Code Coverage
 
Classes and Traits
Functions and Methods
Lines
Total
0.00% covered (danger)
0.00%
0 / 1
18.42% covered (danger)
18.42%
7 / 38
CRAP
12.52% covered (danger)
12.52%
64 / 511
qa
0.00% covered (danger)
0.00%
0 / 1
18.42% covered (danger)
18.42%
7 / 38
8813.00
12.52% covered (danger)
12.52%
64 / 511
 __construct
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
4 / 4
 init
0.00% covered (danger)
0.00%
0 / 1
110
0.00% covered (danger)
0.00%
0 / 44
 is_installed
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
3 / 3
 is_available
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 11
 has_config
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 1
 get_name
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 1
 get_service_name
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
1 / 1
 set_name
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
2 / 2
 execute_demo
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 1
 execute
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 1
 get_template
0.00% covered (danger)
0.00%
0 / 1
20
0.00% covered (danger)
0.00%
0 / 15
 get_demo_template
0.00% covered (danger)
0.00%
0 / 1
12
0.00% covered (danger)
0.00%
0 / 15
 get_hidden_fields
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 7
 garbage_collect
0.00% covered (danger)
0.00%
0 / 1
30
0.00% covered (danger)
0.00%
0 / 20
 uninstall
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 2
 install
100.00% covered (success)
100.00%
1 / 1
3
100.00% covered (success)
100.00%
41 / 41
 validate
0.00% covered (danger)
0.00%
0 / 1
30
0.00% covered (danger)
0.00%
0 / 21
 select_question
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 16
 reselect_question
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 13
 new_attempt
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 10
 load_confirm_id
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 12
 load_answer
0.00% covered (danger)
0.00%
0 / 1
20
0.00% covered (danger)
0.00%
0 / 19
 check_answer
0.00% covered (danger)
0.00%
0 / 1
30
0.00% covered (danger)
0.00%
0 / 14
 get_attempt_count
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 1
 reset
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 7
 is_solved
0.00% covered (danger)
0.00%
0 / 1
12
0.00% covered (danger)
0.00%
0 / 6
 acp_page
0.00% covered (danger)
0.00%
0 / 1
462
0.00% covered (danger)
0.00%
0 / 91
 acp_question_list
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 18
 acp_get_question_data
0.00% covered (danger)
0.00%
0 / 1
20
0.00% covered (danger)
0.00%
0 / 20
 acp_get_question_input
100.00% covered (success)
100.00%
1 / 1
2
100.00% covered (success)
100.00%
4 / 4
 anonymous function
100.00% covered (success)
100.00%
1 / 1
1
100.00% covered (success)
100.00%
2 / 2
 acp_update_question
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 14
 acp_add_question
0.00% covered (danger)
0.00%
0 / 1
2
0.00% covered (danger)
0.00%
0 / 11
 acp_insert_answers
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 10
 acp_delete_question
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 8
 validate_input
0.00% covered (danger)
0.00%
0 / 1
90
0.00% covered (danger)
0.00%
0 / 14
 get_languages
0.00% covered (danger)
0.00%
0 / 1
6
0.00% covered (danger)
0.00%
0 / 11
 acp_is_last
0.00% covered (danger)
0.00%
0 / 1
12
0.00% covered (danger)
0.00%
0 / 13
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\captcha\plugins;
/**
* And now to something completely different. Let's make a captcha without extending the abstract class.
* QA CAPTCHA sample implementation
*/
class qa
{
    var $confirm_id;
    var $answer;
    var $question_ids = [];
    var $question_text;
    var $question_lang;
    var $question_strict;
    var $attempts = 0;
    var $type;
    // dirty trick: 0 is false, but can still encode that the captcha is not yet validated
    var $solved = 0;
    protected $table_captcha_questions;
    protected $table_captcha_answers;
    protected $table_qa_confirm;
    /**
    * @var string name of the service.
