Hi,
I was asked to write a little modification that will show a CAPTCHA image on the login page. Here is my solution
1) In the template user_include_login.html, you need to add:
<td align="right" class="body">Security Image:</td>
<td class="body">
<input type="text" id="signupCode" name="signup_code" size="20" maxlength="20" value="<%if signup_code%><%signup_code%><%endif%>" />
<input type="hidden" name="signup_key" value="<%signup_key%>" />
</td>
</tr>
<tr>
<td align="center" class="body" colspan="2">
<img src="<%path_cgi_url%>?do=user_signup_keyimage;signup_key=<%escape_url signup_key%>" style="border:solid 1px black; padding:2px 2px 2px 2px;" alt="Security Image" /><br />
</td>
</tr>
2) In /private_data/lib/Community/Web/User.pm, find:
if ($IN->cookie($CFG->{session_cookie_name_session})) {
my $user = comm_auth(
session => $IN->cookie($CFG->{session_cookie_name_session}),
ip => $ENV{REMOTE_ADDR}
);
if ($user) {
# If the user has a valid session for another account, let's log that other session out
# to make sure the apps don't authenticate the user as the wrong account.
if (lc $user ne $username) {
require Community::User;
push @$cookies, Community::User::cuser_logout($user);
}
else {
$user->{action} = 'login';
return ('user_home.html', $user);
}
}
}
..and add this below:
# lets check if the CAPTCHA passed in is correct
my $key = $IN->param('signup_key');
my $signup_tbl = $DB->table('comm_signup');
my $count = $signup_tbl->count( { signup_key => $key, signup_code => uc($IN->param('signup_code')) });
if ($count < 1) {
return ('user_login.html', { error => qq|The security text you entered didn't match.| });
}
# END login CAPTCHA thing
###################################################
..and also find:
return ('user_login.html');
}
..and change to:
################################
# ANDY CAPTCHA CHAGE
# Generate a signup_key if the user hasn't already got one.
if ($CFG->{signup_random_image}) {
my $signup_key = $IN->param('signup_key');
my $signup_tbl = $DB->table('comm_signup');
unless ($signup_key and $signup_tbl->count( { signup_key => $signup_key })) {
my $signup_code = '';
require GT::MD5;
$signup_key = GT::MD5::md5_hex(rand(16000) . (time() ^ ($$ + ($$ << 15))) . $$);
# generate a new signup code if required.
# 0 was removed as it could be confused with "O".
# 6 was removed as it could be confused with "G".
# 9 was removed as it could be confused with "g".
# 4 was removed as it could be confused with "A".
my $charset = "ABCDEFGHIJKLMNPQRSTUVWXYZ123578";
for ( 1.. ( 3 ) ) {
my $char = int(length($charset) * rand);
$signup_code .= substr $charset, $char, 1;
}
$signup_tbl->add({
signup_key => $signup_key,
signup_code => $signup_code,
signup_created => time
});
# Use this opportunity to delete any signup creation sessions
# that may have expired.
require GT::SQL::Condition;
my $signup_expire_condition = GT::SQL::Condition->new(
signup_created => '<' => ( time - $CFG->{signup_session_length} )
);
$signup_tbl->delete( $signup_expire_condition );
$IN->param( 'signup_key' => $signup_key );
}
}
################################
# ANDY CAPTCHA CHAGE
###############################
return ('user_login.html');
}
I'm using this modification on another site now (won't post it though - as the site is not live :)), and its working perfectly :)
Cheers
Andy (mod)
andy@ultranerds.co.uk
IMPORTANT: I've now moved to ultranerds.co.uk, and the .com will no longer work!
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates
I was asked to write a little modification that will show a CAPTCHA image on the login page. Here is my solution
1) In the template user_include_login.html, you need to add:
Code:
<tr align="left"> <td align="right" class="body">Security Image:</td>
<td class="body">
<input type="text" id="signupCode" name="signup_code" size="20" maxlength="20" value="<%if signup_code%><%signup_code%><%endif%>" />
<input type="hidden" name="signup_key" value="<%signup_key%>" />
</td>
</tr>
<tr>
<td align="center" class="body" colspan="2">
<img src="<%path_cgi_url%>?do=user_signup_keyimage;signup_key=<%escape_url signup_key%>" style="border:solid 1px black; padding:2px 2px 2px 2px;" alt="Security Image" /><br />
</td>
</tr>
2) In /private_data/lib/Community/Web/User.pm, find:
Code:
# Check if the user already has a valid session. if ($IN->cookie($CFG->{session_cookie_name_session})) {
my $user = comm_auth(
session => $IN->cookie($CFG->{session_cookie_name_session}),
ip => $ENV{REMOTE_ADDR}
);
if ($user) {
# If the user has a valid session for another account, let's log that other session out
# to make sure the apps don't authenticate the user as the wrong account.
if (lc $user ne $username) {
require Community::User;
push @$cookies, Community::User::cuser_logout($user);
}
else {
$user->{action} = 'login';
return ('user_home.html', $user);
}
}
}
..and add this below:
Code:
################################################## # lets check if the CAPTCHA passed in is correct
my $key = $IN->param('signup_key');
my $signup_tbl = $DB->table('comm_signup');
my $count = $signup_tbl->count( { signup_key => $key, signup_code => uc($IN->param('signup_code')) });
if ($count < 1) {
return ('user_login.html', { error => qq|The security text you entered didn't match.| });
}
# END login CAPTCHA thing
###################################################
..and also find:
Code:
if (!$username) { return ('user_login.html');
}
..and change to:
Code:
if (!$username) { ################################
# ANDY CAPTCHA CHAGE
# Generate a signup_key if the user hasn't already got one.
if ($CFG->{signup_random_image}) {
my $signup_key = $IN->param('signup_key');
my $signup_tbl = $DB->table('comm_signup');
unless ($signup_key and $signup_tbl->count( { signup_key => $signup_key })) {
my $signup_code = '';
require GT::MD5;
$signup_key = GT::MD5::md5_hex(rand(16000) . (time() ^ ($$ + ($$ << 15))) . $$);
# generate a new signup code if required.
# 0 was removed as it could be confused with "O".
# 6 was removed as it could be confused with "G".
# 9 was removed as it could be confused with "g".
# 4 was removed as it could be confused with "A".
my $charset = "ABCDEFGHIJKLMNPQRSTUVWXYZ123578";
for ( 1.. ( 3 ) ) {
my $char = int(length($charset) * rand);
$signup_code .= substr $charset, $char, 1;
}
$signup_tbl->add({
signup_key => $signup_key,
signup_code => $signup_code,
signup_created => time
});
# Use this opportunity to delete any signup creation sessions
# that may have expired.
require GT::SQL::Condition;
my $signup_expire_condition = GT::SQL::Condition->new(
signup_created => '<' => ( time - $CFG->{signup_session_length} )
);
$signup_tbl->delete( $signup_expire_condition );
$IN->param( 'signup_key' => $signup_key );
}
}
################################
# ANDY CAPTCHA CHAGE
###############################
return ('user_login.html');
}
I'm using this modification on another site now (won't post it though - as the site is not live :)), and its working perfectly :)
Cheers
Andy (mod)
andy@ultranerds.co.uk
IMPORTANT: I've now moved to ultranerds.co.uk, and the .com will no longer work!
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates