Image Verification Code Ecards (Captcha) Image Verification Code Ecards (Captcha)
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Image Verification Code Ecards (Captcha)

Started by wirewolf, October 22, 2006, 11:13:29 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

wirewolf

Installed version 1.4.9

Spent a couple of days working on getting image verification for the ecards. I tested it in IE and Firefox, seems to work well.
Try out this link and see how it works. If the Devs like it, I'll post the code. Only edits are to ecard.php and the addition of a random.php image file. Play around with it. Leave out info in the form to create errors, enter the wrong image code, etc. Want to make sure it works 100% before posting the edits.
http://academyphotos.net/photogallery/ecard-71-475.html

John

[edit GauGau]
Renamed thread
[/edit]

Sami

Works fine , excellent work
Go ahead and post your code ,
‍I don't answer to PM with support question
Please post your issue to related board

wirewolf

Thanks Sami. I'll post the edits and instructions in another day or so.
John

wirewolf

#3
Well, here it is, ecard image verification mod for Coppermine Photo Gallery, version 1.4.9 ( also tested with 1.4.8 )

Works with the classic theme. Have not tried it with other themes, but it should work. There are no edits to theme.php or to the main template file. See working mod at http://academyphotos.net/photogallery/displayimage-425-Ships'-Compass-Binnacle.html , just hit the E-Card link

What it does. A user selects an image they wish to send as an ecard. The normal ecard screen is displayed, but without the 'Send ecard' button at the bottom of the screen, only a 'Preview' button is displayed. The usual error checking routine for a valid sender email address and a valid recipient email address is the same and the user can not 'Send' the ecard until they have at least entered valid formatted email addresses.

If they have, the next preview screen will display at the bottom, a text box, the image verification code, a "Reset Image' button in case they have trouble reading the image, and the 'Send ecard' button. If they hit the 'Send ecard' button without entering any code or enter the wrong code, they will get an error message informing them of the error. The ecard can not be sent until they have entered the correct code from the image. They can reset the image and preview the ecard as many times as they want, but the ecard data they have entered will not be lost. They will just keep getting the error message along with an other ecard preview.

Any time they preview or reset the image, the randomimage.php file generates a new image code. After the randomimage.php file has generated a code and passed it to the users' browser, it deletes the code so it is not cached. It is set up to generate a five character alphanumeric png image into a randomly shuffled hashed code. I left out the letters O, U, V and the number 0 in the alphanumeric string because they can look too much alike, and causes confusion for most users. Try the link above to see how it works.

Upon entering the correct image code, the users will see the normal, "Your ecard has been sent" message. You can enable the ecard log in admin CP if you wish, so you can keep track of ecard's sent.

Note: You will notice that I have mod-rewrite on my site. I have a couple of additional lines in my ecard.php file that are edited for mod-rewrite. They are not included with this ecard image verification mod. This mod will work with the standard 1.4.9 files.

Files to edit - 2:
ecard.php
lang/english.php // you will have to add your own translations for other languages

New file to add - 1:
randomimage.php // generates the random image code. I'm not sure who the author is of this file. There are numerous files out there called randomimage.php. I got this from a friend and it came with no identifying information. He does not know the author either.

All edited lines are commented with - // image verify mod and every line in the randomimage.php file has a comment so you can clearly understand what it is doing. The only lines in this file you should edit are the ones for the image text color (hex) and for the image background color (hex) - go to http://web.forret.com/tools/color.asp for color conversions.

As always with any editing to existing files, BACKUP!! BACKUP!! before applying the changes.

Along with posting the edits here, I've included a zip file (about 21kbs) which you can download (at the end of this post). It has a README file with all of the instructions and a copy of the randomimage.php file.

Create a php file, name it randomimage.php and upload to your gallery's folder (same place where the ecard.php file is located):

<?php

// for ecard image verification mod for Coppermine Photo Gallery, version 1.4.9

session_start();

// !!! don't edit this file except for the hex code for the background color - line 22 and line 25 for text color
// go to http://web.forret.com/tools/color.asp for color conversions

// make a string with all the characters that we want to use as the verification code
// left out o, 0, U and V - look too much alike
$alphanum  "ABCDEFGHIJKLMNPQRSTWXYZ123456789";

// generate the verication code 
$rand substr(str_shuffle($alphanum), 05);

// create the hash for the verification code and put it in the session
$_SESSION['image_random_value'] = md5($rand);

// create the image
$image imagecreate(6023);

// use lite blue as the background image - change the hex code to match your background - ex. 255, 255, 255 is white
$bgColor imagecolorallocate ($image245245255); 

// the text color is black - change the hex code to clor of your choice - ex. 0, 0, 0 is black
$textColor imagecolorallocate ($image000); 

// write the random number
imagestring ($image558,  $rand$textColor); 
    
// send several headers to make sure the image is not cached    
// taken directly from the PHP Manual
    
// Date in the past 
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 

// always modified 
header("Last-Modified: " gmdate("D, d M Y H:i:s") . " GMT"); 

// HTTP/1.1 
header("Cache-Control: no-store, no-cache, must-revalidate"); 
header("Cache-Control: post-check=0, pre-check=0"false); 

// HTTP/1.0 
header("Pragma: no-cache");

// send the content type header so the image is displayed properly 
header('Content-type: image/png');

// send the image to the browser
imagepng($image);

// destroy the image to free up the memory
imagedestroy($image);

?>


Open your lang/english.php file, find - around line 1066 in the File ecard.php section:

'preview_button' => 'Preview', //cpg1.4

replace with:

'preview_button' => 'Preview Ecard Before Sending', //cpg1.4 image verify mod

find - around line 1068 in the File ecard.php section:

'preview_view_ecard' => 'This will be the alternate link to the ecard once it gets generated. It won\'t work for previews.', //cpg1.4

add after:

// image verify mod
'error_image' => 'Please enter a valid image verification code!<br />Maybe you\'re having trouble seeing the image code clearly.<br />Hit the \'Reset Image and Preview Ecard Again\'',
'reset_image_button' => 'Reset Image and Preview Ecard Again',
'image_info' => 'Before hitting the \'Send ecard\' button, please enter this image verification code:',
'image_button' => 'This is to prevent automated entry from search robots. Letters must be in upper case.<br /><br />If you have trouble reading the image, just hit this button >>',
'server_info' => 'Please hit the \'Send ecard\' button only once to allow the server time to send your ecard',
// image verify mod


end of edit to lang/english.php file. upload the edited lang/english.php file

Open up your ecard.php file, find - around line 54 (approx.):

$sender_email_warning = '';
$recipient_email_warning = '';


add after:

$error_image = ''; // image verify mod

find - around line 79 (approx.):

// Create and send the e-card

add after:

// image verify mod

session_start();

$number = $_POST['confirmcode'];

if (empty($number) || md5($number) != $_SESSION['image_random_value']);{
   $error_image = '<br /><font size="2" color="red">' . $lang_ecard_php['error_image'] . '</font><br />';
}

// image verify mod


find - around line 80 (approx.):

if (count($_POST) > 0 && $valid_sender_email && $valid_recipient_email) {

replace with:

// image verify mod
if (count($_POST) > 0 && $valid_sender_email && $valid_recipient_email && md5($number) == $_SESSION['image_random_value']) {


find - around line 280 (approx.):

echo generate_smilies();
echo <<<EOT
                </td>
        </tr>
        <tr>
                <td colspan="3" align="center" class="tablef">
                        <input type="submit" class="button" name="preview" title="{$lang_ecard_php['preview_button']}" value="{$lang_ecard_php['preview_button']}" />
                                                                                                &nbsp;&nbsp;
                        <input type="submit" class="button" name="submit" title="{$lang_ecard_php['submit_button']}" value="{$lang_ecard_php['submit_button']}" />
                        </form>
                </td>
        </tr>
EOT;

endtable();
pagefooter();
ob_end_flush();


replace with (Note - the choice of <span class="footer"> is optional.
if you want regular size text, just eliminate the <span class="footer"> and </span> tags):

// image verify mod

echo generate_smilies();
echo <<<EOT
               </td>
        </tr>
        <tr>
                <td colspan="3" align="center" class="tablef">
                <input type="submit" class="button" name="preview" title="{$lang_ecard_php['preview_button']}" value="{$lang_ecard_php['preview_button']}" />
EOT;
if (count($_POST) > 0 && $valid_sender_email && $valid_recipient_email) {
echo <<<EOT
              <div align="center" valign="middle">
                <span class="footer">{$lang_ecard_php['image_info']}&nbsp;</span>
                  <input type="text" name="confirmcode" size="6" class="textinput">&nbsp;<img src="randomimage.php"><br />
                  <span class="footer">{$lang_ecard_php['image_button']}</span>&nbsp;
                  <input type="submit" class="button" name="preview" title="{$lang_ecard_php['reset_image_button']}" value="{$lang_ecard_php['reset_image_button']}" />
                  <br /><br /><span class="footer">{$lang_ecard_php['server_info']}</span>&nbsp;
                  <input type="submit" class="button" name="submit" title="{$lang_ecard_php['submit_button']}" value="{$lang_ecard_php['submit_button']}" /><br />$error_image<br />
               </div>
EOT;
}
echo <<<EOT
                     </form>
              </td>
        </tr>
EOT;

endtable();
pagefooter();
ob_end_flush();

// end image verify mod


end of edit to ecard.php file, upload edited ecard.php file

  :) That's it! Try it out! Send an ecard to a friend or have them send one to you! Hopefully this will stop the spammers from cluttering up your site with garbage.

If the Devs like it, move the mod to the appropiate forum.

Thank you, John

wirewolf

I've added an alternate random image file - randomimage_alt.php and two png images (changed the above zip file accordingly. Includes all of the original files plus these new ones). This alternate file use either a multi colored background or a cross hatched background (See the attachments). Full instructions are at the end of the README file.

All you have to do is upload the two image files (included in the zip file) to the same folder where the randomimage.php is located, rename randomimage_alt.php to randomimage.php, and upload to replace the original randomimage.php (save a copy if you want to go back to the original file).

John

Gizmo

This is a great mod for sending ecards. I've been getting hit hard the last couple days and didn't want to turn off ecards because a lot of people use this cool feature on my sports gallery. Thanks again!

Cheers,

Gizmo
Did you read the manual first???? Taking 2 minutes to backup your files can save you hours of wondering what you screwed up.
Billy Bullock - BullsEyePhotos Blog of Indecision

SiamJai

Thanks for sharing this useful mod, wirewolf.  :)   

The basic install works very well with the Fruity theme, and it nicely complements the Comment Captcha Mod by Abbas Ali. These two mods together make one spam-proof Gallery!  ;)



Thaiwonders Media Hub - Piano music, Photos and Videos - powered by Coppermine, of course. ;)

wirewolf

Thanks Gizmo and SiamJai. Glad you are finding the mod useful.

By the way, I wrote up a plugin for a Contact Us page you might also find useful. See - Contact us mail form plugin with image verification for Coppermine Photo Gallery. And an example - Contact Us

Cheers, wirewolf

TeenStorm

I'm still searching the forum, however, has anyone tested this mod in CPG 1.4.10?  I'm trying it now but my email won't deliver (yet).  Just anxious. 

TeenStorm

For what it's worth it seems to work in CPG 1.4.10, however, I'm having partial ecard delivery results that I'm sure are related to my host vs. the mod itself.