Added reCAPTCHA support

With this *huge* patch I added reCAPTCHA support to phpsqlitecms.
You can edit the reCAPTCHA settings under 'Spam protection' section in
the administration panel.
After adding your site and your secret reCAPTCHA keys, you can select
where do you want to add the reCAPTCHA check, by now you can add it to:
* users login (/cms/)
* users comments on commentable posts
* mail sent through formmailer
It also prevents to randomly add Google's script in the page if it isn't
enabled, so it should be good for the ones who don't want Google in
their way ;)

.gitignore

@@ -0,0 +1,3 @@
+/nbproject/private/
+nbproject/project.properties
+nbproject/project.xml

cms/config/definitions.conf.php

@@ -8,6 +8,8 @@ define('JQUERY_UI_HANDLER', STATIC_URL.'js/jquery_ui_handler.js');
 define('BOOTSTRAP', '//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js');
 define('BOOTSTRAP_CSS', '//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css');
 
+define('RECAPTCHA_SCRIPT', 'https://www.google.com/recaptcha/api.js');
+
 define('WYSIWYG_EDITOR', '//tinymce.cachefly.net/4.0/tinymce.min.js');
 define('WYSIWYG_EDITOR_INIT', BASE_URL . 'static/js/wysiwyg_init.js');
 

cms/includes/classes/Comment.class.php

@@ -10,6 +10,8 @@ class Comment
   public $prevent_repeated_posts_minutes = 2;
   public $akismet_key = '';
   public $akismet_entry_check = 0;
+  public $recaptcha_secret_key = '';
+  public $recaptcha_entry_check = 0;
   public $remove_blank_lines = 1;
   public $auto_link = 1;
   public $smilies = 1;
@@ -461,6 +463,13 @@ class Comment
              }
            }
          }
+         
+         // reCAPTCHA check
+        if(!$this->admin_mode && $this->recaptcha_secret_key!='' && $this->recaptcha_entry_check==1)
+         {
+          if(!check_captcha($this->recaptcha_secret_key))
+            $this->errors[] = 'wrong_captcha';
+         }
        } // end if($save)
      }
    }

cms/includes/functions.inc.php

@@ -25,6 +25,29 @@ function showme($what)
   exit;
  }
 
+ /**
+  * check if the entered captcha is right
+  * NOTE: you need PHP5 for this specific function to work,
+  *       if you wan't to support other versions do a workaround yourself.
+  */
+function check_captcha($secret) {
+  $post_data = array(
+    'secret' => htmlspecialchars($secret), // have to pass it, since here $settings is not initalized 
+    'response' => $_POST["g-recaptcha-response"],
+  );
+    
+  $options = array(
+    'http' => array(
+      'method' => 'POST',
+      'content' => http_build_query($post_data),
+    ),
+  );
+  $context = stream_context_create($options);
+  $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify", false, $context);
+
+  return json_decode($response)->success;
+ }
+
 /**
  * fetches settings from database
  */

