Difference: CaptchaPlugin (1 vs. 10)

Revision 1008 Aug 2007 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

A visual confirmation plugin, known as Captcha, for new user registration. This plugin prevents automated scripts in creating users and spam your wiki with their url's to get a better google ranking.

Line: 32 to 32
 
    • The characters that you want to use in Captcha:
      • Set CHARACTERS = abcdefghijklmnopqrstuvwxyz%&?@!1234567890
Changed:
<
<
Additionally, the following settings can be added to lib/LocalSite.cfg. In time, the above options will be moved to that file too.
>
>
Additionally, the following settings can be changed in lib/LocalSite.cfg, the list below shows the defaults. In time, the above options will be moved to that file too.
 
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{Expiry}=3600; # time in seconds after which a captcha will expire and be removed
Changed:
<
<
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{EnableSave}=1; # enable captcha for topic save
>
>
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{EnableSave}=0; # enable captcha for topic save
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{SaveForAll}=0; # enable captcha for all users, not just TWikiGuest
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{DeleteAfterRegistration}=0; # delete captcha after succesfull registration
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{DeleteAfterSave}=0; # delete captcha after succesfull topic save
 

Plugin Installation Instructions

Line: 134 to 138
 
    # verify captcha

Added:
>
>
eval { use TWiki::Plugins::CaptchaPlugin; };
  my %database; my $vcHash = $data->{CaptchaHash}; my $vcTxt = $data->{CaptchaString};
Line: 158 to 164
  dbmclose(%database);

close(LOCKFILE);

Added:
>
>
if($TWiki::cfg{Plugins}{CaptchaPlugin}{DeleteAfterRegistration}) { TWiki::Plugins::CaptchaPlugin::expire($vcHash); }
 

Now find:

Line: 188 to 199
 

Plugin Info

Plugin Author: TWiki:Main.KoenMartens, TWiki:Main.KwangErnLiew
Changed:
<
<
Plugin Version: 06 Aug 2007 1.5-pre1
>
>
Plugin Version: 06 Aug 2007 1.5-pre2
 
Change History:  
08 Aug 2007: Added support for captcha on topic save (thanks TWiki:Main.KwangErnLiew), fixed some minor bugs, added some free fonts
06 Aug 2007: Colourised fonts; Randomised font type, font size, background colour, and font positioning; Fixed hash display on user pages; Modified oopscaptcha.tmpl

Revision 908 Aug 2007 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

A visual confirmation plugin, known as Captcha, for new user registration. This plugin prevents automated scripts in creating users and spam your wiki with their url's to get a better google ranking.

Line: 32 to 32
 
    • The characters that you want to use in Captcha:
      • Set CHARACTERS = abcdefghijklmnopqrstuvwxyz%&?@!1234567890
Added:
>
>
Additionally, the following settings can be added to lib/LocalSite.cfg. In time, the above options will be moved to that file too.

  • $TWiki::cfg{Plugins}{CaptchaPlugin}{Expiry}=3600; # time in seconds after which a captcha will expire and be removed
  • $TWiki::cfg{Plugins}{CaptchaPlugin}{EnableSave}=1; # enable captcha for topic save
 

Plugin Installation Instructions

Note: You do not need to install anything on the browser to use this plugin. The following instructions are for the administrator who installs the plugin on the server where TWiki is running.

Line: 44 to 49
 
register-4.1.2.patch Patch for the register module
templates/oopscaptcha.tmpl Error template
lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
Changed:
<
<
pub/TWiki/CaptchaPlugin/Fonts/ Fonts directory
>
>
pub/TWiki/CaptchaPlugin/fonts/ Fonts directory
pub/TWiki/CaptchaPlugin/fonts/* A collection of free fonts to get you started
 
pub/TWiki/CaptchaPlugin/_db Hash database directory
Changed:
<
<
pub/TWiki/CaptchaPlugin/_img Image directory
>
>
pub/TWiki/CaptchaPlugin/img Image directory
 
  • Apply the patch register-4.1.2.patch to lib/TWiki/UI/Register.pm (alternatively, patch Register.pm manually, see section below), be sure to make a backup so you can revert the patch if you want to disable the plugin:
    • cd /path/to/twiki
    • cp lib/TWiki/UI/Register.pm lib/TWiki/UI/Register.pm.dist
    • patch < ../register.patch
Changed:
<
<
  • Restrict access to the database files, for example, by including the following in your httpd.conf:
>
>
  • Restrict access to the files, for example, by including the following in your httpd.conf:
 
         <Directory "/path/to/twiki/pub/TWiki/CaptchaPlugin/_db">
           deny from all
         </Directory>

