1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
From 0314e67900f01410bc8c81c58a40dc0515e3c91d Mon Sep 17 00:00:00 2001
From: Madhura Jayaratne <madhura.cj@gmail.com>
Date: Tue, 8 Sep 2015 07:02:16 +1000
Subject: [PATCH] Fix reCaptcha bypass
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
---
ChangeLog | 3 +++
.../plugins/auth/AuthenticationCookie.class.php | 29 +---------------------
.../plugin/auth/PMA_AuthenticationCookie_test.php | 19 +++++++-------
3 files changed, 14 insertions(+), 37 deletions(-)
diff --git a/libraries/plugins/auth/AuthenticationCookie.class.php b/libraries/plugins/auth/AuthenticationCookie.class.php
index c901248..fed2281 100644
--- a/libraries/plugins/auth/AuthenticationCookie.class.php
+++ b/libraries/plugins/auth/AuthenticationCookie.class.php
@@ -218,18 +218,9 @@ public function auth()
. $GLOBALS['server'] . '" />';
} // end if (server choice)
- // We already have one correct captcha.
- $skip = false;
- if ( isset($_SESSION['last_valid_captcha'])
- && $_SESSION['last_valid_captcha']
- ) {
- $skip = true;
- }
-
// Add captcha input field if reCaptcha is enabled
if ( !empty($GLOBALS['cfg']['CaptchaLoginPrivateKey'])
&& !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])
- && !$skip
) {
// If enabled show captcha to the user on the login screen.
echo '<script type="text/javascript">
@@ -349,18 +340,9 @@ public function authCheck()
return false;
}
- // We already have one correct captcha.
- $skip = false;
- if ( isset($_SESSION['last_valid_captcha'])
- && $_SESSION['last_valid_captcha']
- ) {
- $skip = true;
- }
-
// Verify Captcha if it is required.
if ( !empty($GLOBALS['cfg']['CaptchaLoginPrivateKey'])
&& !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])
- && !$skip
) {
if ( !empty($_POST["recaptcha_challenge_field"])
&& !empty($_POST["recaptcha_response_field"])
@@ -378,10 +360,7 @@ public function authCheck()
// Check if the captcha entered is valid, if not stop the login.
if ( !$resp->is_valid ) {
$conn_error = __('Entered captcha is wrong, try again!');
- $_SESSION['last_valid_captcha'] = false;
return false;
- } else {
- $_SESSION['last_valid_captcha'] = true;
}
} elseif (! empty($_POST["recaptcha_challenge_field"])
&& empty($_POST["recaptcha_response_field"])
@@ -389,11 +368,7 @@ public function authCheck()
$conn_error = __('Please enter correct captcha!');
return false;
} else {
- if (! isset($_SESSION['last_valid_captcha'])
- || ! $_SESSION['last_valid_captcha']
- ) {
- return false;
- }
+ return false;
}
}
@@ -406,8 +381,6 @@ public function authCheck()
if (! defined('TESTSUITE')) {
session_destroy();
- // $_SESSION array is not immediately emptied
- $_SESSION['last_valid_captcha'] = false;
}
// -> delete password cookie(s)
if ($GLOBALS['cfg']['LoginCookieDeleteAll']) {
|