    */
    protected $service_name;
    /**
    * Constructor
    *
    * @param string $table_captcha_questions
    * @param string $table_captcha_answers
    * @param string $table_qa_confirm
    */
    function __construct($table_captcha_questions, $table_captcha_answers, $table_qa_confirm)
    {
        $this->table_captcha_questions = $table_captcha_questions;
        $this->table_captcha_answers = $table_captcha_answers;
        $this->table_qa_confirm = $table_qa_confirm;
    }
    /**
    * @param int $type  as per the CAPTCHA API docs, the type
    */
    function init($type)
    {
        global $config, $db, $user, $request;
        // load our language file
        $user->add_lang('captcha_qa');
        // read input
        $this->confirm_id = $request->variable('qa_confirm_id', '');
        $this->answer = $request->variable('qa_answer', '', true);
        $this->type = (int) $type;
        $this->question_lang = $user->lang_name;
        // we need all defined questions - shouldn't be too many, so we can just grab them
        // try the user's lang first
        $sql = 'SELECT question_id
            FROM ' . $this->table_captcha_questions . "
            WHERE lang_iso = '" . $db->sql_escape($user->lang_name) . "'";
        $result = $db->sql_query($sql, 3600);
        while ($row = $db->sql_fetchrow($result))
        {
            $this->question_ids[$row['question_id']] = $row['question_id'];
        }
        $db->sql_freeresult($result);
        // fallback to the board default lang
        if (!count($this->question_ids))
        {
            $this->question_lang = $config['default_lang'];
            $sql = 'SELECT question_id
                FROM ' . $this->table_captcha_questions . "
                WHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'";
            $result = $db->sql_query($sql, 7200);
            while ($row = $db->sql_fetchrow($result))
            {
                $this->question_ids[$row['question_id']] = $row['question_id'];
            }
            $db->sql_freeresult($result);
        }
        // final fallback to any language
        if (!count($this->question_ids))
        {
            $this->question_lang = '';
            $sql = 'SELECT q.question_id, q.lang_iso
                FROM ' . $this->table_captcha_questions . ' q, ' . $this->table_captcha_answers . ' a
                WHERE q.question_id = a.question_id';
            $result = $db->sql_query($sql, 7200);
            while ($row = $db->sql_fetchrow($result))
            {
                if (empty($this->question_lang))
                {
                    $this->question_lang = $row['lang_iso'];
                }
                $this->question_ids[$row['question_id']] = $row['question_id'];
            }
            $db->sql_freeresult($result);
        }
        // okay, if there is a confirm_id, we try to load that confirm's state. If not, we try to find one
        if (!$this->load_answer() && (!$this->load_confirm_id() || !$this->load_answer()))
        {
            // we have no valid confirm ID, better get ready to ask something
            $this->select_question();
        }
    }
    /**
    * See if the captcha has created its tables.
    */
    public function is_installed()
    {
        global $phpbb_container;
        $db_tool = $phpbb_container->get('dbal.tools');
        return $db_tool->sql_table_exists($this->table_captcha_questions);
    }
    /**
    *  API function - for the captcha to be available, it must have installed itself and there has to be at least one question in the board's default lang
    */
    public function is_available()
    {
        global $config, $db, $user;
        // load language file for pretty display in the ACP dropdown
        $user->add_lang('captcha_qa');
        if (!$this->is_installed())
        {
            return false;
        }
        $sql = 'SELECT COUNT(question_id) AS question_count
            FROM ' . $this->table_captcha_questions . "
            WHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'";
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        return ((bool) $row['question_count']);
    }
    /**
    *  API function
    */
    function has_config()
    {
        return true;
    }
    /**
    *  API function
    */
    static public function get_name()
    {
        return 'CAPTCHA_QA';
    }
    /**
    * @return string the name of the service corresponding to the plugin
    */
    function get_service_name()
    {
        return $this->service_name;
    }
    /**
    * Set the name of the plugin
    *
    * @param string $name
    */
    public function set_name($name)
    {
        $this->service_name = $name;
    }
    /**
    *  API function - not needed as we don't display an image
    */
    function execute_demo()
    {
    }
    /**
    *  API function - not needed as we don't display an image
