Difference: CaptchaPlugin (6 vs. 7)

Revision 703 Aug 2006 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.

Line: 9 to 9
 

Syntax Rules

Changed:
<
<
  • None
>
>
  • The tag %CAPTCHAURL% expands to the url of the image containing the scrambled text;
  • The tag %CAPTCHAHASH% expands to the hash matching the image.
 

Examples

Line: 20 to 21
 Plugin settings are stored as preferences variables. To reference a plugin setting write %<plugin>_<setting>%, i.e. %INTERWIKIPLUGIN_SHORTDESCRIPTION%

Changed:
<
<
    • Set SHORTDESCRIPTION = Plugin for visual confirmation of new user registration.
>
>
    • Set SHORTDESCRIPTION = Plugin for Captcha verification / visual confirmation of new user registration.
 
  • Debug plugin: (See output in data/debug.txt)
    • Set DEBUG = 1
Line: 28 to 29
 
  • Custom settings (defaults shown):
    • Characters to use in generated strings:
      • Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
Changed:
<
<
    • Truetype font to use:
>
>
 
      • Set FONT = TahomaBold? .ttf
    • Number of random lines to add (use none for 0):
      • Set LINES = 10
Line: 44 to 45
 
  • Download the ZIP file from the Plugin web (see below)
  • Unzip CaptchaPlugin.zip in your twiki installation directory. Content:
    File: Description:
Changed:
<
<
data/TWiki/VisualConfirmPlugin.txt Plugin topic
data/TWiki/VisualConfirmPlugin.txt,v Plugin topic repository
register.patch Patch for the register binary
templates/oopsregvisualconfirm.tmpl Error template
>
>
data/TWiki/CaptchaPlugin.txt Plugin topic
data/TWiki/CaptchaPlugin.txt,v Plugin topic repository
register.patch Patch for the register module
templates/oopscaptcha.tmpl Error template
 
lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
Changed:
<
<
  • Apply the patch register.patch to bin/register (alternatively, patch register manual, see section below):
    • cd bin
>
>
pub/TWiki/CaptchaPlugin/TahomaBold.ttf Default font
pub/TWiki/CaptchaPlugin/_db Hash database directory
pub/TWiki/CaptchaPlugin/_img Image directory
  • Apply the patch register.patch to lib/TWiki/UI/Register.pm (alternatively, patch Register.pm manually, see section below), be sure to make a backup so you can revert the patch if you want to disable the plugin:
    • cd /path/to/twiki
    • cp lib/TWiki/UI/Register.pm lib/TWiki/UI/Register.pm.dist
 
    • patch < ../register.patch
Deleted:
<
<
  • Create the directories visualconfirm and visualconfirm/db in your pub/ directory, and make sure it is readable and writable by the user that TWiki is executing as.
    • mkdir -p pub/visualconfirm/db
    • chown -R nobody pub/visualconfirm
    • chmod -R 644 pub/visualconfirm
 
  • Restrict access to the database files, for example, by including the following in your httpd.conf:

Changed:
<
<
<Directory "/path/to/twiki/pub/visualconfirm/db">
>
>
<Directory "/path/to/twiki/pub/TWiki/CaptchaPlugin/_db">
  deny from all </Directory>
Changed:
<
<
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/visualconfirm/
>
>
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/TWiki/CaptchaPlugin/
 
  • Test if the installation was successful:
Changed:
<
<
    • Create a topic containing <IMG SRC="%VISUALCONFIRMURL%"> and %VISUALCONFIRMHASH%
>
>
    • Create a topic containing <IMG SRC="%CAPTCHAURL%"> and %CAPTCHAHASH%
 
    • When loading this topic you should see an obfuscated character string loaded as a png and a hexadecimal hash.
Changed:
<
<
>
>
 
Changed:
<
<
    • Display the image %VISUALCONFIRMURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
    • Add the appropriate text input as Twk1VisualConfirm
    • Add a hidden input as Twk1VisualConfirmHash
>
>
    • Display the image %CAPTCHAURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
    • Add the appropriate text input as Twk1CaptchaString
    • Add a hidden input as Twk1CaptchaHash having as value %CAPTCHAHASH%
 
            <tr>

Changed:
<
<
<td valign="top" align="right"><IMG SRC="%VISUALCONFIRMURL%">: <br /> (..)   &lt/td> <td><input type="hidden" name="Twk1VisualConfirmHash" value="%VISUALCONFIRMHASH%"> <input type="text" name="Twk1VisualConfirm" size="5"></td>
>
>
<td valign="top" align="right"><IMG SRC="%CAPTCHAURL%">: <br /> (..)   &lt/td> <td><input type="hidden" name="Twk1CaptchaHash" value="%CAPTCHAHASH%"> <input type="text" name="Twk1CaptchaString" size="5"></td> <font color="red">**</font>
  </tr>
  • That's it.

