El Rincón de Boriel

Captcha! Plugin

Warning! CAPTCHA! is DISABLED on this site.
Even though this plugin is still maitained, I’m using another one. Read why.

You can also go to the phorum for help.

I wanted my WordPress to have one of those nice Captchas challenges to avoid spam.

There are already some of them, but I found them not suitable for my webhosting service (Secureimage), or a bit weak (Trencaspammer). So I started my own based on the HN Captcha PHP class. To see a demo of this plugin just try to enter a comment on the main page (Okay, ~~still in Spanish~~. Bilingual web ~~soon to come~~).

Needs the GD library class, a Javascript compatible browser and TrueType fonts in a server folder to work. You can download some of TTF (TrueType) fonts for free from Dafont. The more artistic the font, the better the challenge will be.
The plugin allows to request another challenge if the current one is illegible.

Hope you enjoy it.

[Download] Current version of Captcha! plugin

Changelog:

Version 2.6
Bugfix: Fixed a security bug against CSRF and XSS
Bugfix: Prevents the code length to be lower than one char.
Version 2.5d
+Feature: Enhaced GDLib version detection (does not require phpinfo() function).
Version 2.5c
Bugfix: Fixed a bug which prevented some effect options (sinewave, B&W) to be updated correctly. Thanks Hugo!.
Version 2.5b
Bugfix: Fixing bad javascript rendering bug. Thanks, Gidion!.
Version 2.5a
Bugfix: Stupid bug. Captcha 2.5 was allowing comments. Grrrr.
Version 2.5
Bugfix: Captcha 2.x seemed to be filtering pingbacks. Fixed.
Version 2.4
Feature: Checks for the availability of ImageFilter function (PHP >= 5.0)
Feature: Checks for the availability of Iconv.
Version 2.3
Feature: Added Anchor so every try the page jumps directly to captcha input.
Feature: Cleaner code.
Feature: Sine wave color-flag (optional), only color and Black & White optional mode.
Feature: Can choose number of max tries.
Version 2.2
Bugfix: Captcha didn’t delete spam comments in WP 1.5. Fixed.
Version 2.1
Bugfix: Fixed a bug in the refresh button.
Feature: Added senoidal image distortion.
Feature: Deletes guessed keys.
Version 2.0
Feature: Danish translation of captcha! (Thanks, Ulrik Nielsen)
Feature: Portuguese (Brazil) translation of captcha! (Thanks, Francis Augusto Medeiros)
Feature: One single file! Captcha is now one single compact file. Source code is much cleaner and neat (for future versions, however, CSS and languaje files will be apart).
Feature: Images generated on the fly. TMP/ cache images no longer needed (and no more “Garbage error”
Feature: Now Captcha! remembers previous state, so a user is given several tries (3 by default) to guess it before changing to a new code. The code look is different each time, even if the same code is required (improved security).
Feature: Improved security. Real public key not shown, so it makes really difficult to guess the sequence via a bot.
Feature: Random pattern background and code colors added => Greater security.
Feature: Annoying javascript popup (when bad code entered) has been removed: Now the user will be asked to reenter the code in the captcha form.
Bugfix: Some servers have permalinks broken, so entering a bad captcha returned to the main page, losing comment content. This should be fixed now.

See Changelog for previous versions ▼

Some sites using (or which used ;)) this captcha:

[Uniform Server] [stefanrusche.de] [A Dose of Geekish Sanity] [Markus' Blog] [Silke Thoss] [scudly.com] [AAWakenings] [bdk… the man, the myth, the whatever…] [ElectroLund] [Pedja] [Outlandish Josh] [macslow.mine.nu] [Zoomer v2.0] [The BullPen Blog] [me blog] [Natalie Gulbis - Sport Memorabilia] [Bitte keine heiße Asche einwerfen] [Daniel Lemire’s blog] [Ido’s Blog] [Onderonsjes] [schimana.net] [Hillsidelounge] [MLL's web site] [Axel Segebrecht] [Normadicoder] [Laitsas’ Penguinblog]

Comparte el artículo:These icons link to social bookmark sites which allow other readers to discover and share new webs and posts.

433 Responses to “Captcha! Plugin”

Olajide Olaolorun says:

please help. i get this error and i have no idea why and no time to debug myself.

ex: http://blog.uniformserver.com/?p=63#comments

thanks

Septiembre 29th, 2005 at 6.03 pm

Boriel says:

I don’t see any error. The message “Oh, no, I cannot read this captcha…” is not an error. It’s an option given to the user to request another code, if the current one is too difficult to read. Your instalation is working ok.

