/**
* Verifies that a user answered the math problem correctly while logging in.
*
* @return bool Returns true if the math is correct
* @throws Error if insuffient $_POST variables are present.
* @throws Error message if the math is wrong
*/
static function math_authenticate()
{
$salt = get_site_option('jetpack_protect_key') . get_site_option('admin_email');
$ans = isset($_POST['jetpack_protect_num']) ? (int) $_POST['jetpack_protect_num'] : '';
$salted_ans = sha1($salt . $ans);
$correct_ans = isset($_POST['jetpack_protect_answer']) ? $_POST['jetpack_protect_answer'] : '';
if (isset($_COOKIE['jpp_math_pass'])) {
$transient = Jetpack_Protect_Module::get_transient('jpp_math_pass_' . $_COOKIE['jpp_math_pass']);
if (!$transient || $transient < 1) {
Jetpack_Protect_Math_Authenticate::generate_math_page();
}
return true;
}
if (!$correct_ans || !$_POST['jetpack_protect_num']) {
Jetpack_Protect_Math_Authenticate::generate_math_page();
} elseif ($salted_ans != $correct_ans) {
wp_die(__('<strong>You failed to correctly answer the math problem.</strong> This is used to combat spam when the Jetpack Protect API is unavailable. Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack'), '', 401);
} else {
return true;
}
}