Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1] 2   Go Down

Author Topic: Captcha mod for comments  (Read 36828 times)

0 Members and 1 Guest are viewing this topic.

atnika

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 5
    • Recly Interactive, LLC
Captcha mod for comments
« on: September 17, 2006, 10:23:01 pm »

Intro:

Tired of spam in comments? Here’s a solution for you - yet another captcha mod for Coppermine. This mod adds captcha security codes to the comments page, thus protecting your gallery from spamming by bots. The original code was written by PatheticCockroach and modified by me to suit CPG. Another captcha mod suggested by Abbas Ali can be found here http://forum.coppermine-gallery.net/index.php?topic=29564.0
 

Files modified
  • db_input.php
  • themes/yourtheme/theme.php
  • lang/whatever_language_you_use.php
  • include/init.inc.php

Copy the files from the attached zip to your coppermine installation

db_input.php

Insert the following code after

   
Code: [Select]
case 'comment_update': and after
Code: [Select]
case 'comment':
Code: [Select]
/* captcha hack --start */       
        if (!(USER_CAN_POST_COMMENTS)) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
        //require("include/captcha.class.php");
        $turingOk = $turingNumber->checkTuring($code);
        if ('0' == $turingOk) {
          cpg_die(ERROR, $lang_errors['code_doesnt_match'], __FILE__, __LINE__);
        }
/* captcha hack --end */

themes/yourtheme/theme.php

If you don't have theme_html_comments function in your theme file, copy the following text from themes/sample/theme.php into themes/yourtheme/theme.php

Code: [Select]
// Displays comments for a specific picture
function theme_html_comments($pid)
{
    global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
    global $template_image_comments, $template_add_your_comment, $lang_display_comments;

    $html = '';

//report to moderator buttons
    if (!(($CONFIG['report_post']==1) && (USER_CAN_SEND_ECARDS))) {
        template_extract_block($template_image_comments, 'report_comment_button');
    }

    if (!$CONFIG['enable_smilies']) {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_smilies');
        template_extract_block($template_add_your_comment, 'input_box_smilies');
    } else {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_no_smilies');
        template_extract_block($template_add_your_comment, 'input_box_no_smilies');
    }

    $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
    $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');

    if ($CONFIG['comments_sort_descending'] == 1) {
        $comment_sort_order = 'DESC';
    } else {
        $comment_sort_order = 'ASC';
    }
    $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");

    while ($row = mysql_fetch_array($result)) {
        $user_can_edit = (GALLERY_ADMIN_MODE) || (USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS) || (!USER_ID && USER_CAN_POST_COMMENTS && ($USER['ID'] == $row['author_md5_id']));
        $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
        $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
        $comment_ipinfo = ($row['msg_raw_ip'] && GALLERY_ADMIN_MODE)?$tmpl_comments_ipinfo : '';

        if ($CONFIG['enable_smilies']) {
            $comment_body = process_smilies(make_clickable($row['msg_body']));
            $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
        } else {
            $comment_body = make_clickable($row['msg_body']);
            $smilies = '';
        }

        $ip = $row['msg_hdr_ip'];
        if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
            $ip .= ' [' . $row['msg_raw_ip'] . ']';
        }

        $params = array('{EDIT}' => &$comment_edit_box,
            '{BUTTONS}' => &$comment_buttons,
            '{IPINFO}' => &$comment_ipinfo
            );

        $template = template_eval($template_image_comments, $params);

        $params = array('{MSG_AUTHOR}' => $row['msg_author'],
            '{MSG_ID}' => $row['msg_id'],
            '{PID}' => $row['pid'],
            '{EDIT_TITLE}' => &$lang_display_comments['edit_title'],
            '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'],
            '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt),
            '{MSG_BODY}' => bb_decode($comment_body),
            '{MSG_BODY_RAW}' => $row['msg_body'],
            '{OK}' => &$lang_display_comments['OK'],
            '{SMILIES}' => $smilies,
            '{IP}' => $ip,
            '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'],
            '{WIDTH}' => $CONFIG['picture_table_width']
            );

        $html .= template_eval($template, $params);
    }

    if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
        if (USER_ID) {
            $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . USER_NAME . '" /></td>';
            template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
            $user_name = '';
        } else {
            $user_name = isset($USER['name']) ? '"' . strtr($USER['name'], $HTML_SUBST) . '"' : $lang_display_comments['your_name'] . '" onclick="javascript:this.value=\'\';';
        }