Added:
>
>
<Directory "/path/to/twiki/pub/TWiki/CaptchaPlugin/fonts"> deny from all </Directory> <Directory "/path/to/twiki/pub/TWiki/CaptchaPlugin/img"> deny from all </Directory>
 
Changed:
<
<
  • Install necessary TrueType fonts in to pub/TWiki/CaptchaPlugin/Fonts/
>
>
  • Enable the plugin via the bin/configure script
  • Install necessary TrueType fonts in to pub/TWiki/CaptchaPlugin/fonts/
 
    • This allows the plugin to randomly choose the fonts to use
  • Test if the installation was successful:
    • Create a topic containing <IMG SRC="%CAPTCHAURL%"> and %CAPTCHAHASH%
Line: 77 to 90
 
  • That's it.
Added:
>
>

Captcha on topic edit

If you want to protect edits by TWikiGuest with a captcha, add the following line to your lib/LocalSite.cfg:

$TWiki::cfg{Plugins}{CaptchaPlugin}{EnableSave} = 1;

Of course, you will need the Twk1CaptchaHash and Twk1CaptchaString input fields somewhere in your edit template.

For example, if you are using the default pattern skin, change templates/edit.pattern.tmpl. Find:

%TMPL:DEF{"textarea"}%<textarea class="twikiEditboxStyleProportional" id="topic" name="text" rows="%EDITBOXHEIGHT%" cols="%EDITBOXWIDTH%" style='%EDITBOXSTYLE%' onkeydown='handleKeyDown(event)'>%TEXT%</textarea><script type="text/javascript">initTextAreaHeight();</script>
%TMPL:END%

and add before TMPL:END:

%TMPL:DEF{"textarea"}%<textarea class="twikiEditboxStyleProportional" id="topic" name="text" rows="%EDITBOXHEIGHT%" cols="%EDITBOXWIDTH%" style='%EDITBOXSTYLE%' onkeydown='handleKeyDown(event)'>%TEXT%</textarea><script type="text/javascript">initTextAreaHeight();</script>
              <IMG SRC="/twiki/pub/TWiki/CaptchaPlugin/img/7806714c0ad33cfd69978b61e8d36c54.png"/>
              <input type="hidden" name="Twk1CaptchaHash" value="7806714c0ad33cfd69978b61e8d36c54"/>
              <input type="text" name="Twk1CaptchaString" size="5"/>
%TMPL:END%

You might want to hide the captcha for logged in users (context authenticated), see VarIF for more information on conditional rendering.

 

Manually patching the register binary

Added:
>
>
 Refer to the patch file.

Guide for TWiki 4.0.5

Line: 91 to 133
 Insert the code below directly BEFORE the line containing the curly bracket '{':


Changed:
<
<
# check captcha
>
>
# verify captcha
  my %database; my $vcHash=$data->{CaptchaHash}; my $vcTxt=$data->{CaptchaString};
Line: 100 to 143
  dbmopen(%database, &TWiki::Func::getPubDir()."/TWiki/CaptchaPlugin/_db/hashes" ,0644);
Deleted:
<
<
if(defined($database{$vcHash})) { throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic, def => 'expired_vchash', params => [ "expired" ] ); }
  my ($time,$txt)=split(',',$database{$vcHash});
Changed:
<
<
if(not(lc($txt) eq lc($vcTxt))) {
>
>
if ( not(lc($txt) eq lc($vcTxt)) || ($txt eq '') ) { dbmclose(%database); close(LOCKFILE);
  throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic,
Line: 123 to 160
  close(LOCKFILE);
Added:
>
>
Now find:

             # 'WikiName' omitted because they can't
             # change it, and 'Confirm' is a duplicate
             push( @{$data->{form}}, $form )
              unless ($name eq 'WikiName' || $name eq 'Confirm');

and change the last line to:

             # 'WikiName' omitted because they can't
             # change it, and 'Confirm' is a duplicate
             push( @{$data->{form}}, $form )
              unless ($name eq 'WikiName' || $name eq 'Confirm' || $name eq 'CaptchaHash' || $name eq 'CaptchaString');
 

Further Development

Deleted:
<
<
  • Fix timer (expiry)
 
  • Refactor to comply with TWiki's convention
Changed:
<
<
  • Remove created .png files
>
>
  • Remove created .png files -> is already done on expiry, right?
 