cms/includes/login.inc.php

@@ -10,28 +10,35 @@ elseif(empty($_SESSION[$settings['session_prefix'].'user_id']) && isset($_POST['
  {
   $username = $_POST['username'];
   $userpw = $_POST['userpw'];
-  if(isset($_POST['username']) && trim($_POST['username']) != '' && isset($_POST['userpw']) && trim($_POST['userpw']) != '')
+  if (!$settings['recaptcha_login_check'] || check_captcha($settings['recaptcha_secret_key']))
    {
-    $dbr = Database::$userdata->prepare('SELECT id, name, pw, type, wysiwyg FROM '.Database::$db_settings['userdata_table'].' WHERE lower(name)=lower(:name) LIMIT 1');
-    #$dbr->bindValue(':name',mb_strtolower($_POST['username'],CHARSET), PDO::PARAM_STR);
-    $dbr->bindValue(':name',$_POST['username'], PDO::PARAM_STR);
-    $dbr->execute();
-    $row = $dbr->fetch();
-    if(isset($row['id']))
+    if(isset($_POST['username']) && trim($_POST['username']) != '' && isset($_POST['userpw']) && trim($_POST['userpw']) != '')
      {
-      if(is_pw_correct($_POST['userpw'],$row['pw']))
+      $dbr = Database::$userdata->prepare('SELECT id, name, pw, type, wysiwyg FROM '.Database::$db_settings['userdata_table'].' WHERE lower(name)=lower(:name) LIMIT 1');
+      #$dbr->bindValue(':name',mb_strtolower($_POST['username'],CHARSET), PDO::PARAM_STR);
+      $dbr->bindValue(':name',$_POST['username'], PDO::PARAM_STR);
+      $dbr->execute();
+      $row = $dbr->fetch();
+      if(isset($row['id']))
        {
-        $_SESSION[$settings['session_prefix'].'user_id'] = $row['id'];
-        $_SESSION[$settings['session_prefix'].'user_name'] = $row['name'];
-        $_SESSION[$settings['session_prefix'].'user_type'] = $row['type'];
-        $_SESSION[$settings['session_prefix'].'wysiwyg'] = $row['wysiwyg'];
-        
-        $dbr = Database::$userdata->prepare('UPDATE '.Database::$db_settings['userdata_table'].' SET last_login=:now WHERE id=:id');
-        $dbr->bindValue(':now', time(), PDO::PARAM_INT);
-        $dbr->bindValue(':id', $row['id'], PDO::PARAM_INT);
-        $dbr->execute();
-        header('Location: ../');
-        exit;
+        if(is_pw_correct($_POST['userpw'],$row['pw']))
+         {
+          $_SESSION[$settings['session_prefix'].'user_id'] = $row['id'];
+          $_SESSION[$settings['session_prefix'].'user_name'] = $row['name'];
+          $_SESSION[$settings['session_prefix'].'user_type'] = $row['type'];
+          $_SESSION[$settings['session_prefix'].'wysiwyg'] = $row['wysiwyg'];
+          
+          $dbr = Database::$userdata->prepare('UPDATE '.Database::$db_settings['userdata_table'].' SET last_login=:now WHERE id=:id');
+          $dbr->bindValue(':now', time(), PDO::PARAM_INT);
+          $dbr->bindValue(':id', $row['id'], PDO::PARAM_INT);
+          $dbr->execute();
+          header('Location: ../');
+          exit;
+         }
+        else
+         {
+          $login_failed = true;
+         }
        }
       else
        {
@@ -45,7 +52,8 @@ elseif(empty($_SESSION[$settings['session_prefix'].'user_id']) && isset($_POST['
    }
   else
    {
-    $login_failed = true;
+      header('Location: index.php?msg=wrong_captcha');
+      exit;  
    }
   if(isset($login_failed))
    {

cms/includes/page_types/commentable_page.php

@@ -15,6 +15,8 @@ $comment->comment_maxlength = $settings['comment_maxlength'];
 $comment->prevent_repeated_posts_minutes = $settings['prevent_repeated_posts_minutes'];
 $comment->akismet_key = $settings['akismet_key'];
 $comment->akismet_entry_check = $settings['akismet_entry_check'];
+$comment->recaptcha_secret_key = $settings['recaptcha_secret_key'];
+$comment->recaptcha_entry_check = $settings['recaptcha_entry_check'];
 $comment->remove_blank_lines = $settings['comment_remove_blank_lines'];
 $comment->auto_link = $settings['comment_auto_link'];
 $comment->smilies = $settings['comment_smilies'];

cms/includes/page_types/formmailer.php

@@ -34,6 +34,10 @@ if(isset($_POST['send']))
    {
     $errors[] = 'formmail_error_subj_too_long';
    }
+  if ($settings['recaptcha_mail_check'] && !isset($_SESSION[$settings['session_prefix'].'user_id']) && !check_captcha($settings['recaptcha_secret_key']))
+   {
+    $errors[] = 'wrong_captcha';
+   }
   if(empty($errors))
    {
         // Akismet spam check:

