Captcha (Visual Confirmation) for adding comments

[Mohammad J]

I have tried the module and it worked perfectly!   

However, when I tried it with the arabic.php language, the JPEG photo creation for the code failed.

I have made many analysis and found that the problem happenned because my arabic.php file is saved in UTF-8 charachter set. I can not conver the character set to other formats because every thing in my website is designed to work that way.


to solve hte problem, I checked the code of captcha.php and commented the initialize code as below:

Code Select Expand



define("IN_COPPERMINE", true);
// require("include/init.inc.php");
require("include/captcha.class.php");




After this change, captch worked great with arabic.php although it is saved in UTF-8.


My question is:  is it really required to have teh above include file "require("include/init.inc.php");"  ?

[Mohammad J]

By the way:

Visitors will not see the attachement unless they register to the forum. I think you need to put a note about this.

[Abbas Ali]

My question is:  is it really required to have teh above include file "require("include/init.inc.php");"  ?

No, init.inc.php is not required for capthca.php The mod will work absolutely fine without that line.

Visitors will not see the attachement unless they register to the forum. I think you need to put a note about this.

This is the default behavior of SMF forum (the forum software which we use), and it is good in a way.

[Mohammad J]

Thank you sooooo much Abbas for your feedback. Now, I feel more confident about the solution.


You will not belive how your solution saved my time...thank you again and GOOD BYE SPAMMERS!

[gymnastdude182]

I have been getting a LOT of spam comments recently, even WITH the captcha add on (that works perfectly). How can I stop the bots?

www.britneyres.com

[Nibbler]

You didn't install the captcha mod properly. Try it yourself.

[kylestone]

I'm not able to see any words / letters inb the captcha box
http://muttmart.com/coppermine/displayimage.php?album=1&pos=12
any ideas?

[Nibbler]

Check you have freetype support by looking at your phpinfo page.

[Abbas Ali]

I have been getting a LOT of spam comments recently, even WITH the captcha add on (that works perfectly). How can I stop the bots?

Make sure you edited db_input.php properly.

[Blindside]

First: Thanks for the nice mod.

But I have a problem: I can't see a Captcha Box with the numbers and letters. There is a field to type them in, but no field where they should be displayed (in Firefox) and with the IE I see this ugly red cross for a not existing picture. What have I done wrong?

http://stare-away.de/pics/displayimage.php?album=22&pos=0

[Nibbler]

There is something at the start of the image that is causing it to be corrupt. It looks like a few blank lines followed by ?>. Double check your modifications.

[Blindside]

Well, my theme.php was nearly empty, so i took the provided modified theme.php and copied the content into my theme.php. I am really a noob and honestly have no clue of php, maybe I've copied sth. I shouldn't? This is my theme.php:

Code Select Expand

<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2005 Coppermine Dev Team
  v1.1 originaly written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  ********************************************
  Coppermine version: 1.4.3
  $Source: /cvsroot/coppermine/stable/themes/rainy_day/theme.php,v $
  $Revision: 1.14 $
  $Author: gaugau $
  $Date: 2005/11/28 07:43:00 $
**********************************************/

// ------------------------------------------------------------------------- //
// This theme has had all redundant CORE items removed                           //
// ------------------------------------------------------------------------- //

define('THEME_HAS_RATING_GRAPHICS', 1);
define('THEME_IS_XHTML10_TRANSITIONAL',1);

// HTML template for sys_menu
$template_sys_menu = <<<EOT
  <div class="topmenu">
          <table border="0" cellpadding="0" cellspacing="0">
                  <tr>
  {BUTTONS}
                  </tr>
          </table>
  </div>
EOT;

// HTML template for template sys_menu buttons
$template_sys_menu_button = <<<EOT
<!-- BEGIN {BLOCK_ID} -->
  <td><img src="images/spacer.gif" width="5" height="25" border="0" alt="" /></td>
  <td><img src="themes/rainy_day/images/button1_r1_c1.gif" width="5" height="25" border="0" alt="" /></td>
  <td style="background-image:url(themes/rainy_day/images/button1_r1_c2.gif)">
          <a href="{HREF_TGT}" title="{HREF_TITLE}">{HREF_LNK}</a>
  </td>
  <td><img src="themes/rainy_day/images/button1_r1_c3.gif" width="5" height="25" border="0" alt="" /></td>
<!-- END {BLOCK_ID} -->
EOT;

// HTML template for template sys_menu spacer
$template_sys_menu_spacer ='::';

// Displays comments for a specific picture
function theme_html_comments($pid)
{
    global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
    global $template_image_comments, $template_add_your_comment, $lang_display_comments;

    $html = '';

//report to moderator buttons
    if (!(($CONFIG['report_post']==1) && (USER_CAN_SEND_ECARDS))) {
        template_extract_block($template_image_comments, 'report_comment_button');
    }

    if (!$CONFIG['enable_smilies']) {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_smilies');
        template_extract_block($template_add_your_comment, 'input_box_smilies');
    } else {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_no_smilies');
        template_extract_block($template_add_your_comment, 'input_box_no_smilies');
    }

    $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
    $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');

    if ($CONFIG['comments_sort_descending'] == 1) {
        $comment_sort_order = 'DESC';
    } else {
        $comment_sort_order = 'ASC';
    }
    $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, 

msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");

    while ($row = mysql_fetch_array($result)) {
        $user_can_edit = (GALLERY_ADMIN_MODE) || (USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS) || (!USER_ID && 

USER_CAN_POST_COMMENTS && ($USER['ID'] == $row['author_md5_id']));
        $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
        $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
        $comment_ipinfo = ($row['msg_raw_ip'] && GALLERY_ADMIN_MODE)?$tmpl_comments_ipinfo : '';

        if ($CONFIG['enable_smilies']) {
            $comment_body = process_smilies(make_clickable($row['msg_body']));
            $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
        } else {
            $comment_body = make_clickable($row['msg_body']);
            $smilies = '';
        }