  • Adjustable font size range
  • Adjustable height and width
  • Option of Black and White only
Line: 137 to 190
 
Plugin Author: TWiki:Main.KoenMartens, TWiki:Main.KwangErnLiew
Plugin Version: 06 Aug 2007 1.5-pre1
Change History:  
Added:
>
>
08 Aug 2007: Added support for captcha on topic save (thanks TWiki:Main.KwangErnLiew), fixed some minor bugs, added some free fonts
 
06 Aug 2007: Colourised fonts; Randomised font type, font size, background colour, and font positioning; Fixed hash display on user pages; Modified oopscaptcha.tmpl
03 Aug 2006: Renamed to CaptchaPlugin, adapted to Dakar (TWiki 4.0.x).
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
Line: 153 to 207
 
Appraisal: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginAppraisal

Related Topics: TWikiPreferences, TWikiPlugins

Deleted:
<
<

-- TWiki:Main.KoenMartens - 03 Aug 2006

Revision 806 Aug 2007 - MuSMoAdmin

Line: 1 to 1
 

CaptchaPlugin

Changed:
<
<
Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.
>
>
A visual confirmation plugin, known as Captcha, for new user registration. This plugin prevents automated scripts in creating users and spam your wiki with their url's to get a better google ranking.
 
Line: 24 to 24
 
    • Set SHORTDESCRIPTION = Plugin for Captcha verification / visual confirmation of new user registration.

  • Debug plugin: (See output in data/debug.txt)
Changed:
<
<
    • Set DEBUG = 1
>
>
    • Set DEBUG = 0
 
  • Custom settings (defaults shown):
Changed:
<
<
    • Characters to use in generated strings:
      • Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
    • Truetype font to use (place the font in $prefix/pub/TWiki/CaptchaPlugin, good source of apparently free fonts is http://www.webpagepublicity.com/free-fonts.html):
      • Set FONT = TahomaBold? .ttf
    • Number of random lines to add (use none for 0):
      • Set LINES = 10
    • Number of random circles to add (use none for 0):
      • Set CIRCLES = 10
    • Noise, percentage of pixels to flip randomly after generating graphics (use none for 0%):
      • Set NOISE = 12
>
>
    • Number of characters for Captcha:
      • Set LENGTH = 5
    • The characters that you want to use in Captcha:
      • Set CHARACTERS = abcdefghijklmnopqrstuvwxyz%&?@!1234567890
 

Plugin Installation Instructions

Line: 47 to 41
 
File: Description:
data/TWiki/CaptchaPlugin.txt Plugin topic
data/TWiki/CaptchaPlugin.txt,v Plugin topic repository
Changed:
<
<
register.patch Patch for the register module
>
>
register-4.1.2.patch Patch for the register module
 
templates/oopscaptcha.tmpl Error template
lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
Changed:
<
<
pub/TWiki/CaptchaPlugin/TahomaBold.ttf Default font
>
>
pub/TWiki/CaptchaPlugin/Fonts/ Fonts directory
 
pub/TWiki/CaptchaPlugin/_db Hash database directory
pub/TWiki/CaptchaPlugin/_img Image directory
Changed:
<
<
  • Apply the patch register.patch to lib/TWiki/UI/Register.pm (alternatively, patch Register.pm manually, see section below), be sure to make a backup so you can revert the patch if you want to disable the plugin:
>
>
  • Apply the patch register-4.1.2.patch to lib/TWiki/UI/Register.pm (alternatively, patch Register.pm manually, see section below), be sure to make a backup so you can revert the patch if you want to disable the plugin:
 
    • cd /path/to/twiki
    • cp lib/TWiki/UI/Register.pm lib/TWiki/UI/Register.pm.dist
    • patch < ../register.patch
Line: 63 to 57
  deny from all </Directory>
Changed:
<
<
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/TWiki/CaptchaPlugin/
>
>
  • Install necessary TrueType fonts in to pub/TWiki/CaptchaPlugin/Fonts/
    • This allows the plugin to randomly choose the fonts to use
 
  • Test if the installation was successful:
    • Create a topic containing <IMG SRC="%CAPTCHAURL%"> and %CAPTCHAHASH%
    • When loading this topic you should see an obfuscated character string loaded as a png and a hexadecimal hash.
Line: 83 to 78
 
  • That's it.

Manually patching the register binary

Added:
>
>
Refer to the patch file.
 
Added:
>
>

Guide for TWiki 4.0.5

 Find these lines in lib/TWiki/UI/Register.pm:
 }

Line: 128 to 125
 

Further Development

Changed:
<
<
  • Make number of characters configurable
  • Make font size configurable
  • Find out how to safely delete images from the register binary
>
>
  • Fix timer (expiry)
  • Refactor to comply with TWiki's convention
  • Remove created .png files
  • Adjustable font size range
  • Adjustable height and width
  • Option of Black and White only
 

Plugin Info

Changed:
<
<
Plugin Author: TWiki:Main.KoenMartens
Plugin Version: 03 Aug 2006 (V1.2)
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
>
>
Plugin Author: TWiki:Main.KoenMartens, TWiki:Main.KwangErnLiew
Plugin Version: 06 Aug 2007 1.5-pre1
Change History:  
06 Aug 2007: Colourised fonts; Randomised font type, font size, background colour, and font positioning; Fixed hash display on user pages; Modified oopscaptcha.tmpl
 
