Captcha mod for comments

[atnika]

Intro:

Tired of spam in comments? Here's a solution for you - yet another captcha mod for Coppermine. This mod adds captcha security codes to the comments page, thus protecting your gallery from spamming by bots. The original code was written by PatheticCockroach and modified by me to suit CPG. Another captcha mod suggested by Abbas Ali can be found here http://forum.coppermine-gallery.net/index.php?topic=29564.0


Files modified

• db_input.php
• themes/yourtheme/theme.php
• lang/whatever_language_you_use.php
• include/init.inc.php

Copy the files from the attached zip to your coppermine installation

db_input.php

Insert the following code after

   

Code Select Expand

case 'comment_update': and after

Code Select Expand

case 'comment':

Code Select Expand

/* captcha hack --start */       
        if (!(USER_CAN_POST_COMMENTS)) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
        //require("include/captcha.class.php");
        $turingOk = $turingNumber->checkTuring($code);
        if ('0' == $turingOk) {
          cpg_die(ERROR, $lang_errors['code_doesnt_match'], __FILE__, __LINE__);
        }
/* captcha hack --end */

themes/yourtheme/theme.php

If you don't have theme_html_comments function in your theme file, copy the following text from themes/sample/theme.php into themes/yourtheme/theme.php

Code Select Expand

// Displays comments for a specific picture
function theme_html_comments($pid)
{
    global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
    global $template_image_comments, $template_add_your_comment, $lang_display_comments;

    $html = '';

//report to moderator buttons
    if (!(($CONFIG['report_post']==1) && (USER_CAN_SEND_ECARDS))) {
        template_extract_block($template_image_comments, 'report_comment_button');
    }

    if (!$CONFIG['enable_smilies']) {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_smilies');
        template_extract_block($template_add_your_comment, 'input_box_smilies');
    } else {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_no_smilies');
        template_extract_block($template_add_your_comment, 'input_box_no_smilies');
    }

    $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
    $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');

    if ($CONFIG['comments_sort_descending'] == 1) {
        $comment_sort_order = 'DESC';
    } else {
        $comment_sort_order = 'ASC';
    }
    $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");

    while ($row = mysql_fetch_array($result)) {
        $user_can_edit = (GALLERY_ADMIN_MODE) || (USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS) || (!USER_ID && USER_CAN_POST_COMMENTS && ($USER['ID'] == $row['author_md5_id']));
        $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
        $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
        $comment_ipinfo = ($row['msg_raw_ip'] && GALLERY_ADMIN_MODE)?$tmpl_comments_ipinfo : '';

        if ($CONFIG['enable_smilies']) {
            $comment_body = process_smilies(make_clickable($row['msg_body']));
            $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
        } else {
            $comment_body = make_clickable($row['msg_body']);
            $smilies = '';
        }

        $ip = $row['msg_hdr_ip'];
        if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
            $ip .= ' [' . $row['msg_raw_ip'] . ']';
        }

        $params = array('{EDIT}' => &$comment_edit_box,
            '{BUTTONS}' => &$comment_buttons,
            '{IPINFO}' => &$comment_ipinfo
            );

        $template = template_eval($template_image_comments, $params);

        $params = array('{MSG_AUTHOR}' => $row['msg_author'],
            '{MSG_ID}' => $row['msg_id'],
            '{PID}' => $row['pid'],
            '{EDIT_TITLE}' => &$lang_display_comments['edit_title'],
            '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'],
            '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt),
            '{MSG_BODY}' => bb_decode($comment_body),
            '{MSG_BODY_RAW}' => $row['msg_body'],
            '{OK}' => &$lang_display_comments['OK'],
            '{SMILIES}' => $smilies,
            '{IP}' => $ip,
            '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'],
            '{WIDTH}' => $CONFIG['picture_table_width']
            );

        $html .= template_eval($template, $params);
    }

    if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
        if (USER_ID) {
            $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . USER_NAME . '" /></td>';
            template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
            $user_name = '';
        } else {
            $user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : $lang_display_comments['your_name'] . '" onclick="javascript:this.value=\'\';';
        }

