Welcome to Geeklog, Anonymous Wednesday, November 06 2024 @ 11:17 pm EST

Geeklog Forums

Spam Protection by Challenge/Response (Image with security code)


Vil

Anonymous
To begin, I've already had a look at the SpamX plugin. While this is quite nice (and I will soon integrate it on my geeklog installation), I've seen challenge/response spam protection on other sites and fount them really attractive.

For example, there is such a plugin for Movable Type:
Display an image with a Security Code and demand the user to enter a Security Code manually before allowing posting to go through.
(Link: http://james.seng.cc/archives/000145.html)

The same author has written such a module for Drupal resp. Drupal for bloggers (http://james.seng.cc/wiki/wiki.cgi?Drupal_For_Bloggers).

Now my question is: Has anyone already tried to implement such a plugin? I would to it myself, but my programming skills are somewhat *cough* limited.

-- Vil
 Quote

Vil

Anonymous
Btw, here are some important links regarding this kind of spam protection:

[1] http://www.captcha.net/
[2] http://www.chimetv.com/tv/products/botblock.shtml
 Quote

Tester

Anonymous
Downloaded scripts from http://www.chimetv.com/tv/products/botblock.shtml
Made the changes in the registration form and user.php. the iframe does not show, integration problem with Geeklog?
 Quote

Tester

Anonymous
I found another scripts for image verification here:
http://www.planet-source-code.com/vb/scripts/BrowseCategoryOrSearchResults.asp?lngWId=8&blnAuthorSearch=TRUE&lngAuthorId=4421446513&strAuthorName=Dracarys&txtMaxNumberOfEntriesPerPage=25

This one does not require any outside link.
 Quote

Status: offline

Elegantly

Forum User
Junior
Registered: 08/13/04
Posts: 15

Status: offline

jtwine

Forum User
Newbie
Registered: 11/03/04
Posts: 4
Location:New Hampshire, USA
JIC anyone is interested, I have incorporated the CAPTCHA system available from http://www.chimetv.com/tv/products/botblock.shtml
... At least, somewhat.

First, understand this: I AM NOT A PHP DEVELOPER -- THIS IS THE FIRST TIME I EVER MODIFIED A PHP FILE!!! So if something looks bass-ackwards, it likely is. Please feel free to improve on what I had done.

The reason I (and likely the above poster) cannot get the iframe to show is because the templates do not seem to support calling PHP functions.    Instead, my new user page generates a popup window with the CAPTCHA image in it.

I also added a field for the CAPTCHA image-value onto the registration template. This value is validated in the createuser function in users.php.

Here is what I did:

First, place the botblock.inc file into your site's root directory.

Then, create a file called captchaimage.php with the following contents:

<?php
require_once('lib-common.php');
require "botblock.inc";

$VERBOSE = false;

if (isset ($HTTP_POST_VARS['mode'])) {
    $mode = $HTTP_POST_VARS['mode'];
}
elseif (isset ($HTTP_GET_VARS['mode'])) {
    $mode = $HTTP_GET_VARS['mode'];
}
else {
    $mode = "";
}

$display .= printBotBlock("YourUSERNAME", "YourPASSWORD");

echo $display;
?>


In the users.php file, add the "require "botblock.inc";" after the "require_once('lib-common.php')". I then added the following code, which adds the ability to validate the CAPTCHA code and raises the popup window.    First, add a third parameter to the createuser function called $ccode:

function createuser($username,$email,$ccode)


In the beginning of the createuser function (after variable setup), add the following:

if(!validBotBlock())
{
    $msg = "Invalid CAPTCHA Value specified. Please try again.";
    $retval .= COM_siteHeader ('menu');
    if ($_CONF['custom_registration'] && function_exists(custom_userform)) {
        $retval .= custom_userform ($msg);
    } else {
        $retval .= newuserform ($msg);
    }
    $retval .= COM_siteFooter();

    return $retval;
}


I also added the following to the newuserform function (after the first "if"):

    $retval .= '<script language="JavaScript">';
    $retval .= "window.open('<YourGeekLogSiteRoot/captchaimage.php', 'CAPTCHA','width=220,height=60,resizable=yes,scrollbars=no')</script>";


And lastly, I added the following to my registrationform.thtml file, right after the for the user's email address ([lang_email]):

    <tr>
    <td colspan=2>
        To prevent spam bots from filling this form automatically, we require that you pass through a CAPTCHA system.
        A popup window should have appeared with a CAPTCHA image (if one does not appear, bypass any popup-blockers and refresh this page).
        If the text is hard to read, you can click on the image to regenerate it.
    </td>
    </tr>
    <tr>
    <td valign=top>
    </td>
    <td valign=top>
        <b>Please type the CAPTCHA code here</b>:<br><br>
        <input name="bb_codeword" maxlength=8 value="">
        <br><SMALL>Close the CAPTCHA window AFTER registration is complete!</SMALL><BR>
    </td>
    </tr>


And that was it!

Quite a bit kudgy, but it works correctly...

Hope that helps...    In some way, at least! This has only been tested with IE so far...

Peace!

-=- James.
 Quote

Status: offline

jtwine

Forum User
Newbie
Registered: 11/03/04
Posts: 4
Location:New Hampshire, USA
   Whoops...!  Ignore the part where I say to modify the createuser function; that third parameter was for debugging and is no longer used.  You can leave the signature of the function unchanged.

   Peace!
-=- James.
 Quote

All times are EST. The time is now 11:17 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content