        $ip = $row['msg_hdr_ip'];
        if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
            $ip .= ' [' . $row['msg_raw_ip'] . ']';
        }

        $params = array('{EDIT}' => &$comment_edit_box,
            '{BUTTONS}' => &$comment_buttons,
            '{IPINFO}' => &$comment_ipinfo
            );

        $template = template_eval($template_image_comments, $params);

        $params = array('{MSG_AUTHOR}' => $row['msg_author'],
            '{MSG_ID}' => $row['msg_id'],
            '{PID}' => $row['pid'],
            '{EDIT_TITLE}' => &$lang_display_comments['edit_title'],
            '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'],
            '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt),
            '{MSG_BODY}' => bb_decode($comment_body),
            '{MSG_BODY_RAW}' => $row['msg_body'],
            '{OK}' => &$lang_display_comments['OK'],
            '{SMILIES}' => $smilies,
            '{IP}' => $ip,
            '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'],
            '{WIDTH}' => $CONFIG['picture_table_width']
            );

        $html .= template_eval($template, $params);
    }

    if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
        if (USER_ID) {
            $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . USER_NAME . '" /></td>';
            template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
            $user_name = '';
        } else {
            $user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : $lang_display_comments['your_name'] . '" 

onclick="javascript:this.value=\'\';';
        }

        $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'],
            // Modified Name and comment field
            '{NAME}' => $lang_display_comments['name'],
            '{COMMENT}' => $lang_display_comments['comment'],
            '{CONFIRM}' => $lang_display_comments['confirm'],
            '{PIC_ID}' => $pid,
            '{USER_NAME}' => $user_name,
            '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'],
            '{OK}' => $lang_display_comments['OK'],
            '{SMILIES}' => '',
            '{WIDTH}' => $CONFIG['picture_table_width'],
            );

        if ($CONFIG['enable_smilies']) $params['{SMILIES}'] = generate_smilies();

        $html .= template_eval($template_add_your_comment, $params);
    }

    return $html;
}

$template_add_your_comment = <<<EOT
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
        <tr>
                <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
        </tr>
        <tr>
                <td colspan="3">
                <form method="post" name="post" action="db_input.php">
                        <table width="100%" cellpadding="0px" cellspacing="0px">

<!-- BEGIN user_name_input -->
                                <tr><td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT} </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" 

onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />                           

             <!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 

100%;" />
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>
<tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>
                        </table>
                </form>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
</table>
<!-- END smilies -->

EOT;
?>


[Nibbler]

It is a problem with the theme.php on your server. The code you have posted here is fine.

[Blindside]

Ok, a very stupid fault. After correcting the theme.php as you said (deleting empty lines) I've uploaded it into the wrong folder. Now everything works fine, thanks.

[Stormqueen]

Thanks! Fab. mod. Was going crazy with the spams on my galleries, so I've installed the mod. files today. Thusfar, no new spams!

[khusrau]

Sorry, but I'm new at this and don't know PHP. I've managed to make the changes in the appropriate files, discovered that Freetype was required and got that installed and the confirmation code now appears; however, I always receive a "Confirmation code didn't match" message. I turned on Debug for Admin and I got the following notice but, since I don't know PHP, I don't know if it's important:

/include/captcha.class.php
    * Warning line 12: session_start() [function.session-start]: open(/tmp/sess_9478a4986b54d68858115a0c51153339, O_RDWR) failed: Permission denied (13)
    * Notice line 195: Undefined index: php_captcha

Now I'm not sure how to proceed. Any help would be appreciated.

The URL of my gallery is: http://www.optimists-alumni.org/photos and "test3" is the theme I'm trying to get running.

[Nibbler]

You don't have permission to write to the directory used to store sessions. Contact your host for support.

[khusrau]

The support folks at the hosting company wanted detailed information so that they could debug the code. I emailed them the information but they didn't follow all of the instructions. They changed to my test theme, saw that it changed and, instead of following the rest of the instructions and entering a comment, they stopped (if the theme worked, everything must work)! I'm frustrated. Is this change something I can do?

PHPINFO() displays "Session Support: enabled" and "session.save_path: /tmp". When I use FTP to look at my site, there is a "tmp" directory in the root, at the same level as "public_html", which actually contains the website. Coppermine exists in "photos", a folder within "public_html". Properties for "tmp" are 0700.

I'm the only volunteer in our organization who even knows a bit of HTML. I took over our organization's website when the old person left but, at this point, I'm way beyond my depth. If you can offer the specifics of what they need to do, I can pass that to them.

[Nibbler]

What I said above should be enough. If they won't help you then you can specify your tmp as the session.save_path if you are allowed a custom php.ini or can use ini_set().

[Abbas Ali]

They changed to my test theme, saw that it changed and, instead of following the rest of the instructions and entering a comment, they stopped (if the theme worked, everything must work)!

Theme has nothing to do with sessions.

This mod uses session to store information. Whenever sessions are used the data is stored in a temporary directory defined by session.save_path in php.ini In your case the directory is /tmp. Note that  /tmp is different from the tmp directory parallel to your public_html. On a shared webhosting you cannot change the permission of /tmp directory.

Since your webhost is not understanding the situation, show them a test file which demonstrates the real problem.

Create a filed named session.php and place it in your photos folder.

Code Select Expand


<?php
session_start();
$_SESSION['test'] = 'This is a test';

print $_SESSION['test'];
?>


Give the url of this file to your webhost i.e. http://www.optimists-alumni.org/photos/session.php

If sessions work on your server then above code should output 'This is a test' in the browser. Else notices/warnings will be given.