03 Aug 2006: Renamed to CaptchaPlugin, adapted to Dakar (TWiki 4.0.x).
Added:
>
>
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
07 Oct 2005: Initial version
 
TWiki Dependency: $TWiki::Plugins::VERSION 1.1
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none
Line: 155 to 156
 

-- TWiki:Main.KoenMartens - 03 Aug 2006

Deleted:
<
<
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546219" name="luxisbi.ttf" path="luxisbi.ttf" size="65568" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548091" name="TahomaBold.ttf" path="TahomaBold.ttf" size="195956" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154596686" name="f8d9367a6d41cf92619b89188aa7befa.png" path="f8d9367a6d41cf92619b89188aa7befa.png" size="1303" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548358" name="05c156f95c6ef8ae9591caad2b6c6581.png" path="05c156f95c6ef8ae9591caad2b6c6581.png" size="1261" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548349" name="fce0a41ec99a29ccbc48b89b699c3f16.png" path="fce0a41ec99a29ccbc48b89b699c3f16.png" size="1312" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548271" name="cf15d69a13f0408cf48769ae28a9e81b.png" path="cf15d69a13f0408cf48769ae28a9e81b.png" size="1294" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548371" name="b811fee8f0ca2c9e1916050e0673a4ed.png" path="b811fee8f0ca2c9e1916050e0673a4ed.png" size="1263" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154545942" name="54c87dd0ccd02046324ef17f55f9bf1c.png" path="54c87dd0ccd02046324ef17f55f9bf1c.png" size="773" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548337" name="9d349e919dbe95f575b36e985d98f875.png" path="9d349e919dbe95f575b36e985d98f875.png" size="1277" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546224" name="7d467cdaabfbc12019d16dd429d2be9e.png" path="7d467cdaabfbc12019d16dd429d2be9e.png" size="1227" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154598500" name="957688f290596a7f4aa4c09613ad0177.png" path="957688f290596a7f4aa4c09613ad0177.png" size="1282" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548344" name="c8b94fc4649a3f7fbe811acc29257c3c.png" path="c8b94fc4649a3f7fbe811acc29257c3c.png" size="1214" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548353" name="3426709e3fa5b47e46c096f42bd949a4.png" path="3426709e3fa5b47e46c096f42bd949a4.png" size="1225" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154539997" name="088f7acb964be1f25e5d01c5d23d3660.png" path="088f7acb964be1f25e5d01c5d23d3660.png" size="779" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548219" name="87cf5aaa6b29f32476e11947e2b5531c.png" path="87cf5aaa6b29f32476e11947e2b5531c.png" size="1318" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154597978" name="f3ce477fa4d448916f97e514e47f3c16.png" path="f3ce477fa4d448916f97e514e47f3c16.png" size="1315" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548363" name="b3afa94a6ebc0970fb701f57b802113a.png" path="b3afa94a6ebc0970fb701f57b802113a.png" size="1236" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548210" name="0d5a4bd5b05cdc627f42673908d04970.png" path="0d5a4bd5b05cdc627f42673908d04970.png" size="1304" user="UnknownUser" version=""

Revision 703 Aug 2006 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.

Line: 9 to 9
 

Syntax Rules

Changed:
<
<
  • None
>
>
  • The tag %CAPTCHAURL% expands to the url of the image containing the scrambled text;
  • The tag %CAPTCHAHASH% expands to the hash matching the image.
 

Examples

Line: 20 to 21
 Plugin settings are stored as preferences variables. To reference a plugin setting write %<plugin>_<setting>%, i.e. %INTERWIKIPLUGIN_SHORTDESCRIPTION%

Changed:
<
<
    • Set SHORTDESCRIPTION = Plugin for visual confirmation of new user registration.
>
>
    • Set SHORTDESCRIPTION = Plugin for Captcha verification / visual confirmation of new user registration.
 
  • Debug plugin: (See output in data/debug.txt)
    • Set DEBUG = 1
Line: 28 to 29
 
  • Custom settings (defaults shown):
    • Characters to use in generated strings:
      • Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
Changed:
<
<
    • Truetype font to use:
>
>
 
      • Set FONT = TahomaBold? .ttf
    • Number of random lines to add (use none for 0):
      • Set LINES = 10
Line: 44 to 45
 
