Welcome to Geeklog, Anonymous Wednesday, December 11 2024 @ 04:55 am EST

Geeklog Forums

Captcha plugin 3.4 for Geeklog 2.0


Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
A CAPTCHA implementation for Geeklog 2.0 or higher is available. CAPTCHA provides additional protections against spam bots registering or posting on your system.

[new] convert to COM_createHTMLDocument
[fix] css color issue
[new] captcha config is now in the main config area
[new] new install script to support auto install
[new] logview on the main captcha admin screen
[new] message to invite admin to check settings after upgrade to 3.4.0 due to config migration

Download

Documentation
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
The archive will be in the download area as soon as a moderator will validate it Mr. Green

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Sorry about that. Done. Did you want to post an article as well?

Also I was testing it on my development server so I could update Geeklog.net and I noticed that I keep getting an error message of the captcha being expired when I enter a captcha for a comment or a new user (that is all I tested the captcha on).

With logging enabled I also get the message in the captcha log file:

CAPTCHA: Detected an attempt to use an expired CAPTCHA in comment - IP Address:

This was an upgrade from 3.4.0 I believe and the previous version was working.

I also checked the captcha table and their is a record with the correct captcha code and I assume the correct session id.

Tom


One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
Angry I sent you a new archive. A $_CP_CONF['expire'] was missing. Everything seems to work now on my testing platform.

Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Yup it works. I updated the download on Geeklog.net with the new version (3.4.1).
One of the Geeklog Core Developers.
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Feature request:

For some reason Google has stated crawling my installed captcha plugin:

/captcha/captcha.php
/captcha/captcha.php?c

When accessed directly if produces the error (which Google complains about in Webmaster Tools):

Invalid session id

Can we return a 404 error if it is accessed directly? Geeklog 2.0 has the new function COM_handle404 which is used by all of the core plugins.
One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
As COM_handle404 function seems to be only available for Geeklog 2.1 I will add this feature in the next release.

In captcha.php file start by:

Text Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
    COM_handle404();
}


meanwhile we can add in the curent release

Text Formatted Code

if (strpos(strtolower($_SERVER['PHP_SELF']), 'captcha.php') !== false) {
   die('This file can not be used on its own!');
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

Status: offline

Laugh

Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Actually that doesn't work since that file gets called by the script through html

For now I have just replaced

die("Invalid session id"Wink;

with

COM_handle404();



One of the Geeklog Core Developers.
 Quote

Status: offline

::Ben

Forum User
Full Member
Registered: 01/14/05
Posts: 1569
Location:la rochelle, France
+1 Smile

Text Formatted Code
// see if an existing session_id is passed
if (isset($_GET['csid']) ) {
    $csid = COM_applyFilter($_GET['csid']);
} else {
    COM_handle404();
}


Ben
I'm available to customise your themes or plugins for your Geeklog CMS
 Quote

All times are EST. The time is now 04:55 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content