Revision history for FreeCap


Revision [23353]

Last edited on 2016-05-20 07:38:47 by BrianKoontz [Replaces old-style internal links with new pipe-split links.]
Additions:
Ticket [[http://wush.net/trac/wikka/ticket/347 | #347]]
**URCaptchaModule**: A modular CAPTCHA plugin that requires no modifications to Wikka core code. Based upon YodaHome's implementation and the [[Docs:URRegistrationValidationFramework | UR framework]] available since 1.1.6.4.>>
Actually I looked for nice CAPTCHA scripts and found [[http://www.puremango.co.uk/cm_php_captcha_script_113.php | FreeCap]] which seemed quite strong to me and had some nice features. It is also released under the GPL. So I integrated it with my Wikka.
First you need to download the [[http://www.puremango.co.uk/freecap1.4.1.zip | FreeCap package]] from the website. (Note that this link may not lead to the latest package). Then all the files went into a "freecap" folder below the "actions" tree. Of course you might put it somewhere else but be sure that it can be properly accessed and you changed the paths correctly where necessary (see note at the bottom).
if (!defined('RETRIEVE_PASSWORD_MESSAGE')) define('RETRIEVE_PASSWORD_MESSAGE', "If you need a password reminder, click [[PasswordForgotten | here]]. --- You can login here using your password reminder.");
Deletions:
Ticket [[http://wush.net/trac/wikka/ticket/347 #347]]
**URCaptchaModule**: A modular CAPTCHA plugin that requires no modifications to Wikka core code. Based upon YodaHome's implementation and the [[Docs:URRegistrationValidationFramework UR framework]] available since 1.1.6.4.>>
Actually I looked for nice CAPTCHA scripts and found [[http://www.puremango.co.uk/cm_php_captcha_script_113.php FreeCap]] which seemed quite strong to me and had some nice features. It is also released under the GPL. So I integrated it with my Wikka.
First you need to download the [[http://www.puremango.co.uk/freecap1.4.1.zip FreeCap package]] from the website. (Note that this link may not lead to the latest package). Then all the files went into a "freecap" folder below the "actions" tree. Of course you might put it somewhere else but be sure that it can be properly accessed and you changed the paths correctly where necessary (see note at the bottom).
if (!defined('RETRIEVE_PASSWORD_MESSAGE')) define('RETRIEVE_PASSWORD_MESSAGE', "If you need a password reminder, click [[PasswordForgotten here]]. --- You can login here using your password reminder.");


Revision [19939]

Edited on 2008-05-17 13:34:00 by BrianKoontz [Minor edit; UR module announcement]

No Differences

Revision [19935]

Edited on 2008-05-17 13:20:41 by BrianKoontz [UR module update]
Additions:
Ticket [[http://wush.net/trac/wikka/ticket/347 #347]]
**URCaptchaModule**: A modular CAPTCHA plugin that requires no modifications to Wikka core code. Based upon YodaHome's implementation and the [[Docs:URRegistrationValidationFramework UR framework]] available since 1.1.6.4.>>
Deletions:
Ticket [[http://wush.net/trac/wikka/ticket/347 #347]]>>


Revision [19355]

Edited on 2008-01-28 00:15:25 by YodaHome [Modified links pointing to docs server]

No Differences

Revision [17516]

Edited on 2007-09-23 18:48:43 by YodaHome [minor fixes and additions]
Additions:
First you need to download the [[http://www.puremango.co.uk/freecap1.4.1.zip FreeCap package]] from the website. (Note that this link may not lead to the latest package). Then all the files went into a "freecap" folder below the "actions" tree. Of course you might put it somewhere else but be sure that it can be properly accessed and you changed the paths correctly where necessary (see note at the bottom).
~& If you didn't define a list with directories to exclude from rewrite, you can also copy an .htaccess -file into the actions directory - or any other directory you want to be accessable - containing the simple rule to turn rewrite off for that directory:
<IfModule mod_rewrite.c>
RewriteEngine off
</IfModule>
You can edit the freecap.php to customize the CAPTCHAs, change the hash encryption and type of image format. The script can use a dictionary to read the words from but I prefer random letters although they're hard to read sometimes. The dictionary must NOT be readable on your webspace (check it!) if you use it.
Deletions:
First you need to download the [[http://www.puremango.co.uk/freecap1.4.1.zip FreeCap package]] from the website. (Note that this link may not lead to the latest package). Then all the files went into a "freecap" folder in the below the "actions" tree.
You can edit the freecap.php to customize the CAPTCHAs and change the hash encryption. The script can use a dictionary to read the words from but I prefer random letters although they're hard to read sometimes. The dictionary must NOT be readable on your webspace (check it!) if you use it.