Septiembre 29th, 2005 at 10.55 pm

Patrick Starrenburg says:

Hi - doesn’t work on my Wordpress (latest version 1.5.2) Gentoo Linux (**no X installed**)
I have the GD library class compliled into PHP, CaptCha finds TTF file, but on blog it says “No Truetypefont available for the CaptchaClass”

Octubre 1st, 2005 at 4.43 pm

Boriel says:

Make sure the TTF files in the TTF Folder are readable by Apache/PHP (or public readable).
Try to

chmod 644 *.TTF

Octubre 1st, 2005 at 5.59 pm

Across Weirdish Wild Space says:

whenever you do an upgrade. Being the lazy sod I am, this bugs me, so I thought I’d check out the competitors and see whether there wasn’t something slightly better that would Erroneously thinking the problem was there, I checked out hashcash,CaptCha! and SecureImage. Hashcash, claims 100% effectiveness so seemed like a good start, but I was completely unable to get it working despite following instructions to the letter. It was unclear to me whether I needed to also add in the md5.js which was

Octubre 2nd, 2005 at 7.46 pm

Stefan says:

Muchas gracias por este plugin. Aunque todavia no tenía spam en mi nueva pagina, en mi vieja si que había mucho en el “guestbook” (lo que era un script muy sencillo que yo había programado como una primera prueba de PHP, sin protecciónes y tal). ¿Sabes si hay una protección como la tuya para un formulario de email también?
Saludos. Stefan

Octubre 3rd, 2005 at 6.34 pm

Boriel says:

Stefan, gracias a tí por usarlo.
No conozco ningún plugin que haga eso. Si te refieres al contact form, igual se podría hacer algo para integrar ambos plugin’s de manera que el contact form tuviera un Captcha también.

Octubre 3rd, 2005 at 6.38 pm

Stefan says:

Hace poco he utilizado un sencillo script de PHP pero debido a mucho spam lo acabo de borrar. Acabo de installar este plugin - me parece que es el mismo como el tuyo. Si encuentras una manera de integrar Capcha con ese formulario, me alegraría si me avisaras.
(¿Que tal el eclipse solar? Aquí en Hamburgo ne se vio mucho; estamos demasiado en el norte :()

Octubre 3rd, 2005 at 7.18 pm

Olajide Olaolorun says:

[REPOST] [REPOST] [REPOST] [REPOST]

Sorry, the code is stripped or lost. You can delete those top 2.

There is a problem in 1.4

I debug and found it easily..

Here, replace Line 244, the PHP part with:

/* echo captcha::version; */

It prosesses the PHP in the HMTL comment. :d Also remove the / before .

Oh also, the flipping is too strong… sometimes it turns it that u can’t know which came first.. you understand?

Octubre 4th, 2005 at 2.58 am

Jasmin Buchert says:

Captcha totally breaks the site layout with Opera (tested with 8.50).
It seems Opera doesn’t like the nested ’s:

…
…

Octubre 4th, 2005 at 3.02 am

Jasmin Buchert says:

^ that should read: nested form’s

PS: Your captcha test is too hard for humans..

Octubre 4th, 2005 at 3.05 am

Olajide Olaolorun says:

Yeah.. what i was saying… too strong… mixes it up sometimes..

Octubre 4th, 2005 at 3.24 am

Boriel says:

Jasmin, Ok. Opera doesn’t allow nested forms. And I don’t use it, so was not tested (in fact, the XHTML validator accepts it! 8O).
Will try to fix it in the next release. Thanks.

And the captcha difficulty is given by the TTF fonts you choose (check the other sites examples to see it clearer). I think I should use clearer TTF fonts too…

Octubre 4th, 2005 at 9.00 am

Nick says:

Hey great plugin…I am getting the “Error! No TTF font found!No Truetypefont available for the CaptchaClass.” as well.

Being fairly new to this could you provide a config.php that has been configured??

I think I am missing some of the extra settings…the path to the fonts seems to be correct (available by browser) etc.

Thankyou in advance.

Octubre 5th, 2005 at 11.45 am

el tiki says:

Hy!
Thanks for the great plug-in!
There is one little problem with “the “Invalid Code”, Retry sequence”:
If I enter a wrong code, the Javascript-alert pops up (that’s all ok until here). If I click “ok” on the javascript-alert, i get a 404-error message.
Any ideas ? ( I use your plug-in on pages too … maybe this is the problem ???)
anyways: muchas gracias for your idea !!!

Octubre 6th, 2005 at 3.44 pm

scud says:

Like some others I’ve tried getting this to work, CHMOD’d the proper folders and fonts, and still get a Cannot find TrueTypeFont for CaptchaClass. Both the font and font folders need to be CHMOD’d to 644 correct?

Octubre 6th, 2005 at 8.58 pm

Boriel says:

scud: Not exactly.
You have to chmod 755 for TTF folder, and then CHMOD 644 for *.TFF files.
You also have to chmod 777 TMP folder, and then it’s a good idea to also chmod +t TMP folder.
Try this and tell me.

Octubre 6th, 2005 at 11.32 pm

Markus says:

Spanish: Gracias por este plug-in y sobretodo, por el gran soporte que estas dando. Saludos desde Girona!

English: Thanks for the plug-in and specially, the great support you’re giving. Looking forward to the next version. Keep up!

Octubre 8th, 2005 at 4.17 pm

MHobbit says:

Very nice plugin, it works great.

