Captcha (Visual Confirmation) for adding comments - Page 5 Captcha (Visual Confirmation) for adding comments - Page 5
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Captcha (Visual Confirmation) for adding comments

Started by Abbas Ali, March 25, 2006, 08:39:59 AM

Previous topic - Next topic

0 Members and 12 Guests are viewing this topic.

Print
Go Down Pages 1 2 3 4 5 6 7 8 9 ... 24
User actions

tyio

#80
September 01, 2006, 04:38:09 PM
for those who style have some problem, edit theme.inc.php


add :


Quote'{CONFIRM}' => $lang_display_comments['confirm'],


after

Quote'{COMMENT}' => $lang_display_comments['comment'],




then add

Quote<tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>


after (style of your website depending ;))

Quote<!-- END input_box_no_smilies -->




and do the others change ^^

gymnastdude182

#81
September 02, 2006, 04:24:01 AM
In my gallery, the confirmation image does not show up anymore. I don't know what happened to it. Example:

http://www.britneyres.com/displayimage.php?album=1935&pos=1

gymnastdude182

#82
September 02, 2006, 04:37:45 AM
also, when I go to http://www.britneyres.com/captcha.php it says:

Quote
Fatal error: Call to undefined function: imageftbbox() in /home/britneyr/public_html/include/captcha.class.php on line 115

Abbas Ali

#83
September 02, 2006, 07:29:34 AM
@gymnastdude182: Was the image beign shown previously? If yes, then it means that your webhost changed something in php setup and freetype2 is no longer supported on your server.
Chief Geek at Ranium Systems

gymnastdude182

#84
September 02, 2006, 08:58:25 AM
Quote from: Abbas Ali on September 02, 2006, 07:29:34 AM
@gymnastdude182: Was the image beign shown previously? If yes, then it means that your webhost changed something in php setup and freetype2 is no longer supported on your server.
He told me he did not edit any of that   :( what happened? Is it because I input a 404 error page? I removed that and it still does not work. That's the only thing I can think of that I edited.

Gizmo

#85
September 02, 2006, 06:30:29 PM
Well, it finally happened to me. I started getting porn spam on my youths sports gallery - http://www.bullseyephotos.com/sports/index.php. Good thing that I have email notification set up for everything that happens on that site otherwise some young person or parent might have seen it and I would have been clobbered. I was able to install this mod in 5 minutes following Abbas' instructions in the initial post in my gallery which is heavily modded without any issues. Excellent work and many thanks Abbas!  ;D

Cheers,

Gizmo
Did you read the manual first???? Taking 2 minutes to backup your files can save you hours of wondering what you screwed up.
Billy Bullock - BullsEyePhotos Blog of Indecision

mvyvoda

#86
September 02, 2006, 09:18:42 PM
Quote from: Abbas Ali on August 31, 2006, 08:41:17 AM
@mvyvoda: Did you modified captcha.php file? When http://www.derpishi.com/gallery/captcha.php is opened, it should show an image. But in your case the page comes blank. Also do you have error messages turned off on your server?

here's the error message i now see on http://www.derpishi.com/gallery/captcha.php:
QuoteFatal error: Call to undefined function imageftbbox() in /home/vyvodamr/public_html/gallery/include/captcha.class.php on line 115

my ISP doesn't know what's up with this. could it be something with the captcha.class.php code? any suggestions are more than welcome and I appreciate the time and energy of your help!!! currently, i've turned off commenting for unregistered users. please advise if you need me to turn it back on.

thanks a lot!,
mark

Nibbler

#87
September 02, 2006, 09:55:32 PM
It means you don't have freetype support on your server.

Bonato

#88
September 03, 2006, 07:07:07 AM
Well, well... I find this mod very interesting and useful, but I was not able to do the modifications and get this thing to work. I'm very illiterate regarding code. I will have to find another solution to avoid those freaking spammers.

But thank you Abbas Ali, anyway.

musikalg

#89
September 04, 2006, 02:24:44 AM
Wonderful hack! Just a minor comment, if you're using another language than english it might be a good idea to use:

Code Select
require("include/captcha.class.php");
        if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
          cpg_die(ERROR, $lang_errors['captcha_error'], __FILE__, __LINE__);
        }

instead of

   
Code Select
require("include/captcha.class.php");
        if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
          cpg_die(ERROR, "Confirmation code didn't matched", __FILE__, __LINE__);
        }

in db_input.php

/Jimmy

musikalg

#90
September 04, 2006, 02:50:02 AM Last Edit: September 04, 2006, 03:05:48 AM by musikalg
I made a small modification so users who are logged in don't need to confirm, while anonymous users has to.
I haven't tested how secure this is, but it seems to work. My modification for theme.php is written for the Project VII-theme, you have to adjust it for your own theme. The trick is to write two versions of $template_add_your_comment, one for users who are logged in and one for those who aren't.

I just write the modifications necessary after you have done Abbas Alis modifications.

