Commit 4c90ea03 authored by lucha's avatar lucha

[auto] plugin: wp2pgpmail 1.26

parent 8f957d20
## Name:
**Securimage** - A PHP class for creating captcha images and audio with many options.
## Version:
**3.6.7**
## Author:
Drew Phillips <drew@drew-phillips.com>
## Download:
The latest version can always be found at [phpcaptcha.org](https://www.phpcaptcha.org)
## Documentation:
Online documentation of the class, methods, and variables can be found
at http://www.phpcaptcha.org/Securimage_Docs/
## Requirements:
* PHP 5.4 or greater
* GD 2.0
* FreeType (Required, for TTF fonts)
* PDO (if using Sqlite, MySQL, or PostgreSQL)
## Synopsis:
**Within your HTML form**
<form method="post" action="">
.. form elements
<div>
<?php
require_once 'securimage.php';
echo Securimage::getCaptchaHtml();
?>
</div>
</form>
**Within your PHP form processor**
require_once 'securimage.php';
// Code Validation
$image = new Securimage();
if ($image->check($_POST['captcha_code']) == true) {
echo "Correct!";
} else {
echo "Sorry, wrong code.";
}
## Description:
What is **Securimage**?
Securimage is a PHP class that is used to generate and validate CAPTCHA images.
The classes uses an existing PHP session or creates its own if none is found to
store the CAPTCHA code. In addition, a database can be used instead of
session storage.
Variables within the class are used to control the style and display of the
image. The class uses TTF fonts and effects for strengthening the security of
the image.
It also creates audible codes which are played for visually impared users.
## UPGRADE NOTICE:
**3.6.3 and below:**
Securimage 3.6.4 fixed a XSS vulnerability in example_form.ajax.php. It is
recommended to upgrade to the latest version or delete example_form.ajax.php
from the securimage directory on your website.
**3.6.2 and above:**
If you are upgrading to 3.6.2 or greater *AND* are using database storage,
the table structure has changed in 3.6.2 adding an audio_data column for
storing audio files in the database in order to support HTTP range
requests. Delete your tables and have Securimage recreate them or see
the function createDatabaseTables() in securimage.php for the new structure
depending on which database backend you are using and alter the tables as
needed. If using SQLite, just overwrite your existing securimage.sq3 file
with the one from this release.
*If you are not using database tables for storage, ignore this notice.*
## Copyright:
Script
Copyright (c) 2018 Drew Phillips
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
## Licenses:
**WavFile.php**
The WavFile.php class used in Securimage by Drew Phillips and Paul Voegler
is used under the BSD License. See WavFile.php for details.
Many thanks to Paul Voegler (http://www.voegler.eu/) for contributing to
Securimage.
Script
---------------------------------------------------------------------------
**Flash code for Securimage**
Flash code created by Age Bosma & Mario Romero (animario@hotmail.com)
Many thanks for releasing this to the project!
---------------------------------------------------------------------------
**HKCaptcha**
Portions of Securimage contain code from Han-Kwang Nienhuys' PHP captcha
Han-Kwang Nienhuys' PHP captcha
Copyright June 2007
This copyright message and attribution must be preserved upon
modification. Redistribution under other licenses is expressly allowed.
Other licenses include GPL 2 or higher, BSD, and non-free licenses.
The original, unrestricted version can be obtained from
http://www.lagom.nl/linux/hkcaptcha/
---------------------------------------------------------------------------
**AHGBold.ttf**
AHGBold.ttf (AlteHaasGroteskBold.ttf) font was created by Yann Le Coroller
and is distributed as freeware.
Alte Haas Grotesk is a typeface that look like an helvetica printed in an
old Muller-Brockmann Book.
These fonts are freeware and can be distributed as long as they are
together with this text file.
I would appreciate very much to see what you have done with it anyway.
yann le coroller
www.yannlecoroller.com
yann@lecoroller.com
---------------------------------------------------------------------------
**PopForge Flash Library**
Portions of securimage_play.swf use the PopForge flash library for playing audio
/**
* Copyright(C) 2007 Andre Michelle and Joa Ebert
*
* PopForge is an ActionScript3 code sandbox developed by Andre Michelle
* and Joa Ebert
* http://sandbox.popforge.de
*
* PopforgeAS3Audio is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* PopforgeAS3Audio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*/
--------------------------------------------------------------------------
**Graphics**
Some graphics used are from the Humility Icon Pack by WorLord
License: GNU/GPL (http://findicons.com/pack/1723/humility)
http://findicons.com/icon/192558/gnome_volume_control
http://findicons.com/icon/192562/gtk_refresh
--------------------------------------------------------------------------
**Background noise sound files are from SoundJay.com**
http://www.soundjay.com/tos.html
All sound effects on this website are created by us and protected under
the copyright laws, international treaty provisions and other applicable
laws. By downloading sounds, music or any material from this site implies
that you have read and accepted these terms and conditions:
Sound Effects
You are allowed to use the sounds free of charge and royalty free in your
projects (such as films, videos, games, presentations, animations, stage
plays, radio plays, audio books, apps) be it for commercial or
non-commercial purposes.
But you are NOT allowed to
- post the sounds (as sound effects or ringtones) on any website for
others to download, copy or use
- use them as a raw material to create sound effects or ringtones that
you will sell, distribute or offer for downloading
- sell, re-sell, license or re-license the sounds (as individual sound
effects or as a sound effects library) to anyone else
- claim the sounds as yours
- link directly to individual sound files
- distribute the sounds in apps or computer programs that are clearly
sound related in nature (such as sound machine, sound effect
generator, ringtone maker, funny sounds app, sound therapy app, etc.)
or in apps or computer programs that use the sounds as the program's
sound resource library for other people's use (such as animation
creator, digital book creator, song maker software, etc.). If you are
developing such computer programs, contact us for licensing options.
If you use the sound effects, please consider giving us a credit and
linking back to us but it's not required.
NAME:
Securimage - A PHP class for creating and managing form CAPTCHA images
Securimage - A PHP class for creating captcha images and audio with many options.
VERSION: 2.0 BETA
VERSION:
3.6.7
AUTHOR:
......@@ -19,22 +21,33 @@ DOCUMENTATION:
be found at http://www.phpcaptcha.org/Securimage_Docs/
REQUIREMENTS:
PHP 4.3.0
PHP 5.4 or greater
GD 2.0
FreeType (recommended, required for TTF support)
FreeType (Required, for TTF fonts)
PDO (if using Sqlite, MySQL, or PostgreSQL)
SYNOPSIS:
require_once 'securimage.php';
$image = new Securimage();
$image->show();
**Within your HTML form**
<form method="post" action="">
.. form elements
<div>
<?php echo Securimage::getCaptchaHtml() ?>
</div>
</form>
**Within your PHP form processor**
// Code Validation
$image = new Securimage();
if ($image->check($_POST['code']) == true) {
if ($image->check($_POST['captcha_code']) == true) {
echo "Correct!";
} else {
echo "Sorry, wrong code.";
......@@ -44,23 +57,75 @@ DESCRIPTION:
What is Securimage?
Securimage is a PHP class that is used to generate and validate CAPTCHA images.
The classes uses an existing PHP session or creates its own if none is found to store the
CAPTCHA code. Variables within the class are used to control the style and display of the image.
The class supports TTF fonts and effects for strengthening the security of the image.
If TTF support is not available, GD fonts can be used as well, but certain options such as
transparent text and angled letters cannot be used.
Securimage is a PHP class that is used to generate and validate CAPTCHA
images.
The classes uses an existing PHP session or creates its own if
none is found to store the CAPTCHA code. In addition, a database can be
used instead of session storage.
Variables within the class are used to control the style and display of
the image. The class uses TTF fonts and effects for strengthening the
security of the image.
It also creates audible codes which are played for visually impared users.
UPGRADE NOTICE:
3.6.3 and below:
Securimage 3.6.4 fixed a XSS vulnerability in example_form.ajax.php. It is
recommended to upgrade to the latest version or delete example_form.ajax.php
from the securimage directory on your website.
3.6.2 and above:
If you are upgrading to 3.6.2 or greater AND are using database storage,
the table structure has changed in 3.6.2 adding an audio_data column for
storing audio files in the database in order to support HTTP range
requests. Delete your tables and have Securimage recreate them or see
the function createDatabaseTables() in securimage.php for the new structure
depending on which database backend you are using and alter the tables as
needed. If using SQLite, just overwrite your existing securimage.sq3 file
with the one from this release.
If you are not using database tables for storage, ignore this notice.
COPYRIGHT:
Copyright (c) 2009 Drew Phillips. All rights reserved.
This software is released under the GNU Lesser General Public License.
-----------------------------------------------------------------------------
Flash code created for Securimage by Douglas Walsh (www.douglaswalsh.net)
Copyright (c) 2018 Drew Phillips
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
LICENSES:
The WavFile.php class used in Securimage by Drew Phillips and Paul Voegler
is used under the BSD License. See WavFile.php for details.
Many thanks to Paul Voegler (http://www.voegler.eu/) for contributing to
Securimage.
---------------------------------------------------------------------------
Flash code created by Age Bosma & Mario Romero (animario@hotmail.com)
Many thanks for releasing this to the project!
------------------------------------------------------------------------------
---------------------------------------------------------------------------
Portions of Securimage contain code from Han-Kwang Nienhuys' PHP captcha
Han-Kwang Nienhuys' PHP captcha
......@@ -72,10 +137,12 @@ COPYRIGHT:
The original, unrestricted version can be obtained from
http://www.lagom.nl/linux/hkcaptcha/
-------------------------------------------------------------------------------
AHGBold.ttf (AlteHaasGroteskBold.ttf) font was created by Yann Le Coroller and is distributed as freeware
---------------------------------------------------------------------------
AHGBold.ttf (AlteHaasGroteskBold.ttf) font was created by Yann Le Coroller
and is distributed as freeware.
Alte Haas Grotesk is a typeface that look like an helvetica printed in an old Muller-Brockmann Book.
Alte Haas Grotesk is a typeface that look like an helvetica printed in an
old Muller-Brockmann Book.
These fonts are freeware and can be distributed as long as they are
together with this text file.