Octubre 8th, 2005 at 9.42 pm

francis says:

everything SEEMS to be in order but i can’t get any text display in the box. Any ideas?

Octubre 9th, 2005 at 4.18 am

francis says:

whoops, left the website out http://www.till.co.nz/tillnet

Octubre 9th, 2005 at 4.19 am

Markus says:

Installed 1.6 and worked like a charm. Though, I’ve observed it still breaks the XHTML validator, so I made a couple of changes to hn_captcha.class.php

Fix ampersands in form actions:

Find this line:
$this->QUERY_STRING = strlen(trim($_SERVER['QUERY_STRING'])) > 0 ? ‘?’.strip_tags($_SERVER['QUERY_STRING']) : ”;

Replace with:
$this->QUERY_STRING = strlen(trim($_SERVER['QUERY_STRING'])) > 0 ? ‘?’.str_replace(’&’,'&’,strip_tags($_SERVER['QUERY_STRING'])) : ”;

Fix dummy form:

Find this line:
$s .= ' ';

Replace with:
$s .= 'QUERY_STRING.'" method="post"> '; $s .= '';

Hope that helps someone.

Octubre 11th, 2005 at 5.47 pm

Markus says:

Oops… it looks like something was missed in the post. I have posted the code here:
http://blog.phpmix.com/2005/10/05/captcha-enabled/#comment-28

Octubre 11th, 2005 at 6.21 pm

bdk says:

I installed Captcha 1.6 fine, ok to activate it. Ok to edit settings in the OPTIONS tab of WP. I created the TTF & TMP folders w/o a problem:

osok:/[path]/public_html# ls -al tmp
total 12
drwxrwxrwt 2 admin admin 4096 2005-10-10 18:55 .
drwxr-x— 11 admin apache 4096 2005-10-10 18:13 ..
-rw-r–r– 1 apache apache 1 2005-10-11 10:25 hn_captcha_counter.txt
osok:/[path]/public_html# ls -al TTF
total 280
drwxr-xr-x 2 admin admin 4096 2005-10-10 18:13 .
drwxr-x— 11 admin apache 4096 2005-10-10 18:13 ..
-rw-r–r– 1 admin admin 102128 2005-10-10 18:12 aerosol.ttf
-rw-r–r– 1 admin admin 24741 2005-10-10 18:12 aggstockGravid.ttf
-rw-r–r– 1 admin admin 26471 2005-10-10 18:12 aggstock.ttf
-rw-r–r– 1 admin admin 107716 2005-10-10 18:12 slammertag.ttf

When I turn off Captcha, WP displays fine, including the footer of the page. When I turn Captcha on, the page abruptly ends and does not display the footer area of WP which should include the Captcha fields.

I turned on debugging and got:

-Captcha-Debug: Check given TrueType-Array! (4)
-Captcha-Debug: Valid TrueType-files: (4)
-Captcha-Debug: Set current TrueType-File: (/home/admin/domains/whoisbdk.com/public_html/TTF/aggstockGravid.ttf)
-Captcha-Debug: Set number of noise characters to: (45)
-Captcha-Debug: Set image dimension to: (198 x 72)
-Captcha-Debug: Set messages to language: (en)
-Captcha-Debug: Keep this params from original GET-request: (?p=49)
-Captcha-Debug: Check POST-vars, current try is: (1)
-Captcha-Debug: Generate Keys, public key is: (f66ce)
-Captcha-Debug: The counterfilename is (/home/admin/domains/whoisbdk.com/public_html/tmp/hn_captcha_counter.txt)
-Captcha-Debug: Current counter-value is (5). Garbage-collector should start at (20)
-Captcha-Debug: Generate a string which contains current try: (32233123112313313231331112312233)
-Captcha-Debug: Generate private key: (d5f7d)
-Captcha-Debug: Generate ImageStream with: (imagecreatetruecolor())
-Captcha-Debug: For colordefinitions we use: (imagecolorallocate())
-Captcha-Debug: We allocate one color for Background: (234-227-235)
-Captcha-Debug: Fill background with noise: (45)

And the page ends.

GD (v2.0.28) Enabled in PHP (v4.3.11)

Any ideas?

Octubre 11th, 2005 at 8.44 pm

Boriel says:

bdk (23):
Wow! This is a great debbug info!
After reading that, I see everything it’s in place. Does your GDLib have FreeType support?

Have you tried to left blank (empty) the TTF font list in the Option panel and then update options? After that, the TTF list should appear automathically.
Try this and tell me.

Octubre 11th, 2005 at 9.25 pm

bdk says:

Yes, I had removed the entries from the font field in WP and your Captcha readded all of the fonts w/o a problem.

How do I tell if GDLib has FreeType support?

A phpinfo() shows:

GD Support enabled
GD Version bundled (2.0.28 compatible)
GIF Read Support enabled
GIF Create Support enabled
JPG Support enabled
PNG Support enabled
WBMP Support enabled
XBM Support enabled

Thanks again.