Manually patching the register binary

Changed:
<
<
Find the line in bin/register that says:
>
>
Find these lines in lib/TWiki/UI/Register.pm:
 

Changed:
<
<
# everything OK
>
>
}

# generate user entry

 
Changed:
<
<
Insert the code below directly BEFORE that line:
>
>
Insert the code below directly BEFORE the line containing the curly bracket '{':
 

Changed:
<
<
# check valid visual confirmation for( $x = 0; $x < $formLen; $x++ ) { $vcHash=$formDataValue[$x] unless(not($formDataName[$x] eq "Visual Confirm Hash")); $vcTxt=$formDataValue[$x] unless(not($formDataName[$x] eq "Visual Confirm")); }

open(LOCKFILE,">".&TWiki::getPubDir()."/visualconfirm/db/hashes.lock");

>
>
# check captcha my %database; my $vcHash=$data->{CaptchaHash}; my $vcTxt=$data->{CaptchaString}; open(LOCKFILE,">".&TWiki::Func::getPubDir()."/TWiki/CaptchaPlugin/_db/hashes.lock");
  flock(LOCKFILE,2);
Changed:
<
<
dbmopen(%database, &TWiki::getPubDir()."/visualconfirm/db/hashes" ,0644);
>
>
dbmopen(%database, &TWiki::Func::getPubDir()."/TWiki/CaptchaPlugin/_db/hashes" ,0644);
  if(defined($database{$vcHash})) {
Changed:
<
<
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm", "The visual confirmation has expired."); TWiki::redirect( $query, $url ); return;
>
>
throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic, def => 'expired_vchash', params => [ "expired" ] );
  }

my ($time,$txt)=split(',',$database{$vcHash});

if(not(lc($txt) eq lc($vcTxt))) {

Changed:
<
<
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm", "The character string you entered for visual confirmation is incorrect."); TWiki::redirect( $query, $url ); return;
>
>
throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic, def => 'invalid_vcstr', params => [ "wrong" ] );
  }
Added:
>
>
  dbmclose(%database);

close(LOCKFILE);

Line: 133 to 135
 

Plugin Info

Plugin Author: TWiki:Main.KoenMartens
Changed:
<
<
Plugin Version: 03 Jan 2006 (V1.001)
>
>
Plugin Version: 03 Aug 2006 (V1.2)
 
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
Changed:
<
<
TWiki Dependency: $TWiki::Plugins::VERSION 1.024
>
>
03 Aug 2006: Renamed to CaptchaPlugin, adapted to Dakar (TWiki 4.0.x).
TWiki Dependency: $TWiki::Plugins::VERSION 1.1
 
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none
Perl Version: 5.005
Line: 151 to 154
 Related Topics: TWikiPreferences, TWikiPlugins
Changed:
<
<
-- TWiki:Main.KoenMartens - 07 Oct 2005
>
>
-- TWiki:Main.KoenMartens - 03 Aug 2006
 
Added:
>
>
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546219" name="luxisbi.ttf" path="luxisbi.ttf" size="65568" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548091" name="TahomaBold.ttf" path="TahomaBold.ttf" size="195956" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154596686" name="f8d9367a6d41cf92619b89188aa7befa.png" path="f8d9367a6d41cf92619b89188aa7befa.png" size="1303" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548358" name="05c156f95c6ef8ae9591caad2b6c6581.png" path="05c156f95c6ef8ae9591caad2b6c6581.png" size="1261" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548349" name="fce0a41ec99a29ccbc48b89b699c3f16.png" path="fce0a41ec99a29ccbc48b89b699c3f16.png" size="1312" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548271" name="cf15d69a13f0408cf48769ae28a9e81b.png" path="cf15d69a13f0408cf48769ae28a9e81b.png" size="1294" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548371" name="b811fee8f0ca2c9e1916050e0673a4ed.png" path="b811fee8f0ca2c9e1916050e0673a4ed.png" size="1263" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154545942" name="54c87dd0ccd02046324ef17f55f9bf1c.png" path="54c87dd0ccd02046324ef17f55f9bf1c.png" size="773" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548337" name="9d349e919dbe95f575b36e985d98f875.png" path="9d349e919dbe95f575b36e985d98f875.png" size="1277" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546224" name="7d467cdaabfbc12019d16dd429d2be9e.png" path="7d467cdaabfbc12019d16dd429d2be9e.png" size="1227" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154598500" name="957688f290596a7f4aa4c09613ad0177.png" path="957688f290596a7f4aa4c09613ad0177.png" size="1282" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548344" name="c8b94fc4649a3f7fbe811acc29257c3c.png" path="c8b94fc4649a3f7fbe811acc29257c3c.png" size="1214" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548353" name="3426709e3fa5b47e46c096f42bd949a4.png" path="3426709e3fa5b47e46c096f42bd949a4.png" size="1225" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154539997" name="088f7acb964be1f25e5d01c5d23d3660.png" path="088f7acb964be1f25e5d01c5d23d3660.png" size="779" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548219" name="87cf5aaa6b29f32476e11947e2b5531c.png" path="87cf5aaa6b29f32476e11947e2b5531c.png" size="1318" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154597978" name="f3ce477fa4d448916f97e514e47f3c16.png" path="f3ce477fa4d448916f97e514e47f3c16.png" size="1315" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548363" name="b3afa94a6ebc0970fb701f57b802113a.png" path="b3afa94a6ebc0970fb701f57b802113a.png" size="1236" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548210" name="0d5a4bd5b05cdc627f42673908d04970.png" path="0d5a4bd5b05cdc627f42673908d04970.png" size="1304" user="UnknownUser" version=""
 
This site is powered by the TWiki collaboration platformCopyright � by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.CaptchaPlugin