001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. The ASF licenses this file to You
004: * under the Apache License, Version 2.0 (the "License"); you may not
005: * use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License. For additional information regarding
015: * copyright in this work, please see the NOTICE file in the top level
016: * directory of this distribution.
017: */
018:
019: package org.apache.roller.ui.rendering.util;
020:
021: import java.util.ResourceBundle;
022: import javax.servlet.http.HttpServletRequest;
023: import javax.servlet.http.HttpSession;
024: import org.apache.commons.logging.Log;
025: import org.apache.commons.logging.LogFactory;
026:
027: /**
028: * Asks the commenter to answer a simple math question.
029: */
030: public class MathCommentAuthenticator implements CommentAuthenticator {
031:
032: private transient ResourceBundle bundle = ResourceBundle
033: .getBundle("ApplicationResources");
034:
035: private static Log mLogger = LogFactory
036: .getLog(MathCommentAuthenticator.class);
037:
038: public String getHtml(HttpServletRequest request) {
039:
040: String answer = "";
041:
042: HttpSession session = request.getSession(true);
043: if (session.getAttribute("mathAnswer") == null) {
044: // starting a new test
045: int value1 = (int) (Math.random() * 10.0);
046: int value2 = (int) (Math.random() * 100.0);
047: int sum = value1 + value2;
048: session.setAttribute("mathValue1", new Integer(value1));
049: session.setAttribute("mathValue2", new Integer(value2));
050: session.setAttribute("mathAnswer", new Integer(sum));
051: } else {
052: // preserve user's answer
053: answer = request.getParameter("answer");
054: answer = (answer == null) ? "" : answer;
055: }
056:
057: // pull existing values out of session
058: Integer value1o = (Integer) request.getSession().getAttribute(
059: "mathValue1");
060: Integer value2o = (Integer) request.getSession().getAttribute(
061: "mathValue2");
062:
063: StringBuffer sb = new StringBuffer();
064:
065: sb.append("<p>");
066: sb.append(bundle
067: .getString("comments.mathAuthenticatorQuestion"));
068: sb.append("</p><p>");
069: sb.append(value1o);
070: sb.append(" + ");
071: sb.append(value2o);
072: sb.append(" = ");
073: sb.append("<input name=\"answer\" value=\"");
074: sb.append(answer);
075: sb.append("\" /></p>");
076:
077: return sb.toString();
078: }
079:
080: public boolean authenticate(HttpServletRequest request) {
081:
082: boolean authentic = false;
083:
084: HttpSession session = request.getSession(false);
085: String answerString = request.getParameter("answer");
086:
087: if (answerString != null && session != null) {
088: try {
089: int answer = Integer.parseInt(answerString);
090: Integer sum = (Integer) session
091: .getAttribute("mathAnswer");
092:
093: if (sum != null && answer == sum.intValue()) {
094: authentic = true;
095: session.removeAttribute("mathAnswer");
096: session.removeAttribute("mathValue1");
097: session.removeAttribute("mathValue2");
098: }
099: } catch (NumberFormatException ignored) {
100: // ignored ... someone is just really bad at math
101: } catch (Exception e) {
102: // unexpected
103: mLogger.error(e);
104: }
105: }
106:
107: return authentic;
108: }
109:
110: }
|