    */
    function execute()
    {
    }
    /**
    *  API function - send the question to the template
    */
    function get_template()
    {
        global $phpbb_log, $template, $user;
        if ($this->is_solved())
        {
            return false;
        }
        else if (empty($this->question_text) || !count($this->question_ids))
        {
            /** @var \phpbb\log\log_interface $phpbb_log */
            $phpbb_log->add('critical', $user->data['user_id'], $user->ip, 'LOG_ERROR_CAPTCHA', time(), array($user->lang('CONFIRM_QUESTION_MISSING')));
            return false;
        }
        else
        {
            $template->assign_vars(array(
                'QA_CONFIRM_QUESTION'    => $this->question_text,
                'QA_CONFIRM_ID'            => $this->confirm_id,
                'S_CONFIRM_CODE'        => true,
                'S_TYPE'                => $this->type,
            ));
            return 'captcha_qa.html';
        }
    }
    /**
    *  API function - we just display a mockup so that the captcha doesn't need to be installed
    */
    function get_demo_template()
    {
        global $config, $db, $template;
        if ($this->is_available())
        {
            $sql = 'SELECT question_text
                FROM ' . $this->table_captcha_questions . "
                WHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'";
            $result = $db->sql_query_limit($sql, 1);
            if ($row = $db->sql_fetchrow($result))
            {
                $template->assign_vars(array(
                    'QA_CONFIRM_QUESTION'        => $row['question_text'],
                ));
            }
            $db->sql_freeresult($result);
        }
        return 'captcha_qa_acp_demo.html';
    }
    /**
    *  API function
    */
    function get_hidden_fields()
    {
        $hidden_fields = array();
        // this is required - otherwise we would forget about the captcha being already solved
        if ($this->solved)
        {
            $hidden_fields['qa_answer'] = $this->answer;
        }
        $hidden_fields['qa_confirm_id'] = $this->confirm_id;
        return $hidden_fields;
    }
    /**
    *  API function
    */
    function garbage_collect($type = 0)
    {
        global $db;
        $sql = 'SELECT c.confirm_id
            FROM ' . $this->table_qa_confirm . ' c
            LEFT JOIN ' . SESSIONS_TABLE . ' s
                ON (c.session_id = s.session_id)
            WHERE s.session_id IS NULL' .
                ((empty($type)) ? '' : ' AND c.confirm_type = ' . (int) $type);
        $result = $db->sql_query($sql);
        if ($row = $db->sql_fetchrow($result))
        {
            $sql_in = array();
            do
            {
                $sql_in[] = (string) $row['confirm_id'];
            }
            while ($row = $db->sql_fetchrow($result));
            if (count($sql_in))
            {
                $sql = 'DELETE FROM ' . $this->table_qa_confirm . '
                    WHERE ' . $db->sql_in_set('confirm_id', $sql_in);
                $db->sql_query($sql);
            }
        }
        $db->sql_freeresult($result);
    }
    /**
    *  API function - we don't drop the tables here, as that would cause the loss of all entered questions.
    */
    function uninstall()
    {
        $this->garbage_collect(0);
    }
    /**
    *  API function - set up shop
    */
    function install()
    {
        global $phpbb_container;
        $db_tool = $phpbb_container->get('dbal.tools');
        $schemas = array(
                $this->table_captcha_questions        => array (
                    'COLUMNS' => array(
                        'question_id'    => array('UINT', null, 'auto_increment'),
                        'strict'        => array('BOOL', 0),
                        'lang_id'        => array('UINT', 0),
                        'lang_iso'        => array('VCHAR:30', ''),
                        'question_text'    => array('TEXT_UNI', ''),
                    ),
                    'PRIMARY_KEY'        => 'question_id',
                    'KEYS'                => array(
                        'lang'            => array('INDEX', 'lang_iso'),
                    ),
                ),
                $this->table_captcha_answers        => array (
                    'COLUMNS' => array(
                        'question_id'    => array('UINT', 0),
                        'answer_text'    => array('STEXT_UNI', ''),
                    ),
                    'KEYS'                => array(
                        'qid'            => array('INDEX', 'question_id'),
                    ),
                ),
                $this->table_qa_confirm        => array (
                    'COLUMNS' => array(
                        'session_id'    => array('CHAR:32', ''),
