Recaptcha using CURL and ISA Proxy
531 views
Skip to first unread message
CallMeLaNN
Aug 19, 2010, 12:17:41 AM8/19/10
to reCAPTCHA
Hi,
I want to share my codes here since googling around not exactly found
what my proxy want.
Thank you to mbirth fpr his post here http:// groups.google .com /
group/recaptcha/browse_thread/thread/97583907003e4d96
He save me of learning cURL + proxy instead of fsockopen.
But since I am behind ISA proxy with require NTLM authtentication I am
stuck for a few hours modifying the code to suite my (company) proxy
settings.
After several hour debugging this is modified one from him:
/**
* Submits an HTTP POST to a reCAPTCHA server
* @param string $host
* @param string $path
* @param array $data
* @param int port
* @return array response
*/
function _recaptcha_http_post($host, $path, $data, $port = 80, $ssl =
false) {
$add_headers = array("Host: $host");
if ($port==80 && $ssl==false) $port = '';
elseif ($port==443 && $ssl==true) $port = '';
else $port = ':'.$port;
$url = ($ssl==true?'https':'http').'://'.$host.$port.$path;
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl, CURLOPT_HTTP_VERSION,
CURL_HTTP_VERSION_1_1); // ** In my search http 1.1 only have Proxy-
Authorization which required by my proxy but if i test http 1.0 also
succeed.
curl_setopt($curl, CURLOPT_USERAGENT, 'reCAPTCHA/PHP');
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, $add_headers);
//curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, true); // ** this makes
me crazy for an hour getting http 502 bad gateway from the proxy, just
remove.
curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($curl, CURLOPT_PROXYAUTH, CURLAUTH_NTLM); // ** this
makes me crazy for 2 hours getting http 407 authentication required,
which my proxy does not support for default basic auth.
curl_setopt($curl, CURLOPT_PROXY, "proxy:port");
curl_setopt($curl, CURLOPT_PROXYUSERPWD, 'user:pass');
$response = curl_exec($curl);
if (curl_errno($curl)) die ('Error connecting to '.$url.'<br /
>'.curl_errno($curl).': '.curl_error($curl));
if ($response === false) die('Error connecting to '.$url);
$response = explode("\r\n\r\n", $response, 2);
return $response;
}
Another things, response returned by the reCAPTCHA via my ISA proxy
include some PROXY THINGS if I print_r() the $response this what I
get:
Array
(
[0] => HTTP/1.1 407 Proxy Authentication Required ( Access is
denied. )
Via: 1.1 PROXY1
Proxy-Authenticate: NTLM SoMEReMOVeDCOdeHeRE
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 0
[1] => HTTP/1.1 200 OK
Via: 1.1 PROXY1
Connection: close
Proxy-Connection: close
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Thu, 19 Aug 2010 04:01:15 GMT
Content-Type: text/plain
Server: GSE
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Recaptcha-Request-Duration: 20
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
true
success
)
Dont care the rest, The result seems on the last 2 lines. So I edit
the recaptcha_check_answer function and :) SUCCESS:
function recaptcha_check_answer ($privkey, $remoteip, $challenge,
$response, $extra_params = array())
{
if ($privkey == null || $privkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://
www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
if ($remoteip == null || $remoteip == '') {
die ("For security reasons, you must pass the remote ip to
reCAPTCHA");
}
//discard spam submissions
if ($challenge == null || strlen($challenge) == 0 || $response
== null || strlen($response) == 0) {
$recaptcha_response = new ReCaptchaResponse();
$recaptcha_response->is_valid = false;
$recaptcha_response->error = 'incorrect-captcha-sol';
return $recaptcha_response;
}
$response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/
recaptcha/api/verify",
array (
'privatekey' =>
$privkey,
'remoteip' =>
$remoteip,
'challenge' =>
$challenge,
'response' =>
$response
) + $extra_params
);
$answers = explode ("\n", $response [1]);
$recaptcha_response = new ReCaptchaResponse();
// ** It is not $answers [0] in proxy auth. Actually last 2 lines.
// ** same for $answers [1] which is last line.
$answerLength = count($answers);
if (trim ($answers [$answerLength-2]) == 'true') {
$recaptcha_response->is_valid = true;
}
else {
$recaptcha_response->is_valid = false;
$recaptcha_response->error = $answers
[$answerLength-1];
}
return $recaptcha_response;
}
I want to share my codes here since googling around not exactly found
what my proxy want.
