Webinstall and reCaptcha [Feature Request] - XOOPS Web Application System

1

Webinstall and reCaptcha

2008/11/13 8:14
vamptrix
Theme Designer
Posts: 424
Since: 2008/5/3 1

Well I've asked for reCaptcha before, but probably at the wrong place. The Captcha in the XOOPS core is too easy and can be worked around in a few secs. It would be alot better to support reCaptcha and let it be activated in a few seconds, by just entering your API-key in the System Module => Captcha or something, so your site will be protected many times better.

The Webinstall: this should be 1 file which downloads all of XOOPS files on the webserver and which installs more easily for new users as they don't have to worry as much about uploading files, much like the SMF webinstall (fully below this page: http://www.simplemachines.org/download/). In this way we might also be able to download packages like modules and themes easier. This is a lot of work, I know that, but this isn't something impossible: it's something that makes SMF good, and if XOOPS uses a simular system it would become a WHOLE lot easier and therefore better. (the current way should stay though)

I hope somebody agrees with my ideas ^^

I used to use this account, but no longer.

2

Re: Webinstall and reCaptcha

2008/12/9 18:44
fiammy
Just popping in
Posts: 19
Since: 2003/1/14

reCaptcha : that could be turned into a module, and hooks into the core. This might be difficult however.

Webinstall : if you want some security, you will need to devise a way to store hash signatures on a server, with the webinstall verifying if the signatures match before proceeding with the install.
Doing that might also give the impression to users that you vouch for the files that you distribute, making them come to you when a badly written module screws up their site, or makes it vulnerable.
Making XOOPS easier to install will lower the barrier, and will create an influx of users that in many cases don't have a clue what they're doing. The number of support requests will certainly rise sharply.
I'm not saying not to do it. Having an easy setup routine is great. XOOPS needs the resources (time, people and bandwidth) to make it work as smoothly and professionally as possible.

3

Re: Webinstall and reCaptcha

2009/11/14 12:53
alfred
Quite a regular
Posts: 249
Since: 2005/10/29

reCaptcha :
http://www.myxoops.org/forum/newtopic.php?forum=13
(Scroll to bottom)

is this OK

i have added reCaptcha into /captcha

4

Re: Webinstall and reCaptcha

2009/11/14 14:01
Mamba
Moderator
Posts: 11468
Since: 2004/4/23

Do you have steps to patch XOOPS it order to make reCaptcha the default?

We would need one for 2.3.3 and one for 2.4.1

5

Re: Webinstall and reCaptcha

2009/11/14 16:32
ghia
Community Support Member
Posts: 4953
Since: 2008/7/3 1

Ok this is my take on adding the recaptcha.
It is pure alpha, nothing tested, simply written by the instructions of ReCaptcha for PHP. All operations are done in /class/captcha/ and all needed things are in the link above.
-1- download the Recaptcha and extract recaptchalib.php
-2- register and obtain an API key
-3- modify config.php and fill in your private key

 return $config = array( 
    "disabled"              => false,                   // Disable CAPTCHA 
    "mode"                  => 'recaptcha',             // default mode  image, text or recaptcha 
    "name"                  => 'xoopscaptcha',          // captcha name 
    "skipmember"            => true,                    // Skip CAPTCHA check for members 
    "maxattempt"            => 10,                      // Maximum attempts for each session 
    "num_chars"             => 4,                       // Maximum characters 
    "rule_text"             => _CAPTCHA_RULE_TEXT, 
    "maxattempt_text"       => _CAPTCHA_MAXATTEMPTS, 
    "private_key"           => 'myAPIkey' 
    ); 
?>

-4- add config.recaptcha.php and fill in your public key

  
return $config = array( 
    "public_key"           => 'myAPIkey' 
    ); 
?>

-5- add recaptcha.php

  
class XoopsCaptchaRecaptcha extends XoopsCaptchaMethod 
{ 
 
     
    function __construct($handler = null) 
    { 
        parent::__construct($handler); 
        parent::loadConfig('recaptcha'); 
    } 
     
    function XoopsCaptchaImage($handler = null) 
    { 
        $this->__construct($handler); 
    } 
     
    function isActive() 
    { 
         
        return true; 
    } 
     
    function render() 
    { 
        $image = $this->loadImage(); 
        return $image . ''; 
    } 
 
    function loadImage() 
    { 
        require_once(XOOPS_ROOT_PATH . '/class/captcha/'.'recaptchalib.php'); 
        $publickey = $this->config["public_key"]; // you got this from the signup page see config.captcha.php 
        $ret = recaptcha_get_html($publickey); 
        
