[ic] User problems with forums and quick question about paypal
Tracy Nelson
tracy at mainstreetmusic.com
Thu Apr 17 01:32:49 UTC 2008
On Wed, 2008-04-16 at 01:39 -0600, kim Gross wrote:
> >>>
> >>> Yes, put the following above the [tmp page_title] line of
> >>> pages/forum/reply.html and pages/forum/submit.html:
> >>> [tmp members_only]1[/tmp]
> >> I am still fighting with this.
> >>
> >> [tmp members_only]1[/tmp]
> >
> >> [set members_only][/set]
> >
> >> [tmp members_only]1[/tmp]
> >
> >> [set members_only][/set]
> >
> > The [set members_only] lines are overriding the [tmp members_only]
> > lines, get rid of them.
> >
>
> I made this change and I am still having people post porn without
> logging in. So do you know of any how to's on installing the captcha?
> I am getting tired of deleting 100+ porn messages in the forums every day.
>
> Thanks
>
> Kim
Kim - Been there, done that, feel your pain. Here is what I did for
captcha. Since captcha is new in 5.5.1 I borrowed the new tag and added
it as a user tag in 5.4, with a few mods. It works GREAT!
In reply_form add:
[if !session logged_in]
<tr>
<td></td>
<td>[oicaptcha function="image"]</td>
</tr>
<tr>
<td style="text-align: right;">Codeword: </td>
<td><input class="forumsubrepsubject" TYPE="text"
NAME="mv_captcha_guess" VALUE="" SIZE=10 MAXLENGTH=10> (type the four
characters you see above)</td>
</tr>
[/if]
In reply.html add where the form processing occurs:
delete $Scratch->{guess};
unless ($Session->{logged_in}) {
if ($CGI->{mv_captcha_guess}) {
$Scratch->{guess} = $Tag->oicaptcha({function => 'check', keepfailed
=> 1});
unless ($Scratch->{guess}) {
$Scratch->{guess} = $Tag->error({name => 'captcha', show_error =>
1});
return "Bad anti-spam code: $Scratch->{guess}
($CGI->{mv_captcha_guess}). Go back and try again.";
}
} else {
return "Bad anti-spam code: No code entered. Go back and try again.";
}
}
Here is the captcha user tag code which has only minor changes as
compared with the original 5.5.1 tag. It also includes some good Perl
doc instructions from the tag's author (Mike Heins).
# Copyright 2006-2007 Interchange Development Group and others
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. See the LICENSE file for details.
#
# v 1.4 2007/03/30 23:55:57 pajamian Exp $
# 2007/09/22 added keepfailed, removed '_' from other options
UserTag oicaptcha Order function
UserTag oicaptcha attrAlias func function
UserTag oicaptcha addAttr
UserTag oicaptcha Description Generate captcha codes for authentication
check
UserTag oicaptcha Version $Revision: 1.4 $
UserTag oicaptcha Routine <<EOR
my $Have_Captcha;
eval {
require Authen::Captcha;
$Have_Captcha = 1;
};
sub {
my ($func, $opt) = @_;
use vars qw/$Tag/;
if(! $Have_Captcha) {
::logError("Use of captcha tag without Authen::Captcha, skipping");
return '';
}
$func = lc($func);
$func =~ s/[^a-z]+//g;
my $result = '';
if($func eq 'code') {
$result = $Vend::Session->{captcha};
}
$opt->{length} ||= 4;
my $en = $opt->{errorname} || 'captcha';
my $keep = $opt->{keepfailed} || 0;
my $subdir = $opt->{imagesubdir}
|| $::Variable->{CAPTCHA_IMAGE_SUBDIR}
|| 'captcha';
my $tmpdir = "$Vend::Cfg->{ScratchDir}/$subdir";
mkdir($tmpdir) unless -d $tmpdir;
my $imgdir = $opt->{imagelocation} ||
$::Variable->{CAPTCHA_IMAGE_LOCATION};
unless ($imgdir ) {
if(! $Global::NoAbsolute and $::Variable->{DOCROOT}) {
$imgdir = "$::Variable->{DOCROOT}$::Variable->{IMAGE_DIR}/$subdir";
}
else {
$imgdir = "images/$subdir";
}
}
my $imgpath = $opt->{imagepath}
|| $::Variable->{CAPTCHA_IMAGE_PATH}
|| "$::Variable->{IMAGE_DIR}/$subdir";
my $captcha = Authen::Captcha->new(
data_folder => $tmpdir,
output_folder => $imgdir,
keep_failures => $keep,
);
my $guess = $opt->{guess} || $CGI::values{mv_captcha_guess};
my $code = $opt->{source};
if($func eq 'check') {
my $check_against = $code || $Vend::Session->{captcha};
my $status = $captcha->check_code($guess, $check_against);
if($status > 0) {
return $status;
}
elsif($status == 0) {
$Tag->error( { name => $en, set => "Code not checked: error" });
return 0;
}
elsif($status == -1) {
$Tag->error( { name => $en, set => "Code expired" });
return 0;
}
elsif($status == -2) {
$Tag->error( { name => $en, set => "Code never generated" });
return 0;
}
elsif($status == -3) {
$Tag->error( { name => $en, set => "Code doesn't match" });
return 0;
}
}
else {
my $save_u = umask($::Variable->{CAPTCHA_UMASK} || 2);
if($opt->{reset}) {
undef $Vend::Captcha;
delete $Vend::Session->{captcha};
}
if($Vend::Captcha) {
$code ||= $Vend::Session->{captcha};
}
if($func eq 'code' and $code) {
return $code;
}
eval {
unless( Vend::File::allowed_file($imgdir, 1) ) {
my $msg = errmsg("No permission to write directory '%s'", $imgdir);
$Tag->error( { name => $en, set => $msg });
return 0;
}
mkdir($imgdir) unless -d $imgdir;
if(! $code) {
$code = $Vend::Session->{captcha} =
$captcha->generate_code($opt->{length});
$Vend::Captcha = $code;
}
umask $save_u;
};
if($@) {
$Tag->error( { name => $en, set => "Error: $@" });
return '';
}
if($func eq 'code') {
return $code;