In db_input.php:

Instead of
Code Select
require("include/captcha.class.php");
        if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
          cpg_die(ERROR, "Confirmation code didn't matched", __FILE__, __LINE__);
        }


write

Code Select
if (!USER_ID) {require("include/captcha.class.php");
        if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
          cpg_die(ERROR, $lang_errors['captcha_error'], __FILE__, __LINE__);
        } }

In theme.php, instead of

Code Select
$template_add_your_comment = <<<EOT
        <form method="post" name="post" action="db_input.php">
                <table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
                        <tr>
                                        <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
                        </tr>
                        <tr>
                <td colspan="1">
                        <table width="100%" cellpadding="0" cellspacing="0">

<!-- BEGIN user_name_input -->
                                                        <tr>
                                                                <td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                                                </td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                </td>
<!-- END input_box_no_smilies -->
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td>
                                                        </tr>
                                                        <<tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>
                        </table>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
<!-- END smilies -->
                </table>
        </form>
EOT;

paste
Code Select

if (!USER_ID) {
$template_add_your_comment = <<<EOT
        <form method="post" name="post" action="db_input.php">
                <table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
                        <tr>
                                        <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
                        </tr>
                        <tr>
                <td colspan="1">
                        <table width="100%" cellpadding="0" cellspacing="0">

<!-- BEGIN user_name_input -->
                                                        <tr>
                                                                <td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                                                </td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                </td>
<!-- END input_box_no_smilies -->
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td>
                                                        </tr>
                                                        <tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>
                        </table>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
<!-- END smilies -->
                </table>
        </form>
EOT;
}
else
{
$template_add_your_comment = <<<EOT
        <form method="post" name="post" action="db_input.php">
                <table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
                        <tr>
                                        <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
                        </tr>
                        <tr>
                <td colspan="1">
                        <table width="100%" cellpadding="0" cellspacing="0">

<!-- BEGIN user_name_input -->
                                                        <tr>
                                                                <td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                                                </td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <td class="tableb_compact">
                                {COMMENT}
                                                                </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
                                </td>
<!-- END input_box_no_smilies -->
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td>
                                                        </tr>
                                                       
                        </table>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
<!-- END smilies -->
                </table>
        </form>
EOT;
}

This seems like a bit unnecessary complicated, but I couldn't get it working in any other way.

/Jimmy

gymnastdude182

#91
September 04, 2006, 10:27:27 AM
Quote from: Nibbler on September 02, 2006, 09:55:32 PM
It means you don't have freetype support on your server.
my host says we do. what now  ??? how can I fix this?

Joachim Müller

#92
September 04, 2006, 08:28:46 PM
Check phpinfo, look for the GD section, see if freetype is actually there. Should look similar to http://coppermine-gallery.net/demo/cpg14x/docs/faq.htm#VersionGD

mvyvoda

#93
September 04, 2006, 10:32:24 PM
freetype is now installed and i can see the captcha image!!!!!! thanks for all the help. I am still having a problem however. It seems as though the confirmation image doesn't work properly because I can comment w/o typing the captcha image.

did i do something in correct w/ modding the code?

thanks for the help. i do appreciate it!
-m

Joachim Müller

#94
September 04, 2006, 10:50:15 PM
Quote from: tyio on September 01, 2006, 04:38:09 PM
for those who style have some problem, edit theme.inc.php
Don't do as tyio suggested. You must never edit include/themes.inc.php - under no circumstances.

Tranz

#95
September 05, 2006, 01:03:56 AM
Quote from: mvyvoda on September 04, 2006, 10:32:24 PMI am still having a problem however. It seems as though the confirmation image doesn't work properly because I can comment w/o typing the captcha image.

did i do something in correct w/ modding the code?

Did you not edit db_input.php? That's the part that tests for whether the confirmation code is correct.

mvyvoda

#96
September 05, 2006, 01:40:18 AM
Quote from: TranzNDance on September 05, 2006, 01:03:56 AM
Did you not edit db_input.php? That's the part that tests for whether the confirmation code is correct.

ah yes... i made a mistake there.

thanks again everyone. it works perfectly now!,
-m

Fudgemaster

#97
September 05, 2006, 04:15:39 AM
Niiiice.

Just edited the files to make it work.
Didn't have freetype2 in my webhotel but after contacting my provider they gave me a newer server with more phun stuff to play around.

Thank you for the mod Abbas :)

(offcourse, I had to get the first pr0n spam comments to my gallery to get this done (g*ay links to a BMW picture ;) )
--
It's an insane world.. But I'm proud to be a part of it.

davidcross100

#98
September 06, 2006, 11:53:21 AM
Sorry for such a basic question but I'm new to all this PHP stuff. I;ve just taken over a website that is being bombarded with spam. Am going to try this out but falling down at the 1st hurdle - where can I find my 'Coppermine Root Directory?'

I've searched in all the folders of the website but can't find it! Again, sorry for the basic question but is it really obvious where it is?

davidcross100

#99
September 06, 2006, 12:05:53 PM
Sorry everyone - I've just found it all. But I think I will have to upgrade the gallery I have as I think it is a bit out of date - some of the code mentioned doesn't exist in my coding.

However, is it right that when I download the file it only has 4 files and nothing about fonts that was mentioned in the original post?
Print
Go Up Pages 1 2 3 4 5 6 7 8 9 ... 24
User actions