Revision [17423]

Edited on 2007-08-18 18:25:00 by ChrisBuechler [minor fixes and additions]
Additions:
=== Note for Rewrite Users ===
The image will not show up unless you exclude it in your mod_rewrite settings. For example, I initially had a rewrite rule found elsewhere on this site that didn't exclude rewriting for the actions directory.
RewriteRule ^(css|images|wikiedit2)/(.*)$ $1/$2 [L]
Changing that rule to include the actions directory, like as follows, fixed the problem.
RewriteRule ^(actions|css|images|wikiedit2)/(.*)$ $1/$2 [L]


Revision [17411]

Edited on 2007-08-12 03:48:35 by BrianKoontz [minor edit]

No Differences

Revision [17262]

Edited on 2007-07-14 16:36:57 by BrianKoontz [Added 1.1.7 (trunk) version]
Additions:
I only changed the usersettings.php (this is a modified version from 1.1.6.3), look for "added for ""FreeCap""" in the comments. For convenience this is the whole file. (Scroll down for 1.1.7-compatible version.)
**actions/usersettings.php** (//version 1.1.6.3 only//)
**actions/usersettings/usersettings.php** (//version 1.1.7 [trunk] only//)
* Enchanced to include captchas, based upon work by YodaHome
* (http://wikkawiki.org/FreeCap). See that page for implementation
* details.
* Note: To enable captchas, set allow_user-registration in
* wikak.config.php to '3'.
* @version $Id: usersettings.php,v 1.1 2007/07/14 05:32:14 brian Exp brian $
* @since 1.1.7
* @author {@link http://wikkawiki.org/NilsLindenberg Nils Lindenberg} (possibility to restrict registration)
* @todo replace $_REQUEST with either $_GET or $_POST (or both if really
* necessary) - #312
* Captcha TODOs:
* @todo Parameterize allow_user_registration in wikka.config.php
* to use defines rather than integers
* @todo Wrap in div blocks and style via CSS
* @todo Add option to bypass for manual registration
* (accessibility)
if (!defined('CAPTCHA_LABEL')) define('CAPTCHA_LABEL', "Type the letters in the picture:");
if (!defined('CAPTCHA_NO_READ')) define('CAPTCHA_NO_READ', "If you cannot read the word,");
if (!defined('CAPTCHA_NO_READ_CLICK_HERE')) define('CAPTCHA_NO_READ_CLICK_HERE', "click here");
$default_comment_display = '';
$invitation_code_highlight = '';
$wikiname_expanded = '<abbr title="'.WIKINAME_LONG.'">'.WIKINAME_SHORT.'</abbr>';
$url = $this->Href();
//Remember referring page if internal.
// - Getting correct regex to find the tag of referring page
preg_match('/^(.*)ReferrerMarker/', $this->Href('', 'ReferrerMarker'), $match);
$regex_referrer = '/^'.preg_quote($match[1], '/')."([^\\/\\?&]*)/";
if (isset($_SERVER['HTTP_REFERER']) && preg_match($regex_referrer, $_SERVER['HTTP_REFERER'], $match))
if (strcasecmp($this->tag, $match[1]))
$_SESSION['go_back'] = $_SERVER['HTTP_REFERER'];
//We save the tag of the referring page, this tag is to be shown in label <Go back to ...>. We must use a session here because if the user
//Refresh the page by hitting <Enter> on the address bar, the value would be lost.
$_SESSION['go_back_tag'] = $match[1];
if (isset($_POST['logout']) && $_POST['logout'] == LOGOUT_BUTTON) // replaced with normal form button #353, #312
if ($user = $this->GetUser())
$default_comment_display = $this->GetSafeVar('default_comment_display', 'post');
$error = ERROR_EMPTY_EMAIL_ADDRESS;
