha is not resolved the challenge response defaults to "manual_challenge", there is no point in checking the error string, you only want $answers[0] being true, every other return value regardless its contents must return incorrect captcha.


      fix:

      if (trim($answers[0]) === 'true'){ $this->solved = true; return false; }

      else

      { return $user->lang['RECAPTCHA_INCORRECT']; }

      Attachments

        Activity

          People

            bantu Andreas Fischer
            Kellanved Kellanved [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: