WHAT'S THIS?
Life in this physical dimension is wondrous and extremely diverse.
Categories
- All
- Blogosphere (9)
- Crazy Ideas Made Real (12)
- Funny/Jokes (6)
- It's a Geek's World (3)
- Simply Nice (18)
- Site News & Gems (4)
- Thoughts (11)
- Videos/YouTube (24)
- Web Items (8)
- Wondrous Things (22)
- World Events/News (6)
Blogroll
Blogs Which I Like:
Archives
-
Those Adorable Russians
FireFox Crop Circle
Nailing Pudding to the Wall
Twiggy the Water Skiing Squirrel
The Wilhelmsburg Complaints Choir
A Feel-Good Video
Magnificent Puppet Play
Contact Juggling
Getting Back a Stolen Bag
Blossosm within Bland Architecture
Fearless Rabbit
Fine Art Without People
Interpretation of Art (An Insight from the Wave of Perception)
The Power of Visuals
Happy Feet for Real
Duplicity or Humans vs. Animals
Cause and Effect vs. Miracles
Lights and Animation
The Helsinki Complaints Choir
The Essence of Patience
If you can't fly, do it anyway
The Cog
Craftsmanship and Art in Metal (ZOHO Artform No.1)
Alien Karaoke or "Why Can't We Be Friends"
Blind, But Able to "See"
- more...
Adding a Verification Code to the b2evolution Blog (CAPTCHA/PHP)
After another wave of spam comments yesterday, I decided to add a verification code to the comment form. For those of you who are using the same software and who have a bit of basic HTML/PHP knowledge, I'm retracing the steps here.
The verification image does not use fancy shrouding of the text because I beleive that my site is not imporant enough for anyone to write an OCR scanner just post comments here. This might be different if all b2evolution blogs were using the same type of image, but so far it should be sufficient.
The following is based on b2evo v.0.9.2 but from what I've seen, the 1.8 version should not be too different.
UPDATE: If you are looking for a generic verification (captcha) source code to include into your website, please click here (my solution below for b2evolution blog is based on that link).
Verification Image
First you need a php file which creates an image with a graphical random number and which passes the code to comment processor in a safe way. I found a tutorial and sample which I modded to fit my needs. You can either use their randomimage.php to create the image or mine, which is slightly different (font size, colors, decoration). Mine requires an additional font (anonymous.gdf), which you can download from here or take my copy of it.. Put them both into the same folder on your server and rename the randomimage.phps file to randomimage.php.
The PHP code generates an image and also stores an MD5 of the generated code in the PHP $_SESSION[] variable, which to my knowledge should work everywhere under PHP 4 and 5 (this site runs under Apache and PHP4).
Comment Form
The second step is to insert the image and an entry field into the feedback form.
The form for the comment is stored in the themes folder and is named _feedback.php. It is either in that folder directly or if you are using a theme which has a modified comment form, there will be a copy _feedback.php inside the folder for that theme.
Load it into an editor and look for the fieldset with the submit button (it will be easiest to search for the hightlighed text below).
<fieldset>
<div class="input">
<input type="submit" name="submit" class="submit" value="<?php echo T_('Send comment') ?>" tabindex="8" />
</div>
</fieldset>
Above(!) that fieldset insert a new one with the following code:
<fieldset>
<?php
$vinfo= '(Please enter the number which you see n the field below.)';
$vinfo.= '<br /><img src="/blog/randomimage.php" alt="random image" border="0" /><br /> ';
form_text( 'verify', '', 5, T_('Verification Code:'), $vinfo, 5, 'bComment' );
?>
</fieldset>
Please note the bold text there. This needs to be adjusted to point to the place where you put your version of the randomimage.php on your server!
If you are not sure what to do, look at the source code of this very page (the one with this article), search for $vinfo and see where the new code is placed in relation to the submit-button fieldset.
Checking the Verification Code
The last step is to pick up the hidden value from the image generation (via the PHP $_SESSION[] array) and compare it to the entered verification code. I decided to make the check only for visitors, so you may have to put it into a slightly different place if you want it to apply to registered blog users also.
The file you need to modify is comment_post.php in the htsrv folder. However, this is a modification to the core code of b2evolution and you will need to save/redo this when you update to a newer version.
Load the file into an editor, and search for the highlighed lines and then add the extra code below:
param( 'url', 'string' );
param( 'verify', 'string' );
$author_ID = NULL;
session_start();
if (md5($verify) != $_SESSION['image_random_value']) {
errors_add( T_('Verification code does not match') );
errors_add( T_($verify) );
}
This should be it. When a wrong code is entered, an error message with the code will be shown. If you get the error message without the code, you may have modified the wrong _feedback.php file or missed one (e.g. if you use multiple skins).
This is a first version of this article and I had modified b2evo before, so it is possible, that the instructions are not 100% correct. If you have comments or find errors in these instructions, please let me know.
Also, a discussion around this may or may not evolve on the related thread on the b2evo forum.
Last but not least, all my contributions here are in the public domain (no copyright, -left or whatsoever) and any changes are at your own risk.