"default_comment_display = '".mysql_real_escape_string($default_comment_display)."', ".
unset($this->specialCache['user'][strtolower($user['name'])]); //invalidate cache if exists #368
else
$default_comment_display = $user['default_comment_display'];
<fieldset id="account"><legend><?php echo USER_ACCOUNT_LEGEND ?></legend>
<span id="account_info">
<?php printf(USER_LOGGED_IN_AS_CAPTION, $this->Link($user['name'])); ?>
</span><input id="logout" name="logout" type="submit" value="<?php echo LOGOUT_BUTTON; ?>" /><!-- #353,#312-->
<br class="clear" />
</fieldset>
<fieldset id="usersettings" class="usersettings"><legend><?php echo USER_SETTINGS_LEGEND ?></legend>
case (isset($_SESSION['usersettings_registered']) && $_SESSION['usersettings_registered'] == 'true'):
unset($_SESSION['usersettings_registered']);
$success = USER_REGISTERED_SUCCESS;
//case (isset($_GET['stored']) && $_GET['stored'] == 'true'):
case (isset($_POST['action']) && $_POST['action'] == 'update' && !isset($error)):
$success = USER_SETTINGS_STORED_SUCCESS;
echo '<em class="error">'.$error.'</em><br />'."\n";
echo '<em class="success">'.$success.'</em><br />'."\n";
case (($update_option == 'pw') && md5($oldpass) != $user['password']): //wrong old password
$passerror = ERROR_INVALID_OLD_PASSWORD;
case (($update_option == 'hash') && $oldpass != $user['password']): //wrong reminder (hash)
$passerror = ERROR_INVALID_HASH;
$passerror = ERROR_PASSWORD_NO_BLANK;
$this->Query('UPDATE '.$this->config['table_prefix'].'users SET '."password = md5('".mysql_real_escape_string($password)."') "."WHERE name = '".$user['name']."'");
unset($this->specialCache['user'][strtolower($name)]); //invalidate cache if exists #368
$passsuccess = USER_PASSWORD_CHANGED_SUCCESS;
<label for="email"><?php echo USER_EMAIL_LABEL ?></label>
<input id="email" type="text" <?php echo $email_highlight; ?> name="email" value="<?php echo $this->htmlspecialchars_ent($email) ?>" size="40" />
<br />
<label for="doubleclick"><?php echo DOUBLECLICK_LABEL ?></label>
<input type="hidden" name="doubleclickedit" value="N" />
<input id="doubleclick" type="checkbox" name="doubleclickedit" value="Y" <?php echo $doubleclickedit == 'Y' ? 'checked="checked"' : '' ?> />
<br />
<label for="showcomments"><?php echo SHOW_COMMENTS_LABEL ?></label>
<input type="hidden" name="show_comments" value="N" />
<input id="showcomments" type="checkbox" name="show_comments" value="Y" <?php echo $show_comments == 'Y' ? 'checked="checked"' : '' ?> />
<fieldset><legend><?php echo DEFAULT_COMMENT_STYLE_LABEL ?></legend>
<input id="default_comment_flat_asc" type="radio" name="default_comment_display" value="1" <?php echo ($default_comment_display==1) ? 'checked="checked"' : '' ?> /><label for="default_comment_flat_asc"><?php echo COMMENT_ASC_LABEL ?></label><br />
<input id="default_comment_flat_desc" type="radio" name="default_comment_display" value="2" <?php echo ($default_comment_display==2) ? 'checked="checked"' : '' ?> /><label for="default_comment_flat_desc"><?php echo COMMENT_DEC_LABEL ?></label><br />
<input id="default_comment_threaded" type="radio" name="default_comment_display" value="3" <?php echo ($default_comment_display==3) ? 'checked="checked"' : '' ?> /><label for="default_comment_threaded"><?php echo COMMENT_THREADED_LABEL ?></label><br />
</fieldset>
<br />
