WHMCS-Addons/whmcs-turnstile
9
0
Fork 0
mirror of https://github.com/hybula/whmcs-turnstile.git synced 2025-12-19 14:59:24 +00:00
Code Issues Releases Activity

Merge pull request #17 from pplulee/main

Browse Source 
feat: support captcha on reset page
This commit is contained in:
Tamer
2025-07-26 13:56:22 +02:00
committed by GitHub
parent 86f45ebd0d 95ddc021c1
commit cb18a98b55
2 changed files with 20 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -38,7 +38,7 @@ const hybulaTurnstileSite = '';
const hybulaTurnstileSecret = ''; const hybulaTurnstileSecret = '';
const hybulaTurnstileTheme = 'auto'; const hybulaTurnstileTheme = 'auto';
const hybulaTurnstileError = 'Something went wrong with your captcha challenge!'; const hybulaTurnstileError = 'Something went wrong with your captcha challenge!';
const hybulaTurnstileLocations = ['login', 'register', 'checkout', 'ticket', 'contact']; const hybulaTurnstileLocations = ['login', 'register', 'checkout', 'ticket', 'contact', 'reset'];
``` ```
Final notes: Due to some limitations, the captcha will **NOT** be shown when there is an active admin session. If you want to test it, open up your WHMCS in a private window. Final notes: Due to some limitations, the captcha will **NOT** be shown when there is an active admin session. If you want to test it, open up your WHMCS in a private window.

30
includes/hooks/hybula_turnstile.php
View File

@@ -16,19 +16,24 @@
declare(strict_types=1); declare(strict_types=1);
if (!defined('WHMCS')) { if (! defined('WHMCS')) {
die('This file cannot be accessed directly!'); die('This file cannot be accessed directly!');
} }
if (!isset($_SESSION['adminid'])) { if (! isset($_SESSION['adminid'])) {
if (!empty($_POST) && (!isset($_SESSION['uid']) && hybulaTurnstileExcludeLogin)) { if (! empty($_POST) && (! isset($_SESSION['uid']) && hybulaTurnstileExcludeLogin)) {
$pageFile = basename($_SERVER['SCRIPT_NAME'], '.php'); $pageFile = basename($_SERVER['SCRIPT_NAME'], '.php');
if ((($pageFile == 'index' && isset($_POST['username']) && isset($_POST['password']) && in_array('login', hybulaTurnstileLocations)) || if (hybulaTurnstileEnabled &&
(
($pageFile == 'index' && isset($_POST['username']) && isset($_POST['password']) && in_array('login', hybulaTurnstileLocations)) ||
($pageFile == 'register' && in_array('register', hybulaTurnstileLocations)) || ($pageFile == 'register' && in_array('register', hybulaTurnstileLocations)) ||
($pageFile == 'contact' && in_array('contact', hybulaTurnstileLocations)) || ($pageFile == 'contact' && in_array('contact', hybulaTurnstileLocations)) ||
($pageFile == 'submitticket' && isset($_POST['subject']) && in_array('ticket', hybulaTurnstileLocations)) || ($pageFile == 'submitticket' && isset($_POST['subject']) && in_array('ticket', hybulaTurnstileLocations)) ||
($pageFile == 'cart' && $_GET['a'] == 'checkout' && in_array('checkout', hybulaTurnstileLocations))) && hybulaTurnstileEnabled) { ($pageFile == 'cart' && $_GET['a'] == 'checkout' && in_array('checkout', hybulaTurnstileLocations)) ||
if (!isset($_POST['cf-turnstile-response'])) { ($pageFile == 'index' && isset($_POST['email']) && in_array('reset', hybulaCapLocations))
)
) {
if (! isset($_POST['cf-turnstile-response'])) {
unset($_SESSION['uid']); unset($_SESSION['uid']);
die('Missing captcha response in POST data!'); die('Missing captcha response in POST data!');
} }
@@ -54,7 +59,7 @@ if (!isset($_SESSION['adminid'])) {
$err = curl_error($curl); $err = curl_error($curl);
curl_close($curl); curl_close($curl);
if ($json = json_decode($result)) { if ($json = json_decode($result)) {
if (!$json->success) { if (! $json->success) {
unset($_SESSION['uid']); unset($_SESSION['uid']);
die(hybulaTurnstileError); die(hybulaTurnstileError);
} }
@@ -63,18 +68,21 @@ if (!isset($_SESSION['adminid'])) {
} }
add_hook('ClientAreaFooterOutput', 1, function ($vars) { add_hook('ClientAreaFooterOutput', 1, function ($vars) {
if (!hybulaTurnstileEnabled || (isset($_SESSION['uid']) && hybulaTurnstileExcludeLogin)) { if (! hybulaTurnstileEnabled || (isset($_SESSION['uid']) && hybulaTurnstileExcludeLogin)) {
return ''; return '';
} }
$pageFile = basename($_SERVER['SCRIPT_NAME'], '.php'); $pageFile = basename($_SERVER['SCRIPT_NAME'], '.php');
if ((in_array('login', hybulaTurnstileLocations) && $vars['pagetitle'] == $vars['LANG']['login']) || if (
(in_array('login', hybulaTurnstileLocations) && $vars['pagetitle'] == $vars['LANG']['login']) ||
(in_array('register', hybulaTurnstileLocations) && $pageFile == 'register') || (in_array('register', hybulaTurnstileLocations) && $pageFile == 'register') ||
(in_array('contact', hybulaTurnstileLocations) && $pageFile == 'contact') || (in_array('contact', hybulaTurnstileLocations) && $pageFile == 'contact') ||
(in_array('ticket', hybulaTurnstileLocations) && $pageFile == 'submitticket') || (in_array('ticket', hybulaTurnstileLocations) && $pageFile == 'submitticket') ||
(in_array('checkout', hybulaTurnstileLocations) && $pageFile == 'cart' && $_GET['a'] == 'checkout')) { (in_array('checkout', hybulaTurnstileLocations) && $pageFile == 'cart' && $_GET['a'] == 'checkout') ||
(in_array('reset', hybulaCapLocations) && $vars['pagetitle'] == $vars['LANG']['pwreset'])
) {
return '<script> return '<script>
var turnstileDiv = document.createElement("div"); var turnstileDiv = document.createElement("div");
turnstileDiv.innerHTML = \'<div class="cf-turnstile" data-sitekey="'.hybulaTurnstileSite.'" data-callback="javascriptCallback" data-theme="'.hybulaTurnstileTheme.'"></div>'.(hybulaTurnstileCredits ? '<a href="https://github.com/hybula/whmcs-turnstile" target="_blank"><small class="text-muted text-uppercase">Captcha integration by Hybula</small></a>' : '<!-- Captcha integration by Hybula (https://github.com/hybula/whmcs-turnstile) -->').'<br><br>\'; turnstileDiv.innerHTML = \'<div class="cf-turnstile" data-sitekey="' . hybulaTurnstileSite . '" data-callback="javascriptCallback" data-theme="' . hybulaTurnstileTheme . '"></div>' . (hybulaTurnstileCredits ? '<a href="https://github.com/hybula/whmcs-turnstile" target="_blank"><small class="text-muted text-uppercase">Captcha integration by Hybula</small></a>' : '<!-- Captcha integration by Hybula (https://github.com/hybula/whmcs-turnstile) -->') . '<br><br>\';
if (document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\')) { if (document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\')) {
var form = document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\').parentNode; var form = document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\').parentNode;
form.insertBefore(turnstileDiv, document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\')); form.insertBefore(turnstileDiv, document.querySelector(\'input[type=submit],#login,div.text-center > button[type=submit],#openTicketSubmit\'));