        $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'],
            // Modified Name and comment field
            '{NAME}' => $lang_display_comments['name'],
            '{COMMENT}' => $lang_display_comments['comment'],
            '{PIC_ID}' => $pid,
            '{USER_NAME}' => $user_name,
            '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'],
            '{OK}' => $lang_display_comments['OK'],
            '{SMILIES}' => '',
            '{WIDTH}' => $CONFIG['picture_table_width'],
            );

        if ($CONFIG['enable_smilies']) $params['{SMILIES}'] = generate_smilies();

        $html .= template_eval($template_add_your_comment, $params);
    }

    return $html;
}

In this code, add

Code: [Select]
'{CONFIRM}' => $lang_display_comments['confirm'],
after

Code: [Select]
'{COMMENT}' => $lang_display_comments['comment'],
Add

Code: [Select]
                                <tr>
                                  <td class="tableb_compact" colspan="2">
                                    {CONFIRM}
                                  </td>
                                  <td class="tableb_compact" colspan="2">
                                    '.$turingNumber->getHTML().'
                                  </td>
                                </tr>

after

Code: [Select]
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>

If you can't find the above code in your template file, just take it from themes/sample/theme.php

You will also need to modify your template for comments:

Code: [Select]
$template_add_your_comment = '
<table align="center" width="{WIDTH}" cellspacing="1" cellpadding="0" class="maintable">
        <tr>
                <td width="100%" class="tableh2_compact"><b>{ADD_YOUR_COMMENT}</b></td>
        </tr>
        <tr>
                <td colspan="3">
                <form method="post" name="post" action="db_input.php">
                        <table width="100%" cellpadding="0px" cellspacing="0px">

<!-- BEGIN user_name_input -->
                                <tr><td class="tableb_compact">
                                        {NAME}
                                </td>
                                <td class="tableb_compact">
                                        <input type="text" class="textinput" name="msg_author" size="10" maxlength="20" value="{USER_NAME}" />
                                </td>
<!-- END user_name_input -->
<!-- BEGIN input_box_smilies -->
                                <td class="tableb_compact">
                                {COMMENT} </td>
                                <td width="100%" class="tableb_compact">
                                <input type="text" class="textinput" id="message" name="msg_body" onselect="storeCaret_post(this);" onclick="storeCaret_post(this);" onkeyup="storeCaret_post(this);" maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />                                        <!-- END input_box_smilies -->
<!-- BEGIN input_box_no_smilies -->
                                <input type="text" class="textinput" id="message" name="msg_body"  maxlength="{MAX_COM_LENGTH}" style="width: 100%;" />
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>
                                <tr>
                                  <td class="tableb_compact" colspan="2">
                                    {CONFIRM}
                                  </td>
                                  <td class="tableb_compact" colspan="2">
                                    '.$turingNumber->getHTML().'
                                  </td>
                                </tr>
                        </table>
                </form>
                </td>
        </tr>
<!-- BEGIN smilies -->
        <tr>
                <td width="100%" class="tableb_compact">
                        {SMILIES}
                </td>
        </tr>
</table>
<!-- END smilies -->

';
If you don't have this template in your theme file, just copy-and-paste it from here.


init.inc.php

Find
Code: [Select]
$CONFIG['TABLE_BRIDGE']     = $CONFIG['TABLE_PREFIX'].'bridge';
$CONFIG['TABLE_VOTE_STATS'] = $CONFIG['TABLE_PREFIX'].'vote_stats';
$CONFIG['TABLE_HIT_STATS']  = $CONFIG['TABLE_PREFIX'].'hit_stats';

Paste the following code right after it:

Code: [Select]
/* captcha hack --start */

require_once( 'include/turing.class.php');
$turingNumber = new TuringNumber();
$CONFIG['TABLE_TURINGS']  = $CONFIG['TABLE_PREFIX'].'turings';
 
/* captcha hack --end */

lang/whatever_language_you_use.php

Add

Code: [Select]
'confirm' => 'Confirmation',
after

Code: [Select]
'report_comment_title' => 'Report this comment to the administrator', //cpg1.4
Add

Code: [Select]
  'code_doesnt_match' => 'Code doesn't match', //cpg1.4
after

Code: [Select]
'non_exist_comment' => 'The selected comment does not exist.',
The mod keeps "session" info in the database, so you'll need to create a new table:

Code: [Select]
CREATE TABLE `cpg140_turings` (
  `session` varchar(32) NOT NULL default '',
  `code` varchar(4) NOT NULL default '',
  `heure` int(11) NOT NULL default '0',
  PRIMARY KEY  (`session`)
) ENGINE=MyISAM;

