Commit 172b0fd3 authored by Dominik Hebeler's avatar Dominik Hebeler

Fixed Botprotection

parent cab04187
......@@ -51,6 +51,7 @@ class HumanVerification extends Controller
->with('id', $id)
->with('url', $url)
->with('image', $captcha["img"]);
}
public static function remove(Request $request)
......
......@@ -35,7 +35,7 @@ class HumanVerification
* If someone that uses a bot finds this out we
* might have to change it at some point.
*/
if ($request->filled('password') || $request->filled('key') || $request->filled('appversion') || !env('BOT_PROTECTION', false)) {
if ($request->has('password') || $request->has('key') || $request->has('appversion') || !env('BOT_PROTECTION', false)) {
$update = false;
return $next($request);
}
......@@ -126,10 +126,8 @@ class HumanVerification
# The user currently isn't locked
# We have different security gates:
# 50, 75, 85, >=90 => Captcha validated Result Pages
# 50 and then every 25 => Captcha validated Result Pages
# If the user shows activity on our result page the counter will be deleted
# Maybe I'll add a ban if the user reaches 100
if ($user["unusedResultPages"] === 50 || ($user["unusedResultPages"] > 50 && $user["unusedResultPages"] % 25 === 0)) {
$user["locked"] = true;
}
......@@ -138,8 +136,8 @@ class HumanVerification
} catch (\Illuminate\Database\QueryException $e) {
// Failure in contacting metager3.de
} finally {
// Update the user in the database
if ($update) {
// Update the user in the database
if ($newUser) {
DB::table('humanverification')->insert(
[
......@@ -171,5 +169,6 @@ class HumanVerification
}
$request->request->add(['verification_id' => $user["uid"], 'verification_count' => $user["unusedResultPages"]]);
return $next($request);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment