Comment faire un grecaptcha.reset sans Javascript

WRInaute accro
Bonjour

Je suis en train de faire un captcha invisible avec reCaptcha de Google.

Dans le cas de réponse non valide, Google préconise de lancer ( enJavascript ) : grecaptcha.reset

Mais je programme ce truc en PHP.

Comment réinitialiser le token du Captcha en PHP de la même façon qu'avec grecaptcha.reset ?

Merci beaucoup.

Amicalement.
 
WRInaute accro
Voilà c'est fait

Mon formulaire de contact est protégé par le Captcha invisible de Google.

Je tâcherai d'arranger l'apparence graphique un de ces jours.

Amicalement.

Jean François Ortolo
 
WRInaute accro
Bonjour

Pour la vérification du token du Captcha, il doit y avoir une requête POST vers l'url :

https://---.google.com/recaptcha/api/siteverify

avec les paramètres :

$param_array("secret" => SECRET_CAPTCHA_KEY,
"response" => $response,
"remoteip" => $remoteip);

Je n'ai pas encore mis le paramètre remoteip, qui est optionnel.

Y a-t-il un inconvénient à fournir ce paramètre ?

Si non, il y a plusieurs méthodes pour calculer l'ip remote, quelle est la bonne méthode ?

Si les deux ip remote diffèrent ( celle de Google et la mienne ), le Captcha est-il invalide ?

Amicalement.
 
WRInaute accro
Bonjour

Jusqu'à présent, je n'utilisais que $_SERVER["REMOTE_ADDR"].

Je me propose d'utiliser cette fonction old_get_ip_address() désormais pour mon site.

L'entête HTTP_FORWARDED est nouveau, et a une RFC récente.

Cette fonction c'est surtout pour mon Recaptcha Google, pour éviter des erreurs entre l'ip remote de Google et celle lors de la vérification du token.

Y a -t-il une meilleure fonction pour avoir l'ip remote ?

Merci beaucoup.




Code:
<?php

function is_private_ip($ip)
{
	/*
	 * Adresse ip
	 * privee.
	 */
	if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) === false)
	{
		return(true);
	}
	/*
	 * Adresse ip publique
	 * differente du serveur.
	 */
	elseif($ip != $_SERVER['SERVER_ADDR'])
	{
		return(false);
	}
	/*
	 * Adresse ip publique
	 * du serveur.
	 */
	else
	{
		return(true);
	}
}

/*
 * Cette fonction
 * considere comme
 * adresse ip reelle
 * une adresse ip
 * publique et
 * non locale.
 */
function is_reelle_ip($ip)
{
	if((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) || (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)  !== false))
	{
		/*
		 * Adresse ip
		 * locale.
		 */
		if($ip == $_SERVER['SERVER_ADDR'])
		{
			return(false);
		}
		/*
		 * Adresse ip
		 * reelle et
		 * non locale.
		 */
		else
		{
			return(true);
		}
	}
	/*
	 * Adresse ip
	 * non reelle.
	 */
	else
	{
		return(false);
	}
}

if(!function_exists("validate_ip"))
{
	$IPV4SEG='(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])';
	$IPV4ADDR='(' . $IPV4SEG . '\.){3,3}' . $IPV4SEG;
	$IPV6SEG='[0-9a-fA-F]{1,4}';
	$IPV6ADDR='^((' . $IPV6SEG . ':){7,7}' . $IPV6SEG . '|(' . $IPV6SEG . ':){1,7}:|(' . $IPV6SEG . ':){1,6}:' . $IPV6SEG . '|(' . $IPV6SEG . ':){1,5}(:' . $IPV6SEG . '){1,2}|(' . $IPV6SEG . ':){1,4}(:' . $IPV6SEG . '){1,3}|(' . $IPV6SEG . ':){1,3}(:' . $IPV6SEG . '){1,4}|(' . $IPV6SEG . ':){1,2}(:' . $IPV6SEG . '){1,5}|' . $IPV6SEG . ':((:' . $IPV6SEG . '){1,6})|:((:' . $IPV6SEG . '){1,7}|:)|fe80:(:' . $IPV6SEG . '){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}' . $IPV4ADDR . '|(' . $IPV6SEG . ':){1,4}:' . $IPV4ADDR . ')$';