                        'confirm_id'    => array('CHAR:32', ''),
                        'lang_iso'        => array('VCHAR:30', ''),
                        'question_id'    => array('UINT', 0),
                        'attempts'        => array('UINT', 0),
                        'confirm_type'    => array('USINT', 0),
                    ),
                    'KEYS'                => array(
                        'session_id'            => array('INDEX', 'session_id'),
                        'lookup'                => array('INDEX', array('confirm_id', 'session_id', 'lang_iso')),
                    ),
                    'PRIMARY_KEY'        => 'confirm_id',
                ),
        );
        foreach ($schemas as $table => $schema)
        {
            if (!$db_tool->sql_table_exists($table))
            {
                $db_tool->sql_create_table($table, $schema);
            }
        }
    }
    /**
    *  API function - see what has to be done to validate
    */
    function validate()
    {
        global $phpbb_log, $user;
        $error = '';
        if (!count($this->question_ids))
        {
            /** @var \phpbb\log\log_interface $phpbb_log */
            $phpbb_log->add('critical', $user->data['user_id'], $user->ip, 'LOG_ERROR_CAPTCHA', time(), array($user->lang('CONFIRM_QUESTION_MISSING')));
            return $user->lang('CONFIRM_QUESTION_MISSING');
        }
        if (!$this->confirm_id)
        {
            $error = $user->lang['CONFIRM_QUESTION_WRONG'];
        }
        else
        {
            if ($this->check_answer())
            {
                $this->solved = true;
            }
            else
            {
                $error = $user->lang['CONFIRM_QUESTION_WRONG'];
            }
        }
        if (strlen($error))
        {
            // okay, incorrect answer. Let's ask a new question.
            $this->new_attempt();
            $this->solved = false;
            return $error;
        }
        else
        {
            return false;
        }
    }
    /**
    *  Select a question
    */
    function select_question()
    {
        global $db, $user;
        if (!count($this->question_ids))
        {
            return;
        }
        $this->confirm_id = md5(unique_id($user->ip));
        $this->question = (int) array_rand($this->question_ids);
        $sql = 'INSERT INTO ' . $this->table_qa_confirm . ' ' . $db->sql_build_array('INSERT', array(
            'confirm_id'    => (string) $this->confirm_id,
            'session_id'    => (string) $user->session_id,
            'lang_iso'        => (string) $this->question_lang,
            'confirm_type'    => (int) $this->type,
            'question_id'    => (int) $this->question,
        ));
        $db->sql_query($sql);
        $this->load_answer();
    }
    /**
    * New Question, if desired.
    */
    function reselect_question()
    {
        global $db, $user;
        if (!count($this->question_ids))
        {
            return;
        }
        $this->question = (int) array_rand($this->question_ids);
        $this->solved = 0;
        $sql = 'UPDATE ' . $this->table_qa_confirm . '
            SET question_id = ' . (int) $this->question . "
            WHERE confirm_id = '" . $db->sql_escape($this->confirm_id) . "'
                AND session_id = '" . $db->sql_escape($user->session_id) . "'";
        $db->sql_query($sql);
        $this->load_answer();
    }
    /**
    * Wrong answer, so we increase the attempts and use a different question.
    */
    function new_attempt()
    {
        global $db, $user;
        // yah, I would prefer a stronger rand, but this should work
        $this->question = (int) array_rand($this->question_ids);
        $this->solved = 0;
        $sql = 'UPDATE ' . $this->table_qa_confirm . '
            SET question_id = ' . (int) $this->question . ",
                attempts = attempts + 1
            WHERE confirm_id = '" . $db->sql_escape($this->confirm_id) . "'
                AND session_id = '" . $db->sql_escape($user->session_id) . "'";
        $db->sql_query($sql);
        $this->load_answer();
    }
    /**
    * See if there is already an entry for the current session.
    */
    function load_confirm_id()
    {
        global $db, $user;
        $sql = 'SELECT confirm_id
            FROM ' . $this->table_qa_confirm . "
            WHERE
                session_id = '" . $db->sql_escape($user->session_id) . "'
                AND lang_iso = '" . $db->sql_escape($this->question_lang) . "'
                AND confirm_type = " . $this->type;
        $result = $db->sql_query_limit($sql, 1);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        if ($row)
        {
            $this->confirm_id = $row['confirm_id'];
            return true;
        }
        return false;
    }
    /**
    * Look up everything we need and populate the instance variables.