        $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'],
            // Modified Name and comment field
            '{NAME}' => $lang_display_comments['name'],
            '{COMMENT}' => $lang_display_comments['comment'],
            '{PIC_ID}' => $pid,
            '{USER_NAME}' => $user_name,
            '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'],
            '{OK}' => $lang_display_comments['OK'],
            '{SMILIES}' => '',
            '{WIDTH}' => $CONFIG['picture_table_width'],
            );

        if ($CONFIG['enable_smilies']) $params['{SMILIES}'] = generate_smilies();

        $html .= template_eval($template_add_your_comment, $params);
    }

    return $html;
}

In this code, add

Code Select Expand

'{CONFIRM}' => $lang_display_comments['confirm'],

after

Code Select Expand

'{COMMENT}' => $lang_display_comments['comment'],

Add

Code Select Expand

                                <tr>
                                  <td class="tableb_compact" colspan="2">
                                    {CONFIRM}
                                  </td>
                                  <td class="tableb_compact" colspan="2">
                                    '.$turingNumber->getHTML().'
                                  </td>
                                </tr>

after

Code Select Expand

<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>

If you can't find the above code in your template file, just take it from themes/sample/theme.php

You will also need to modify your template for comments:

Code Select Expand


$template_add_your_comment = '
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
        <tr>
                <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
        </tr>
        <tr>
                <td colspan="3">
                <form method="post" name="post" action="db_input.php">
                        <table width="100%" cellpadding="0px" cellspacing="0px">

<!-- BEGIN user_name_input -->
                                <tr><td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT} </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />                                        <!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>
                                <tr>
                                  <td class="tableb_compact" colspan="2">
                                    {CONFIRM}
                                  </td>
                                  <td class="tableb_compact" colspan="2">
                                    '.$turingNumber->getHTML().'
                                  </td>
                                </tr>
                        </table>
                </form>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
</table>
<!-- END smilies -->

';

If you don't have this template in your theme file, just copy-and-paste it from here.


init.inc.php

Find

Code Select Expand

$CONFIG['TABLE_BRIDGE']     = $CONFIG['TABLE_PREFIX'].'bridge';
$CONFIG['TABLE_VOTE_STATS'] = $CONFIG['TABLE_PREFIX'].'vote_stats';
$CONFIG['TABLE_HIT_STATS']  = $CONFIG['TABLE_PREFIX'].'hit_stats';

Paste the following code right after it:

Code Select Expand

/* captcha hack --start */

require_once( 'include/turing.class.php');
$turingNumber = new TuringNumber();
$CONFIG['TABLE_TURINGS']  = $CONFIG['TABLE_PREFIX'].'turings';

/* captcha hack --end */

lang/whatever_language_you_use.php

Add

Code Select Expand

'confirm' => 'Confirmation',

after

Code Select Expand

'report_comment_title' => 'Report this comment to the administrator', //cpg1.4

Add

Code Select Expand

  'code_doesnt_match' => 'Code doesn't match', //cpg1.4

after

Code Select Expand

'non_exist_comment' => 'The selected comment does not exist.',

The mod keeps "session" info in the database, so you'll need to create a new table:

Code Select Expand


CREATE TABLE `cpg140_turings` (
  `session` varchar(32) NOT NULL default '',
  `code` varchar(4) NOT NULL default '',
  `heure` int(11) NOT NULL default '0',
  PRIMARY KEY  (`session`)
) ENGINE=MyISAM;


That's it! You can see the example of this mod in action here:

http://www.temernik.ru/gallery/displayimage.php?album=612&pos=2 (sorry, it's in Russian)

Enjoy your spam-free gallery

[Joachim Müller]

Thanks for your contribution. It's not actually a plugin (which per definition would mean to use coppermine's plugin API), but a mod. Moving accordingly.

[atnika]

Hello GauGau,

I know it's not a plugin, I just couldn't find the more appropriate forum to discuss this mod in the 'Support' section besides 'cpg1.4 plugins'.

