From 22e012660e3fc2cf8c1c2a6b788e10dfc0a6bcd7 Mon Sep 17 00:00:00 2001
From: Georgi Sinapov <bofh@bofh.bg>
Date: Sun, 23 Dec 2018 18:35:24 +0100
Subject: [PATCH 1/3] Update functions.inc.php

---
 functions.inc.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/functions.inc.php b/functions.inc.php
index 5a34c60b..6a52e65c 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -2306,4 +2306,21 @@ function getRemoteAddr() {
     return $REMOTE_ADDR;
 }
 
+function validate_recaptcha()
+{
+    global $CONF;
+    $response = $_POST['g-recaptcha-response'];
+    $recaptcha_check_url = 'https://www.google.com/recaptcha/api/siteverify?secret=';
+
+    // Add the site private key to config.local.php
+    $verifyResponse = file_get_contents($recaptcha_check_url.$CONF['recaptcha_secret'].'&response='.$response);
+
+    // Enable recaptchav2 in config.local.php
+    if ($CONF['recaptcha_enabled']) {
+            if (json_decode($verifyResponse)->success) return TRUE;
+            else return FALSE;
+    } else return TRUE;
+}
+
+
 /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

From 51fb476708c246df45c205dd3a43be1adec9e2f2 Mon Sep 17 00:00:00 2001
From: Georgi Sinapov <bofh@bofh.bg>
Date: Sun, 23 Dec 2018 19:27:09 +0100
Subject: [PATCH 2/3] Update login.tpl

---
 templates/login.tpl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/templates/login.tpl b/templates/login.tpl
index 01bddfd0..3b628c51 100644
--- a/templates/login.tpl
+++ b/templates/login.tpl
@@ -34,6 +34,16 @@
 		<td colspan="2"><a href="users/">{$PALANG.pLogin_login_users}</a></td>
 	</tr>
 {/if}
+<!-- Enable recaptchav2 in config.local.php -->
+{if $CONF['recaptcha_enabled']}
+        <tr>
+                <td><form action="" method="POST"></td>
+		<!-- Add the site public key to config.local.php -->
+                <td><div class="g-recaptcha" data-sitekey="{$CONF['recaptcha_sitekey']}"></div></td>
+                <td><script src="https://www.google.com/recaptcha/api.js" async defer></script></td>
+                <td></form></td>
+        </tr>
+{/if}
 </table>
 </form>
 {literal}

From 49030914f9067bec368038f98b8ccd7b2e96ef97 Mon Sep 17 00:00:00 2001
From: Georgi Sinapov <bofh@bofh.bg>
Date: Sun, 23 Dec 2018 19:31:58 +0100
Subject: [PATCH 3/3] Update login.php

---
 public/login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/login.php b/public/login.php
index ef1574a8..088d0af6 100644
--- a/public/login.php
+++ b/public/login.php
@@ -51,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
     }
 
     $h = new AdminHandler();
-    if ($h->login($fUsername, $fPassword)) {
+    if ($h->login($fUsername, $fPassword) && validate_recaptcha()) {
         init_session($fUsername, true);
 
         # they've logged in, so see if they are a domain admin, as well.