    */
    function load_answer()
    {
        global $db, $user;
        if (!strlen($this->confirm_id) || !count($this->question_ids))
        {
            return false;
        }
        $sql = 'SELECT con.question_id, attempts, question_text, strict
            FROM ' . $this->table_qa_confirm . ' con, ' . $this->table_captcha_questions . " qes
            WHERE con.question_id = qes.question_id
                AND confirm_id = '" . $db->sql_escape($this->confirm_id) . "'
                AND session_id = '" . $db->sql_escape($user->session_id) . "'
                AND qes.lang_iso = '" . $db->sql_escape($this->question_lang) . "'
                AND confirm_type = " . $this->type;
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        if ($row)
        {
            $this->question = $row['question_id'];
            $this->attempts = $row['attempts'];
            $this->question_strict = $row['strict'];
            $this->question_text = $row['question_text'];
            return true;
        }
        return false;
    }
    /**
    *  The actual validation
    */
    function check_answer()
    {
        global $db, $request;
        $answer = ($this->question_strict) ? $request->variable('qa_answer', '', true) : utf8_clean_string($request->variable('qa_answer', '', true));
        $sql = 'SELECT answer_text
            FROM ' . $this->table_captcha_answers . '
            WHERE question_id = ' . (int) $this->question;
        $result = $db->sql_query($sql);
        while ($row = $db->sql_fetchrow($result))
        {
            $solution = ($this->question_strict) ? $row['answer_text'] : utf8_clean_string($row['answer_text']);
            if ($solution === $answer)
            {
                $this->solved = true;
                break;
            }
        }
        $db->sql_freeresult($result);
        return $this->solved;
    }
    /**
    *  API function
    */
    function get_attempt_count()
    {
        return $this->attempts;
    }
    /**
    *  API function
    */
    function reset()
    {
        global $db, $user;
        $sql = 'DELETE FROM ' . $this->table_qa_confirm . "
            WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
                AND confirm_type = " . (int) $this->type;
        $db->sql_query($sql);
        // we leave the class usable by generating a new question
        $this->select_question();
    }
    /**
    *  API function
    */
    function is_solved()
    {
        global $request;
        if ($request->variable('qa_answer', false) && $this->solved === 0)
        {
            $this->validate();
        }
        return (bool) $this->solved;
    }
    /**
    *  API function - The ACP backend, this marks the end of the easy methods
    */
    function acp_page($id, $module)
    {
        global $config, $request, $phpbb_log, $template, $user;
        $user->add_lang('acp/board');
        $user->add_lang('captcha_qa');
        if (!self::is_installed())
        {
            $this->install();
        }
        $module->tpl_name = 'captcha_qa_acp';
        $module->page_title = 'ACP_VC_SETTINGS';
        $form_key = 'acp_captcha';
        add_form_key($form_key);
        $submit = $request->variable('submit', false);
        $question_id = $request->variable('question_id', 0);
        $action = $request->variable('action', '');
        // we have two pages, so users might want to navigate from one to the other
        $list_url = $module->u_action . "&amp;configure=1&amp;select_captcha=" . $this->get_service_name();
        $template->assign_vars(array(
            'U_ACTION'        => $module->u_action,
            'QUESTION_ID'    => $question_id ,
            'CLASS'            => $this->get_service_name(),
        ));
        // show the list?