That's it! You can see the example of this mod in action here:

http://www.temernik.ru/gallery/displayimage.php?album=612&pos=2 (sorry, it's in Russian)

Enjoy your spam-free gallery :)
« Last Edit: March 23, 2007, 03:27:58 pm by GauGau »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Captcha mod for comments
« Reply #1 on: September 18, 2006, 02:02:37 am »

Thanks for your contribution. It's not actually a plugin (which per definition would mean to use coppermine's plugin API), but a mod. Moving accordingly.
Logged

atnika

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 5
    • Recly Interactive, LLC
Re: Captcha mod for comments
« Reply #2 on: September 18, 2006, 08:10:08 am »

Hello GauGau,

I know it's not a plugin, I just couldn't find the more appropriate forum to discuss this mod in the 'Support' section besides 'cpg1.4 plugins'. :)
Logged

jorx

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Captcha mod for comments
« Reply #3 on: September 19, 2006, 06:12:40 pm »

Hey Atnika,
I tried Abbas Ali's mod with no success. I'm just simply using a Hardwired theme with modified images and colour. The theme.php has alot of code, but not the code that we need. Anyway so I tried yours yesterday,
Logged

jorx

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Captcha mod for comments
« Reply #4 on: September 19, 2006, 06:23:08 pm »

...ok everytime I write a post it says I've already posted, when nothing's been posted.
Hey Atnika,
To continue... I tried yours yesterday, followed your steps carefully, and got this error in the gallery:

Parse error: parse error in D:\web\jorx.mrkernel.net\gallery\lang\english.php on line 36
which is caused by
CREATE TABLE `cpg140_turings` (
  `session` varchar(32) NOT NULL default '',
  `code` varchar(4) NOT NULL default '',
  `heure` int(11) NOT NULL default '0',
  PRIMARY KEY  (`session`)
) ENGINE=MyISAM;

I didn't know where to put the (CREATE TABLE...) according to your tutorial, so I just moved it towards the end, (originally I put it at the beggining) then got this error instead:

Parse error: parse error, expecting `')'' in D:\web\jorx.mrkernel.net\gallery\lang\english.php on line 94

which is caused by
  'code_doesnt_match' => 'Code doesn't match', //cpg1.4

I've attached the english.php.txt file, if you have time, I would vastly appreciate your assistance!
Thanks,
Jordan
Logged

jorx

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Captcha mod for comments
« Reply #5 on: September 19, 2006, 06:24:34 pm »

About the attached file:
Instead of attaching, you can grab it directly at;
http://jorx.mrkernel.net/gallery/lang/english.php.txt
Logged

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems
Re: Captcha mod for comments
« Reply #6 on: September 20, 2006, 01:46:34 pm »

You should not put the "CREATE TABLE...." code in any of the php files. It is a database query which needs to be executed via phpMyAdmin or any other database tool you have.
Logged
Chief Geek at Ranium Systems

jorx

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Captcha mod for comments
« Reply #7 on: September 20, 2006, 06:41:02 pm »

Oh, ok, so I'll discuss that with my server admin. So once the table is created, will that resolve the errors? I'm going to go attempt it now. Thanks, Abbas.
Logged

jorx

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Captcha mod for comments
« Reply #8 on: September 22, 2006, 02:33:46 am »

Hm... still doesn't work. I get this error in the website:

"CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers."

Do you know what that means? Thanks a ton for your time, I've almost given up.
Logged

atnika

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 5
    • Recly Interactive, LLC
Re: Captcha mod for comments
« Reply #9 on: October 28, 2006, 12:05:05 pm »

Hey, guys!

Sorry, I haven't been watching this topic and had no idea there's a discussion here ;) Yeah, CGI Error doesn't sound like a captcha error.
Logged

leosolinap

  • Coppermine newbie
  • Offline Offline
  • Posts: 13
Re: Captcha mod for comments
« Reply #10 on: November 24, 2006, 03:36:35 am »

i have problem with my theme.php...
it only conntains this..

Quote
<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2005 Coppermine Dev Team
  v1.1 originaly written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  ********************************************
  Coppermine version: 1.4.1
  $Source:
  $Revision: 1.10 $
  $Author:
  $Date: 2005/04/30 07:13:16 $
**********************************************/

define('THEME_HAS_RATING_GRAPHICS', 1);
define('THEME_IS_XHTML10_TRANSITIONAL',1); // Remove this if you edit this template until
                                           // you have validated it. See docs/theme.htm.


