Robocheck: The human operator is the key to unlock VIRTUAL WORLD

Robocheck uses advanced coding & algorithms (and ImageMagick and a word list)
to generate pictures with text. These pictures are useful in combatting spam,
because robots get nervous regarding pictures

.gitignore

@@ -1 +1,9 @@
 includes/config.php
+
+B4U/robocheck/*
+!B4U/robocheck/.keep
+
+tmp/*
+!tmp/robocheck-answers
+tmp/robocheck-answers/*
+!tmp/robocheck-answers/.keep

B4U/announce.txt

@@ -1 +0,0 @@
-There are no announements

B4U/css/base.css

@@ -62,30 +62,19 @@ body {
 	justify-content: center;
 }
 
-.collection > a,
-.minorbox,
-.reply .buttons > * {
+.hoverbox {
 	display: block;
-	margin-bottom: 15px;
 	padding-left: 5px;
 	padding-right: 5px;
 	transition: box-shadow 0.5s, color 1s;
 	border: 1px solid;
 	cursor: pointer;
 }
-.collection > a:hover,
-.minorbox:hover,
-.reply .buttons > *:hover {
+.hoverbox:hover {
 	box-shadow: -3px 3px 10px;
 }
-.collection a,
-.minorbox,
-.choicebox a,
-.timeline .content a,
-.reply .buttons > a,
-.leftnav,
-.rightnav,
-footer .minorbox a {
+.hoverbox a,
+a.hoverbox {
 	text-decoration: none;
 }
 .collection > a {
@@ -154,22 +143,32 @@ footer .minorbox a {
 }
 .reply {
 	display: flex;
-	align-content: flex-end;
 	flex: 0 0 auto;
 }
-.reply .buttons .cancel {
+.reply .buttons {
+	float: right;
+}
+.reply .cancel {
 	border-top: 0;
 	display: block;
 	margin: 0;
 	top: 0;
 }
+.reply img {
+	display: block;
+	width: 100%;
+}
 .reply .buttons input[type=submit] {
-	color: inherit;
-	margin-left: auto;
 	display: block;
+	color: inherit;
 	border-top: 0;
+	width: 100%;
+}
+.reply .buttons a {
+	text-align: center;
 }
 .reply textarea {
+	flex: 0 1 auto;
 	border-top: 0;
 	border-left: 0;
 	border-right: 0;
@@ -361,6 +360,7 @@ input, select, textarea {
 	margin-bottom: 1px;
 	font-size: 1em;
 	background-color: inherit;
+	margin: 0;
 }
 input[type=submit] {
 	padding-left: 5px;

B4U/index.php

@@ -11,7 +11,7 @@ if (!isset($page)) $page = 0;
 <!DOCTYPE HTML>
 <HTML>
 <head>
-<?php head('RAL')?>
+<?php head('Home')?>
 </head>
 <body>
 <div id=welcome>

B4U/info.php

@@ -39,20 +39,18 @@ function nl22br($string)
 			$a = CONFIG_WEBROOT . "info/";
 			print
 <<<HTML
-		<a href={$a}theme>Theme</a>
-		<a href={$a}announce>Notices</a>
-		<a href={$a}>About</a>
-		<a href={$a}help>Help</a>
+		<a class=hoverbox href={$a}theme>Theme</a>
+		<a class=hoverbox href={$a}>About</a>
+		<a class=hoverbox href={$a}help>Help</a>
 
 HTML;
 		}
 		else
 			print
 <<<HTML
-		<a href=?theme>Theme</a>
-		<a href=?staff>Staff</a>
-		<a href=?>About</a>
-		<a href=?help>Help</a>
+		<a class=hoverbox href=?theme>Theme</a>
+		<a class=hoverbox href=?>About</a>
+		<a class=hoverbox href=?help>Help</a>
 
 HTML;
 ?>
@@ -90,16 +88,6 @@ HTML;
 
 HTML;
 
-	} else if (isset($_GET['announce'])) {
-		$txt = nl22br(bbbbbbb(file_get_contents('announce.txt')));
-		print
-<<<HTML
-		<h3>Announcements</h3>
-		<div class=reader>
-		$txt
-		</div>
-
-HTML;
 	} else if (isset($_GET['help'])) {
 		$mail = CONFIG_ADMIN_MAIL; $name = ucfirst(CONFIG_ADMIN_NAME);
 		// Probably read this in from a file

B4U/max.php

@@ -204,17 +204,24 @@ HTML;
 			else
 				$target = CONFIG_WEBROOT
 				. "max.php";
-			if (empty($q)) $href = "$target";
+			if (empty($q)) $href = $target;
 			else $href = "$target?$q";
+			$robocheck = gen_robocheck($_COOKIE['auth']);
+			$robosrc = $robocheck['src'];
+			$robocode = $robocheck['id'];
 			print
 <<<HTML
 	<form class=reply method=POST action="?$q">
-		<textarea rows=5
-		maxlength=CONFIG_RAL_POSTMAXLEN
-		name=content></textarea>
+			<textarea rows=5
+			maxlength=CONFIG_RAL_POSTMAXLEN
+			name=content></textarea>
 		<div class=buttons>
-		<a href="$href" class=cancel>Cancel</a>
-		<input value=Post type=submit>
+			<img src="$robosrc">
+			<input type=hidden value=$robocode>
+			<input name=answer placeholder="Type the above text">
+			<input value=Post class=hoverbox type=submit>
+			<a href="$href" class="cancel hoverbox">Cancel</a>
+
 		</div>
 	</form>
 
