CaptchaRequest to merge CAPTCHA functionality and fix related code for retrieving QQ information in the comment section and unclickable image upload button.

comments.php

@@ -46,11 +46,18 @@
 				<?php endif; ?>
 
 			<?php endif; ?>
-
+                        <?php if (akina_option('verification_type') == 'Google reCAPTCHA'&& akina_option('rehidden') == '1') {?>
+                        <!--添加隐形验证码-->
+			<div id="recaptcha" class="g-recaptcha"
+                             data-sitekey="<?php  echo akina_option('site_key'); ?>"
+                             data-callback="onRecaptchaSubmit"
+                             data-size="invisible">
+	                </div>
+			<?php }?>
 			<?php
 				$robot_comments = '';
 				if(comments_open()){
-					if(akina_option('norobot')) $robot_comments = '<label class="siren-checkbox-label"><input class="siren-checkbox-radio" type="checkbox" name="no-robot"><span class="siren-no-robot-checkbox siren-checkbox-radioInput"></span>'.__('I\'m not a robot', 'sakura').'</label>';
+					if(akina_option('norobot')) require get_template_directory() . '/inc/classes/Captcha.php'; 
 					$private_ms = akina_option('open_private_message') ? '<label class="siren-checkbox-label"><input class="siren-checkbox-radio" type="checkbox" name="is-private"><span class="siren-is-private-checkbox siren-checkbox-radioInput"></span>'.__('Comment in private', 'sakura').'</label>' : '';
 					$mail_notify = akina_option('mail_notify') ? '<label class="siren-checkbox-label"><input class="siren-checkbox-radio" type="checkbox" name="mail-notify"><span class="siren-mail-notify-checkbox siren-checkbox-radioInput"></span>'.__('Comment reply notify', 'sakura').'</label>' : '';
 					$args = array(

footer.php

@@ -159,5 +159,33 @@ class="aplayer"
         data-theme="orange">
     </div>
 <?php endif; ?>
+<?php if (akina_option('verification_type') == 'Google reCAPTCHA'&& akina_option('rehidden') == '1') {?>
+	<!--拦截表单提交并验证，验证后自动提交-->
+<script>
+$(document).pjax('a', '#pjax-container').on('pjax:end', function() {
+    // PJAX加载完成后，重新加载Google验证码
+    $.getScript("https://www.recaptcha.net/recaptcha/api.js");
+});
+$('#commentform').on('submit', function(e) {
+  if (!$(this).data('form-submitted')) { // Check if the form was already submitted
+    e.preventDefault();
+    grecaptcha.ready(function() {
+        grecaptcha.execute();
+    });
+  }
+});
+
+function onRecaptchaSubmit(token) {
+  // Add the token to the form
+  var form = $('#commentform');
+  var input = $('<input>').attr('type', 'hidden').attr('name', 'g-recaptcha-response').val(token);
+  form.append(input);
+
+  // Now submit the form via AJAX
+  form.data('form-submitted', true); // Mark the form as submitted
+  form.trigger('submit'); // Trigger the form submit event
+}
+</script>
+<?php }?>
 </body>
 </html>

functions.php

@@ -1910,3 +1910,5 @@ function permalink_tip()
 }
 add_action('admin_notices', 'permalink_tip');
 //code end
+//移除comment-reply.js 防止不兼容
+function clean_header(){ wp_deregister_script( 'comment-reply' ); } add_action('init','clean_header');

header.php

@@ -35,6 +35,11 @@
 if ( $site_description && ( is_home() || is_front_page() ) ) echo " - $site_description";if ( $paged >= 2 || $page >= 2 ) echo ' - ' . sprintf( __( 'page %s ','sakura'), max( $paged, $page ) );/*第 %s 页*/?>
 </title>
 <?php
+//CAPTCHA
+if (akina_option('verification_type') == 'CF Turnstile') { ?><!--CloudFalre验证码--><script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async></script> <?php }elseif(akina_option('verification_type')=='Google reCAPTCHA'){?><!-- Google验证码--> <!-- Google验证码--><script src="https://www.recaptcha.net/recaptcha/api.js" async defer></script><?php }elseif(akina_option('verification_type')=='Google reCAPTCHA v3'){?><script src="https://www.recaptcha.net/recaptcha/api.js?render=<?php echo akina_option('site_key'); ?>"></script><?php }elseif(akina_option('verification_type')=='mCAPTCHA'){?>
+<!--mCAPTCHA--><script src="https://cdn.jsdelivr.net/npm/@mcaptcha/[email protected]/dist/index.js"></script>
+<?php }?>
+<?php
 if (akina_option('akina_meta') == true) {
 	$keywords = '';
 	$description = '';

