I made a small modification so users who are logged in don't need to confirm, while anonymous users has to.
I haven't tested how secure this is, but it seems to work. My modification for theme.php is written for the Project VII-theme, you have to adjust it for your own theme. The trick is to write two versions of $template_add_your_comment, one for users who are logged in and one for those who aren't.
I just write the modifications necessary after you have done Abbas Alis modifications.
In db_input.php:
Instead of
require("include/captcha.class.php");
if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
cpg_die(ERROR, "Confirmation code didn't matched", __FILE__, __LINE__);
}
write
if (!USER_ID) {require("include/captcha.class.php");
if (!PhpCaptcha::Validate($_POST['confirmCode'])) {
cpg_die(ERROR, $lang_errors['captcha_error'], __FILE__, __LINE__);
} }
In theme.php, instead of
$template_add_your_comment = <<<EOT
<form method="post" name="post" action="db_input.php">
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
<tr>
<td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
</tr>
<tr>
<td colspan="1">
<table width="100%" cellpadding="0" cellspacing="0">
<!-- BEGIN user_name_input -->
<tr>
<td class="tableb_compact">
{NAME}
</td>
<td class="tableb_compact">
<input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
</td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_no_smilies -->
<td class="tableb_compact">
<input type="hidden" name="event" value="comment" />
<input type="hidden" name="pid" value="{PIC_ID}" />
<input type="submit" class="comment_button" name="submit" value="{OK}" />
</td>
</tr>
<<tr>
<td class="tableb_compact" colspan="2">
{CONFIRM}
</td>
<td class="tableb_compact" colspan="2">
<input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
</td>
</tr>
</table>
</td>
</tr>
<!-- BEGIN smilies -->
<tr>
<td width="100%" class="tableb_compact">
{SMILIES}
</td>
</tr>
<!-- END smilies -->
</table>
</form>
EOT;
paste
if (!USER_ID) {
$template_add_your_comment = <<<EOT
<form method="post" name="post" action="db_input.php">
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
<tr>
<td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
</tr>
<tr>
<td colspan="1">
<table width="100%" cellpadding="0" cellspacing="0">
<!-- BEGIN user_name_input -->
<tr>
<td class="tableb_compact">
{NAME}
</td>
<td class="tableb_compact">
<input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
</td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_no_smilies -->
<td class="tableb_compact">
<input type="hidden" name="event" value="comment" />
<input type="hidden" name="pid" value="{PIC_ID}" />
<input type="submit" class="comment_button" name="submit" value="{OK}" />
</td>
</tr>
<tr>
<td class="tableb_compact" colspan="2">
{CONFIRM}
</td>
<td class="tableb_compact" colspan="2">
<input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
</td>
</tr>
</table>
</td>
</tr>
<!-- BEGIN smilies -->
<tr>
<td width="100%" class="tableb_compact">
{SMILIES}
</td>
</tr>
<!-- END smilies -->
</table>
</form>
EOT;
}
else
{
$template_add_your_comment = <<<EOT
<form method="post" name="post" action="db_input.php">
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
<tr>
<td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
</tr>
<tr>
<td colspan="1">
<table width="100%" cellpadding="0" cellspacing="0">
<!-- BEGIN user_name_input -->
<tr>
<td class="tableb_compact">
{NAME}
</td>
<td class="tableb_compact">
<input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
</td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
<td class="tableb_compact">
{COMMENT}
</td>
<td width="100%" class="tableb_compact">
<input type="text" class="textinput" id="message" name="msg_body" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
</td>
<!-- END input_box_no_smilies -->
<td class="tableb_compact">
<input type="hidden" name="event" value="comment" />
<input type="hidden" name="pid" value="{PIC_ID}" />
<input type="submit" class="comment_button" name="submit" value="{OK}" />
</td>
</tr>
</table>
</td>
</tr>
<!-- BEGIN smilies -->
<tr>
<td width="100%" class="tableb_compact">
{SMILIES}
</td>
</tr>
<!-- END smilies -->
</table>
</form>
EOT;
}
This seems like a bit unnecessary complicated, but I couldn't get it working in any other way.
/Jimmy