cms/includes/spam_protection.inc.php

@@ -47,6 +47,15 @@ if(isset($_SESSION[$settings['session_prefix'].'user_id']) && $_SESSION[$setting
     $akismet_key = !empty($_POST['akismet_key']) ? $_POST['akismet_key'] : '';
     $akismet_entry_check = isset($_POST['akismet_entry_check']) ? 1 : 0;
     $akismet_mail_check = isset($_POST['akismet_mail_check']) ? 1 : 0;
+    
+    $recaptcha_public_key = !empty($_POST['recaptcha_public_key']) ? $_POST['recaptcha_public_key'] : '';
+    $recaptcha_secret_key = !empty($_POST['recaptcha_secret_key']) ? $_POST['recaptcha_secret_key'] : '';
+    $recaptcha_login_check = isset($_POST['recaptcha_login_check']) ? 1 : 0;
+    $recaptcha_entry_check = isset($_POST['recaptcha_entry_check']) ? 1 : 0;
+    $recaptcha_mail_check = isset($_POST['recaptcha_mail_check']) ? 1 : 0;
+    
+    if(($recaptcha_login_check || $recaptcha_entry_check || $recaptcha_mail_check) && (empty($recaptcha_public_key)) || empty($recaptcha_secret_key))
+      $errors[] = 'error_recaptcha_keys';
 
     if(trim($banned_ips=='') && trim($banned_user_agents=='')) $check_access_permission = 0;
     else $check_access_permission = 1;
@@ -77,6 +86,21 @@ if(isset($_SESSION[$settings['session_prefix'].'user_id']) && $_SESSION[$setting
       $dbr->bindValue(':name', 'akismet_mail_check', PDO::PARAM_STR);
       $dbr->bindParam(':value', $akismet_mail_check, PDO::PARAM_STR);
       $dbr->execute();
+      $dbr->bindValue(':name', 'recaptcha_public_key', PDO::PARAM_STR);
+      $dbr->bindParam(':value', $recaptcha_public_key, PDO::PARAM_STR);
+      $dbr->execute();
+      $dbr->bindValue(':name', 'recaptcha_secret_key', PDO::PARAM_STR);
+      $dbr->bindParam(':value', $recaptcha_secret_key, PDO::PARAM_STR);
+      $dbr->execute();
+      $dbr->bindValue(':name', 'recaptcha_login_check', PDO::PARAM_STR);
+      $dbr->bindParam(':value', $recaptcha_login_check, PDO::PARAM_STR);
+      $dbr->execute();
+      $dbr->bindValue(':name', 'recaptcha_entry_check', PDO::PARAM_STR);
+      $dbr->bindParam(':value', $recaptcha_entry_check, PDO::PARAM_STR);
+      $dbr->execute();
+      $dbr->bindValue(':name', 'recaptcha_mail_check', PDO::PARAM_STR);
+      $dbr->bindParam(':value', $recaptcha_mail_check, PDO::PARAM_STR);
+      $dbr->execute();
       $dbr->bindValue(':name', 'check_access_permission', PDO::PARAM_STR);
       $dbr->bindParam(':value', $check_access_permission, PDO::PARAM_STR);
       $dbr->execute();
@@ -95,6 +119,11 @@ if(isset($_SESSION[$settings['session_prefix'].'user_id']) && $_SESSION[$setting
       if(isset($_POST['akismet_key'])) $template->assign('akismet_key',htmlspecialchars(stripslashes($_POST['akismet_key'])));
       if(isset($_POST['akismet_entry_check'])) $template->assign('akismet_entry_check',intval($_POST['akismet_entry_check']));
       if(isset($_POST['akismet_mail_check'])) $template->assign('akismet_mail_check',intval($_POST['akismet_mail_check']));
+      if(isset($_POST['recaptcha_public_key'])) $template->assign('recaptcha_public_key', htmlspecialchars(stripslashes($_POST['recaptcha_public_key'])));
+      if(isset($_POST['recaptcha_secret_key']))$template->assign('recaptcha_secret_key', htmlspecialchars(stripslashes($_POST['recaptcha_secret_key'])));
+      if(isset($_POST['recaptcha_login_check'])) $template->assign('recaptcha_login_check',intval($_POST['recaptcha_login_check']));
+      if(isset($_POST['recaptcha_entry_check'])) $template->assign('recaptcha_entry_check',intval($_POST['recaptcha_entry_check']));
+      if(isset($_POST['recaptcha_mail_check'])) $template->assign('recaptcha_mail_check',intval($_POST['recaptcha_mail_check']));
 
      }
 
@@ -120,6 +149,13 @@ if(isset($_SESSION[$settings['session_prefix'].'user_id']) && $_SESSION[$setting
     $template->assign('akismet_key',htmlspecialchars(stripslashes($settings['akismet_key'])));
     $template->assign('akismet_entry_check',intval($settings['akismet_entry_check']));
     $template->assign('akismet_mail_check',intval($settings['akismet_mail_check']));
+    
+    // reCAPTCHA
+    $template->assign('recaptcha_public_key', htmlspecialchars(stripslashes($settings['recaptcha_public_key'])));
+    $template->assign('recaptcha_secret_key', htmlspecialchars(stripslashes($settings['recaptcha_secret_key'])));
+    $template->assign('recaptcha_login_check',intval($settings['recaptcha_login_check']));
+    $template->assign('recaptcha_entry_check',intval($settings['recaptcha_entry_check']));
+    $template->assign('recaptcha_mail_check',intval($settings['recaptcha_mail_check']));
    }
   if(isset($_GET['saved']))
    {

cms/lang/bulgarian.admin.lang.php

@@ -463,6 +463,17 @@ $lang['spam_protection_saved'] =         'Настройките на спам
 $lang['error_own_ip_banned'] =           'Опитвате се да забраните Вашия IP адрес!';
 $lang['error_own_user_agent_banned'] =   'Опитвате се да забраните Вашия браузър (user agent)!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Вмъкване на снимка';
 $lang['select_image_title'] =            'Вмъкване на снимка';

cms/lang/bulgarian.page.lang.php

@@ -147,4 +147,7 @@ $lang['search_no_results'] =             'Не са намерени стран
 $lang['akismet_error_api_key'] =         'Невалиден Akismet API ключ!';
 $lang['akismet_error_connection'] =      'Грешка при свързването със сървъра - моля, опитайте по-късно!';
 $lang['akismet_spam_suspicion'] =        'Съмнение за Спам!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>

cms/lang/chinese_zh-CN.admin.lang.php

@@ -458,6 +458,17 @@ $lang['spam_protection_saved'] =         '已保存';
 $lang['error_own_ip_banned'] =           '你禁止了自己的IP!';
 $lang['error_own_user_agent_banned'] =   '你禁止了自己的浏览器标志!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  '插入图片';
 $lang['select_image_title'] =            '插入图片';

cms/lang/chinese_zh-CN.page.lang.php

@@ -143,5 +143,8 @@ $lang['search_no_results'] =             '页面未找到';
 $lang['akismet_error_api_key'] =         'Invalid akismet api key';
 $lang['akismet_error_connection'] =      'Server connection error - please try again later';
 $lang['akismet_spam_suspicion'] =        'Spam suspicion!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>
 

cms/lang/english.admin.lang.php

@@ -458,6 +458,17 @@ $lang['spam_protection_saved'] =         'Saved';
 $lang['error_own_ip_banned'] =           'You banned your own IP!';
 $lang['error_own_user_agent_banned'] =   'You banned your own User Agent!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Insert image';
 $lang['select_image_title'] =            'Insert image';