inc/classes/Captcha.php

@@ -0,0 +1,11 @@
+<?php
+if (akina_option('verification_type') == 'CF Turnstile') {
+     $robot_comments = '<label class="siren-checkbox-label"> <div class="cf-turnstile" data-sitekey="'.akina_option('site_key').'"></div> </label>';}               
+     elseif (akina_option('verification_type') == 'Google reCAPTCHA' && akina_option('rehidden') == '0') {
+     $robot_comments = '<label class="siren-checkbox-label"><div class="g-recaptcha" data-sitekey="'.akina_option('site_key').'"></div></label>';}                  
+     elseif(akina_option('verification_type') == 'Google reCAPTCHA v3'){
+     $robot_comments = '<label class="siren-checkbox-label"><script>grecaptcha.ready(function() { grecaptcha.execute("'.akina_option('site_key').'", {action: "submit"}).then(function(token) { var form = document.getElementById("commentform"); var input = document.createElement("input"); input.setAttribute("type", "hidden"); input.setAttribute("name", "g-recaptcha-response"); input.setAttribute("value", token); form.appendChild(input); }); });</script></label>';}
+     elseif(akina_option('verification_type') == 'mCAPTCHA'){
+     $robot_comments = '<label class="siren-checkbox-label"><div id="mcaptcha__widget-container"></div><script charset="utf-8">let config = {widgetLink: new URL("'.akina_option('site_key').'"),};new mcaptchaGlue.default(config);</script></label>';} 
+     elseif(akina_option('verification_type') == 'Theme CAPTCHA'){ 
+     $robot_comments = '<label class="siren-checkbox-label"><input class="siren-checkbox-radio" type="checkbox" name="no-robot"><span class="siren-no-robot-checkbox siren-checkbox-radioInput"></span>'.__('I\'m not a robot', 'sakura').'</label>';}?>

inc/classes/QQ.php

@@ -5,7 +5,7 @@
 class QQ
 {
     public static function get_qq_info($qq) {
-        $get_info = file_get_contents('http://r.qzone.qq.com/fcg-bin/cgi_get_portrait.fcg?get_nick=1&uins=' . $qq);
+        $get_info = file_get_contents('http://users.qzone.qq.com/fcg-bin/cgi_get_portrait.fcg?uins=' . $qq);
         $get_info = mb_convert_encoding($get_info, "UTF-8", "GBK");
         $name = json_decode(substr($get_info, 17, -1), true);
         if ($name) {
@@ -37,4 +37,4 @@ public static function get_qq_avatar($encrypted) {
             return $imgurl;
         }
     }
-}
+}

inc/theme_plus.php

@@ -137,13 +137,137 @@ function siren_ajax_comment_err($t) {
         exit;
     }
 }
+
+//验证码开始
+if (akina_option('verification_type') == 'CF Turnstile') {
 // 机器评论验证
 function siren_robot_comment(){
-  if ( !$_POST['no-robot'] && !is_user_logged_in()) {
-     siren_ajax_comment_err('上车请刷卡。<br>Please comfirm you are not a robot.');
+    $postdata = $_POST['cf-turnstile-response'];
+    // 添加 Secret Key
+    $secret = akina_option('secret_key'); 
+    $headers = array(
+        'body' => [
+            'secret' => $secret,
+            'response' => $postdata
+        ]
+    );
+    $verify = wp_remote_post('https://challenges.cloudflare.com/turnstile/v0/siteverify', $headers);
+    $verify = wp_remote_retrieve_body($verify);
+    $response = json_decode($verify);
+    if ($response->success) {
+        $results['success'] = $response->success;
+    } else {
+        $results['success'] = false;
+    }
+    if (empty($postdata)) {
+        siren_ajax_comment_err('上车请刷卡。<br>Please click the challenge checkbox.');
+    } elseif (!$results['success']) {
+        siren_ajax_comment_err('上车请刷卡。<br>Sorry, spam detected!');
+    }
+}
+if(akina_option('norobot')) add_action('pre_comment_on_post', 'siren_robot_comment');
+}elseif (akina_option('verification_type')=='Google reCAPTCHA') {
+
+function siren_robot_comment(){
+  if (!is_user_logged_in()) {
+    if (isset($_POST['g-recaptcha-response'])) {
+      $recaptchaResponse = $_POST['g-recaptcha-response'];
+      $response = file_get_contents("https://www.recaptcha.net/recaptcha/api/siteverify?secret=".akina_option('secret_key')."&response=".$recaptchaResponse);
+      $response = json_decode($response);
+      if ($response->success == false) {
+        // reCAPTCHA验证失败
+        siren_ajax_comment_err('reCAPTCHA验证失败,请刷新页面或验证码。<br>reCAPTCHA verification failed.Please refresh the page or CAPTCHA.');
+      }
+    } else {
+      siren_ajax_comment_err('上车请刷卡。<br>Please comfirm you are not a robot.');
+    }
+  }
+}
+
+}elseif(akina_option('verification_type')=='Google reCAPTCHA v3'){
+
+function siren_robot_comment(){
+  if (!is_user_logged_in()) {
+    if (isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) {
+      $recaptchaResponse = $_POST['g-recaptcha-response'];
+      $response = file_get_contents("https://www.recaptcha.net/recaptcha/api/siteverify?secret=".akina_option('secret_key')."&response=".$recaptchaResponse);
+      $response = json_decode($response);
+      if ($response->success == false || $response->score < akina_option('rescore')) {
+        // reCAPTCHA验证失败
+        siren_ajax_comment_err('reCAPTCHA验证失败,请刷新页面或验证码。<br>reCAPTCHA verification failed.Please refresh the page or CAPTCHA.');
+      }
+    } else {
+      // 如果没有收到 reCAPTCHA token 或者 token 为空，返回错误消息
+      siren_ajax_comment_err('reCAPTCHA token为空。<br>reCAPTCHA token is empty.');
+    }
   }
 }
+
+
+
+}
+elseif(akina_option('verification_type')=='mCAPTCHA'){
+    //start
+function siren_robot_comment(){
+  if (!is_user_logged_in()) {
+    if ( !isset($_POST['mcaptcha__token']) || empty($_POST['mcaptcha__token'])) {
+      siren_ajax_comment_err('上车请刷卡。<br>Please comfirm you are not a robot.');
+    } else {
+      $mcaptcha_token = $_POST['mcaptcha__token'];
+      $mcaptcha_sitekey = akina_option('site_key'); 
+      $mcaptcha_account_secret = akina_option('secret_key'); 
+      $verify_url = akina_option('mcaptcha_server'); //
+      $payload = array(
+        'token' => $mcaptcha_token,
+        'key' => $mcaptcha_sitekey,
+        'secret' => $mcaptcha_account_secret,
+      );
+      $payload = json_encode($payload);
+   //wp_remote_post 请求被拒绝，换CURL
+      // 初始化cURL会话
+      $ch = curl_init($verify_url);
+
+      // 设置cURL选项
+      curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+      curl_setopt($ch, CURLOPT_POST, true);
+      curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
+      curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
+
+      // 发送请求并获取响应
+      $response = curl_exec($ch);
+
+      // 关闭cURL会话
+      curl_close($ch);
+
+      if ($response === false) {
+        siren_ajax_comment_err('CAPTCAH请求失败 <br>A Error by mCAPTCHA');
+      } else {
+        $data = json_decode($response);
+        if ($data->valid==false) {
+          // mCAPTCHA验证失败
+          siren_ajax_comment_err('上车请刷卡。<br>Please comfirm you are not a robot.');
+        }
+      }
+    }
+  }
+}
+
+
+
+
+//end
+
+}else{
+    // 机器评论验证
+  function siren_robot_comment(){
+    if ( !$_POST['no-robot'] && !is_user_logged_in()) {
+       siren_ajax_comment_err('上车请刷卡。<br>Please comfirm you are not a robot.');
+    }
+  }  
+  }
 if(akina_option('norobot')) add_action('pre_comment_on_post', 'siren_robot_comment');
+  /*结束*/
+
 // 纯英文评论拦截
 function scp_comment_post( $incoming_comment ) {
   // 为什么要拦自己呢？

js/sakura-app.js

@@ -241,7 +241,7 @@ function clean_upload_images() {
 }
 
 function add_upload_tips() {
-    $('<div class="insert-image-tips popup"><i class="fa fa-picture-o" aria-hidden="true"></i><span class="insert-img-popuptext" id="uploadTipPopup">上传图片</span></div><input id="upload-img-file" type="file" accept="image/*" multiple="multiple" class="insert-image-button">').insertAfter($(".form-submit #submit"));
+    $('<div class="insert-image-tips popup"><i class="fa fa-picture-o" aria-hidden="true"></i><span class="insert-img-popuptext" id="uploadTipPopup">上传图片</span><input id="upload-img-file" type="file" accept="image/*" multiple="multiple" class="insert-image-button"></div>').insertAfter($(".form-submit #submit"));
     attach_image();
     $("#upload-img-file").hover(function () {
         $(".insert-image-tips").addClass("insert-image-tips-hover");