<label for="revisioncount"><?php echo PAGEREVISION_LIST_LIMIT_LABEL ?></label>
<input id="revisioncount" type="text" <?php echo $revisioncount_highlight; ?> name="revisioncount" value="<?php echo $this->htmlspecialchars_ent($revisioncount) ?>" size="40" />
<br />
<label for="changescount"><?php echo RECENTCHANGES_DISPLAY_LIMIT_LABEL ?></label>
<input id="changescount" type="text" <?php echo $changescount_highlight; ?> name="changescount" value="<?php echo $this->htmlspecialchars_ent($changescount) ?>" size="40" />
<br />
<input id="updatesettingssubmit" type="submit" value="<?php echo UPDATE_SETTINGS_BUTTON ?>" />
<br />
</fieldset>
<fieldset class="usersettings" id="changepassword"><legend><?php echo CHANGE_PASSWORD_LEGEND ?></legend>
echo '<em class="error">'.$passerror.'</em><br />'."\n";
else if (isset($passsuccess))
echo '<em class="success">'.$passsuccess.'</em><br />'."\n";
<select id="update_option" name="update_option">
<option value="pw" <?php echo $pw_selected; ?>><?php echo CURRENT_PASSWORD_OPTION; ?></option>
<option value="hash" <?php echo $hash_selected; ?>><?php echo PASSWORD_REMINDER_OPTION; ?></option>
</select>
<input <?php echo $password_highlight; ?> type="password" name="oldpass" size="40" />
<br />
<label for="password"><?php echo NEW_PASSWORD_LABEL ?></label>
<input id="password" <?php echo $password_new_highlight; ?> type="password" name="password" size="40" />
<br />
<label for="password_confirm"><?php echo NEW_PASSWORD_CONFIRM_LABEL ?></label>
<input id="password_confirm" <?php echo $password_confirm_highlight; ?> type="password" name="password_confirm" size="40" />
<br />
<input id="changepasswordsubmit" type="submit" value="<?php echo CHANGE_PASSWORD_BUTTON ?>" size="40" />
<br />
</fieldset>
echo $this->FormClose();
// END *** Usersettings ***
// BEGIN *** LOGIN/LOGOUT ***
else // user is not logged in
if (isset($_POST['logout']) && $_POST['logout'] == LOGOUT_BUTTON)
$success = USER_LOGGED_OUT_SUCCESS;
$register = $this->GetConfigValue('allow_user_registration');
$error = ERROR_INVALID_PASSWORD;
if ((isset($_SESSION['go_back'])) && (isset($_POST['do_redirect'])))
{
$go_back = $_SESSION['go_back'];
unset($_SESSION['go_back']);
unset($_SESSION['go_back_tag']);
$this->Redirect($go_back);
}
// END *** Login/Logout ***
// 3 = captcha registration
else if ($register == '1' || $register == '2' || $register == '3') // otherwise, proceed to registration
if($register == '3' &&
(empty($_SESSION['freecap_word_hash']) ||
empty($_POST['word'])))
{
$captcha="You entered none of the letters. Please do so.";
}
else if($register == '3' &&
!($_SESSION['hash_func'](strtolower($_POST['word']))==$_SESSION['freecap_word_hash']))
} else
$name = trim($_POST['name']);
$email = trim($this->GetSafeVar('email', 'post'));
$password = $_POST['password'];
$confpassword = $_POST['confpassword'];
// validate input
switch(TRUE)
case (strlen($name) == 0):
$error = ERROR_EMPTY_USERNAME;
$username_highlight = INPUT_ERROR_STYLE;
break;
case (!$this->IsWikiName($name)):
$error = $this->Format(sprintf(ERROR_WIKINAME,'##""WikiName""##','##""'.WIKKA_SAMPLE_WIKINAME.'""##'));
$username_highlight = INPUT_ERROR_STYLE;
break;
case ($this->ExistsPage($name)):
$error = ERROR_RESERVED_PAGENAME;
$username_highlight = INPUT_ERROR_STYLE;
break;
