Welcome to Geeklog Sunday, December 05 2021 @ 03:09 am EST

Geeklog Forums

Captcha plugin 3.4 for Geeklog 2.0


Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
A CAPTCHA implementation for Geeklog 2.0 or higher is available. CAPTCHA provides additional protections against spam bots registering or posting on your system.

[new] convert to COM_createHTMLDocument
[fix] css color issue
[new] captcha config is now in the main config area
[new] new install script to support auto install
[new] logview on the main captcha admin screen
[new] message to invite admin to check settings after upgrade to 3.4.0 due to config migration

Download

Documentation
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
The archive will be in the download area as soon as a moderator will validate it Mr. Green

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1440
Sorry about that. Done. Did you want to post an article as well?

Also I was testing it on my development server so I could update Geeklog.net and I noticed that I keep getting an error message of the captcha being expired when I enter a captcha for a comment or a new user (that is all I tested the captcha on).

With logging enabled I also get the message in the captcha log file:

CAPTCHA: Detected an attempt to use an expired CAPTCHA in comment - IP Address:

This was an upgrade from 3.4.0 I believe and the previous version was working.

I also checked the captcha table and their is a record with the correct captcha code and I assume the correct session id.

Tom


One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
Angry I sent you a new archive. A $_CP_CONF['expire'] was missing. Everything seems to work now on my testing platform.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1440
Yup it works. I updated the download on Geeklog.net with the new version (3.4.1).
One of the Geeklog Core Developers.
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1440
Feature request:

For some reason Google has stated crawling my installed captcha plugin:

/captcha/captcha.php
/captcha/captcha.php?c

When accessed directly if produces the error (which Google complains about in Webmaster Tools):

Invalid session id

Can we return a 404 error if it is accessed directly? Geeklog 2.0 has the new function COM_handle404 which is used by all of the core plugins.
One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
As COM_handle404 function seems to be only available for Geeklog 2.1 I will add this feature in the next release.

In captcha.php file start by:

PHP Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
    COM_handle404();
}


meanwhile we can add in the curent release

PHP Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
   die('This file can not be used on its own!');
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1440
Actually that doesn't work since that file gets called by the script through html

For now I have just replaced

die("Invalid session id"Wink;

with

COM_handle404();



One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 14/01/05
Posts: 1569
Location:la rochelle, France
+1 Smile

PHP Formatted Code
// see if an existing session_id is passed
if (isset($_GET['csid']) ) {
    $csid = COM_applyFilter($_GET['csid']);
} else {
    COM_handle404();
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

All times are EST. The time is now 03:09 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content