  • Download the ZIP file from the Plugin web (see below)
  • Unzip CaptchaPlugin.zip in your twiki installation directory. Content:
    File: Description:
Changed:
<
<
data/TWiki/VisualConfirmPlugin.txt Plugin topic
data/TWiki/VisualConfirmPlugin.txt,v Plugin topic repository
register.patch Patch for the register binary
templates/oopsregvisualconfirm.tmpl Error template
>
>
data/TWiki/CaptchaPlugin.txt Plugin topic
data/TWiki/CaptchaPlugin.txt,v Plugin topic repository
register.patch Patch for the register module
templates/oopscaptcha.tmpl Error template
 
lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
Changed:
<
<
  • Apply the patch register.patch to bin/register (alternatively, patch register manual, see section below):
    • cd bin
>
>
pub/TWiki/CaptchaPlugin/TahomaBold.ttf Default font
pub/TWiki/CaptchaPlugin/_db Hash database directory
pub/TWiki/CaptchaPlugin/_img Image directory
  • Apply the patch register.patch to lib/TWiki/UI/Register.pm (alternatively, patch Register.pm manually, see section below), be sure to make a backup so you can revert the patch if you want to disable the plugin:
    • cd /path/to/twiki
    • cp lib/TWiki/UI/Register.pm lib/TWiki/UI/Register.pm.dist
 
    • patch < ../register.patch
Deleted:
<
<
  • Create the directories visualconfirm and visualconfirm/db in your pub/ directory, and make sure it is readable and writable by the user that TWiki is executing as.
    • mkdir -p pub/visualconfirm/db
    • chown -R nobody pub/visualconfirm
    • chmod -R 644 pub/visualconfirm
 
  • Restrict access to the database files, for example, by including the following in your httpd.conf:

Changed:
<
<
<Directory "/path/to/twiki/pub/visualconfirm/db">
>
>
<Directory "/path/to/twiki/pub/TWiki/CaptchaPlugin/_db">
  deny from all </Directory>
Changed:
<
<
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/visualconfirm/
>
>
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/TWiki/CaptchaPlugin/
 
  • Test if the installation was successful:
Changed:
<
<
    • Create a topic containing <IMG SRC="%VISUALCONFIRMURL%"> and %VISUALCONFIRMHASH%
>
>
    • Create a topic containing <IMG SRC="%CAPTCHAURL%"> and %CAPTCHAHASH%
 
    • When loading this topic you should see an obfuscated character string loaded as a png and a hexadecimal hash.
Changed:
<
<
>
>
 
Changed:
<
<
    • Display the image %VISUALCONFIRMURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
    • Add the appropriate text input as Twk1VisualConfirm
    • Add a hidden input as Twk1VisualConfirmHash
>
>
    • Display the image %CAPTCHAURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
    • Add the appropriate text input as Twk1CaptchaString
    • Add a hidden input as Twk1CaptchaHash having as value %CAPTCHAHASH%
 
            <tr>

Changed:
<
<
<td valign="top" align="right"><IMG SRC="%VISUALCONFIRMURL%">: <br /> (..)   &lt/td> <td><input type="hidden" name="Twk1VisualConfirmHash" value="%VISUALCONFIRMHASH%"> <input type="text" name="Twk1VisualConfirm" size="5"></td>
>
>
<td valign="top" align="right"><IMG SRC="%CAPTCHAURL%">: <br /> (..)   &lt/td> <td><input type="hidden" name="Twk1CaptchaHash" value="%CAPTCHAHASH%"> <input type="text" name="Twk1CaptchaString" size="5"></td> <font color="red">**</font>
  </tr>
  • That's it.

Manually patching the register binary

Changed:
<
<
Find the line in bin/register that says:
>
>
Find these lines in lib/TWiki/UI/Register.pm:
 

Changed:
<
<
# everything OK
>
>
}

# generate user entry

 
Changed:
<
<
Insert the code below directly BEFORE that line:
>
>
Insert the code below directly BEFORE the line containing the curly bracket '{':
 

Changed:
<
<
# check valid visual confirmation for( $x = 0; $x < $formLen; $x++ ) { $vcHash=$formDataValue[$x] unless(not($formDataName[$x] eq "Visual Confirm Hash")); $vcTxt=$formDataValue[$x] unless(not($formDataName[$x] eq "Visual Confirm")); }

open(LOCKFILE,">".&TWiki::getPubDir()."/visualconfirm/db/hashes.lock");