        if (!$question_id && $action != 'add')
        {
            $this->acp_question_list($module);
        }
        else if ($question_id && $action == 'delete')
        {
            if ($this->get_service_name() !== $config['captcha_plugin'] || !$this->acp_is_last($question_id))
            {
                if (confirm_box(true))
                {
                    $this->acp_delete_question($question_id);
                    trigger_error($user->lang['QUESTION_DELETED'] . adm_back_link($list_url));
                }
                else
                {
                    confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
                        'question_id'        => $question_id,
                        'action'            => $action,
                        'configure'            => 1,
                        'select_captcha'    => $this->get_service_name(),
                        ))
                    );
                }
            }
            else
            {
                trigger_error($user->lang['QA_LAST_QUESTION'] . adm_back_link($list_url), E_USER_WARNING);
            }
        }
        else
        {
            // okay, show the editor
            $question_input = $this->acp_get_question_input();
            $langs = $this->get_languages();
            foreach ($langs as $lang => $entry)
            {
                $template->assign_block_vars('langs', array(
                    'ISO' => $lang,
                    'NAME' => $entry['name'],
                ));
            }
            $template->assign_vars(array(
                'U_LIST' => $list_url,
            ));
            if ($question_id)
            {
                if ($question = $this->acp_get_question_data($question_id))
                {
                    $template->assign_vars(array(
                        'QUESTION_TEXT'        => ($question_input['question_text']) ? $question_input['question_text'] : $question['question_text'],
                        'LANG_ISO'            => ($question_input['lang_iso']) ? $question_input['lang_iso'] : $question['lang_iso'],
                        'STRICT'            => (isset($_REQUEST['strict'])) ? $question_input['strict'] : $question['strict'],
                        'ANSWERS'            => implode("\n", $question['answers']),
                    ));
                }
                else
                {
                    trigger_error($user->lang['FORM_INVALID'] . adm_back_link($list_url));
                }
            }
            else
            {
                $template->assign_vars(array(
                    'QUESTION_TEXT'        => $question_input['question_text'],
                    'LANG_ISO'            => $question_input['lang_iso'],
                    'STRICT'            => $question_input['strict'],
                    'ANSWERS'            => (is_array($question_input['answers'])) ? implode("\n", $question_input['answers']) : '',
                ));
            }
            if ($submit && check_form_key($form_key))
            {
                if (!$this->validate_input($question_input))
                {
                    $template->assign_vars(array(
                        'S_ERROR'            => true,
                    ));
                }
                else
                {
                    if ($question_id)
                    {
                        $this->acp_update_question($question_input, $question_id);
                    }
                    else
                    {
                        $this->acp_add_question($question_input);
                    }
                    $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CONFIG_VISUAL');
                    trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($list_url));
                }
            }
            else if ($submit)
            {
                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($list_url), E_USER_WARNING);
            }
        }
    }
    /**
    *  This handles the list overview
    */
    function acp_question_list($module)
    {
        global $db, $template;
        $sql = 'SELECT *
            FROM ' . $this->table_captcha_questions;
        $result = $db->sql_query($sql);
        $template->assign_vars(array(
            'S_LIST'            => true,
        ));
        while ($row = $db->sql_fetchrow($result))
        {
            $url = $module->u_action . "&amp;question_id={$row['question_id']}&amp;configure=1&amp;select_captcha=" . $this->get_service_name() . '&amp;';
            $template->assign_block_vars('questions', array(
                'QUESTION_TEXT'        => $row['question_text'],
                'QUESTION_ID'        => $row['question_id'],
                'QUESTION_LANG'        => $row['lang_iso'],
                'U_DELETE'            => "{$url}action=delete",
                'U_EDIT'            => "{$url}action=edit",
            ));
        }
        $db->sql_freeresult($result);
    }
    /**
    *  Grab a question and bring it into a format the editor understands
    */
    function acp_get_question_data($question_id)
    {
        global $db;
        if ($question_id)
        {
            $sql = 'SELECT *
                FROM ' . $this->table_captcha_questions . '
                WHERE question_id = ' . $question_id;
            $result = $db->sql_query($sql);
            $question = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
            if (!$question)
            {
                return false;
            }
            $question['answers'] = array();
            $sql = 'SELECT *
                FROM ' . $this->table_captcha_answers . '
                WHERE question_id = ' . $question_id;
            $result = $db->sql_query($sql);
            while ($row = $db->sql_fetchrow($result))
            {
                $question['answers'][] = $row['answer_text'];
            }
            $db->sql_freeresult($result);
            return $question;
        }
        return false;
    }
    /**
    *  Grab a question from input and bring it into a format the editor understands
    */
    function acp_get_question_input()
    {
        global $request;
        $answers = $request->variable('answers', '', true);
        // Convert answers into array and filter if answers are set
        if (strlen($answers))
        {
            $answers = array_filter(array_map('trim', explode("\n", $answers)), function ($value) {
                return $value !== '';
            });
        }
        $question = array(
            'question_text'    => $request->variable('question_text', '', true),
            'strict'        => $request->variable('strict', false),
            'lang_iso'        => $request->variable('lang_iso', ''),
            'answers'        => $answers,
        );
        return $question;
    }
    /**
    *  Update a question.