Octubre 12th, 2005 at 5.45 pm

Boriel says:

bdk (25): using phpinfo() as you did!
Your GDlib does NOT have FreeType support enabled. Unfortuntately, this is required to read and use the .TTF fonts. See if you can enable it.

Octubre 12th, 2005 at 6.46 pm

bdk says:

Awesome!

Got FT2 compiled and working with GD & PHP and works great.

2 suggestions, allow all of the $CAPTCHA_INIT array to be configured via WP. Second if someone were to get the Captcha code wrong, bring them back to the ‘Leave a Reply’ section with their reply already typed in, it was erased.

I just got your Captcha wrong and had to retype everything. This time I’m going to copy this into my clipboard in case I get it wrong again.

Octubre 13th, 2005 at 3.43 am

bdk says:

And thanks again for all the work you put into the WP-Captcha, I can see it being an included plugin in future releases of WP.

Great job!.

Octubre 13th, 2005 at 3.44 am

Boriel says:

bdk
(27):
Most of the features are or will be configurable from the options panel (well, that’s the idea).
And regarding to your 2nd, the plugin already does that (I’ve tested it in your server, and it worked to me): You don’t loose your comment content in case you enter a wrong captcha code (or at less, you shouldn’t).
It it start to fail, plase mail me to see if we can debug it.
(28): You’re welcome. Thx for your suggestions.

Octubre 13th, 2005 at 9.06 am

el tiki says:

hi again,
i sometimes get a “Garbage Error”. maybe you could tell me, when this is supposed to happen ?
it’s gone, as soon as the “tmp” folder gets emptied …

Octubre 16th, 2005 at 12.47 pm

Boriel says:

el tiki (30):

This error should never happen. Garbage Collection means the max number of cached captcha-images has already been generated, and the hn_captcha class cannot delete them.

Empty the tmp folder completely, and make sure the Webserver (Apache/Php) can delete files in the tmp directory (it should already, since it can create files).

Hmmmm. Really, odd.

Try to reproduce the error: The max number of cacheable images is stored in the file captcha.php, into the function hn_new_captcha(). The parameter “collect garbage after” (20 by default) tells how many images can be stored in the tmp folder. When this limit is reached, older images are deleted. This procedure seems to be failing in your website.

I will investigate the problem this evening, but would be difficult to reproduce it in my server. Meanwhile, you can enable the “debug” parameter in the above function and try to reproduce the error. This might give you more information. Remember to disable “debug” after that.

Octubre 16th, 2005 at 10.42 pm

Rob says:

My server admin installed FreeType 2 for me, but it’s still not showing up in the phpinfo page under the GD section. Is there something special he has to do so that it’s enabled?

Thanks!

Octubre 18th, 2005 at 1.03 am

Alec Saunders says:

I’m not sure what I’m doing wrong, but something is definitely wrong! I’ve installed the plugin, and configured it. It is putting out a captha image, but all of the letters are on top of each other. Go visit my blog at http://saunderslog.com and see what I mean. Any ideas??

Octubre 18th, 2005 at 6.26 am

paleksic says:

Here is what i got:

——————————————
Warning: touch(): Unable to create file /var/www/localhost/htdocs/tmp/hn_captcha_counter.txt because No such file or directory in /var/www/localhost/htdocs/wordpress/wp-content/plugins/captcha/hn_captcha.class.x1.php on line 209

Warning: touch(): Unable to create file /var/www/localhost/htdocs/tmp/hn_captcha_counter.txt because No such file or directory in /var/www/localhost/htdocs/wordpress/wp-content/plugins/captcha/hn_captcha.class.x1.php on line 209

A GARBAGE ERROR has occured!
Go to the Contact section and notify to me!
Unable to safe captcha-image.
————————————-

currently running Linux with GDlib-2.0.32 , php-4.4.0 , apache-2.0.54 , mysql-4.0.25 , freetype-1.3.1 and 2.1.9

What can be probleme, i have write access to ~tmp and ~TTF folder

Thanks in advance

Octubre 18th, 2005 at 1.58 pm

Rob says:

Ok, I have both FT2 enabled now on my server. It shows up in phpinfo() as such:

FreeType Support enabled
FreeType Linkage with freetype

Have the plugin enabled, but nothing shows up on comment sections. Don’t I need to add anything to the comments.php file of my theme?

Octubre 18th, 2005 at 3.04 pm

Boriel says:

Rob (35):

Upload some .TTF (True Type Font) files to the TTF directory (I guess you have already done that).

Then go to the Options panel, empty the TTF font list, and update options. After that, the TTF files should be detected automatically.

Try this, and tell me.

By the way, you have to be logged out of your server, since logged in users are *trusted* and captcha won’t be showed to them.

Octubre 18th, 2005 at 3.48 pm

Boriel says:

Alec Saunders (33):

I suppose it shows only two digits because you configured that way in the Options panel. But, on the other hand, the size of the image has changed. Did you edited the hn_captcha_class.php or any other file by hand?