>
>
# check captcha my %database; my $vcHash=$data->{CaptchaHash}; my $vcTxt=$data->{CaptchaString}; open(LOCKFILE,">".&TWiki::Func::getPubDir()."/TWiki/CaptchaPlugin/_db/hashes.lock");
  flock(LOCKFILE,2);
Changed:
<
<
dbmopen(%database, &TWiki::getPubDir()."/visualconfirm/db/hashes" ,0644);
>
>
dbmopen(%database, &TWiki::Func::getPubDir()."/TWiki/CaptchaPlugin/_db/hashes" ,0644);
  if(defined($database{$vcHash})) {
Changed:
<
<
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm", "The visual confirmation has expired."); TWiki::redirect( $query, $url ); return;
>
>
throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic, def => 'expired_vchash', params => [ "expired" ] );
  }

my ($time,$txt)=split(',',$database{$vcHash});

if(not(lc($txt) eq lc($vcTxt))) {

Changed:
<
<
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm", "The character string you entered for visual confirmation is incorrect."); TWiki::redirect( $query, $url ); return;
>
>
throw TWiki::OopsException( 'captcha', web => $data->{webName}, topic => $topic, def => 'invalid_vcstr', params => [ "wrong" ] );
  }
Added:
>
>
  dbmclose(%database);

close(LOCKFILE);

Line: 133 to 135
 

Plugin Info

Plugin Author: TWiki:Main.KoenMartens
Changed:
<
<
Plugin Version: 03 Jan 2006 (V1.001)
>
>
Plugin Version: 03 Aug 2006 (V1.2)
 
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
Changed:
<
<
TWiki Dependency: $TWiki::Plugins::VERSION 1.024
>
>
03 Aug 2006: Renamed to CaptchaPlugin, adapted to Dakar (TWiki 4.0.x).
TWiki Dependency: $TWiki::Plugins::VERSION 1.1
 
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none
Perl Version: 5.005
Line: 151 to 154
 Related Topics: TWikiPreferences, TWikiPlugins
Changed:
<
<
-- TWiki:Main.KoenMartens - 07 Oct 2005
>
>
-- TWiki:Main.KoenMartens - 03 Aug 2006
 
Added:
>
>
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546219" name="luxisbi.ttf" path="luxisbi.ttf" size="65568" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548091" name="TahomaBold.ttf" path="TahomaBold.ttf" size="195956" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154596686" name="f8d9367a6d41cf92619b89188aa7befa.png" path="f8d9367a6d41cf92619b89188aa7befa.png" size="1303" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548358" name="05c156f95c6ef8ae9591caad2b6c6581.png" path="05c156f95c6ef8ae9591caad2b6c6581.png" size="1261" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548349" name="fce0a41ec99a29ccbc48b89b699c3f16.png" path="fce0a41ec99a29ccbc48b89b699c3f16.png" size="1312" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548271" name="cf15d69a13f0408cf48769ae28a9e81b.png" path="cf15d69a13f0408cf48769ae28a9e81b.png" size="1294" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548371" name="b811fee8f0ca2c9e1916050e0673a4ed.png" path="b811fee8f0ca2c9e1916050e0673a4ed.png" size="1263" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154545942" name="54c87dd0ccd02046324ef17f55f9bf1c.png" path="54c87dd0ccd02046324ef17f55f9bf1c.png" size="773" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548337" name="9d349e919dbe95f575b36e985d98f875.png" path="9d349e919dbe95f575b36e985d98f875.png" size="1277" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154546224" name="7d467cdaabfbc12019d16dd429d2be9e.png" path="7d467cdaabfbc12019d16dd429d2be9e.png" size="1227" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154598500" name="957688f290596a7f4aa4c09613ad0177.png" path="957688f290596a7f4aa4c09613ad0177.png" size="1282" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548344" name="c8b94fc4649a3f7fbe811acc29257c3c.png" path="c8b94fc4649a3f7fbe811acc29257c3c.png" size="1214" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548353" name="3426709e3fa5b47e46c096f42bd949a4.png" path="3426709e3fa5b47e46c096f42bd949a4.png" size="1225" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154539997" name="088f7acb964be1f25e5d01c5d23d3660.png" path="088f7acb964be1f25e5d01c5d23d3660.png" size="779" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548219" name="87cf5aaa6b29f32476e11947e2b5531c.png" path="87cf5aaa6b29f32476e11947e2b5531c.png" size="1318" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154597978" name="f3ce477fa4d448916f97e514e47f3c16.png" path="f3ce477fa4d448916f97e514e47f3c16.png" size="1315" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548363" name="b3afa94a6ebc0970fb701f57b802113a.png" path="b3afa94a6ebc0970fb701f57b802113a.png" size="1236" user="UnknownUser" version=""
META FILEATTACHMENT attr="" autoattached="1" comment="" date="1154548210" name="0d5a4bd5b05cdc627f42673908d04970.png" path="0d5a4bd5b05cdc627f42673908d04970.png" size="1304" user="UnknownUser" version=""

Revision 602 Aug 2006 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.