    * param mixed $data : an array as created from acp_get_question_input or acp_get_question_data
    */
    function acp_update_question($data, $question_id)
    {
        global $db, $cache;
        // easier to delete all answers than to figure out which to update
        $sql = 'DELETE FROM ' . $this->table_captcha_answers . " WHERE question_id = $question_id";
        $db->sql_query($sql);
        $langs = $this->get_languages();
        $question_ary = $data;
        $question_ary['lang_id'] = $langs[$question_ary['lang_iso']]['id'];
        unset($question_ary['answers']);
        $sql = 'UPDATE ' . $this->table_captcha_questions . '
            SET ' . $db->sql_build_array('UPDATE', $question_ary) . "
            WHERE question_id = $question_id";
        $db->sql_query($sql);
        $this->acp_insert_answers($data, $question_id);
        $cache->destroy('sql', $this->table_captcha_questions);
    }
    /**
    *  Insert a question.
    * param mixed $data : an array as created from acp_get_question_input or acp_get_question_data
    */
    function acp_add_question($data)
    {
        global $db, $cache;
        $langs = $this->get_languages();
        $question_ary = $data;
        $question_ary['lang_id'] = $langs[$data['lang_iso']]['id'];
        unset($question_ary['answers']);
        $sql = 'INSERT INTO ' . $this->table_captcha_questions . ' ' . $db->sql_build_array('INSERT', $question_ary);
        $db->sql_query($sql);
        $question_id = $db->sql_nextid();
        $this->acp_insert_answers($data, $question_id);
        $cache->destroy('sql', $this->table_captcha_questions);
    }
    /**
    *  Insert the answers.
    * param mixed $data : an array as created from acp_get_question_input or acp_get_question_data
    */
    function acp_insert_answers($data, $question_id)
    {
        global $db, $cache;
        foreach ($data['answers'] as $answer)
        {
            $answer_ary = array(
                'question_id'    => $question_id,
                'answer_text'    => $answer,
            );
            $sql = 'INSERT INTO ' . $this->table_captcha_answers . ' ' . $db->sql_build_array('INSERT', $answer_ary);
            $db->sql_query($sql);
        }
        $cache->destroy('sql', $this->table_captcha_answers);
    }
    /**
    *  Delete a question.
    */
    function acp_delete_question($question_id)
    {
        global $db, $cache;
        $tables = array($this->table_captcha_questions, $this->table_captcha_answers);
        foreach ($tables as $table)
        {
            $sql = "DELETE FROM $table
                WHERE question_id = $question_id";
            $db->sql_query($sql);
        }
        $cache->destroy('sql', $tables);
    }
    /**
    *  Check if the entered data can be inserted/used
    * param mixed $data : an array as created from acp_get_question_input or acp_get_question_data
    */
    function validate_input($question_data)
    {
        $langs = $this->get_languages();
        if (!isset($question_data['lang_iso']) ||
            !isset($question_data['question_text']) ||
            !isset($question_data['strict']) ||
            !isset($question_data['answers']))
        {
            return false;
        }
        if (!isset($langs[$question_data['lang_iso']]) ||
            !strlen($question_data['question_text']) ||
            !count($question_data['answers']) ||
            !is_array($question_data['answers']))
        {
            return false;
        }
        return true;
    }
    /**
    * List the installed language packs
    */
    function get_languages()
    {
        global $db;
        $sql = 'SELECT *
            FROM ' . LANG_TABLE;
        $result = $db->sql_query($sql);
        $langs = array();
        while ($row = $db->sql_fetchrow($result))
        {
            $langs[$row['lang_iso']] = array(
                'name'    => $row['lang_local_name'],
                'id'    => (int) $row['lang_id'],
            );
        }
        $db->sql_freeresult($result);
        return $langs;
    }
    /**
    *  See if there is a question other than the one we have
    */
    function acp_is_last($question_id)
    {
        global $config, $db;
        if ($question_id)
        {
            $sql = 'SELECT question_id
                FROM ' . $this->table_captcha_questions . "
                WHERE lang_iso = '" . $db->sql_escape($config['default_lang']) . "'
                    AND  question_id <> " .  (int) $question_id;
            $result = $db->sql_query_limit($sql, 1);
            $question = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
            if (!$question)
            {
                return true;
            }
            return false;
        }
    }
}