}
# Now probably an image function.
unless ($func =~ /ima?ge?/) {
$Tag->error({
name => $en,
set => errmsg("Unknown function %s", $func),
});
return undef;
}
my $path = $opt->{relative} ? "$subdir/$code.png" :
"$imgpath/$code.png";
if(! $opt->{nameonly}) {
return $Tag->image($path);
}
else {
return $path;
}
}
}
EOR
UserTag captcha Documentation <<EOD
=head1 NAME
Interchange [captcha] tag
=head1 SYNOPSIS
[captcha function="check|code|image|relative_image|image_tag"
length="4"
image-subdir="captcha"
image-location="images/captcha"
image-path="/standard/images/captcha"
source="[cgi mv_captcha_source]"
errorname="captcha"
guess="[cgi mv_captcha_guess]"
keepfailed="0"
]
=head1 DESCRIPTION
This tag generates and/or checks "captcha" images to authenticate user
input.
If called for the first time in a page, it generates a code/image pair
and
sets the code in the session (at $Vend::Session->{captcha}).
There are several functions.
=over 4
=item check
Checks the captcha source code (presumably from the previous page)
against
the guess. If it matches, returns 1. If not, returns 0 and puts error
in $Tag->error.
=item code
Returns the generated code. Generates one if not done previously in
session.
=item image
Returns an IMG tag as generated by Interchange's [image] tag. If the
name-only=1 option is passed, no surrounding IMG tag will be generated,
only the image name. If the C<relative=1> option is passed, that name
will not be prefaced with the ImageDir.
=back
The additional options are:
=over 4
=item guess
The input from the user when the function is C<check>. Default is the
contents of [cgi mv_captcha_guess].
=item image-subdir
The image subdirectory (based in images directory) which will
be used.
=item image-path
The base path for URL generation. Default is the Interchange IMAGE_DIR
variable.
=item image-location
The directory where image files will be generated. Default is the
Interchange IMAGE_DIR variable based in the Interchange DOCROOT
variable, with the subdirectory above, i.e. C<[var DOCROOT][var
IMAGE_DIR]/captcha>.
=item length
Length of the input for the captcha. Default is 4 characters.
=item nameonly
When set, tells the image function to not generate an HTML IMG tag.
=item relative
When set, tells the image function (when in name-only mode) to
return relative path.
=item reset
Normally only one captcha code / image will be generated per page
transaction. If this is set, you can generate another one -- though
you would have to take care of saving the generated code yourself,
as $Session->{captcha} is overwritten.
=item source
The captcha base to guess against for the C<check> function. Default is
the
contents of the last-generated captcha, or [cgi mv_captcha_source].
=item keepfailed
Optional. Defaults to zero. This option controls whether or not the
captcha
will remain valid after a failed attempt. By default, we only allow one
attempt to solve it. This greatly reduces the possibility that a bot
could
brute force a correct answer. Change it at your own risk.
=back
=head1 EXAMPLE
[if cgi mv_captcha_guess]
[tmp good][captcha check][/tmp]
[if scratch good]
You guessed right!
[else]
Sorry, try again.
[/else]
[/if]
<br>
[/if]
[captcha function=image]
<form action="[process href="@@MV_PAGE@@"]">
<input type=text name=mv_captcha_guess size value="">
<input type=submit value="Guess">
</form>
[error auto=1]
=head1 PREREQUISITES
Authen::Captcha
=head1 AUTHOR
Mike Heins, <mike AT THE DOMAIN perusion.com>.
EOD
I hope this helps.
Tracy
OvalEye Web Solutions
More information about the interchange-users
mailing list