@@ -230,8 +237,8 @@ HTML;
 			print
 <<<HTML
 	<footer>
-	<span class=minorbox>
-	<a href='$a'>Reply to Topic</a>
+	<span class=hoverbox>
+		<a href='$a'>Reply to Topic</a>
 	</span>
 
 HTML;
@@ -250,7 +257,7 @@ HTML;
 			}
 			print
 <<<HTML
-	<span class=minorbox>
+	<span class=hoverbox>
 		<a href=$a>Return</a>
 	</span>
 	</footer>
@@ -317,12 +324,16 @@ HTML;
 
 			print
 <<<HTML
-	<form class=reply method=POST action=?$q>
-		<textarea rows=5 maxlength=CONFIG_RAL_POSTMAXLEN
-		name=content></textarea>
+	<form class=reply method=POST action="?$q">
+			<textarea rows=5
+			maxlength=CONFIG_RAL_POSTMAXLEN
+			name=content></textarea>
 		<div class=buttons>
-		<a href='$href' class='cancel'>Cancel</a>
-		<input value=Post type=submit>
+			<img src="https://ral.howler.space/robocheck/5a4d30565da36/5a54e4e2769bb.jpg">
+			<input name=answer placeholder="Type the above text">
+			<input value=Post class=hoverbox type=submit>
+			<a href="$href" class="cancel hoverbox">Cancel</a>
+
 		</div>
 	</form>
 
@@ -339,8 +350,8 @@ HTML;
 			print
 <<<HTML
 	<footer>
-		<span class=minorbox>
-		<a href=$a>Create a Topic</a>
+		<span class=hoverbox>
+			<a href=$a>Create a Topic</a>
 		</span>
 	</footer>
 

includes/config.template.php

@@ -34,6 +34,8 @@ define("CONFIG_WEBROOT", "https:ral.space/");
 
 define("CONFIG_CLEAN_URL", false);
 
+define("CONFIG_WORDLIST", "/usr/share/wordlists/rockyou.txt");
+
 define("CONFIG_THEMES",
 [
 	'20XX',

includes/mod.php

@@ -32,5 +32,74 @@ function clearban($auth)
 		mysqli_query($dbh, $query);
 	}
 }
+function gen_robocheck($user)
+{
+	$imgpath = CONFIG_LOCALROOT . "B4U/robocheck/$user/";
+	$keypath = CONFIG_LOCALROOT . "tmp/robocheck-answers/$user/";
+	if (strpos(get_absolute_path($imgpath)
+	, CONFIG_LOCALROOT . "B4U/robocheck") !== 0
+	|| (!is_dir($imgpath) && !mkdir($imgpath))
+	|| (!is_dir($keypath) && !mkdir($keypath)))
+		die;
+
+	$id = uniqid();
+	$imgfile = "$id.jpg";
+	$keyfile = "$id.txt";
+
+	$tmp = CONFIG_LOCALROOT . "tmp/";
+	$key = rand_line(CONFIG_WORDLIST);
+
+	system("convert -size 165x70 plasma:fractal $tmp/$id-fractal.jpg");
+	system("convert $tmp/$id-fractal.jpg -paint 10 $tmp/$id-background.jpg");
+	system("convert -size 165x -background 'rgba(0,0,0,0)' -fill black -blur 0x1 -blur 0x1 label:'$key' $tmp/$id-text.png");
+	system("composite -gravity center $tmp/$id-text.png $tmp/$id-background.jpg $tmp/$id-final.jpg");
 
+	unlink("$tmp/$id-background.jpg");
+	unlink("$tmp/$id-fractal.jpg");
+	unlink("$tmp/$id-text.png");
+
+	rename("$tmp/$id-final.jpg", $imgpath . $imgfile);
+	file_put_contents($keypath . $keyfile, $key);
+
+	return [
+		"id" => $id,
+		"src" => CONFIG_WEBROOT . "robocheck/$user/$imgfile",
+	];
+}
+function check_robocheck($user, $id, $answer)
+{
+	$imgfile = CONFIG_LOCALROOT . "B4U/robocheck/$user/$id.jpg";
+	$keyfile = CONFIG_LOCALROOT . "tmp/robocheck-answers/$user/$id.txt";
+
+	if (file_get_contents($keyfile) !== $answer)
+		return false;
+	unlink($imgfile);
+	unlink($keyfile);
+	return true;
+}
+function rand_line($fname, $maxlen = 4096) {
+	$handle = fopen($fname, "r");
+	if (!$handle) return False;
+	$random_line = null;
+	$count = 0;
+	while (($line = fgets($handle, $maxlen)) !== false) {
+		$count++;
+		if(rand() % $count == 0) {
+			$random_line = $line;
+		}
+	}
+	fclose($handle);
+	return $random_line;
+}
+function get_absolute_path($path)
+{
+	$parts = explode('/', $path);
+	$absolutes = [];
+	foreach($parts as $part) {
+		if ($part == '.') continue;
+		if ($part == '..') array_pop($absolutes);
+		else $absolutes[] = $part;
+	}
+	return implode('/', $absolutes);
+}
 ?>

includes/render.php

@@ -24,13 +24,13 @@ HTML;
 		|| $i >= ($page + 1) * $per_page)
 			print
 <<<HTML
-	<a href="$a"
+	<a class=hoverbox href="$a"
 	style="visibility: hidden; display:none">$name</a>
 
 HTML;
 		else print
 <<<HTML
-	<a href="$a">$name</a>
+	<a class=hoverbox href="$a">$name</a>
 
 HTML;
 	}