Line: 29 to 29
 
    • Characters to use in generated strings:
      • Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
    • Truetype font to use:
Changed:
<
<
      • Set FONT = luxisbi.ttf
>
>
      • Set FONT = TahomaBold? .ttf
 
    • Number of random lines to add (use none for 0):
      • Set LINES = 10
    • Number of random circles to add (use none for 0):
      • Set CIRCLES = 10
    • Noise, percentage of pixels to flip randomly after generating graphics (use none for 0%):
Changed:
<
<
      • Set NOISE = 15
>
>
      • Set NOISE = 12
 

Plugin Installation Instructions

Revision 503 Jan 2006 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.

Line: 133 to 133
 

Plugin Info

Plugin Author: TWiki:Main.KoenMartens
Changed:
<
<
Plugin Version: 07 Oct 2005 (V1.000)
>
>
Plugin Version: 03 Jan 2006 (V1.001)
 
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
Added:
>
>
03 Jan 2006: Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints.
 
TWiki Dependency: $TWiki::Plugins::VERSION 1.024
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none
Perl Version: 5.005
License: GPL (GNU General Public License)
Changed:
<
<
TWiki:Plugins/Benchmark: GoodStyle nn%, FormattedSearch nn%, CaptchaPlugin nn%
>
>
TWiki:Plugins/Benchmark: GoodStyle 98%, FormattedSearch 98%, TWikiRegistration (patched) 85%
 
Plugin Home: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPlugin
Feedback: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginDev
Appraisal: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginAppraisal

Revision 410 Oct 2005 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.

Line: 136 to 136
 
Plugin Version: 07 Oct 2005 (V1.000)
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
Added:
>
>
10 Oct 2005: Strip hash and text from arguments to register binary, or they will end up in the newly created user topic.
 
TWiki Dependency: $TWiki::Plugins::VERSION 1.024
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none

Revision 309 Oct 2005 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Changed:
<
<
Plugin for visual confirmation of new user registration.
>
>
Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.
 
Line: 13 to 13
 

Examples

Changed:
<
<
  • None yet
>
>
  • N/A
 

Plugin Settings

Line: 25 to 25
 
  • Debug plugin: (See output in data/debug.txt)
    • Set DEBUG = 1
Changed:
<
<
  • My own setting:
    • Set CHARACTERS = ABC
    • Set FONT = luximb.ttf
    • Set NOISE = kjfksd
    • Set LINES = 3
    • Set CIRCLES = 20
>
>
  • Custom settings (defaults shown):
    • Characters to use in generated strings:
      • Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
    • Truetype font to use:
      • Set FONT = luxisbi.ttf
    • Number of random lines to add (use none for 0):
      • Set LINES = 10
    • Number of random circles to add (use none for 0):
      • Set CIRCLES = 10
    • Noise, percentage of pixels to flip randomly after generating graphics (use none for 0%):
      • Set NOISE = 15
 

Plugin Installation Instructions

Line: 39 to 44
 
  • Download the ZIP file from the Plugin web (see below)
  • Unzip CaptchaPlugin.zip in your twiki installation directory. Content:
    File: Description:
Changed:
<
<
data/TWiki/CaptchaPlugin.txt Plugin topic
data/TWiki/CaptchaPlugin.txt,v Plugin topic repository
>
>
data/TWiki/VisualConfirmPlugin.txt Plugin topic
data/TWiki/VisualConfirmPlugin.txt,v Plugin topic repository
register.patch Patch for the register binary
templates/oopsregvisualconfirm.tmpl Error template
 
lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
Added:
>
>
  • Apply the patch register.patch to bin/register (alternatively, patch register manual, see section below):
    • cd bin
    • patch < ../register.patch
  • Create the directories visualconfirm and visualconfirm/db in your pub/ directory, and make sure it is readable and writable by the user that TWiki is executing as.
    • mkdir -p pub/visualconfirm/db
    • chown -R nobody pub/visualconfirm
    • chmod -R 644 pub/visualconfirm
  • Restrict access to the database files, for example, by including the following in your httpd.conf:
			<Directory "/path/to/twiki/pub/visualconfirm/db">
			  deny from all
			</Directory>
  • Make sure the plugin has access to the preferred truetype font, by putting the .ttf file in pub/visualconfirm/
 
  • Test if the installation was successful:
Changed:
<
<
    • enter samples here
>
>
    • Create a topic containing <IMG SRC="%VISUALCONFIRMURL%"> and %VISUALCONFIRMHASH%
    • When loading this topic you should see an obfuscated character string loaded as a png and a hexadecimal hash.
    • Check whether the hash database is properly protected by going to the url http://my.twiki.server/my/twiki/path/pub/visualconfirm/db/hashes.pag, you should see a permission denied message.
  • Now edit your TWikiRegistration topic
    • Display the image %VISUALCONFIRMURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
    • Add the appropriate text input as Twk1VisualConfirm
    • Add a hidden input as Twk1VisualConfirmHash
    • For example, add this to your TWikiRegistration:
				<tr>
				  <td valign="top" align="right"><IMG SRC="%VISUALCONFIRMURL%">: <br /> (..)   </td>
				  <td><input type="hidden" name="Twk1VisualConfirmHash" value="%VISUALCONFIRMHASH%">
						<input type="text" name="Twk1VisualConfirm" size="5"></td>
				</tr>
  • That's it.

