CB goes Captcha!

13 years 2 weeks ago #33010 by AtlasShrugging
Info, Required & This field is visible on Profile icons appear next to the entry field. Is there somewhere that we can remove/hide these icons? They really don't belong.

Thank you so much for moving CB in a more secure direction. Once audio/disability options are added to captcha, we will finally be able to jump from the SMF to CB Login.

Thank you thank you thank you.
13 years 2 weeks ago #33053 by bugnotme
so why anybody help us??what is gonna happen for those who have gd libraries ok, no extra characters and the template ok???
13 years 2 weeks ago #33060 by bugnotme
the funny thing is that i have other two component with captcha...they both work but this one doesnt...so it must be something specific having to do with this plugin...pls help!!!!!!!!!
13 years 2 weeks ago #33069 by beat
bugnotme wrote:

the funny thing is that i have other two component with captcha...they both work but this one doesnt...so it must be something specific having to do with this plugin...pls help!!!!!!!!!


There is one difference between this plugin and all others I know of.... ;)

This one uses a standard Joomla! entry point to generate and return the image.

This is so here in order to benefit from all security protections and checks done by Joomla!.

The downside is that if any of the files that are included by Joomla or CB are outputing any characters, this compromises the image, which can't be displayed.

So verifying the files that you changed or third-party files that get included for blank lines or spaces will help you to find the culprit.

Ususal suspects are:
- Those which you or other admins tend to edit.... ;) :
- Joomla and CB language files
- index2.php (the genuine one works fine, so if you didn't change it's ok)
- 3pd mambots (core ones are fine if unchanged).

You need to use a very simple editor (simpler than wordpad) which displays also hidden chars. Typically a blank line or space before the opening "<?php" and after the closing "?>" in php files are deadly..

We will try to add some debugging / check tools in next CB release, E.g. sample captcha image view in backend which doesn't use some front-end files, to help in this respect. We will also see if we can address that problem a little differently without loosing the security offered by Joomla's entry points, and that's really important !

Hope this helps. Sorry it's impossible for us to provide free private support on those particular problems. We did a few to make sure there is no other problem left, but this is the only one.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
13 years 2 weeks ago #33074 by bugnotme
excuse me but i forgot to tell you guys that i am on mambo

i know that now i will be forget and left alone because you are with joomla but...
is there any change that i am gonna get a reply?
may be my captcha doesnt work because i am on mambo...right or not???

Post edited by: bugnotme, at: 2007/03/10 18:15
13 years 2 weeks ago #33242 by bugnotme
can i suggets something:
there is a code which could be used for those ( like me:P ) who can not use your system...maybe someone who knows php code could create a little plug in. Here is the code:

<?php
session_start();
if(
isset($_SESSION, $_SESSION) &&
strlen(trim($_POST)) > 0 &&
$_SESSION === $_SESSION
) {
what you want to show...such a http address or even a simple word like " 123jerico54"
}
$_SESSION=$_POST;
$_SESSION=$_POST;
?>
<script type="text/javascript">
var ciapcialength = 20;
var ciapciaid = 'ciapcia';
function createCiapcia() {
if(!ciapciaid.innerHTML)
ciapciaid = document.getElementById(ciapciaid);
var chars = new Array();
for(var a = 0; a < 40; a++)
chars.push(String.fromCharCode(a+97));
for(var a = 0; a < 10; a++)
chars.push(String.fromCharCode(a+48));
var extract = parseInt(Math.random() * chars.length);
if(parseInt(Math.random() * 2) == 0)
chars[extract] = chars[extract].toUpperCase();
ciapciaid.innerHTML += chars[extract];
if(ciapcialength-- > 1)
setTimeout(createCiapcia, parseInt(Math.random() * 1000));
else {
document.getElementById('sendinfo').disabled = false;
document.getElementById('verify').value = ciapciaid.innerHTML;
}
}
</script>
<body onload="createCiapcia();">
<form method="POST" action="<?php echo $_SERVER; ?>">
<span id="ciapcia"></span><br />
<input id="verify" type="hidden" name="hideciapcia" />
<input type="text" name="ciapcia" />
<input id="sendinfo" disabled="true" type="submit" value="enter" />
</form>
</body>

basically it is like captcha but without image...it create whatever you want....and as for as i know it is very secure because it is created by using javascript so spambot can not read it. It was created by an italian programmer and it is free to use.

any help???

Post edited by: bugnotme, at: 2007/03/12 11:53

Post edited by: bugnotme, at: 2007/03/12 12:07

Post edited by: bugnotme, at: 2007/03/12 12:17
Moderators: beatnantkrileon
Time to create page: 0.453 seconds