options.php

@@ -845,7 +845,52 @@ function optionsframework_options()
         'id' => 'norobot',
         'std' => '0',
         'type' => 'checkbox');
+
+    $options[] = array(
+        'name' => __('机器人验证方式', 'sakura'), /* 验证类型 */
+        'desc' => __('reCAPTCHA已更换为reCAPTCHA.net，国内正常使用。', 'sakura'), /* 选择验证码类型 */
+        'id' => 'verification_type',
+        'std' => '0',
+        'type' => 'radio',
+        'options' => array(
+        'CF Turnstile' => __('Cloudflare Turnstile 网络波动可能导致验证失败，需要设置站点密钥与后端秘钥。', 'sakura'),
+        'Google reCAPTCHA' => __('Google reCAPTCHA，需要设置站点密钥与后端秘钥。', 'sakura'),
+        'Google reCAPTCHA v3' => __('Google reCAPTCHA v3，需要设置站点密钥与后端秘钥。', 'sakura'),
+      //'geetest' => __('geetest，需要设置密钥', 'sakura'), 废弃原因:主题样式不兼容
+        'mCAPTCHA' => __('mCAPTCHA，需要自己使用Docker搭建，并配置站点密钥与后端密钥', 'sakura'),
+        'Theme CAPTCHA' => __('主题内建简单验证', 'sakura'),));
 
+    $options[] = array(
+        'name' => '站点密钥',
+        'desc' => '设置前端的站点密钥/Site-key，如果使用mCAPTCHA则填写完整小部件链接',
+        'id' => 'site_key',
+        'std' => '',
+        'type' => 'text');
+
+    $options[] = array(
+        'name' => '后端密钥',
+        'desc' => '设置与验证服务器请求的密钥/Secret-key',
+        'id' => 'secret_key',
+        'std' => '',
+        'type' => 'text');
+    $options[] = array(
+        'name' => 'mCAPTCHA服务器地址',
+        'desc' => '没有选择可以不填',
+        'id' => 'mcaptcha_server',
+        'std' => 'https://demo.mcaptcha.org/api/v1/pow/siteverify',
+        'type' => 'text');
+    $options[] = array(
+        'name' => __('reCAPTCHA 隐形模式', 'sakura'), /*机器人验证*/
+        'desc' => __('选择开启隐形模式，需要在reCAPTCHA控制台设置类型：v2 隐形 Enterprise', 'sakura'), /*开启机器人验证*/
+        'id' => 'rehidden',
+        'std' => '0',
+        'type' => 'checkbox');
+    $options[] = array(
+        'name' => '验证分数',
+        'desc' => 'reCAPTCHAv3的验证分数，从0.0-1.0，越高越接近人类。',
+        'id' => 'rescore',
+        'std' => '0.5',
+        'type' => 'text');    
     $options[] = array(
         'name' => __('QQ avatar link encryption', 'sakura'), /*QQ头像链接加密*/
         'desc' => __('Do not display the user\'s qq avatar links directly.', 'sakura'), /*不直接暴露用户qq头像链接*/

style.css

@@ -8815,4 +8815,34 @@ h1[id*=toc-head]::before,h2[id*=toc-head]::before,h3[id*=toc-head]::before,h4[id
 }
 .bangumi-next i {
     color: orange;
-}
+}
+/*
+mCAPTCHA
+*/
+#mcaptcha__widget-container {
+    height: 80px; 
+    width: 80%; 
+    background-color: #F9F9F9; 
+    border-radius: 5px; 
+    box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2);
+} 
+
+@media (prefers-color-scheme: dark) {
+    #mcaptcha__widget-container {
+        height: 80px; 
+        width: 80%; 
+        background-color: #505050; 
+        border-radius: 5px; 
+        box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2);
+    }
+} 
+
+@media (prefers-color-scheme: light) {
+    #mcaptcha__widget-container {
+        height: 80px; 
+        width: 80%; 
+        background-color: #F9F9F9; 
+        border-radius: 5px; 
+        box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2);
+    }
+}