Mon.
12
January
2009
CAPTCHA!
- Posted by David at 18:16:46
- Annoyancies, Open Source, Flatpress, Securimage
Current mood: 
When I switched over to use flatpress as the content engine I kinda wanted a captcha (those images you have to get a headache from and enter into a form manually) a better local replacement for the Accessible Antispam plugin wich has it's weaknesses.
After searching around on the net, I found the GNU licenced PHP-Capcha securimage that wasn't that hard to implement on FP. Kind of flexible as well wich certainly is a big bonus
I have shared the information with the flatpress community, but recently got a question about making it more available in a ready form, so here it is - all the documentation AND the files
INSTALLATION AND CONFIGURATION - THE HARD WAY
- 1. Download securimage from http://phpcaptcha.org
- 2. Make a "securimage" directory in the fp-plugin directory and install the secureimage files. (The usual naming convention applies) You need secureimage.php, a ttf-file or the gdfonts, the audiofiles from the securimage package (IF you want audible captchas, and yes they are a separate download from the securimage page) and the plugin-.securimage.php (described below) to get going with a basic setup. Install the securimage package and audiofiles relative to the securimage directory, in other words, the securimage.php file in that directory and the audiofiles in a new dir called audio (unless you reconfigure in the securimage.php file).
- 3. configure securimage.php (explained inside the file). Put the path to the font file as an absolute path. (In other words, specify it from the root like /home/myaccount/www/fp-plugins/securimage/font.ttf)
- 4. Make a new file called plugin.securimage.php as described below, and configure that.
- 5. Make a new file called service.php in the root of the FP install.
Pretty easy isn't it?
THE CODE
Here is the plugin code. Use it, steal it, make it better, take over the development, whatever
(It's LGPL'ed for those who cares)
Thanks NoWhereMan for a lot of ideas and help! (I shouldn't have too much credits for this work.)
<?php
/*
Plugin Name: securimage
Plugin URI: http://macmathan.info/index.php/2009/01/12/captcha/
Description: phpcaptcha with flatpress.
Author: David MacMathan & NoWhereMan (thanks!)
Version: 1.1
Author URI: http://www.flatpress.org/
*/
//*** ONE CONFIGURATION NEEDED:
//*** SET MAXLENGTH FOR THE FORM INPUT FIELD ACCORDING
//*** TO THE SELECTION DONE IN SECURIMAGE.PHP!
// register an action (a function) called plugin_securimage_service to the fp-service hook
add_action('fp-service', 'plugin_securimage_service');
// register securimage actions
add_action('comment_validate', 'plugin_securimage_validate', 5, 2);
add_action('comment_form', 'plugin_securimage_comment_form');
function plugin_securimage_service() {
include_once("securimage.php");
global $fp_params;
// check whether URL params contain 'securimage', else skip
if (!isset($fp_params['securimage'])) return;
// if securimage == 'show' outputs the gif, if equals 'play' outputs the wav and quit.
// Otherwise just skips.
switch ($fp_params['securimage']) {
case 'show' :
$img = new securimage();
$img->show();
exit();
case 'play' :
$img = new Securimage();
header('Content-type: audio/x-wav');
header('Content-Disposition: attachment; name="securimage.wav"');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Expires: Sun, 1 Jan 2000 12:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . 'GMT');
echo $img->getAudibleCode();
exit();
}
}
function plugin_securimage_validate($bool, $arr) {
// if boolean $bool==false
// the test is forced to fail
if (!$bool)
return false;
// if user is loggedin we ignore the plugin
if (user_loggedin())
return true;
// call class for check
include_once("securimage.php");
$img = new Securimage();
if ($img->check($_POST['captcha_code']) == false) {
global $smarty;
$lang = lang_load('plugin:securimage');
$smarty->append('error', $lang['plugin']['securimage']['error']);
$ret = false;
}
else {$ret = true;}
return $ret;
}
function plugin_securimage_comment_form() {
// load plugin strings
// they're located under plugin.PLUGINNAME/lang/LANGID/
$lang = lang_load('plugin:securimage');
$langstrings =& $lang['plugin']['securimage'];
// echoes the question and the form part
echo '<p><img src="'.BLOG_BASEURL.'service.php?x=securimage:show;sid:'.md5(uniqid(time())).'" id="captcha" alt="CAPTCHA image" />';
echo '<a style="border-bottom: none;" href="#" onclick="document.getElementById(\'captcha\').src = \''.BLOG_BASEURL.'service.php?x=securimage:show;sid:\' + Math.random(); return false"><img src="'.plugin_geturl('securimage').'images/refresh.gif" alt="'. $lang['plugin']['securimage']['reload'] . '" title="'. $lang['plugin']['securimage']['reload'] . '" style="border: none; vertical-align: top;" /></a>';
echo '<a style="border-bottom: none;" href="'.BLOG_BASEURL.'service.php?x=securimage:play"><img src="'.plugin_geturl('securimage').'images/audio_icon.gif" alt="'. $lang['plugin']['securimage']['speaker'] . '" title="'. $lang['plugin']['securimage']['speaker'] . '" style="border: none; vertical-align: top;" /></a>';
echo '<br />';
echo '<label class="textlabel" for="securimagecode">'. $lang['plugin']['securimage']['prefix'] . '</label>';
echo '<br /><input type="text" name="captcha_code" id="securimagecode" maxlength="5"/><br />';
echo '</p>';
}
Here is the lang/lang.en-us.php file as well:
<?php $lang['plugin']['securimage'] = array( 'prefix' => 'As a way to prevent abuses of this commenting system, '. 'we must ask you to reproduce the text on the image above, please: ', 'reload' => 'Reload image', 'speaker' => 'Audible version of CAPTCHA-image', 'error' => 'Result was incorrect, please retry.' ); ?>
And finally the new service.php code from NoWhereMan: (Repeated here from a post on the flatpress forum for convenience)
<?php
include 'defaults.php';
include INCLUDES_DIR .'includes.php';
// system setup: loads plugins, setups session, cookies etc.
system_init();
// call the action hook 'fp-service'
do_action('fp-service');
?>
I think that was it, have fun with it
AND THEN THE EASY WAY:
You can download it all in a tarball
- Securimage FP-plugin (complete) - includes the FP-plugin, securimage, the audiofiles and an extra font. About 720kB.
The above file contains the following, installed and ready… sort of
- securimage 1.0.3.1 - a local copy of the version of securimage originally used when developing the plugin.About 67kB.
- securimage audiofiles - a local copy of the audiofiles for securimage.About 643kB.
- securimage wordlist - a local copy of the wordlist for securimage.About 1kB
- Securimage FP-plugin (stripped) - only the FP-plugin part.About 11kB
- CornFed Truetype - a local copy of the not so OCR-friendly font by Daniel Gauthier (used on the captchas on this site). About 31kB.
- 3 comments // Permalink // Back to top