cms/lang/english.page.lang.php

@@ -143,4 +143,7 @@ $lang['search_no_results'] =             'No pages found';
 $lang['akismet_error_api_key'] =         'Invalid akismet api key';
 $lang['akismet_error_connection'] =      'Server connection error - please try again later';
 $lang['akismet_spam_suspicion'] =        'Spam suspicion!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>

cms/lang/german.admin.lang.php

@@ -458,6 +458,17 @@ $lang['spam_protection_saved'] =         'Gespeichert';
 $lang['error_own_ip_banned'] =           'Sie haben Ihre eigene IP gebannt!';
 $lang['error_own_user_agent_banned'] =   'Sie haben Ihren eigenen User-Agent gebannt!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Bild einfügen';
 $lang['select_image_title'] =            'Bild einfügen';

cms/lang/german.page.lang.php

@@ -146,4 +146,7 @@ $lang['search_no_results'] =             'Keine Seiten gefunden';
 $lang['akismet_error_api_key'] =         'Ungültiger Akismet-API-Key';
 $lang['akismet_error_connection'] =      'Fehler bei der Serververbindung - bitte versuchen Sie es später noch einmal';
 $lang['akismet_spam_suspicion'] =        'Spam-Verdacht!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>

cms/lang/polish.admin.lang.php

@@ -463,6 +463,17 @@ $lang['spam_protection_saved'] =         'Zapisane';
 $lang['error_own_ip_banned'] =           'Zabanowałeś swój IP!';
 $lang['error_own_user_agent_banned'] =   'Zabanowałeś swojego User Agenta!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Wstaw obrazek';
 $lang['select_image_title'] =            'Wstaw obrazek';

cms/lang/polish.page.lang.php

@@ -152,4 +152,7 @@ $lang['search_no_results'] =             'Nie znaleziono stron';
 $lang['akismet_error_api_key'] =         'Błędny klucz api akismet (api key)';
 $lang['akismet_error_connection'] =      'Błąd połączenia z serwerem akismet - proszę spróbować później';
 $lang['akismet_spam_suspicion'] =        'Podejrzenie spamu!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>

cms/lang/russian.admin.lang.php

@@ -462,6 +462,17 @@ $lang['spam_protection_saved'] =         'Настройки Анти-Спам
 $lang['error_own_ip_banned'] =           'Вы пытаетесь заблокировать свой собственный IP!';
 $lang['error_own_user_agent_banned'] =   'Вы пытаетесь заблокировать свой собственный браузер (User Agent)!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Вставить изображение';
 $lang['select_image_title'] =            'Вставить изображение';

cms/lang/russian.page.lang.php

@@ -147,3 +147,5 @@ $lang['akismet_error_api_key'] =         'Недопустимый ключ akis
 $lang['akismet_error_connection'] =      'Ошибка подключения к серверу akismet - попробуйте повторить позже';
 $lang['akismet_spam_suspicion'] =        'Похоже на спам!';
 
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';

cms/lang/spanish.admin.lang.php

@@ -461,6 +461,17 @@ $lang['spam_protection_saved'] =         'Configuración guardada';
 $lang['error_own_ip_banned'] =           '¡Ha bloqueado su propia dirección IP!';
 $lang['error_own_user_agent_banned'] =   '¡Ha bloqueado su propio navegador!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Insertar una imagen';
 $lang['select_image_title'] =            'Insertar una imagen';

cms/lang/spanish.page.lang.php

@@ -143,4 +143,7 @@ $lang['search_no_results'] =             'No se ha encontrado ninguna página';
 $lang['akismet_error_api_key'] =         'La clave del API Akismet es incorrecta';
 $lang['akismet_error_connection'] =      'Error de conexión al servidor - por favor, inténtelo de nuevo más tarde';
 $lang['akismet_spam_suspicion'] =        '¡Sospecha de Spam!';
+
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';
 ?>

cms/lang/ukrainian.admin.lang.php

@@ -460,6 +460,17 @@ $lang['spam_protection_saved'] =         'Налаштування Анти-Сп
 $lang['error_own_ip_banned'] =           'Ви намагаєтесь заблокувати власний IP!';
 $lang['error_own_user_agent_banned'] =   'Ви намагаєтесь заблокувати власний браузер (User Agent)!';
 
