Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-9829

Recaptcha plugin result interpretation fault

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.0.6, 3.0.7, 3.0.7-PL1
    • Fix Version/s: 3.0.8-RC1
    • Labels:
      None

      Description

      crrodriguez:
      Hi:

      There is a massive bug in the included recaptcha plugin

      The problem is in /includes/captcha/plugins/phpbb_recaptcha_plugin.php
      function recaptcha_check_answer

      it says:

      if (trim($answers[0]) === 'true')

      { $this->solved = true; return false; }
      else
      {
      if ($answers[1] === 'incorrect-captcha-sol') { return $user->lang['RECAPTCHA_INCORRECT']; }
      }


      The important part is when the code checks $answers[1] , that's awfully broken, it must NOT check the returning error string but the returning error code

      This makes captcha easily bypassable by a text browser/bot, as they do not support javascript, and when captcha is not resolved the challenge response defaults to "manual_challenge", there is no point in checking the error string, you only want $answers[0] being true, every other return value regardless its contents must return incorrect captcha.


      fix:

      if (trim($answers[0]) === 'true'){ $this->solved = true; return false; }

      else

      { return $user->lang['RECAPTCHA_INCORRECT']; }

        Activity

        Hide
        bantu Andreas Fischer added a comment - - edited

        Commit message isn't following the coding guidelines, reopening.
        I've also asked the patch author for real name and email address, now.

        Show
        bantu Andreas Fischer added a comment - - edited Commit message isn't following the coding guidelines, reopening. I've also asked the patch author for real name and email address, now.
        Hide
        bantu Andreas Fischer added a comment -

        Author hasn't replied yet.

        Show
        bantu Andreas Fischer added a comment - Author hasn't replied yet.
        Hide
        RMcGirr83 Rich McGirr added a comment -

        Fixed. To test used 3.0.7-PL1 forum, disabled js in browser and could recreate the issue (pass CAPTCHA challenge). Used different 3.0.8-RC1 forum with same browser and couldn't proceed with registration.

        Show
        RMcGirr83 Rich McGirr added a comment - Fixed. To test used 3.0.7-PL1 forum, disabled js in browser and could recreate the issue (pass CAPTCHA challenge). Used different 3.0.8-RC1 forum with same browser and couldn't proceed with registration.

          People

          • Assignee:
            bantu Andreas Fischer
            Reporter:
            Kellanved Kellanved [X] (Inactive)
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development