village/idiot.org
Go Orange Go Blue Go Green feed image
↓ Bottom

Captcha for b2evolution, explained

captcha

The original code for this is courtesy Keith McDuffee, his web site is located here. Keith wrote his plugin for WordPress, and since b2evolution didn't have any captcha code, I decided to implement his code on my b2evolution blog. I no longer use b2evolution for my production blog, but several people have asked for this, and after taking a second look, it really wasn't too hard to do.

Begin by downloading this zip archive. It contains the font used to create the captcha and authimage.php. Both of these files need to be uploaded to your root b2evo directory -- that would be the same directory that default.php is in, in case you get confused.

The next thing you will need to do is set up your blog to check to see if the code entered actually matches the captcha image. That's accomplished by the following changes to htsrv/comment_post.php:

Locate :

PHP:
  1.  
  2. require_once( dirname(__FILE__) . '/../b2evocore/_main.php' );
  3.  

Immediately below that line put the following:

require_once( dirname(__FILE__) . '/../authimage.php' );

Then, further down, locate:

PHP:
  1.  
  2. // CHECK and FORMAT content
  3. //echo 'allowed tags:',htmlspecialchars($comment_allowed_tags);       
  4. $original_comment = strip_tags($comment, $comment_allowed_tags);
  5. $comment = format_to_post($original_comment, $comment_autobr, 1);
  6.  
  7. if( empty($comment) )
  8. { // comment should not be empty!
  9.         errors_add( T_('Please do not send empty comment') );
  10. }
  11.  

Immediately after that you need to put the following:

$code = trim(strip_tags($_POST['code']));
if (strlen($code) < 6)
         $code = '';
if ( !checkAICode($code) )
        errors_add( T_('Error: You have not entered the correct authorization code.') );

That's all for that file.Save it, close it.

The next change displays the captcha and the box for entering the code. Inside all of your skins directories should be a file named _feedback.php. Locate it, open it up, and look for something similar to this:

PHP:
  1.  
  2. <p>
  3.                         <label for="comment">< ?php echo T_('Your Comment'); ?></label>
  4.                         <br />textarea name="comment" id="comment" cols="70" rows="4" tabindex="4">
  5.                 </p>
  6.  

Under that or wherever you would like your code and box to be displayed, you need to have this:

<p>
<input type="text" name="code" id="code" value="<?php echo ""; ?>" size="28" tabindex="4" />
          <label for="code"><?php echo T_("Enter this code: "); ?></label>
          <img src=".../../authimage.php?type=image" width="155" height="50" alt="authimage" class="authimage" />
</p>

You can save and close that file.

One big thing about using this... If a commenter enters an incorrect captcha code, they will see an error. At the point they hit their back button to re-enter the code, they may lose their comment. Because of that, I use, and reccommend that you also use a simple javascript onsubmit function to remind users to make sure they entered the code, and to doublecheck that it is correct.

Hope that helps out everyone who's been waiting for this.

With the recent birth of b2evolution 1.8 and the native captcha plugin that is included with it, I've discontinued comments on this post. Any remaining questions regarding the use of this should be directed to the b2evolution forums.

January 28th, 2005 · code · whoo · Comments (84)

Javacript reminder for captcha

This morning I was entering a comment and even I forgot to enter that damn captcha thing, of course everything that I had typed was lost when I went back to the submission page. I decided that really sucked, so now I've added a little reminder box that pops up when you submit your comment that asks if you have put the code in.
In a perfect world, I wouldn't have to worry about captchas or javascript -- oh well.

JavaScript:
  1.  
  2. <script type="text/javascript" language="javascript">
  3.         function verify(){
  4.             msg = "Have you entered the security code?";
  5.             return confirm(msg);
  6.             }
  7. </script>
  8.  

Make sure when calling this function from within your <form> tag that you use a lower case "onsubmit" else your XHTML will break.

HTML:
  1.  
  2. <form action="somepage.php" method="post" id="commentform" onsubmit="return verify();">
  3. ... </form>

bleh!

December 14th, 2004 · code and tech-talk · whoo · Comments (4)

captcha for b2evolution revisted

I realize in looking at this that there is a well-known issue with this plugin– that is, that once an incorrect code has been entered, and you are sent back to the page to re-enter it .. the image doesn't refresh. Consequently, even if you enter the correct code, it will return as failed again, as it believes the image has changed. Confusing I know.
Short of removing it completely, I decide to just use numerics in the generated image, in the hopes of cutting down on misread capitals, zeros being mistaken for Ohs, etc… My goal wasn't to make it obscenely difficult for human posting, it was just to have another line of defense against spam.

I also neglected before to let everyone know where I had found this little treasure. The files, zipped up, can be obtained here. If you, after looking at the code, require any help in knowing what goes where in a b2evo install, I will be happy to help, if asked to.

Here is a refresher in the numbers, in case you are a little stale :P
1, 2, 3, 4, 5, 6, 7, 8, 9, 0

November 24th, 2004 · tech-talk · whoo · Comments (2)

↑ Top

Elsewhere

Singles

Multiples

© village-idiot.org, 2004 - 2008. I'm asleep, keep the noise down.