Some parameters are a bit critical. That’s why they’re not available yet in the options panel. If you did change the image size, digit rotation or separation, please, leave them as they were originally (or reinstall the plugin files overwriting the current ones).

Try this and tell me.

Note: If you want to use less digits and smaller image size you have to be carefull with the digit separation, rotation and even the TTF font size. The author of the hn_captcha_class tuned this parameters a lot before releasing it, I suspect.

Octubre 18th, 2005 at 4.00 pm

paleksic says:

Boriel thanks for quick email bro, i have it working now. You was right i overlooked directory names. Keep us informed i’m subscribing here

cheers!

Octubre 18th, 2005 at 7.53 pm

David says:

Boriel, I have the same problem as #33, Alec Saunders. The Captcha! image shows up below my comment form, but all letters are displayed on top of each other in the left-hand side of the image. I have set my only font to arial.ttf, and have experimented with the number of characters displayed. The problem remains whatever number I use (using 5 now). I see Alec has solved it by setting the number of characters to 1 on his blog Any hints to solving this issue?

By the way, I initially got the “No Truetypefont available for the CaptchaClass.”-error too. I solved this by making the “TTF Files:”-field in the Captcha-options of the WordPress admin pages empty. When you update the options, you will see that Captcha! automatically fills in this field with the fonts in your fonts directory. It is described somewhere in the readme or web pages but I overlooked it initially, perhaps this comment can help some people.

Octubre 20th, 2005 at 7.12 am

Eric says:

I installed Captcha and configured the options (tmp path, truetype font, etc.), but it doesn’t show up for me. I made sure to activate it. Any ideas why it isn’t showing up at all? GD is installed with freetype support. Thanks for any help!

Octubre 20th, 2005 at 8.16 am

Outlandish Josh says:

Installed and seems like it wants to work, but when I enable the plugin the html output of a comments page is incomplete. The last thing wordpress sends to the browser is the submit button. PHP doesn’t throw any errors to the browser or to the apache error log, so I’m in the dark here…

Octubre 21st, 2005 at 5.07 pm

Outlandish Josh says:

FYI — the problem I experienced was fixed by rebuilding PHP with freetype enabled.

Octubre 21st, 2005 at 5.53 pm

Kostya says:

Uploaded fonts (plug-in detected them). Set permissions for folders manually. And all what I have now is CaptCha! section in comments with a strange “absolute” look like image code: “http://www.myhomepage.com/home/u12345/myhomepage.com/tmp/hn_captcha_b7a8d.jpg”. Absolute path to my temp directory is “/home/u12345/myhomepage.com/tmp/”. And the right image code, i think must look like “http://www.myhomepage.com/tmp/hn_captcha_b7a8d.jpg”. Isn’t it? Ooh… And images is not generating at all (check it via FTP).

Here is gd lib section in my phpinfo:

GD Support enabled
GD Version bundled (2.0.28 compatible)
FreeType Support enabled
FreeType Linkage with freetype
GIF Read Support enabled
GIF Create Support enabled
JPG Support enabled
PNG Support enabled
WBMP Support enabled
XBM Support enabled

Sorry for my bad English =)

Octubre 21st, 2005 at 8.10 pm

Mirco "MacSlow" Müller says:

Just installed Capcha! 1.6 on my WordPress 1.5-driven site. What a great comment-spam blocking plugin it is! Thanks a bundle for your efforts!

Best regards…

MacSlow

Octubre 22nd, 2005 at 1.26 am

matt says:

Do I need to add anything to my comment template to display the captcha interface? I followed the README directions and all the options seemed to be set fine (plugin discovered the fonts in my dir, paths are CHMOD’d properly, etc, etc) but there is no Captcha on the comment form.

Octubre 22nd, 2005 at 4.49 am

Boriel says:

matt (45): You discovered the solution, but I post it here for anyone else who might find it useful. The problem was your theme has a bug in it. The tag

<?php do_action(’comment_form’, $post->ID); ?>

must exist and be placed just before </form> html tag in your comment template file.

Octubre 22nd, 2005 at 8.45 pm

David says:

Boriel,

You wrote me that you have discovered a problem with the random horizontal position, that might be related with my problem. You suggested that I download version 1.7 to see if that fixes the problem. I have done a few tests with 1.7, but the problem persists. Perhaps Alec Saunders has found something new?

David http://www.steeman.be

Octubre 23rd, 2005 at 3.43 pm

Marty Bladen says:

Hi, why when you click the “new id”
button does it take me back to the home page instead of leaving me on
the comments page and just regenerate a new ID?

Octubre 27th, 2005 at 1.10 pm

Boriel says:

Marty (48):

This is, unfortunately, a bug for version 1.7.
I will fix that (v 1.8) this evening (GMT).

Meanwhile use the previos version 1.6 instead. This should work Ok.