/*
echo $IPV4SEG . "\n\n";
echo $IPV4ADDR . "\n\n";

echo $IPV6SEG . "\n\n";
echo $IPV6ADDR . "\n\n";
 */

	function validate_ip($ip)
	{
		if((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false)&&(filter_var($ip,	FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false))
			//		if((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false)&&(filter_var($ip,	FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE| FILTER_FLAG_NO_RES_RANGE) === false))
		{
			return false;
		}

		return(true);
	}
}

/**
 * Retrieves the best guess of the client's actual IP address.
 * Takes into account numerous HTTP proxy headers due to variations
 * in how different ISPs handle IP addresses in headers between hops.
 */
if(!function_exists("old_get_ip_address"))
{
	function old_get_ip_address()
	{
		// check for shared internet/ISP IP
		if(!empty($_SERVER['HTTP_CLIENT_IP'])&&(validate_ip($_SERVER['HTTP_CLIENT_IP'])))
		{
			return $_SERVER['HTTP_CLIENT_IP'];
		}

		if (!empty($_SERVER['HTTP_FORWARDED']))
		{
			if(strpos($_SERVER['HTTP_FORWARDED'], "," ) !== false)
			{
				$array_ip = preg_split("{[ \t]*,[ \t]*}", $_SERVER['HTTP_FORWARDED']);
				foreach($array_ip as $tmp_ip)
				{
					$tmp_ip = preg_replace("{[\"']+}", "", $tmp_ip);

					if(preg_match("{^by[ \t]*=}", $tmp_ip))
					{
						$ip = preg_replace("{^by[ \t]*=[ \t]*}", $tmp_ip);
						if(preg_match("{^\[[0-9a-fA-F:\t ]+\]$}", $ip))
						{
							$ip = preg_replace("{^\[}", "", $ip);
							$ipv6 = preg_replace("{\[$}", "", $ip);
						}
						else
						{
							$ipv4 = $ip;
						}

						if((isset($ipv4))&&(validate_ip($ipv4)))
						{
							return(ipv4);
						}
						elseif((isset($ipv6))&&(validate_ip($ipv6)))
						{
							return(ipv6);
						}
					}
				}
			}
		}

		if (!empty($_SERVER['HTTP_X_FORWARDED'])&&(validate_ip($_SERVER['HTTP_X_FORWARDED'])))
		{
			return $_SERVER['HTTP_X_FORWARDED'];
		}

		// check for IPs passing through proxies
		if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
		{
			// check if multiple ips exist in var
			$iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);

			foreach ($iplist as $ip)
			{
				if (validate_ip($ip))
				{
					return $ip;
				}
			}
		}

		if (!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])&&(validate_ip($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])))
		{
			return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
		}

		if (!empty($_SERVER['HTTP_FORWARDED'])&&(validate_ip($_SERVER['HTTP_FORWARDED'])))
		{
			return $_SERVER['HTTP_FORWARDED'];
		}

		if (!empty($_SERVER['HTTP_FORWARDED_FOR'])&&(validate_ip($_SERVER['HTTP_FORWARDED_FOR'])))
		{
			return $_SERVER['HTTP_FORWARDED_FOR'];
		}

		// return unreliable ip since all else failed
		return $_SERVER['REMOTE_ADDR'];
	}
}

if(!function_exists("correct_ip6"))
{
	function correct_ip6($remote_addr)
	{
		$array_ip6	= array();
		$array_ip6_fin	= array();

		if(!empty($remote_addr))
		{
			$array_ip6 = preg_split("{:}", $remote_addr);

			$tmp_count = 8;

			for($i = 0; $i < count($array_ip6); $i++)
			{
				if(!empty($array_ip6[$i]))
				{
					$tmp_count--;
				}
			}

			$j = -1;
			$k_count = 0;

			for($i = count($array_ip6) - 1; $i >= 0; $i--)
			{
				if(!empty($array_ip6[$i]))
				{
					unset($tmp);
					$tmp = substr("000". $array_ip6[$i], -4);

					$j++;
					$array_ip6_fin[$j] = $tmp;
				}
				else
				{
					unset($tmp);
					$tmp = "0000";

					while($k_count < $tmp_count)
					{
						$j++;
						$array_ip6_fin[$j] = $tmp;

						$k_count++;
					}
				}
			}

			$addr_remote = "";

			for($i = count($array_ip6_fin) - 1; $i >= 0; $i--)
			{
				unset($tmp);
				$tmp = $array_ip6_fin[$i];

				if($i == (count($array_ip6_fin) - 1))
				{
					$addr_remote = $tmp;
				}
				else
				{
					$addr_remote .= ":" . $tmp;
				}
			}

			$addr_remote = strtolower($addr_remote);

			return((empty($addr_remote)) ? false : $addr_remote);
		}
		else
		{
			return(false);
		}
	}
}

if(!function_exists("get_ip_address"))
{
	function get_ip_address()
	{
		// return unreliable ip since all else failed

		$remote_address = old_get_ip_address();

		if(!validate_ip($remote_address))
		{
			return(false);
		}

		/*
		 * Addresse ipv6,
		 * On convertit
		 * à la valeur
		 * normalisée.
		 */
		// if(filter_var($remote_address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false)
		if(filter_var($remote_address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE| FILTER_FLAG_NO_RES_RANGE) !== false)
		{
			$remote_address = correct_ip6($remote_address);

			if($remote_address == false)
			{
				return(false);
			}
		}

		return($remote_address);
	}
}

if(!function_exists("ndd_reverse"))
{
	function ndd_reverse($remote_addr)
	{
		$reverse = false;

		$tmp  = shell_exec('host -W 2 ' . $remote_addr);

		if(!empty($tmp))
		{
			if(preg_match("{[ \t]+}", $tmp))
			{
				$tmp_array = preg_split("{[ \t]+}", $tmp);

				foreach($tmp_array as $value)
				{
					if($value == "domain")
					{
						$domain = true;
					}
					elseif((isset($domain))&&($value == "name"))
					{
						$name = true;
					}
					elseif((isset($name))&&($value == "pointer"))
					{
						$pointer = true;
					}
					elseif(isset($pointer))
					{
						$reverse = preg_replace("{[\.]$}", "", $value);

						break;
					}
				}
			}
		}

		return($reverse);
	}
}
?>
 
WRInaute accro
Pardon

Ma fonction d'ip remote est théoriquement fiable.

