CaptchaPlugin
Plugin for visual confirmation of new user registration, to prevent automated scripts to create users and spam your wiki with their url's to get a better google ranking.
On this page:
Syntax Rules
- None
Examples
- N/A
Plugin Settings
Plugin settings are stored as preferences variables. To reference a plugin setting write %<plugin>_<setting>%, i.e. %INTERWIKIPLUGIN_SHORTDESCRIPTION%
- One line description, is shown in the TextFormattingRules topic:
- Set SHORTDESCRIPTION = Plugin for visual confirmation of new user registration.
- Debug plugin: (See output in
data/debug.txt)- Set DEBUG = 1
- Custom settings (defaults shown):
- Characters to use in generated strings:
- Set CHARACTERS = ABCDEFGHKLMNPRSTVWXYZabcdeghpqsuvwxy@
- Truetype font to use:
- Set FONT = luxisbi.ttf
- Number of random lines to add (use
nonefor 0):- Set LINES = 10
- Number of random circles to add (use
nonefor 0):- Set CIRCLES = 10
- Noise, percentage of pixels to flip randomly after generating graphics (use
nonefor 0%):- Set NOISE = 15
- Characters to use in generated strings:
Plugin Installation Instructions
Note: You do not need to install anything on the browser to use this plugin. The following instructions are for the administrator who installs the plugin on the server where TWiki is running.
- Download the ZIP file from the Plugin web (see below)
- Unzip
CaptchaPlugin.zipin your twiki installation directory. Content:File: Description: data/TWiki/VisualConfirmPlugin.txtPlugin topic data/TWiki/VisualConfirmPlugin.txt,vPlugin topic repository register.patchPatch for the register binary templates/oopsregvisualconfirm.tmplError template lib/TWiki/Plugins/CaptchaPlugin.pmPlugin Perl module - Apply the patch
register.patchtobin/register(alternatively, patch register manual, see section below):- cd bin
- patch < ../register.patch
- Create the directories
visualconfirmandvisualconfirm/dbin yourpub/directory, and make sure it is readable and writable by the user that TWiki is executing as.- mkdir -p pub/visualconfirm/db
- chown -R nobody pub/visualconfirm
- chmod -R 644 pub/visualconfirm
- Restrict access to the database files, for example, by including the following in your httpd.conf:
<Directory "/path/to/twiki/pub/visualconfirm/db">
deny from all
</Directory>
- Make sure the plugin has access to the preferred truetype font, by putting the
.ttffile inpub/visualconfirm/ - Test if the installation was successful:
- Create a topic containing
<IMG SRC="%VISUALCONFIRMURL%">and%VISUALCONFIRMHASH% - When loading this topic you should see an obfuscated character string loaded as a png and a hexadecimal hash.
- Check whether the hash database is properly protected by going to the url http://my.twiki.server/my/twiki/path/pub/visualconfirm/db/hashes.pag, you should see a permission denied message.
- Create a topic containing
- Now edit your TWikiRegistration topic
- Display the image %VISUALCONFIRMURL% somewhere in your form, along with a text instructing new users to copy the obfuscated text into the appropriate text input.
- Add the appropriate text input as
Twk1VisualConfirm - Add a hidden input as
Twk1VisualConfirmHash - For example, add this to your TWikiRegistration:
<tr>
<td valign="top" align="right"><IMG SRC="%VISUALCONFIRMURL%">: <br /> (..) </td>
<td><input type="hidden" name="Twk1VisualConfirmHash" value="%VISUALCONFIRMHASH%">
<input type="text" name="Twk1VisualConfirm" size="5"></td>
</tr>
- That's it.
Manually patching the register binary
Find the line in bin/register that says:
# everything OK
Insert the code below directly BEFORE that line:
# check valid visual confirmation
for( $x = 0; $x < $formLen; $x++ ) {
$vcHash=$formDataValue[$x]
unless(not($formDataName[$x] eq "Visual Confirm Hash"));
$vcTxt=$formDataValue[$x]
unless(not($formDataName[$x] eq "Visual Confirm"));
}
open(LOCKFILE,">".&TWiki::getPubDir()."/visualconfirm/db/hashes.lock");
flock(LOCKFILE,2);
dbmopen(%database, &TWiki::getPubDir()."/visualconfirm/db/hashes" ,0644);
if(!defined($database{$vcHash})) {
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm",
"The visual confirmation has expired.");
TWiki::redirect( $query, $url );
return;
}
my ($time,$txt)=split(',',$database{$vcHash});
if(not(lc($txt) eq lc($vcTxt))) {
$url = &TWiki::getOopsUrl( $webName, $topic, "oopsregvisualconfirm",
"The character string you entered for visual confirmation is incorrect.");
TWiki::redirect( $query, $url );
return;
}
dbmclose(%database);
close(LOCKFILE);
Further Development
- Make number of characters configurable
- Make font size configurable
- Find out how to safely delete images from the register binary
Plugin Info
| Plugin Author: | TWiki:Main.KoenMartens |
| Plugin Version: | 03 Jan 2006 (V1.001) |
| Change History: | |
| 07 Oct 2005: | Initial version |
| 10 Oct 2005: | Strip hash and text from arguments to register binary, or they will end up in the newly created user topic. |
| 03 Jan 2006: | Fixed some problems with expiry, also optimised according to TWiki:TWiki.TWikiPlugins#FastPluginHints. |
| TWiki Dependency: | $TWiki::Plugins::VERSION 1.024 |
| CPAN Dependencies: | GD, Digest::MD5 |
| Other Dependencies: | none |
| Perl Version: | 5.005 |
| License: | GPL (GNU General Public License) |
| TWiki:Plugins/Benchmark: | GoodStyle 98%, FormattedSearch 98%, TWikiRegistration (patched) 85% |
| Plugin Home: | http://TWiki.org/cgi-bin/view/Plugins/CaptchaPlugin |
| Feedback: | http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginDev |
| Appraisal: | http://TWiki.org/cgi-bin/view/Plugins/CaptchaPluginAppraisal |
Related Topics: TWikiPreferences, TWikiPlugins
-- TWiki:Main.KoenMartens - 07 Oct 2005
Topic revision: r5 - 03 Jan 2006 - 19:07:04 - KoenMartens?
TWiki Web
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
- User Reference
- ATasteOfTWiki
- TextFormattingRules
- TWikiVariables
- FormattedSearch
- QuerySearch
- TWikiDocGraphics
- TWikiSkinBrowser
- InstalledPlugins
- Admin Maintenance
- Reference Manual
- AdminToolsCategory
- InterWikis
- ManagingWebs
- TWikiSiteTools
- TWikiPreferences
- WebPreferences
- Webs
-
Abacos
- Acbahia
- AnpedGT16
- ArcoDigital
- Argumento
- Avsan
- CalculoB
- Ceb
- Cetad
- CetadObserva
- Cibercultura
- Ciberfem
- CiberParque
- ColoquioCiags
- Coloquiofasa
- ConexoesSaberes
- Cpdteste
- Cppd
- Creche
- Cridi
- Da
- DACN
- DCE
- DelzaTeste
- DeniseCarla
- DepHistoria
- DicionarioBelasartes
- Ecologia
- EDC
- Educandow
- EduMus
- EleicoesReitor2010
- Encima
- Enearte
- Estruturas
- EstruturasEng
- FACED
- FAT
- FepFaced
- GEC
- GeneticaBiodiversidade
- GeneticaBiodiversidade3
- GeneticaBiodiversidade
- Gepindi
- GetecEng
- Godofredofilho
- GrupoAlgebra
- ICI010
- Informev
- Ites
- LabioComp
- LEG
- Lepeja
- Letras
- LivroLivreSalvador
- Main
- MaisUm
- Mata07
- Mefes
- MefesCpd
- MetaReciclagem
- Neclif
- NelsonPretto
- Nuclear
- Numcad
- Nutricao
- Observa
- OrfaosdeRua
- PauloCostaLima
- PdI
- PescandoLetras
- PETFilosofia
- Pgif
- PGNUT
- PortalPpga
- PosCultura
- Pospetroigeo
- PPGAC
- PPGE
- PpggBio
- Ppggenbio
- Pretto
- Proad
- PROGESP
- ProjetoLencois
- Quimica
- RadioFACED
- RadioTeatro
- RadioWeb
- Riosymposium10
- Ripe
- Salasdoctai
- Sat
- Sedu
- SemBio
- SeminarioPibid
- SimoneLucena
- Sociologia
- SSL
- Tabuleiro
- TabuleirosUfba
- TCinema
- TerritoriosDigitais
- TWiki
- Twikidea
- UFBAIrece
- UniversidadeNova
- VizinhoEstrangeiro
- XIISNHCT
 |
|
Copyright � by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.CaptchaPlugin