case (strlen($password) == 0):
$error = ERROR_EMPTY_PASSWORD;
$password_highlight = INPUT_ERROR_STYLE;
break;
case (preg_match("/ /", $password)):
$error = ERROR_NO_BLANK;
$password_highlight = INPUT_ERROR_STYLE;
break;
case (strlen($password) < PASSWORD_MIN_LENGTH):
$error = sprintf(ERROR_PASSWORD_TOO_SHORT, PASSWORD_MIN_LENGTH);
$password_highlight = INPUT_ERROR_STYLE;
break;
case (strlen($confpassword) == 0):
$error = ERROR_EMPTY_CONFIRMATION_PASSWORD;
$password_highlight = INPUT_ERROR_STYLE;
$password_confirm_highlight = INPUT_ERROR_STYLE;
break;
case ($confpassword != $password):
$error = ERROR_PASSWORD_MATCH;
$password_highlight = INPUT_ERROR_STYLE;
$password_confirm_highlight = INPUT_ERROR_STYLE;
break;
case (strlen($email) == 0):
$error = ERROR_EMAIL_ADDRESS_REQUIRED;
$email_highlight = INPUT_ERROR_STYLE;
$password_highlight = INPUT_ERROR_STYLE;
$password_confirm_highlight = INPUT_ERROR_STYLE;
break;
case (!preg_match(VALID_EMAIL_PATTERN, $email)):
$error = ERROR_INVALID_EMAIL_ADDRESS;
$email_highlight = INPUT_ERROR_STYLE;
$password_highlight = INPUT_ERROR_STYLE;
$password_confirm_highlight = INPUT_ERROR_STYLE;
break;
case ($register == '2' && $_POST['invitation_code'] !== $this->GetConfigValue('invitation_code')):
$error = ERROR_INVALID_INVITATION_CODE;
$invitation_code_highlight = INPUT_ERROR_STYLE;
break;
default: //valid input, create user
$this->Query("INSERT INTO ".$this->config['table_prefix']."users SET ".
"signuptime = now(), ".
"name = '".mysql_real_escape_string($name)."', ".
"email = '".mysql_real_escape_string($email)."', ".
"password = md5('".mysql_real_escape_string($_POST['password'])."')");
unset($this->specialCache['user'][strtolower($name)]); //invalidate cache if exists #368
// log in
$this->SetUser($this->LoadUser($name));
if ((isset($_SESSION['go_back'])) && (isset($_POST['do_redirect'])))
{
$go_back = $_SESSION['go_back'];
unset($_SESSION['go_back']);
$this->Redirect($go_back);
}
$_SESSION['usersettings_registered'] = true;
$this->Redirect($url.$params);
// END *** Register ***
$newerror = WIKKA_ERROR_EMPTY_USERNAME;
$newerror = ERROR_NONEXISTENT_USERNAME;
// BEGIN *** Login/Logout ***
// BEGIN *** Register ***
if($register == '3')
// extract image name from image source (i.e. cut off
// ?randomness)
document.getElementById("freecap").src =
thesrc+"?"+Math.round(Math.random()*100000);
alert("Sorry, cannot autoreload freeCap image\nSubmit the form
and a new freeCap will be loaded");
<fieldset id="register" class="usersettings"><legend><?php echo ($register == '1' || $register == '2') ? LOGIN_REGISTER_LEGEND : LOGIN_LEGEND; ?></legend>
echo '<em class="error">'.$error.'</em><br />'."\n";
echo '<em class="success">'.$success.'</em><br />'."\n";
echo '<em class="error">'.$this->Format($captcha).'</em>'."\n";
<em class="usersettings_info"><?php echo REGISTERED_USER_LOGIN_CAPTION; ?></em>
<br />
<label for="name"><?php printf(WIKINAME_LABEL,$wikiname_expanded) ?></label>
<input id="name" type="text" <?php echo $username_highlight; ?> name="name" size="40" value="<?php echo $this->GetSafeVar('name', 'post'); ?>" />
<br />
<label for="password"><?php printf(PASSWORD_LABEL, PASSWORD_MIN_LENGTH) ?></label>
<input id="password" <?php echo $password_highlight; ?> type="password" name="password" size="40" />
<br />
