(1) 2 3 4 5 »
vamptrix vamptrix
  • Theme Designer
  • Theme Designer
  • Joined: 2008/5/3 13:46
  • From Belgium (Flanders)
  • Group: Registered Users Designer Group Wiki Group
  • Posts: 424
  • Posted on: 2008/11/13 3:14
Webinstall and reCaptcha #1
Well I've asked for reCaptcha before, but probably at the wrong place. The Captcha in the XOOPS core is too easy and can be worked around in a few secs. It would be alot better to support reCaptcha and let it be activated in a few seconds, by just entering your API-key in the System Module => Captcha or something, so your site will be protected many times better.

The Webinstall: this should be 1 file which downloads all of XOOPS files on the webserver and which installs more easily for new users as they don't have to worry as much about uploading files, much like the SMF webinstall (fully below this page: http://www.simplemachines.org/download/). In this way we might also be able to download packages like modules and themes easier. This is a lot of work, I know that, but this isn't something impossible: it's something that makes SMF good, and if XOOPS uses a simular system it would become a WHOLE lot easier and therefore better. (the current way should stay though)

I hope somebody agrees with my ideas ^^
ke.vinpet.it | Linux, webhosting and networking specialist
Do you need help with hosting, installing or customizing your XOOPS website? I also develop modules and themes for XOOPS.
fiammy fiammy
  • Just popping in
  • Just popping in
  • Joined: 2003/1/14 18:06
  • From Leuven, Belgium
  • Group: Registered Users
  • Posts: 19
  • Posted on: 2008/12/9 13:44
Re: Webinstall and reCaptcha #2
reCaptcha : that could be turned into a module, and hooks into the core. This might be difficult however.

Webinstall : if you want some security, you will need to devise a way to store hash signatures on a server, with the webinstall verifying if the signatures match before proceeding with the install.
Doing that might also give the impression to users that you vouch for the files that you distribute, making them come to you when a badly written module screws up their site, or makes it vulnerable.
Making XOOPS easier to install will lower the barrier, and will create an influx of users that in many cases don't have a clue what they're doing. The number of support requests will certainly rise sharply.
I'm not saying not to do it. Having an easy setup routine is great. XOOPS needs the resources (time, people and bandwidth) to make it work as smoothly and professionally as possible.
alfred alfred
  • Quite a regular
  • Quite a regular
  • Joined: 2005/10/29 16:56
  • From Germany
  • Group: Registered Users
  • Posts: 249
  • Posted on: 2009/11/14 7:53
Re: Webinstall and reCaptcha #3
reCaptcha :
http://www.myxoops.org/forum/newtopic.php?forum=13
(Scroll to bottom)

is this OK
i have added reCaptcha into /captcha
Mamba Mamba
  • Moderator
  • Moderator
  • Joined: 2004/4/23 14:58
  • From Ohio, USA
  • Group: Webmaster Registered Users Designer Group Super Moderator
  • Posts: 10293
  • Posted on: 2009/11/14 9:01
Re: Webinstall and reCaptcha #4
Do you have steps to patch XOOPS it order to make reCaptcha the default?

We would need one for 2.3.3 and one for 2.4.1
ghia ghia
  • Community Support Member
  • Community Support Member
  • Joined: 2008/7/3 15:19
  • From Belgium
  • Group: Registered Users
  • Posts: 4946
  • Posted on: 2009/11/14 11:32
Re: Webinstall and reCaptcha #5
Ok this is my take on adding the recaptcha.
It is pure alpha, nothing tested, simply written by the instructions of ReCaptcha for PHP. All operations are done in /class/captcha/ and all needed things are in the link above.
-1- download the Recaptcha and extract recaptchalib.php
-2- register and obtain an API key
-3- modify config.php and fill in your private key
<?php
return $config = array(
    
"disabled"              => false,                   // Disable CAPTCHA
    
"mode"                  => 'recaptcha',             // default mode  image, text or recaptcha
    
"name"                  => 'xoopscaptcha',          // captcha name
    
"skipmember"            => true,                    // Skip CAPTCHA check for members
    
"maxattempt"            => 10,                      // Maximum attempts for each session
    
"num_chars"             => 4,                       // Maximum characters
    
"rule_text"             => _CAPTCHA_RULE_TEXT,
    
"maxattempt_text"       => _CAPTCHA_MAXATTEMPTS,
    
"private_key"           => 'myAPIkey'
    
);
?>

-4- add config.recaptcha.php and fill in your public key
<?php

return $config = array(
    
"public_key"           => 'myAPIkey'
    
);
?>

-5- add recaptcha.php
<?php

class XoopsCaptchaRecaptcha extends XoopsCaptchaMethod
{

    
    function 
__construct($handler null)
    {
        
parent::__construct($handler);
        
parent::loadConfig('recaptcha');
    }
    
    function 
XoopsCaptchaImage($handler null)
    {
        
$this->__construct($handler);
    }
    
    function 
isActive()
    {
        
        return 
true;
    }
    
    function 
render()
    {
        
$image $this->loadImage();
        return 
$image '<br />';
    }

    function 
loadImage()
    {
        require_once(
XOOPS_ROOT_PATH '/class/captcha/'.'recaptchalib.php');
        
$publickey $this->config["public_key"]; // you got this from the signup page see config.captcha.php
        
$ret recaptcha_get_html($publickey);
       
        return 
$ret;
    }
}
?>

-6- insert
// Verify the ReCaptcha code
        
} elseif ($this->config["mode"] == 'recaptcha') {
            require_once(
XOOPS_ROOT_PATH '/class/captcha/'.'recaptchalib.php');
            
$privatekey $this->config["private_key"] ;
            
$resp recaptcha_check_answer ($privatekey,
                                
$_SERVER["REMOTE_ADDR"],
                                
$_POST["recaptcha_challenge_field"],
                                
$_POST["recaptcha_response_field"]);
            if (!
$resp->is_valid) {
              
$this->message[] = $resp->error;
            }
            else {
              
$is_valid true;
            }
        
// Verify the code Captcha

before
} elseif (!empty($_SESSION["{$sessionName}_code"])) {
            
$func = !empty($this->config["casesensitive"]) ? "strcmp" "strcasecmp";
            
$is_valid = ! $functrim(@$_POST[$sessionName]), $_SESSION["{$sessionName}_code"] );
        }
in xoopscaptcha.php

You need also to change:
$this->path_plugin XOOPS_ROOT_PATH "/Frameworks/captcha";

to
$this->path_plugin XOOPS_ROOT_PATH '/class/captcha';

in xoopscaptcha.php

-7- test


Edit: corrected include path and made it clearer for public and private keys.
- Added correction for Frameworks relic
alfred alfred
  • Quite a regular
  • Quite a regular
  • Joined: 2005/10/29 16:56
  • From Germany
  • Group: Registered Users
  • Posts: 249
  • Posted on: 2009/11/14 14:57
Re: Webinstall and reCaptcha #6
my config.recaptcha.php

Quote:

return $config = array(
'disabled' => false, // Disable CAPTCHA
'mode' => 'recaptcha', // default mode
'publickey' => "",
'privatekey' => "",
'theme' => 'white', // 'red' | 'white' | 'blackglass' | 'clean' | 'custom'
'lang' => 'de' );


my recaptcha.php

Quote:

defined('XOOPS_ROOT_PATH') or die('Restricted access'); require_once(XOOPS_ROOT_PATH.'/class/captcha/recaptcha/recaptchalib.php');
class XoopsCaptchaRecaptcha extends XoopsCaptchaMethod {
function render() {

parent::render();
parent::loadConfig('recaptcha');

$form = "<script type=\"text/javascript\">
var RecaptchaOptions = {
theme : '" . $this->config['theme']."',
lang : '" . $this->config['lang']."'
};
</script>";
$form .= recaptcha_get_html($this->config['publickey']);
return $form;
}
}


add to xoopscaptcha.php into function verify()

Quote:


} else if (!empty($_POST["recaptcha_response_field"])) {
require_once(XOOPS_ROOT_PATH.'/class/captcha/recaptcha/recaptchalib.php');
require_once(XOOPS_ROOT_PATH.'/class/captcha/config.recaptcha.php');
$resp = recaptcha_check_answer ($config['privatekey'],
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
$is_valid = $resp->is_valid;


ghia ghia
  • Community Support Member
  • Community Support Member
  • Joined: 2008/7/3 15:19
  • From Belgium
  • Group: Registered Users
  • Posts: 4946
  • Posted on: 2009/11/14 17:08
Re: Webinstall and reCaptcha #7
I did some little tweaks to my previous code and it works!

Now the addional fine tweaks for some configuration options as showed by dhsoft (theme and language integration) and it should be usable.
Mamba Mamba
  • Moderator
  • Moderator
  • Joined: 2004/4/23 14:58
  • From Ohio, USA
  • Group: Webmaster Registered Users Designer Group Super Moderator
  • Posts: 10293
  • Posted on: 2009/11/14 17:48
Re: Webinstall and reCaptcha #8
Ghia & Dhsoft, thank you so much for your work on this.

Is this for any specific XOOPS version, or is it for any version?
ghia ghia
  • Community Support Member
  • Community Support Member
  • Joined: 2008/7/3 15:19
  • From Belgium
  • Group: Registered Users
  • Posts: 4946
  • Posted on: 2009/11/14 17:54
Re: Webinstall and reCaptcha #9
Mine was tested on 2.4.0 (2.4.1 should go also)
AFAIK for 2.3.3 the same modifcations should go in /Frameworks/captcha/ but not tested nor verified.
Mamba Mamba
  • Moderator
  • Moderator
  • Joined: 2004/4/23 14:58
  • From Ohio, USA
  • Group: Webmaster Registered Users Designer Group Super Moderator
  • Posts: 10293
  • Posted on: 2009/11/16 0:32
Re: Webinstall and reCaptcha #10
Tested on 2.4.1 and it works!

Thank you Ghia and Dhsoft for your work on this!!!
How to effectively post a question in the Xoops forums? - Read here...
Design by: XOOPS UI/UX Team