Octubre 27th, 2005 at 1.30 pm

me blog » Blog Archive » Upgradin’ the antispam says:

[...] Spam Karma 2 was getting annoying with the whole moderating comments thing (I’m a hands-on type of person), so I’ve replaced it with a simple Captcha plugin. Hopefully it’ll save me some time. [...]

Octubre 27th, 2005 at 11.29 pm

Krischan says:

Your plugin works for me. Well done,

Thanks!

Octubre 28th, 2005 at 11.22 pm

Daniel Lemire says:

This is nice but the TMP directory assumes that your web site is in /something/www/…
and that everything after www/… is the URL. Well, my web site at ~/html/ so I had
to hack your plugin to make it work.

Octubre 29th, 2005 at 1.00 am

Daniel Lemire’s blog » Comments are back! But you need to pass a reverse Turing test! says:

[...] I’ve installed Boriel’s Capcha! Plugin in my copy of wordpress. “Captcha” is the acronym for “completely automated public Turing test to tell computers and humans apart” (see wikipedia entry). It worked well so far, but I had two issues during the installation: [...]

Octubre 29th, 2005 at 1.51 am

Boriel says:

Daniel Lemire (52): Thanks for your comments. I will take them into account and see what can I do.

Octubre 29th, 2005 at 12.39 pm

enrique says:

Hola. No tengo ni idea de qué es una biblioteca de clases GD de PHP pero trataré de instalar tu plugin porque estoy recibiendo millones de spams. Gracias por el trabajo

Octubre 30th, 2005 at 1.47 am

enrique says:

Nada. NO me funciona. ¿Tal vez porque uso WP 1.2?Creo que no quedan claras las instrucciones de instalación ¿a qué carpeta va cada archivo? ¿dónde están las Captcha! Options (no en mi Options page).

Octubre 30th, 2005 at 2.03 am

Boriel says:

Enrique:

(55):
Es difícil si no tienes experiencia con el PHP. La biblioteca GD permite a PHP hacer gráficos en tiempo real.

(56):
Puede que no sea compatible con WP 1.2. Te recomiendo que te actualices a WP 1.5.2 ha mejorado muchísimo y corrige fallos de seguridad. La instalación es como sigue:
a) Copias el fichero captcha.php a la carpeta de plugins.
b) Copias la carpeta captcha y todo su contenido a la carpeta de plugins.
c) En el panel de administracion, debería aparecerte el plugin desactivado. Lo activas.
d) Una vez hecho esto, en las opciones, debes configurarlo.

Mira si puedes llegar hasta aquí.

Octubre 30th, 2005 at 12.04 pm

enrique says:

Boriel: muchas gracias por la respuesta. Hasta donde dices llego sin problemas, es sencillo. Después de activar el plugin me voy a opciones y no aparece nada de Capcha, sólo las de siempre. Imagino que el problema viene por la compatibilidad con el WP 1.2
Sobre la biblioteca GD : ¿la tengo por defecto o tengo que instalar algo?

Octubre 30th, 2005 at 12.57 pm

AoP says:

Boriel, just another thankful comment from Germany for your plugin. It took me a while to get it working, though I don’t yet know what went wrong (is it possible that underscores in the ttf-filenames are not allowed/possible?) but now that it’s done it’s really good looking and hopefully as effective
Keep up the good work, this plugin was one of the major things missing in Wordpress.

Octubre 31st, 2005 at 12.51 pm

Boriel says:

Aop (59):

Underscores are allowed in TTF filenames (or at less, they should).

Anyway thanks for you comment. If you want to be linked from this page as an example page, don’t forget to put your URL.

Octubre 31st, 2005 at 2.21 pm

Marjan says:

Great plugin. Works like a charme.

I’ve got the latest version and would like a Dutch version / language file. If possible: Where do I change / edit the englisch- or spanisch or german text?

Greetings.

Noviembre 1st, 2005 at 12.45 am

Marjan says:

Never mind. Found it in ‘hn_captcha.class.php’. Thanks anyway

Noviembre 1st, 2005 at 1.34 am

Andreas Wacker says:

Sorry,
unable to get it to work. Maybe you want to give people an example directory configuration, including the html root.

Sad if the anti spam captcha (that works great if installed by somebody less stupid than me, I am sure) takes more time than the dreadful spam.

Yes, I did read all this pages, enabled debug, messed with the php code, but still can not make it work right. Again: That is me and my install. A real example of a working config would have helped tremendously. It’s those missing 3% that render this great plugin useless for me.