if (isset($_SESSION['go_back']))
// FIXME @@@ label for a checkbox should come AFTER it, not before
?>
<label for="do_redirect"><?php printf(USERSETTINGS_REDIRECT_AFTER_LOGIN, $_SESSION['go_back_tag']); ?></label>
<input type="checkbox" name="do_redirect" id="do_redirect"<?php if (isset($_POST['do_redirect']) || empty($_POST)) echo ' checked="checked"';?> />
<br />
<input id="loginsubmit" type="submit" value="<?php echo LOGIN_BUTTON ?>" size="40" />
<br /><br />
// END *** Login/Logout ***
$register = $this->GetConfigValue('allow_user_registration');
if ($register == '1' || $register == '2' || $register == '3')
<em class="usersettings_info"><?php echo NEW_USER_REGISTER_CAPTION; ?></em>
<br />
<label for="confpassword"><?php echo CONFIRM_PASSWORD_LABEL ?></label>
<input id="confpassword" <?php echo $password_confirm_highlight; ?> type="password" name="confpassword" size="40" />
<br />
<label for="email"><?php echo USER_EMAIL_LABEL ?></label>
<input id="email" type="text" <?php echo $email_highlight; ?> name="email" size="40" value="<?php echo $email; ?>" />
<br />
if($register == '3')
setcookie("sessname", session_name(), 0, '/');
<?php // <img src="../freecap/freecap.php" id="freecap"/><br/> ?>
<div id="captcha">
<img src="3rdparty/plugins/freecap/freecap.php" id="freecap"/><br/>
<?php echo CAPTCHA_NO_READ ?><a href="<?php echo $this->Href('', 'UserSettings'); ?>" onClick="this.blur();new_freecap();return false;"> <?php echo CAPTCHA_NO_READ_CLICK_HERE ?>.</a>
</div>
<label for="confpassword"><?php echo CAPTCHA_LABEL ?></label>
<input id="confpassword" name="word" type="text" size="40" />
else if ($register == '2')
$invitation_code_expanded = '<abbr title="'.INVITATION_CODE_LONG.'">'.INVITATION_CODE_SHORT.'</abbr>'
<label for="invitation_code"><?php printf(INVITATION_CODE_LABEL,$invitation_code_expanded) ?></label>
<input id="invitation_code" type="text" <?php echo $invitation_code_highlight; ?> size="20" name="invitation_code" />
<br />
<input id="loginsubmit" type="submit" value="<?php echo REGISTER_BUTTON ?>" size="40" />
<br />
echo ' </fieldset>'."\n";
// END *** Register ***
<fieldset id="password_forgotten" class="usersettings"><legend><?php echo RETRIEVE_PASSWORD_LEGEND ?></legend>
echo '<em class="error">'.$newerror.'</em><br />'."\n";
$retrieve_password_link = 'PasswordForgotten';
$retrieve_password_caption = $this->Format(sprintf(RETRIEVE_PASSWORD_CAPTION,$retrieve_password_link));
<em class="usersettings_info"><?php echo $retrieve_password_caption ?></em>
<br />
<label for="yourname"><?php printf(WIKINAME_LABEL,$wikiname_expanded) ?></label>
<input id="yourname" type="text" <?php echo $username_temp_highlight; ?> name="yourname" value="<?php echo $this->GetSafeVar('yourname', 'post'); ?>" size="40" />
<br />
<label for="temppassword"><?php echo TEMP_PASSWORD_LABEL ?></label>
<input id="temppassword" type="text" <?php echo $password_temp_highlight; ?> name="temppassword" size="40" />
<br />
<input id="temppassloginsubmit" type="submit" value="<?php echo LOGIN_BUTTON ?>" size="40" />
<br class="clear" />
</fieldset>
Deletions:
I only changed the usersettings.php (this is a modified version from 1.1.6.3), look for "added for ""FreeCap""" in the comments. For convenience this is the whole file.
actions/usersettings.php