        return $ret; 
    } 
} 
?>

-6- insert

 // Verify the ReCaptcha code 
        } elseif ($this->config["mode"] == 'recaptcha') { 
            require_once(XOOPS_ROOT_PATH . '/class/captcha/'.'recaptchalib.php'); 
            $privatekey = $this->config["private_key"] ; 
            $resp = recaptcha_check_answer ($privatekey, 
                                $_SERVER["REMOTE_ADDR"], 
                                $_POST["recaptcha_challenge_field"], 
                                $_POST["recaptcha_response_field"]); 
            if (!$resp->is_valid) { 
              $this->message[] = $resp->error; 
            } 
            else { 
              $is_valid = true; 
            } 
        // Verify the code Captcha

before

 } elseif (!empty($_SESSION["{$sessionName}_code"])) { 
            $func = !empty($this->config["casesensitive"]) ? "strcmp" : "strcasecmp"; 
            $is_valid = ! $func( trim(@$_POST[$sessionName]), $_SESSION["{$sessionName}_code"] ); 
        }

in xoopscaptcha.php

You need also to change:

$this->path_plugin = XOOPS_ROOT_PATH . "/Frameworks/captcha";

to

$this->path_plugin = XOOPS_ROOT_PATH . '/class/captcha';

in xoopscaptcha.php

-7- test

Edit: corrected include path and made it clearer for public and private keys.
- Added correction for Frameworks relic

6

Re: Webinstall and reCaptcha

2009/11/14 19:57
alfred
Quite a regular
Posts: 249
Since: 2005/10/29

my config.recaptcha.php

Quote:

return $config = array(
'disabled' => false, // Disable CAPTCHA
'mode' => 'recaptcha', // default mode
'publickey' => "",
'privatekey' => "",
'theme' => 'white', // 'red' | 'white' | 'blackglass' | 'clean' | 'custom'
'lang' => 'de' );

my recaptcha.php

Quote:

defined('XOOPS_ROOT_PATH') or die('Restricted access'); require_once(XOOPS_ROOT_PATH.'/class/captcha/recaptcha/recaptchalib.php');
class XoopsCaptchaRecaptcha extends XoopsCaptchaMethod {
function render() {

parent::render();
parent::loadConfig('recaptcha');

$form = "";
$form .= recaptcha_get_html($this->config['publickey']);
return $form;
}
}

add to xoopscaptcha.php into function verify()

Quote:

} else if (!empty($_POST["recaptcha_response_field"])) {
require_once(XOOPS_ROOT_PATH.'/class/captcha/recaptcha/recaptchalib.php');
require_once(XOOPS_ROOT_PATH.'/class/captcha/config.recaptcha.php');
$resp = recaptcha_check_answer ($config['privatekey'],
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
$is_valid = $resp->is_valid;

7

Re: Webinstall and reCaptcha

2009/11/14 22:08
ghia
Community Support Member
Posts: 4953
Since: 2008/7/3 1

I did some little tweaks to my previous code and it works!

Now the addional fine tweaks for some configuration options as showed by dhsoft (theme and language integration) and it should be usable.

8

Re: Webinstall and reCaptcha

2009/11/14 22:48
Mamba
Moderator
Posts: 11468
Since: 2004/4/23

Ghia & Dhsoft, thank you so much for your work on this.

Is this for any specific XOOPS version, or is it for any version?

9

Re: Webinstall and reCaptcha

2009/11/14 22:54
ghia
Community Support Member
Posts: 4953
Since: 2008/7/3 1

Mine was tested on 2.4.0 (2.4.1 should go also)
AFAIK for 2.3.3 the same modifcations should go in /Frameworks/captcha/ but not tested nor verified.

10

Re: Webinstall and reCaptcha

2009/11/16 5:32
Mamba
Moderator
Posts: 11468
Since: 2004/4/23

Tested on 2.4.1 and it works!

Thank you Ghia and Dhsoft for your work on this!!!

Stats
Goal:	$15.00
Due Date:	Oct 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$15.00

Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Re: Webinstall and reCaptcha

Login

Search

Recent Posts

Re: XOOPS 2.5.12 Beta-8 available for Testing

Re: XOOPS 2.5.12 Beta-8 available for Testing

Re: Solution for Not able to login anymore after upgrading to XOOPS 2.5.11 and 2.5.12 Beta 8

Re: Solution for Not able to login anymore after upgrading to XOOPS 2.5.11 and 2.5.12 Beta 8

Solution for Not able to login anymore after upgrading to XOOPS 2.5.11 and 2.5.12 Beta 8

Re: XOOPS 2.5.12 Beta-8 available for Testing

Re: XOOPS 2.5.12 Beta-8 available for Testing

XOOPS 2.5.12 Beta-8 available for Testing

Re: XOOPS 2.5 Theme - Guanga by 8pm!!!

Re: XOOPS 2.5 Theme - Guanga by 8pm!!!

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}