Noviembre 1st, 2005 at 12.53 pm

Boriel says:

Andreas (63):

1) Describe your problem: What is your problem exactly? What did the debug info said?
The html root is obtained automatically.
2) Leave blank (empty) the directories in the captcha options. And press UPDATE. They are configured automatically to suitable values. You can use those folders, and give the right permissions (Read + Write for TMP and Read for TTF).
3) Upload some TTF files to your ttf folder (they must be readable).
4) In the options panel, leave blank (empty) the TTF files list, and UPDATE. It should be configured automatically. If it is, then the TTF directory is Ok.
5) LOG OUT of your admin panel, and try to post a comment (Logged In users are trusted, and captcha won’t appear for them).
6) Use WP 1.5.2 (Ok, this should not be a problem, anyway, but 1.5.1 has a bug and can be hacked by malicious users. Look out! You can loose your database during upgrade! :()

Noviembre 1st, 2005 at 1.06 pm

Ido Dubrawsky says:

Hi,

I’m trying to implement captcha-1.8 on a Solaris 9 webserver which has multiple web sites on it (i.e. virtual servers). I have Apache 2.0.50 with PHP 4.4.0 configured as follows:
‘./configure’ ‘–prefix=/opt/depot/php-4.4.0′ ‘–with-apxs2=/opt/bin/apxs’ ‘–with-jpeg=dir=/opt’ ‘–with-zlib=/opt/depot/zlib-1.2.3′ ‘–with-gd=/opt/depot/gd-2.0.28′ ‘–with-jpeg-dir=/opt/depot/jpeg-6b’ ‘–with-png-dir=/opt/depot/libpng-1.2.7′ ‘–with-xpm-dir=/opt/depot/xpm-3.4k’ ‘–with-freetype-dir=/opt/depot/freetype-2.1.10′ ‘–with-ttf=/opt/depot/freetype-2.1.10′ ‘–enable-gd-native-ttf’ ‘–with-mysql=/opt/depot/mysql-4.1.4a-gamma’ ‘–with-zlib-dir=/opt/depot/zlib-1.2.3′

I don’t get any captcha images in the comment pages which results in no comments being added. I’ve turned on DEBUG in captcha and this is what it says:

-Captcha-Debug: Check given TrueType-Array! (1)
-Captcha-Debug: Valid TrueType-files: (1)
-Captcha-Debug: Set current TrueType-File: (/opt/www/dubrawsky_org/TTF/1942.ttf)
-Captcha-Debug: Set number of noise characters to: (54)
-Captcha-Debug: Set image dimension to: (231 x 72)
-Captcha-Debug: Set messages to language: (en)
-Captcha-Debug: Keep this params from original GET-request: (?p=29)
-Captcha-Debug: Check POST-vars, current try is: (1)
-Captcha-Debug: Generate Keys, public key is: (1f40d1)
-Captcha-Debug: The counterfilename is (/opt/www/dubrawsky_org/tmp/hn_captcha_counter.txt)
-Captcha-Debug: Current counter-value is (19). Garbage-collector should start at (20)
-Captcha-Debug: Generate a string which contains current try: (31213312333131323332111132213233)
-Captcha-Debug: Generate private key: (2363ad)
-Captcha-Debug: Generate ImageStream with: (imagecreatetruecolor())
-Captcha-Debug: For colordefinitions we use: (imagecolorallocate())
-Captcha-Debug: We allocate one color for Background: (252-249-238)
-Captcha-Debug: Fill background with noise: (54)
-Captcha-Debug: Fill forground with chars and shadows: (6)

And that’s it. I’m at a loss as to why captcha is not working. Any suggestions?

Noviembre 1st, 2005 at 9.14 pm

Ido Dubrawsky says:

A quick follow up: I’m using WordPress 1.5.2 with the default theme.

Ido

Noviembre 1st, 2005 at 9.16 pm

Ido Dubrawsky says:

I’ve isolated the problem to the hn_captcha.class.php script at the @ImageJPEG($image,$this->get_filename(), $this->jpegquality); call. It appears to exit right after this call and never completes the script. Any ideas?

Noviembre 1st, 2005 at 11.14 pm

Thomas Leavitt says:

Had been using SecureImage, but wound up encountering the problem of ImageMagick not having freetype support compiled in… so I installed this instead. Works fine. Would be nice if the /tmp directory could be a system directory, and not a published directory under the WWW root.

There is a buglet, however: in WP 1.5.2, I noticed that having the system attempt to automatically extract the list of fonts produced an error: didn’t save it, but something to do with the “implode” function. I bypassed it by simply extracting the list of fonts myself, and inputing them in directly.

Noviembre 1st, 2005 at 11.22 pm

Boriel says:

Thomas (68):

1) Regarding /tmp directory, it must be a published directory. The images must be accesible via WWW, so they can be displayed as inline <img… / > images: This implies the tmp directory must be published. You can use another directory (NEVER publish system /tmp since it has some PHP session and other sensitive info there and could be a security breach). You can publish another directory in httpd conf or simpler, using symbolic link (ln -s) outside your document root.

I have a way to solve this, however. It will be done in a future release.

2) I use WP 1.5.2, as many others, and worked fine for us. If you can reproduce the bug, please tell me. If you enter the comma separated file list, then it won’t be automatically detected, as you did, and it will be saved as is.

Noviembre 1st, 2005 at 11.55 pm

Boriel says:

Ido (67):
Your tmp directory is OK (permissions and so on).
Something is prevented to write the .jpg files there. But don’t know the reason.