Manually patching the register binary

Find the line in bin/register that says:

	 # everything OK

Insert the code below directly BEFORE that line:

	 # check valid visual confirmation
	 for( $x = 0; $x < $formLen; $x++ ) {
		$vcHash=$formDataValue[$x]
		  unless(not($formDataName[$x] eq "Visual Confirm Hash"));
		$vcTxt=$formDataValue[$x]
		  unless(not($formDataName[$x] eq "Visual Confirm"));
	 }

	 open(LOCKFILE,">".&TWiki::getPubDir()."/visualconfirm/db/hashes.lock");
	 flock(LOCKFILE,2);

	 dbmopen(%database, &TWiki::getPubDir()."/visualconfirm/db/hashes" ,0644);

	 if(!defined($database{$vcHash})) {
		$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm",
		  "The visual confirmation has expired.");
		TWiki::redirect( $query, $url );
		return;
	 }

	 my ($time,$txt)=split(',',$database{$vcHash});

	 if(not(lc($txt) eq lc($vcTxt))) {
		$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm",
		  "The character string you entered for visual confirmation is incorrect.");
		TWiki::redirect( $query, $url );
		return;
	 }
	 dbmclose(%database);

	 close(LOCKFILE);

Further Development

  • Make number of characters configurable
  • Make font size configurable
  • Find out how to safely delete images from the register binary
 

Plugin Info

Line: 64 to 149
 Related Topics: TWikiPreferences, TWikiPlugins
Changed:
<
<
-- KoenMartens? - 07 Oct 2005
>
>
-- TWiki:Main.KoenMartens - 07 Oct 2005
 

Revision 208 Oct 2005 - KoenMartens

Line: 1 to 1
 

CaptchaPlugin

Plugin for visual confirmation of new user registration.

Line: 26 to 26
 
    • Set DEBUG = 1

  • My own setting:
Changed:
<
<
    • Set HOWTO = got it!
>
>
    • Set CHARACTERS = ABC
    • Set FONT = luximb.ttf
    • Set NOISE = kjfksd
    • Set LINES = 3
    • Set CIRCLES = 20
 

Plugin Installation Instructions

Revision 107 Oct 2005 - KoenMartens

Line: 1 to 1
Added:
>
>

CaptchaPlugin

Plugin for visual confirmation of new user registration.


Syntax Rules

  • None

Examples

  • None yet

Plugin Settings

Plugin settings are stored as preferences variables. To reference a plugin setting write %<plugin>_<setting>%, i.e. %INTERWIKIPLUGIN_SHORTDESCRIPTION%

  • One line description, is shown in the TextFormattingRules topic:
    • Set SHORTDESCRIPTION = Plugin for visual confirmation of new user registration.

  • Debug plugin: (See output in data/debug.txt)
    • Set DEBUG = 1

  • My own setting:
    • Set HOWTO = got it!

Plugin Installation Instructions

Note: You do not need to install anything on the browser to use this plugin. The following instructions are for the administrator who installs the plugin on the server where TWiki is running.

  • Download the ZIP file from the Plugin web (see below)
  • Unzip CaptchaPlugin.zip in your twiki installation directory. Content:
    File: Description:
    data/TWiki/CaptchaPlugin.txt Plugin topic
    data/TWiki/CaptchaPlugin.txt,v Plugin topic repository
    lib/TWiki/Plugins/CaptchaPlugin.pm Plugin Perl module
  • Test if the installation was successful:
    • enter samples here

Plugin Info

Plugin Author: TWiki:Main.KoenMartens
Plugin Version: 07 Oct 2005 (V1.000)
Change History:
<-- versions below in reverse order -->
 
07 Oct 2005: Initial version
TWiki Dependency: $TWiki::Plugins::VERSION 1.024
CPAN Dependencies: GD, Digest::MD5
Other Dependencies: none
Perl Version: 5.005
License: GPL (GNU General Public License)
TWiki:Plugins/Benchmark: GoodStyle nn%, FormattedSearch nn%, CaptchaPlugin nn%
Plugin Home: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPlugin
Feedback: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginDev
Appraisal: http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginAppraisal

Related Topics: TWikiPreferences, TWikiPlugins

-- KoenMartens? - 07 Oct 2005

 
This site is powered by the TWiki collaboration platformCopyright � by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.CaptchaPlugin