1   /**
2    * Copyright (c) 2000-2007 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.captcha;
24  
25  import com.liferay.portal.kernel.util.GetterUtil;
26  import com.liferay.portal.kernel.util.ParamUtil;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.util.PropsUtil;
29  import com.liferay.portal.util.WebKeys;
30  
31  import javax.portlet.PortletRequest;
32  import javax.portlet.PortletSession;
33  
34  import javax.servlet.http.HttpServletRequest;
35  import javax.servlet.http.HttpSession;
36  
37  import org.apache.commons.logging.Log;
38  import org.apache.commons.logging.LogFactory;
39  
40  /**
41   * <a href="CaptchaUtil.java.html"><b><i>View Source</i></b></a>
42   *
43   * @author Brian Wing Shun Chan
44   *
45   */
46  public class CaptchaUtil {
47  
48      public static void check(HttpServletRequest req)
49          throws CaptchaTextException {
50  
51          if (isEnabled(req)) {
52              HttpSession ses = req.getSession();
53  
54              String captchaText = (String)ses.getAttribute(WebKeys.CAPTCHA_TEXT);
55  
56              // Captcha should never be null, but on the rare occasion it is,
57              // just let people register.
58  
59              if (captchaText != null) {
60                  if (!captchaText.equals(
61                          ParamUtil.getString(req, "captchaText"))) {
62  
63                      throw new CaptchaTextException();
64                  }
65                  else {
66                      if (_log.isDebugEnabled()) {
67                          _log.debug("Captcha text is valid");
68                      }
69  
70                      int captchaMaxChallenges = GetterUtil.getInteger(
71                          PropsUtil.get(PropsUtil.CAPTCHA_MAX_CHALLENGES));
72  
73                      if ((captchaMaxChallenges > 0) &&
74                          (Validator.isNotNull(req.getRemoteUser()))) {
75  
76                          Integer count = (Integer)ses.getAttribute(
77                              WebKeys.CAPTCHA_COUNT);
78  
79                          if (count == null) {
80                              count = new Integer(1);
81                          }
82                          else {
83                              count = new Integer(count.intValue() + 1);
84                          }
85  
86                          ses.setAttribute(WebKeys.CAPTCHA_COUNT, count);
87                      }
88                  }
89              }
90              else {
91                  if (_log.isErrorEnabled()) {
92                      _log.error("Captcha text is null");
93                  }
94              }
95          }
96      }
97  
98      public static void check(PortletRequest req) throws CaptchaTextException {
99          if (isEnabled(req)) {
100             PortletSession ses = req.getPortletSession();
101 
102             String captchaText = (String)ses.getAttribute(WebKeys.CAPTCHA_TEXT);
103 
104             // Captcha should never be null, but on the rare occasion it is,
105             // just let people register.
106 
107             if (captchaText != null) {
108                 if (!captchaText.equals(
109                         ParamUtil.getString(req, "captchaText"))) {
110 
111                     throw new CaptchaTextException();
112                 }
113                 else {
114                     if (_log.isDebugEnabled()) {
115                         _log.debug("Captcha text is valid");
116                     }
117 
118                     int captchaMaxChallenges = GetterUtil.getInteger(
119                         PropsUtil.get(PropsUtil.CAPTCHA_MAX_CHALLENGES));
120 
121                     if ((captchaMaxChallenges > 0) &&
122                         (Validator.isNotNull(req.getRemoteUser()))) {
123 
124                         Integer count = (Integer)ses.getAttribute(
125                             WebKeys.CAPTCHA_COUNT);
126 
127                         if (count == null) {
128                             count = new Integer(1);
129                         }
130                         else {
131                             count = new Integer(count.intValue() + 1);
132                         }
133 
134                         ses.setAttribute(WebKeys.CAPTCHA_COUNT, count);
135                     }
136                 }
137             }
138             else {
139                 if (_log.isErrorEnabled()) {
140                     _log.error("Captcha text is null");
141                 }
142             }
143         }
144     }
145 
146     public static boolean isEnabled(HttpServletRequest req) {
147         int captchaMaxChallenges = GetterUtil.getInteger(
148             PropsUtil.get(PropsUtil.CAPTCHA_MAX_CHALLENGES));
149 
150         if (captchaMaxChallenges > 0) {
151             HttpSession ses = req.getSession();
152 
153             Integer count = (Integer)ses.getAttribute(WebKeys.CAPTCHA_COUNT);
154 
155             if ((count != null) && (captchaMaxChallenges <= count.intValue())) {
156                 return false;
157             }
158             else {
159                 return true;
160             }
161         }
162         else if (captchaMaxChallenges < 0) {
163             return false;
164         }
165         else {
166             return true;
167         }
168     }
169 
170     public static boolean isEnabled(PortletRequest req) {
171         int captchaMaxChallenges = GetterUtil.getInteger(
172             PropsUtil.get(PropsUtil.CAPTCHA_MAX_CHALLENGES));
173 
174         if (captchaMaxChallenges > 0) {
175             PortletSession ses = req.getPortletSession();
176 
177             Integer count = (Integer)ses.getAttribute(WebKeys.CAPTCHA_COUNT);
178 
179             if ((count != null) && (captchaMaxChallenges <= count.intValue())) {
180                 return false;
181             }
182             else {
183                 return true;
184             }
185         }
186         else if (captchaMaxChallenges < 0) {
187             return false;
188         }
189         else {
190             return true;
191         }
192     }
193 
194     private static Log _log = LogFactory.getLog(CaptchaUtil.class);
195 
196 }