Welcome to Geeklog Sunday, October 22 2017 @ 02:28 am EDT


Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/2005
Posts: 1569
Location:la rochelle, France
A CAPTCHA implementation for Geeklog 2.0 or higher is available. CAPTCHA provides additional protections against spam bots registering or posting on your system.

[new] convert to COM_createHTMLDocument
[fix] css color issue
[new] captcha config is now in the main config area
[new] new install script to support auto install
[new] logview on the main captcha admin screen
[new] message to invite admin to check settings after upgrade to 3.4.0 due to config migration

Download

Documentation
I'm available to customise your themes or plugins for your Geeklog CMS

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/2005
Posts: 1569
Location:la rochelle, France
The archive will be in the download area as soon as a moderator will validate it Mr. Green

Ben
I'm available to customise your themes or plugins for your Geeklog CMS

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1232
Sorry about that. Done. Did you want to post an article as well?

Also I was testing it on my development server so I could update Geeklog.net and I noticed that I keep getting an error message of the captcha being expired when I enter a captcha for a comment or a new user (that is all I tested the captcha on).

With logging enabled I also get the message in the captcha log file:

CAPTCHA: Detected an attempt to use an expired CAPTCHA in comment - IP Address:

This was an upgrade from 3.4.0 I believe and the previous version was working.

I also checked the captcha table and their is a record with the correct captcha code and I assume the correct session id.

Tom


One of the Geeklog Core Developers.

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/2005
Posts: 1569
Location:la rochelle, France
Angry I sent you a new archive. A $_CP_CONF['expire'] was missing. Everything seems to work now on my testing platform.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1232
Yup it works. I updated the download on Geeklog.net with the new version (3.4.1).
One of the Geeklog Core Developers.

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1232
Feature request:

For some reason Google has stated crawling my installed captcha plugin:

/captcha/captcha.php
/captcha/captcha.php?c

When accessed directly if produces the error (which Google complains about in Webmaster Tools):

Invalid session id

Can we return a 404 error if it is accessed directly? Geeklog 2.0 has the new function COM_handle404 which is used by all of the core plugins.
One of the Geeklog Core Developers.

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/2005
Posts: 1569
Location:la rochelle, France
As COM_handle404 function seems to be only available for Geeklog 2.1 I will add this feature in the next release.

In captcha.php file start by:

PHP Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
    COM_handle404();
}


meanwhile we can add in the curent release

PHP Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
   die('This file can not be used on its own!');
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/2005
Posts: 1232
Actually that doesn't work since that file gets called by the script through html

For now I have just replaced

die("Invalid session id"Wink;

with

COM_handle404();



One of the Geeklog Core Developers.

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/2005
Posts: 1569
Location:la rochelle, France
+1 Smile

PHP Formatted Code
// see if an existing session_id is passed
if (isset($_GET['csid']) ) {
    $csid = COM_applyFilter($_GET['csid']);
} else {
    COM_handle404();
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS

All times are EDT. The time is now 02:28 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content