- Implemented across bootstrap.php, chat frontend, and dashboard:
Per-tier audio bitrate: Free 64, Plus 96, Pro 128 kbps. Configurable text/voice reply threads and depth. Registration/login-only honeypot and internal CAPTCHA. Optional Google reCAPTCHA v2/v3 with server verification. Archive/export support for replies and bitrate. Dashboard controls for all settings. Verified JavaScript, JSON, SQLite migrations, desktop/mobile UI, and browser console. Native PHP lint was unavailable because PHP is not installed. Google implementation follows Siteverify and reCAPTCHA v3.
This commit is contained in:
@@ -6,6 +6,7 @@ sendCorsHeaders();
|
||||
|
||||
$action = $_POST['action'] ?? $_GET['action'] ?? '';
|
||||
match ($action) {
|
||||
'captcha_challenge' => captchaChallenge(),
|
||||
'register' => registerUser(),
|
||||
'login' => loginUser(),
|
||||
'verify_2fa' => verifyTwoFactor(),
|
||||
@@ -14,7 +15,13 @@ match ($action) {
|
||||
default => jsonResponse(['error' => 'Unknown action'], 400),
|
||||
};
|
||||
|
||||
function captchaChallenge(): never {
|
||||
$operation = trim((string)($_GET['operation'] ?? $_POST['operation'] ?? ''));
|
||||
jsonResponse(createAuthCaptchaChallenge($operation));
|
||||
}
|
||||
|
||||
function registerUser(): never {
|
||||
validateAuthCaptcha('register');
|
||||
$db = getDB();
|
||||
$username = trim((string)($_POST['username'] ?? ''));
|
||||
$password = (string)($_POST['password'] ?? '');
|
||||
@@ -44,6 +51,7 @@ function registerUser(): never {
|
||||
}
|
||||
|
||||
function loginUser(): never {
|
||||
validateAuthCaptcha('login');
|
||||
$db = getDB();
|
||||
$username = trim((string)($_POST['username'] ?? ''));
|
||||
$password = (string)($_POST['password'] ?? '');
|
||||
|
||||
Reference in New Issue
Block a user