[jorx]

Hey Atnika,
I tried Abbas Ali's mod with no success. I'm just simply using a Hardwired theme with modified images and colour. The theme.php has alot of code, but not the code that we need. Anyway so I tried yours yesterday,

[jorx]

...ok everytime I write a post it says I've already posted, when nothing's been posted.
Hey Atnika,
To continue... I tried yours yesterday, followed your steps carefully, and got this error in the gallery:

Parse error: parse error in D:\web\jorx.mrkernel.net\gallery\lang\english.php on line 36
which is caused by
CREATE TABLE `cpg140_turings` (
  `session` varchar(32) NOT NULL default '',
  `code` varchar(4) NOT NULL default '',
  `heure` int(11) NOT NULL default '0',
  PRIMARY KEY  (`session`)
) ENGINE=MyISAM;

I didn't know where to put the (CREATE TABLE...) according to your tutorial, so I just moved it towards the end, (originally I put it at the beggining) then got this error instead:

Parse error: parse error, expecting `')'' in D:\web\jorx.mrkernel.net\gallery\lang\english.php on line 94

which is caused by
  'code_doesnt_match' => 'Code doesn't match', //cpg1.4

I've attached the english.php.txt file, if you have time, I would vastly appreciate your assistance!
Thanks,
Jordan

[jorx]

About the attached file:
Instead of attaching, you can grab it directly at;
http://jorx.mrkernel.net/gallery/lang/english.php.txt

[Abbas Ali]

You should not put the "CREATE TABLE...." code in any of the php files. It is a database query which needs to be executed via phpMyAdmin or any other database tool you have.

[jorx]

Oh, ok, so I'll discuss that with my server admin. So once the table is created, will that resolve the errors? I'm going to go attempt it now. Thanks, Abbas.

[jorx]

Hm... still doesn't work. I get this error in the website:

"CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers."

Do you know what that means? Thanks a ton for your time, I've almost given up.

[atnika]

Hey, guys!

Sorry, I haven't been watching this topic and had no idea there's a discussion here Yeah, CGI Error doesn't sound like a captcha error.

[leosolinap]

i have problem with my theme.php...
it only conntains this..

<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2005 Coppermine Dev Team
  v1.1 originaly written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  ********************************************
  Coppermine version: 1.4.1
  $Source:
  $Revision: 1.10 $
  $Author:
  $Date: 2005/04/30 07:13:16 $
**********************************************/

define('THEME_HAS_RATING_GRAPHICS', 1);
define('THEME_IS_XHTML10_TRANSITIONAL',1); // Remove this if you edit this template until
                                           // you have validated it. See docs/theme.htm.


// HTML template for template sys_menu spacer
$template_sys_menu_spacer =' | ';

?>

can anyone help

[leosolinap]

instead

##############

Edit themes/yourtheme/theme.php

Add
Code:
'{CONFIRM}' => $lang_display_comments['confirm'],

just after
Code:
'{COMMENT}' => $lang_display_comments['comment'],

Add
Code:
<tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>

just after
Code:
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>

##################

Abbas Ali help

[Joachim Müller]

Read more carefully - atnika has posted what you need to do:

themes/yourtheme/theme.php

If you don't have theme_html_comments function in your theme file, copy the following text from themes/sample/theme.php into themes/yourtheme/theme.php

[leosolinap]

Gaugau

I tried to copy the themes/sample/theme.php into themes/yourtheme/theme.php. But when I run my album, i got a blank white page. It seems tthe my theme.php which i use is not working with the sample/theme.php. right now I cant post message (http://studio.bluescreendigital.com/displayimage.php?album=topn&cat=-73&pos=1) its asking for the "Confirmation code didn't matched " I think its the theme.php. Sorry, im new to this. thanks

[Joachim Müller]

You're not suppossed to paste the entire content of themes/sample/theme.php into your custom file, but only the section mentioned in Atnika' posting.


Blank pages usually are the result of some whitespace. Make sure that there are no spaces nor emtpy lines after

Code Select Expand

?>

[leosolinap]

Now I got it, I got a right page, but the problem is... no code.. only "'.().'"
http://studio.bluescreendigital.com/displayimage.php?album=lastup&cat=0&pos=3

any idea? sorry this.

[lotta]

Hi!
I have tried this one and I have done a new table in my phpmsql. But it can't find the table file I created(include/turing.class.php');
Must I create it as a php file too and load it on my server, or what is wrong?
Somebody knows?

[kalapm]

Now I got it, I got a right page, but the problem is... no code.. only "'.().'"
http://studio.bluescreendigital.com/displayimage.php?album=lastup&cat=0&pos=3

any idea? sorry this.

mmmh the same prolbem!
you ok now?
suggestion??

[lotta]

I have solved it, don't ask me how??  :-\

[kalapm]

I have solved it, don't ask me how??  :-\

how you have solved?, how you have solved?