/// <summary> /// Validates the captcha. /// </summary> /// <param name="collection">The collection.</param> /// <param name="modelState">State of the model.</param> /// <param name="captchaKey">The captcha key.</param> /// <param name="captchaValue">The captcha value.</param> private static void ValidateCaptcha(FormCollection collection, ModelStateDictionary modelState, String captchaKey, String captchaValue) { bool isValid = true; // get the guid from form collection String guid = collection[CaptchaImage.CaptchaImageGuidKey]; // check for the guid because it is required from the rest of the opperation if (String.IsNullOrEmpty(guid)) { isValid = false; } else { // get values CaptchaImage image = CaptchaImage.GetCachedCaptcha(guid); String expectedValue = image == null ? String.Empty : image.Text; // removes the captch from cache so it cannot be used again HttpContext.Current.Cache.Remove(guid); // validate the captch if (String.IsNullOrEmpty(captchaValue) || String.IsNullOrEmpty(expectedValue) || !String.Equals(captchaValue, expectedValue, StringComparison.OrdinalIgnoreCase)) { isValid = false; } } if (!isValid) { modelState.AddModelError(captchaKey, @"The code you typed does not match the code the image."); } }
/// <summary> /// Enables processing of HTTP Web requests by a custom HttpHandler that implements the <see cref="T:System.Web.IHttpHandler"/> interface. /// </summary> /// <param name="filterContext">An <see cref="T:System.Web.HttpContext"/> object that provides references to the intrinsic server objects (for example, Request, Response, Session, and Server) used to service HTTP requests.</param> public void ProcessRequest(HttpContext context) { // get the unique GUID of the captcha; this must be passed in via the querystring string guid = context.Request.QueryString["guid"]; CaptchaImage ci = CaptchaImage.GetCachedCaptcha(guid); if (String.IsNullOrEmpty(guid) || ci == null) { context.Response.StatusCode = 404; context.Response.StatusDescription = "Not Found"; context.Response.End(); return; } // write the image to the HTTP output stream as an array of bytes using (Bitmap b = ci.RenderImage()) { b.Save(context.Response.OutputStream, ImageFormat.Gif); } context.Response.ContentType = "image/gif"; context.Response.StatusCode = 200; context.Response.StatusDescription = "OK"; context.Response.End(); }
/// <summary> /// Called when [action executed]. /// </summary> /// <param name="filterContext">The filter filterContext.</param> public override void OnActionExecuting(ActionExecutingContext filterContext) { // make sure no values are getting sent in from the outside if (filterContext.ActionParameters.ContainsKey("captchaValid")) { filterContext.ActionParameters["captchaValid"] = null; } // get the guid from the post back string guid = filterContext.HttpContext.Request.Form["captcha-guid"]; // check for the guid because it is required from the rest of the opperation if (String.IsNullOrEmpty(guid)) { filterContext.RouteData.Values.Add("captchaValid", false); return; } // get values CaptchaImage image = CaptchaImage.GetCachedCaptcha(guid); string actualValue = filterContext.HttpContext.Request.Form[Field]; string expectedValue = image == null ? String.Empty : image.Text; // removes the captch from cache so it cannot be used again filterContext.HttpContext.Cache.Remove(guid); // validate the captch filterContext.ActionParameters["captchaValid"] = !String.IsNullOrEmpty(actualValue) && !String.IsNullOrEmpty(expectedValue) && String.Equals(actualValue, expectedValue, StringComparison.OrdinalIgnoreCase); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); if (Try()) { return; } var modelState = filterContext.Controller.ViewData.ModelState; // make sure the captcha valid key is not contained in the route data //if (filterContext.RouteData.Values.ContainsKey("captchaValid")) // filterContext.RouteData.Values.Remove("captchaValid"); string guid = filterContext.RequestContext.HttpContext.Request.Form["captcha-guid"]; if (String.IsNullOrEmpty(guid)) { modelState.AddModelError(Field, ValidationMessage); //filterContext.RouteData.Values.Add("captchaValid", false); return; } CaptchaImage image = CaptchaImage.GetCachedCaptcha(guid); string actualValue = filterContext.RequestContext.HttpContext.Request.Form[Field]; string expectedValue = image == null ? String.Empty : image.Text; filterContext.RequestContext.HttpContext.Cache.Remove(guid); if (String.IsNullOrEmpty(actualValue) || String.IsNullOrEmpty(expectedValue) || !String.Equals(actualValue, expectedValue, StringComparison.OrdinalIgnoreCase)) { modelState.AddModelError(Field, ValidationMessage); } else { modelState.Remove(Field); } }