Je suis en train de logguer les ip remote les plus cossues.

C'est-à-dire :

Tout sauf REMOTE_ADDR, HTTP_FORWARDED en version ipv4, et HTTP_X_FORWARDED_FOR.

Je m'interroge sur le fait que j'ai des HTTP_FORWARDED à une seule ip ( sans virgule ).

Celà veut-il dire quelqu'un spoofe son ip ?

Merci de vos réponses.

Respectueusement.




Code:
<?php

/**
 * Retrieves the best guess of the client's actual IP address.
 * Takes into account numerous HTTP proxy headers due to variations
 * in how different ISPs handle IP addresses in headers between hops.
 */
if(!function_exists("old_get_ip_address"))
{
	function old_get_ip_address()
	{
		$fp = fopen("/var/www/html/php/config/stats_is_bot.txt", "a");

		// check for shared internet/ISP IP
		if(!empty($_SERVER['HTTP_CLIENT_IP']))
		{
			fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_CLIENT_IP\'] = ' . $_SERVER['HTTP_CLIENT_IP'] . "\n");

			@fclose($fp);

			if(validate_ip($_SERVER['HTTP_CLIENT_IP']))
			{
				return $_SERVER['HTTP_CLIENT_IP'];
			}
		}

		if (!empty($_SERVER['HTTP_FORWARDED']))
		{
			if(strpos($_SERVER['HTTP_FORWARDED'], "," ) !== false)
			{
				$array_ip = explode(",", $_SERVER['HTTP_FORWARDED']);
			}
			else
			{
				$array_ip[0] = $_SERVER['HTTP_FORWARDED'];
			}

			foreach($array_ip as $tmp_ip)
			{
				$tmp_ip = preg_replace("{[\"' \t]+}", "", $tmp_ip);

				if(preg_match("{^for\=}i", $tmp_ip))
				{
					$ip = preg_replace("{^for\=}i", "", $tmp_ip);

					if(preg_match("{\[[0-9a-f:]+}", $ip))
					{
						fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_FORWARDED\'] = ' . $ip . "\n");

						$ip = preg_replace("{\]:[0-9]+$}", "", $ip);

						$ipv6 = preg_replace("{\[}", "", $ip);

						$ipv6 = correct_ip6($ipv6);

						fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_FORWARDED\'] = ' . $ipv6 . "\n");
					}
					else
					{
						$ipv4 = preg_replace("{:[0-9]+$}", "", $ip);
					}

					if((isset($ipv4))&&(validate_ip($ipv4)))
					{
						@fclose($fp);

						return($ipv4);
					}
					elseif((isset($ipv6))&&(validate_ip($ipv6)))
					{
						@fclose($fp);

						return($ipv6);
					}
				}
			}
		}

		if (!empty($_SERVER['HTTP_X_FORWARDED']))
		{
			fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_X_FORWARDED\'] = ' . $_SERVER['HTTP_X_FORWARDED'] . "\n");

			@fclose($fp);

			if(validate_ip($_SERVER['HTTP_X_FORWARDED']))
			{
				return $_SERVER['HTTP_X_FORWARDED'];
			}
		}

		// check for IPs passing through proxies
		if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
		{
			// check if multiple ips exist in var
			$iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);

			foreach ($iplist as $ip)
			{
				if (validate_ip($ip))
				{
					@fclose($fp);

					return $ip;
				}
			}
		}

		if(!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
		{
			fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_X_CLUSTER_CLIENT_IP\'] = ' . $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'] . "\n");

			@fclose($fp);

			if(validate_ip($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
			{
				return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
			}
		}

		if (!empty($_SERVER['HTTP_FORWARDED_FOR']))
		{
			fwrite($fp, "\t\t" . '$_SERVER[\'HTTP_FORWARDED_FOR\'] = ' . $_SERVER['HTTP_FORWARDED_FOR'] . "\n");

			@fclose($fp);

			if(validate_ip($_SERVER['HTTP_FORWARDED_FOR']))
			{
				return $_SERVER['HTTP_FORWARDED_FOR'];
			}
		}

		@fclose($fp);

		// return unreliable ip since all else failed
		return $_SERVER['REMOTE_ADDR'];
	}
}

?>
 
Discussions similaires
Haut