+# reCAPTCHA
+$lang['recaptcha'] =                     'reCAPTCHA';
+$lang['recaptcha_desc'] =                'reCAPTCHA bot protection';
+$lang['recaptcha_login_check'] =         'enable for users login';
+$lang['recaptcha_entry_check'] =         'enable for comments';
+$lang['recaptcha_mail_check'] =          'enable for formmailer';
+$lang['recaptcha_public_key'] =          'Site Key';
+$lang['recaptcha_secret_key'] =          'Secret Key';
+$lang['error_recaptcha_keys'] =          'You forgot to setup your reCAPTCHA keys!';
+$lang['wrong_captcha'] =                 'You entered a wrong captcha, try again!';
+
 # insert_image
 $lang['insert_image'] =                  'Додати зображення';
 $lang['select_image_title'] =            'Додати зображення';

cms/lang/ukrainian.page.lang.php

@@ -145,3 +145,5 @@ $lang['akismet_error_api_key'] =         'Неприпустимий ключ ak
 $lang['akismet_error_connection'] =      'Помилка підключення до серверу akismet - спопробуйте пізніше';
 $lang['akismet_spam_suspicion'] =        'Схоже на спам!';
 
+// reCAPTCHA:
+$lang['wrong_captcha'] =				 'You entered a wrong captcha, please try again!';

cms/templates/admin/main.tpl

@@ -57,5 +57,8 @@
 <?php if ($mode == 'galleries'): ?>
     <script src="<?php echo STATIC_URL; ?>js/mylightbox.js" type="text/javascript"></script>
 <?php endif; ?>
+<?php if ($settings['recaptcha_login_check']): ?>
+    <script async src='<?php echo RECAPTCHA_SCRIPT; ?>'></script>
+<?php endif; ?>
 </body>
 </html>

cms/templates/admin/subtemplates/login.inc.tpl

@@ -1,8 +1,8 @@
 <h1><?php echo $lang['login']; ?></h1>
 
-<?php if (isset($_GET['msg'])): ?>
+<?php if (isset($_GET['msg']) && ($_GET['msg']=='login_failed' || $_GET['msg']=='wrong_captcha')): ?>
     <div class="alert alert-danger">
-        <strong><?php echo $lang['login_failed']; ?></strong>
+        <strong><?php echo $lang[$_GET['msg']]; ?></strong>
     </div>
 <?php endif; ?>
 
@@ -17,7 +17,13 @@
             <label for="pw"><?php echo $lang['login_password']; ?></label>
             <input id="pw" type="password" name="userpw" class="form-control"/>
         </div>
-
+        
+        <?php if($settings['recaptcha_login_check']): ?>
+        <div class="form-group login-form">
+            <div class="g-recaptcha" data-sitekey="<?php echo htmlspecialchars($settings['recaptcha_public_key']); ?>"></div>
+        </div>
+        <?php endif; ?>
+        
         <input type="submit" class="btn btn-lg btn-primary" value="<?php echo $lang['login_submit']; ?>"/>
 