......@@ -86,3 +153,70 @@ COPYRIGHT:
www.yannlecoroller.com
yann@lecoroller.com
---------------------------------------------------------------------------
Portions of securimage_play.swf use the PopForge flash library for
playing audio
/**
* Copyright(C) 2007 Andre Michelle and Joa Ebert
*
* PopForge is an ActionScript3 code sandbox developed by Andre Michelle
* and Joa Ebert
* http://sandbox.popforge.de
*
* PopforgeAS3Audio is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* PopforgeAS3Audio is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*/
--------------------------------------------------------------------------
Some graphics used are from the Humility Icon Pack by WorLord
License: GNU/GPL (http://findicons.com/pack/1723/humility)
http://findicons.com/icon/192558/gnome_volume_control
http://findicons.com/icon/192562/gtk_refresh
--------------------------------------------------------------------------
Background noise sound files are from SoundJay.com
http://www.soundjay.com/tos.html
All sound effects on this website are created by us and protected under
the copyright laws, international treaty provisions and other applicable
laws. By downloading sounds, music or any material from this site implies
that you have read and accepted these terms and conditions:
Sound Effects
You are allowed to use the sounds free of charge and royalty free in your
projects (such as films, videos, games, presentations, animations, stage
plays, radio plays, audio books, apps) be it for commercial or
non-commercial purposes.
But you are NOT allowed to
- post the sounds (as sound effects or ringtones) on any website for
others to download, copy or use
- use them as a raw material to create sound effects or ringtones that
you will sell, distribute or offer for downloading
- sell, re-sell, license or re-license the sounds (as individual sound
effects or as a sound effects library) to anyone else
- claim the sounds as yours
- link directly to individual sound files
- distribute the sounds in apps or computer programs that are clearly
sound related in nature (such as sound machine, sound effect
generator, ringtone maker, funny sounds app, sound therapy app, etc.)
or in apps or computer programs that use the sounds as the program's
sound resource library for other people's use (such as animation
creator, digital book creator, song maker software, etc.). If you are
developing such computer programs, contact us for licensing options.
If you use the sound effects, please consider giving us a credit and
linking back to us but it's not required.
This diff is collapsed.
# Deny access to this folder
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
<!DOCTYPE html>
<html>
<!--
The following is a complete HTML snippet that can be used on your form for
displaying the captcha image.
This HTML snippet generates a CAPTCHA image, HTML5 audio controls, a button
to refresh the image and audio, as well as an input field for accepting the
captcha code input.
Modify to fit your needs and the website appearance. The audio section can
also be removed if desired.
The same code is given twice, first as a whole and then repeated with
inline comments describing the individual elements.
Most of this code can be generated automatically with many customization
options by using the function Securimage::getCaptchaHtml() instead.
-->
<head>
<meta charset="utf-8">
<title>Sample CAPTCHA HTML</title>
<link rel="stylesheet" href="securimage.css" media="screen">
</head>
<body>
<h4>Note: Running this on a PHP enabled server will likely work, but you should use example_form.php for testing instead.</h4>
<div>
<img style="float: left; padding-right: 5px" id="captcha_image" src="securimage_show.php?<?php echo md5(uniqid(time)) ?>" alt="CAPTCHA Image">
<div id="captcha_image_audio_div">
<audio id="captcha_image_audio" preload="none" style="display: none">
<!-- <source id="captcha_image_source_mp3" src="securimage_play.php?id=1234&amp;format=mp3" type="audio/mpeg"> -->
<source id="captcha_image_source_wav" src="securimage_play.php?id=1234" type="audio/wav">
<object type="application/x-shockwave-flash" data="securimage_play.swf?bgcol=%23ffffff&amp;icon_file=images%2Faudio_icon.png&amp;audio_file=securimage_play.php" height="32" width="32">
<param name="movie" value="securimage_play.swf?bgcol=%23ffffff&amp;icon_file=images%2Faudio_icon.png&amp;audio_file=securimage_play.php" />
</object>
</audio>
</div>
<div id="captcha_image_audio_controls">
<a tabindex="-1" class="captcha_play_button" href="securimage_play.php?id=1234 ?>" onclick="return false">
<img class="captcha_play_image" height="32" width="32" src="images/audio_icon.png" alt="Play CAPTCHA Audio" style="border: 0px">
<img class="captcha_loading_image rotating" height="32" width="32" src="images/loading.png" alt="Loading audio" style="display: none">
</a>
<noscript>Enable Javascript for audio controls</noscript>
</div>
<a tabindex="-1" style="border: 0" href="#" title="Refresh Image" onclick="document.getElementById('captcha_image').src = 'securimage_show.php?' + Math.random(); captcha_image_audioObj.refresh(); this.blur(); return false">
<img height="32" width="32" src="images/refresh.png" alt="Refresh Image" onclick="this.blur()" style="border: 0px; vertical-align: bottom" />
</a>
<br>
<script type="text/javascript" src="securimage.js"></script>
<script type="text/javascript">
captcha_image_audioObj = new SecurimageAudio({ audioElement: 'captcha_image_audio', controlsElement: 'captcha_image_audio_controls