Revision [17261]

Edited on 2007-07-14 04:09:25 by BrianKoontz [Added comment]
Additions:
~& You will also need to pass the session name saved in the cookie to the freecap.php script by including the following statement **before** session_start() in freecap.php: %%session_name($_COOKIE['sessname']);%%. Also, if you decide to relocate your freecap dir to another location (for instance, under ##3rdparty/plugins/freenode##), you must also modify the setcookie() call so that the cookie is accessible by the freecap.php script. The quick and dirty way to do this would be: %%setcookie('sessname', session_name(), 0, '/');%%.


Revision [17260]

Edited on 2007-07-14 02:35:35 by BrianKoontz [minor edit]
Additions:
I only changed the usersettings.php (this is a modified version from 1.1.6.3), look for "added for ""FreeCap""" in the comments. For convenience this is the whole file.
actions/usersettings.php
Deletions:
I only changed the useradmin.php (this is a modified version from 1.1.6.3), look for "added for ""FreeCap""" in the comments. For convenience this is the whole file.
actions/useradmin.php


Revision [17258]

Edited on 2007-07-13 00:10:47 by BrianKoontz [added ticket link]
Additions:
>>**See also:**
Ticket [[http://wush.net/trac/wikka/ticket/347 #347]]>>


Revision [17130]

Edited on 2007-07-05 21:20:32 by YodaHome [Initial version]
Additions:
===== ""FreeCap"" CAPTCHA Integration =====
I only changed the useradmin.php (this is a modified version from 1.1.6.3), look for "added for ""FreeCap""" in the comments. For convenience this is the whole file.
Integration went very straight after the example that comes with the package except for one thing. The ""FreeCap"" script assumed a standard php session to use but because Wikka uses a custom session name it missed this. Since this is no link (no href but rather a src where the freecap.php is linked) I couldn't give the name to the script via URL (also it would be visible then) so I put the name in a cookie. This works and I don't think it's insecure for the cookie can't be read by anyone else but the one who placed it. Of course it doesn't work when cookies are off.
In addition there should be an option for people who can't see the CAPTCHA to register on the site (the ""FreeCap"" author suggests to let them register and check those registrations manually but audio CAPTCHA would also be possible).
Deletions:
===== FreeCap CAPTCHA Integration =====
I only changed the useradmin.php (this is a modified version from 1.1.6.3), look for "added for FreeCap" in the comments. For convenience this is the whole file.
Integration went very straight after the example that comes with the package except for one thing. The FreeCap script assumed a standard php session to use but because Wikka uses a custom session name it missed this. Since this is no link (no href but rather a src where the freecap.php is linked) I couldn't give the name to the script via URL (also it would be visible then) so I put the name in a cookie. This works and I don't think it's insecure for the cookie can't be read by anyone else but the one who placed it. Of course it doesn't work when cookies are off.
In addition there should be an option for people who can't see the CAPTCHA to register on the site (the FreeCap author suggests to let them register and check those registrations manually but audio CAPTCHA would also be possible).


Revision [17129]

Edited on 2007-07-05 21:18:54 by YodaHome [Initial Version]
Additions:
<?php //added for Freecap CAPTCHA
setcookie("sessname", session_name());
?>
<td colspan="2"><img src="actions/freecap/freecap.php" id="freecap"></td>
You can edit the freecap.php to customize the CAPTCHAs and change the hash encryption. The script can use a dictionary to read the words from but I prefer random letters although they're hard to read sometimes. The dictionary must NOT be readable on your webspace (check it!) if you use it.
Deletions:
<td colspan="2"><img src="actions/freecap/freecap.php?<?php setcookie("sessname", session_name()); ?>" id="freecap"></td>
You can edit the freecap.php to customize the CAPTCHAs and change the hash encryption. The script can use a dictionary to read the words from but I prefer random letters although they're hard to read sometimes.


Revision [17128]

The oldest known version of this page was created on 2007-07-05 21:10:56 by YodaHome [Initial Version]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki