001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portal.captcha;
022:
023: import com.liferay.portal.kernel.util.ParamUtil;
024: import com.liferay.portal.kernel.util.Validator;
025: import com.liferay.portal.util.PropsValues;
026: import com.liferay.portal.util.WebKeys;
027:
028: import javax.portlet.PortletRequest;
029: import javax.portlet.PortletSession;
030:
031: import javax.servlet.http.HttpServletRequest;
032: import javax.servlet.http.HttpSession;
033:
034: import org.apache.commons.logging.Log;
035: import org.apache.commons.logging.LogFactory;
036:
037: /**
038: * <a href="CaptchaUtil.java.html"><b><i>View Source</i></b></a>
039: *
040: * @author Brian Wing Shun Chan
041: *
042: */
043: public class CaptchaUtil {
044:
045: public static void check(HttpServletRequest req)
046: throws CaptchaTextException {
047:
048: if (isEnabled(req)) {
049: HttpSession ses = req.getSession();
050:
051: String captchaText = (String) ses
052: .getAttribute(WebKeys.CAPTCHA_TEXT);
053:
054: if (captchaText != null) {
055: if (!captchaText.equals(ParamUtil.getString(req,
056: "captchaText"))) {
057:
058: throw new CaptchaTextException();
059: } else {
060: if (_log.isDebugEnabled()) {
061: _log.debug("Captcha text is valid");
062: }
063:
064: ses.removeAttribute(WebKeys.CAPTCHA_TEXT);
065:
066: if ((PropsValues.CAPTCHA_MAX_CHALLENGES > 0)
067: && (Validator
068: .isNotNull(req.getRemoteUser()))) {
069:
070: Integer count = (Integer) ses
071: .getAttribute(WebKeys.CAPTCHA_COUNT);
072:
073: if (count == null) {
074: count = new Integer(1);
075: } else {
076: count = new Integer(count.intValue() + 1);
077: }
078:
079: ses.setAttribute(WebKeys.CAPTCHA_COUNT, count);
080: }
081: }
082: } else {
083: if (_log.isErrorEnabled()) {
084: _log
085: .error("Captcha text is null. User "
086: + req.getRemoteUser()
087: + " may be trying to circumvent the captcha.");
088: }
089:
090: throw new CaptchaTextException();
091: }
092: }
093: }
094:
095: public static void check(PortletRequest req)
096: throws CaptchaTextException {
097: if (isEnabled(req)) {
098: PortletSession ses = req.getPortletSession();
099:
100: String captchaText = (String) ses
101: .getAttribute(WebKeys.CAPTCHA_TEXT);
102:
103: if (captchaText != null) {
104: if (!captchaText.equals(ParamUtil.getString(req,
105: "captchaText"))) {
106:
107: throw new CaptchaTextException();
108: } else {
109: if (_log.isDebugEnabled()) {
110: _log.debug("Captcha text is valid");
111: }
112:
113: ses.removeAttribute(WebKeys.CAPTCHA_TEXT);
114:
115: if ((PropsValues.CAPTCHA_MAX_CHALLENGES > 0)
116: && (Validator
117: .isNotNull(req.getRemoteUser()))) {
118:
119: Integer count = (Integer) ses
120: .getAttribute(WebKeys.CAPTCHA_COUNT);
121:
122: if (count == null) {
123: count = new Integer(1);
124: } else {
125: count = new Integer(count.intValue() + 1);
126: }
127:
128: ses.setAttribute(WebKeys.CAPTCHA_COUNT, count);
129: }
130: }
131: } else {
132: if (_log.isErrorEnabled()) {
133: _log
134: .error("Captcha text is null. User "
135: + req.getRemoteUser()
136: + " may be trying to circumvent the captcha.");
137: }
138:
139: throw new CaptchaTextException();
140: }
141: }
142: }
143:
144: public static boolean isEnabled(HttpServletRequest req) {
145: if (PropsValues.CAPTCHA_MAX_CHALLENGES > 0) {
146: HttpSession ses = req.getSession();
147:
148: Integer count = (Integer) ses
149: .getAttribute(WebKeys.CAPTCHA_COUNT);
150:
151: if ((count != null)
152: && (PropsValues.CAPTCHA_MAX_CHALLENGES <= count
153: .intValue())) {
154:
155: return false;
156: } else {
157: return true;
158: }
159: } else if (PropsValues.CAPTCHA_MAX_CHALLENGES < 0) {
160: return false;
161: } else {
162: return true;
163: }
164: }
165:
166: public static boolean isEnabled(PortletRequest req) {
167: if (PropsValues.CAPTCHA_MAX_CHALLENGES > 0) {
168: PortletSession ses = req.getPortletSession();
169:
170: Integer count = (Integer) ses
171: .getAttribute(WebKeys.CAPTCHA_COUNT);
172:
173: if ((count != null)
174: && (PropsValues.CAPTCHA_MAX_CHALLENGES <= count
175: .intValue())) {
176:
177: return false;
178: } else {
179: return true;
180: }
181: } else if (PropsValues.CAPTCHA_MAX_CHALLENGES < 0) {
182: return false;
183: } else {
184: return true;
185: }
186: }
187:
188: private static Log _log = LogFactory.getLog(CaptchaUtil.class);
189:
190: }
|