// HTML template for template sys_menu spacer
$template_sys_menu_spacer =' | ';

?>

can anyone help
Logged

leosolinap

  • Coppermine newbie
  • Offline Offline
  • Posts: 13
Re: Captcha mod for comments
« Reply #11 on: November 24, 2006, 03:41:05 am »

instead

Quote
##############

Edit themes/yourtheme/theme.php

Add
Code:
'{CONFIRM}' => $lang_display_comments['confirm'],

just after
Code:
'{COMMENT}' => $lang_display_comments['comment'],

Add
Code:
<tr>
  <td class="tableb_compact" colspan="2">
    {CONFIRM}
  </td>
  <td class="tableb_compact" colspan="2">
    <input type="text" name="confirmCode" size="5" class="textinput"> <img src="captcha.php" align="middle">
  </td>
</tr>

just after
Code:
<!-- END input_box_no_smilies -->
                                </td>
                                <td class="tableb_compact">
                                <input type="hidden" name="event" value="comment" />
                                <input type="hidden" name="pid" value="{PIC_ID}" />
                                <input type="submit" class="comment_button" name="submit" value="{OK}" />
                                </td></tr>

##################

Abbas Ali help
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Captcha mod for comments
« Reply #12 on: November 24, 2006, 06:08:04 am »

Read more carefully - atnika has posted what you need to do:
themes/yourtheme/theme.php

If you don't have theme_html_comments function in your theme file, copy the following text from themes/sample/theme.php into themes/yourtheme/theme.php
« Last Edit: December 06, 2006, 06:57:57 am by GauGau »
Logged

leosolinap

  • Coppermine newbie
  • Offline Offline
  • Posts: 13
Re: Captcha mod for comments
« Reply #13 on: November 27, 2006, 12:24:18 pm »

Gaugau

I tried to copy the themes/sample/theme.php into themes/yourtheme/theme.php. But when I run my album, i got a blank white page. It seems tthe my theme.php which i use is not working with the sample/theme.php. right now I cant post message (http://studio.bluescreendigital.com/displayimage.php?album=topn&cat=-73&pos=1) its asking for the "Confirmation code didn't matched " I think its the theme.php. Sorry, im new to this. thanks
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Captcha mod for comments
« Reply #14 on: November 27, 2006, 07:25:13 pm »

You're not suppossed to paste the entire content of themes/sample/theme.php into your custom file, but only the section mentioned in Atnika' posting.


Blank pages usually are the result of some whitespace. Make sure that there are no spaces nor emtpy lines after
Code: [Select]
?>
« Last Edit: December 06, 2006, 06:58:17 am by GauGau »
Logged

leosolinap

  • Coppermine newbie
  • Offline Offline
  • Posts: 13
Re: Captcha mod for comments
« Reply #15 on: December 01, 2006, 07:39:02 am »

Now I got it, I got a right page, but the problem is... no code.. only "'.().'"
http://studio.bluescreendigital.com/displayimage.php?album=lastup&cat=0&pos=3

any idea? sorry this.
Logged

lotta

  • Coppermine newbie
  • Offline Offline
  • Posts: 19
    • Eliassonz Graphics & Design
Re: Captcha mod for comments
« Reply #16 on: December 05, 2006, 11:47:34 am »

Hi!
I have tried this one and I have done a new table in my phpmsql. But it can't find the table file I created(include/turing.class.php');
Must I create it as a php file too and load it on my server, or what is wrong?
Somebody knows?
Logged

kalapm

  • Coppermine newbie
  • Offline Offline
  • Posts: 4
Re: Captcha mod for comments
« Reply #17 on: January 31, 2007, 06:59:23 pm »

Now I got it, I got a right page, but the problem is... no code.. only "'.().'"
http://studio.bluescreendigital.com/displayimage.php?album=lastup&cat=0&pos=3

any idea? sorry this.

mmmh the same prolbem!
you ok now?
suggestion??
Logged

lotta

  • Coppermine newbie
  • Offline Offline
  • Posts: 19
    • Eliassonz Graphics & Design
Re: Captcha mod for comments
« Reply #18 on: January 31, 2007, 07:18:12 pm »

I have solved it, don't ask me how??  :-\
Logged

kalapm

  • Coppermine newbie
  • Offline Offline
  • Posts: 4
Re: Captcha mod for comments
« Reply #19 on: January 31, 2007, 07:41:16 pm »

I have solved it, don't ask me how??  :-\
how you have solved?, how you have solved? ??? ;D
Logged
Pages: [1] 2   Go Up
 

Page created in 0.047 seconds with 19 queries.