     </fieldset>

cms/templates/admin/subtemplates/spam_protection.inc.tpl

@@ -52,6 +52,36 @@
                        name="akismet_mail_check"<?php if (isset($akismet_mail_check) && $akismet_mail_check == 1): ?> checked<?php endif; ?>> <?php echo $lang['akismet_mail_check']; ?>
             </label>
         </div>
+        <div class="form-group">
+            <label for="recaptcha"><?php echo $lang['recaptcha']; ?></label>
+            <span class="help-block"><?php echo $lang['recaptcha_desc']; ?></span>
+        </div>
+        <div class="form-group">
+            <input type="text" class="form-control" id="recaptcha_public_key" name="recaptcha_public_key"
+                    placeholder="<?php echo $lang['recaptcha_public_key']; ?>"
+                    value="<?php echo htmlspecialchars($recaptcha_public_key); ?>">
+        </div>
+        <div class="form-group">
+            <input type="text" class="form-control" id="recaptcha_secret_key" name="recaptcha_secret_key"
+                   placeholder="<?php echo $lang['recaptcha_secret_key']; ?>"
+                   value="<?php echo htmlspecialchars($recaptcha_secret_key); ?>">
+        </div>
+        <div class="form-group">
+            <div class="checkbox">
+                <label>
+                    <input id="recaptcha_login_check" type="checkbox"
+                           name="recaptcha_login_check"<?php if (isset($recaptcha_login_check) && $recaptcha_login_check == 1): ?> checked<?php endif; ?>> <?php echo $lang['recaptcha_login_check']; ?>
+                </label><br/>
+                <label>
+                    <input id="recaptcha_entry_check" type="checkbox"
+                           name="recaptcha_entry_check"<?php if (isset($recaptcha_entry_check) && $recaptcha_entry_check == 1): ?> checked<?php endif; ?>> <?php echo $lang['recaptcha_entry_check']; ?>
+                </label><br/>
+                <label>
+                    <input id="recaptcha_mail_check" type="checkbox"
+                           name="recaptcha_mail_check"<?php if (isset($recaptcha_mail_check) && $recaptcha_mail_check == 1): ?> checked<?php endif; ?>> <?php echo $lang['recaptcha_mail_check']; ?>
+                </label>
+            </div>
+        </div>
 
         <button class="btn btn-primary" type="submit"><?php echo $lang['spam_protection_submit']; ?></button>
 

cms/templates/default.tpl

@@ -111,6 +111,9 @@
 <?php if (isset($contains_thumbnails)): ?>
     <script src="<?php echo STATIC_URL; ?>js/mylightbox.js" type="text/javascript"></script>
 <?php endif; ?>
+<?php if ($settings['recaptcha_entry_check'] || $settings['recaptcha_mail_check']): ?>
+    <script async src='<?php echo RECAPTCHA_SCRIPT; ?>'></script>
+<?php endif; ?>
 </body>
 </html>
 

cms/templates/subtemplates/comments.inc.tpl

@@ -176,6 +176,12 @@
                                            value="<?php echo $form_values['email_hp']; ?>"
                                            placeholder="<?php echo $lang['comment_input_email_hp']; ?>"/>
                                 </div>
+                                
+                                <?php if($settings['recaptcha_entry_check'] && $form_session && !$admin): ?>
+                                <div class="form-group login-form">
+                                    <div class="g-recaptcha" data-sitekey="<?php echo htmlspecialchars($settings['recaptcha_public_key']); ?>"></div>
+                                </div>
+                                <?php endif; ?>
 
                                 <div class="form-group">
                                     <input type="submit" class="btn btn-primary" name="save"

cms/templates/subtemplates/formmailer.inc.tpl

@@ -36,7 +36,13 @@
                 <textarea id="message" class="form-control" name="message"
                           rows="12"><?php if (isset($message)) echo $message; ?></textarea>
             </div>
-
+            
+            <?php if($settings['recaptcha_mail_check'] && !isset($_SESSION[$settings['session_prefix'].'user_id'])): ?>
+            <div class="form-group">
+                <div class="g-recaptcha" data-sitekey="<?php echo htmlspecialchars($settings['recaptcha_public_key']); ?>"></div>
+            </div>
+            <?php endif; ?>
+            
             <p>
                 <button class="btn btn-primary btn-lg" type="submit"><span
                         class="glyphicon glyphicon-envelope"></span> <?php echo $lang['formmailer_button_send']; ?>