Thank you to mbirth fpr his post here http:// groups.google .com /
group/recaptcha/browse_thread/thread/97583907003e4d96
He save me of learning cURL + proxy instead of fsockopen.
But since I am behind ISA proxy with require NTLM authtentication I am
stuck for a few hours modifying the code to suite my (company) proxy
settings.
After several hour debugging this is modified one from him:
/**
* Submits an HTTP POST to a reCAPTCHA server
* @param string $host
* @param string $path
* @param array $data
* @param int port
* @return array response
*/
function _recaptcha_http_post($host, $path, $data, $port = 80, $ssl =
false) {
$add_headers = array("Host: $host");
if ($port==80 && $ssl==false) $port = '';
elseif ($port==443 && $ssl==true) $port = '';
else $port = ':'.$port;
$url = ($ssl==true?'https':'http').'://'.$host.$port.$path;
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl, CURLOPT_HTTP_VERSION,
CURL_HTTP_VERSION_1_1); // ** In my search http 1.1 only have Proxy-
Authorization which required by my proxy but if i test http 1.0 also
succeed.
curl_setopt($curl, CURLOPT_USERAGENT, 'reCAPTCHA/PHP');
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, $add_headers);
//curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, true); // ** this makes
me crazy for an hour getting http 502 bad gateway from the proxy, just
remove.
curl_setopt($curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($curl, CURLOPT_PROXYAUTH, CURLAUTH_NTLM); // ** this
makes me crazy for 2 hours getting http 407 authentication required,
which my proxy does not support for default basic auth.
curl_setopt($curl, CURLOPT_PROXY, "proxy:port");
curl_setopt($curl, CURLOPT_PROXYUSERPWD, 'user:pass');
$response = curl_exec($curl);
if (curl_errno($curl)) die ('Error connecting to '.$url.'<br /
>'.curl_errno($curl).': '.curl_error($curl));
if ($response === false) die('Error connecting to '.$url);
$response = explode("\r\n\r\n", $response, 2);
return $response;
}
Another things, response returned by the reCAPTCHA via my ISA proxy
include some PROXY THINGS if I print_r() the $response this what I
get:
Array
(
[0] => HTTP/1.1 407 Proxy Authentication Required ( Access is
denied. )
Via: 1.1 PROXY1
Proxy-Authenticate: NTLM SoMEReMOVeDCOdeHeRE
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 0
[1] => HTTP/1.1 200 OK
Via: 1.1 PROXY1
Connection: close
Proxy-Connection: close
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Thu, 19 Aug 2010 04:01:15 GMT
Content-Type: text/plain
Server: GSE
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Recaptcha-Request-Duration: 20
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
true
success
)
Dont care the rest, The result seems on the last 2 lines. So I edit
the recaptcha_check_answer function and :) SUCCESS:
function recaptcha_check_answer ($privkey, $remoteip, $challenge,
$response, $extra_params = array())
{
if ($privkey == null || $privkey == '') {
die ("To use reCAPTCHA you must get an API key from <a href='https://
www.google.com/recaptcha/admin/create'>https://www.google.com/recaptcha/admin/create</a>");
}
if ($remoteip == null || $remoteip == '') {
die ("For security reasons, you must pass the remote ip to
reCAPTCHA");
}
//discard spam submissions
if ($challenge == null || strlen($challenge) == 0 || $response
== null || strlen($response) == 0) {
$recaptcha_response = new ReCaptchaResponse();
$recaptcha_response->is_valid = false;
$recaptcha_response->error = 'incorrect-captcha-sol';
return $recaptcha_response;
}
$response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/
recaptcha/api/verify",
array (
'privatekey' =>
$privkey,
'remoteip' =>
$remoteip,
'challenge' =>
$challenge,
'response' =>
$response
) + $extra_params
);
$answers = explode ("\n", $response [1]);
$recaptcha_response = new ReCaptchaResponse();
// ** It is not $answers [0] in proxy auth. Actually last 2 lines.
// ** same for $answers [1] which is last line.
$answerLength = count($answers);
if (trim ($answers [$answerLength-2]) == 'true') {
$recaptcha_response->is_valid = true;
}
else {
$recaptcha_response->is_valid = false;
$recaptcha_response->error = $answers
[$answerLength-1];
}
return $recaptcha_response;
}
Reply all
Reply to author
Forward
0 new messages