1) Check if the permission are OK, but I guess they are since hn_captcha_counter.txt exist.
2) Check if your GD have JPEG enabled:
<?php if (imagetypes() & IMG_JPG) echo “JPEG Support is enabled”; ?>
3) Also put this: error_reporting(E_ALL ^ E_NOTICE); before the @ImageJPEG function call to see if any error msg is output.

Noviembre 2nd, 2005 at 12.09 am

Ido Dubrawsky says:

I found the problem. My gd library didn’t get compiled with jpeg support (I thought it was but it didn’t). I had to actually recompile the jpeg library first, then the gd library, then PHP and the everything works great. This is awesome. I look forward to less blog spam with captcha. Thanks!

Noviembre 2nd, 2005 at 3.09 pm

Ido’s Blog » Blog Archive » Comments are back…with a twist says:

[...] I got tired of the blog spam from the on-line gambling sites and the Cingular ringtones folks and have installed the Boriel’s wonderful capcha plugin for Wordpress (yes, that’s how he spells it…in actuality it’s written as CAPTCHA). What is CAPTCHA? Captcha is the acronym for “Completely Automated Public Turing test to tell Ccomputers and Humans Apart.” You can find more information about it here. Now, if you want to submit a comment on my blog entries you will have to pass a reverse turing test. It’s simple…just put in the numbers shown in the graphic below your comment and press submit. If the numbers entered match the numbers in the graphic then the comment is accepted. The graphic is not machine readable so blog spam bots cannot parse it to get the numbers. Now, I had one problem with getting the capcha plugin to work — the graphic wouldn’t show up. It turned out that I needed to recompile my libjpeg library as well as the gd library and PHP in order to fix the problem. Now it works great. [...]

Noviembre 2nd, 2005 at 3.21 pm

Ido Dubrawsky says:

I’ve seen some comment spam come through today even with the capcha plugin active and working. All of my testing has shown that comments must have the captcha code added. Could this be actual live people spending time inputting this spam? Is there anyway to tell? I guess I could look at the Apache logs but I was wondering if there’s a way to log things through the plugin or through WordPress.

Just wondering.

Noviembre 3rd, 2005 at 6.46 pm

Ido Dubrawsky says:

Turns out it’s trackback comment spam. It has nothing to do with capcha.

Noviembre 3rd, 2005 at 9.32 pm

Boriel says:

Ido (73), (74):
I solved it using TrackBack validator plugin (see http://idli.cs.rice.edu/~dsandler/trackback/trackback-validator-plugin/).

This will hide trackbacks not really linking to your site, but won’t delete it from your database.

Noviembre 3rd, 2005 at 11.29 pm

Gary says:

Hi.. I am relatively new to wordpress and am having trouble installing this plugin.
I have chmod’ed my two directories as advised, and the options panel is even able to update the .ttf list automatically, meaning it can access my font files, right? Yet when I log out and try to post a comment on my site, I get the message that no Trutypefont is available for the captcha class. I really don’t know what is wrong! please help me if you can. thanks.

Noviembre 4th, 2005 at 1.44 pm

Boriel says:

Gary (76):

These have been stated in the comments area. There main causes for this usually are:

1) Bad chmod permissions (You see the .TTF list, so I guess they are Ok)
2) Your PHP version does not have GD enabled
3) Your GD-lib version does not support TTF.

I’m preparing version 1.9 that will check for this automatically.
Meanwhile, create a simple web page, named, for example test.php, with a sigle line:

And view it with your browser. Search for “GD”, and tell me what it says about it.

Noviembre 4th, 2005 at 10.32 pm

Onderonsjes » Onderons wijzigingen says:

[...] Eveneens door Ulco… (waarvoor nog meer dank en eeuwige roem): Capcha! Plugin geïnstalleerd. Hiermede hoop ik dat spamberichten tot het verleden behoren. Er dient een gegenereerde code ingevoerd te worden, alvorens niet-leden kunnen reageren. [...]

Noviembre 5th, 2005 at 10.15 pm

Tarotoast’s Stuff » Blog Archive » Capcha! Plugin says:

[...] 那 [Capcha! Plugin] 忈是啥? 簡單說是個美觀大方安裿簡易的 auth_image 程弿。安裿鿎程算是鿞常簡單: [...]

Noviembre 6th, 2005 at 2.55 pm

餅乾的網誌 » Blog Archive » 裿了Captcha says:

[...] 丿鿎因為在濬家剿本來的 WP 1.5 是確實有裿 AuthImage 的，丿鿎濬家後一直懶得裿，忿正沒有人會來 spam。既然色尿外便便土忸都這麼有誠愿的幫我把 plugin 找好了，就順手裿上去忧＿按照他文章說的，我跑去裿了Capcha! Plugin，沒想到翾在連手動修改都丿用，抓下來解開，按一下 activate ，抓個字型丟到目錄裡就濞定收工。目剿用了harry_p〿scriptina兩組字型，本來還用chopin_script，丿鿎看看覺得太難就拿掉了。 [...]

Noviembre 6th, 2005 at 6.00 pm

sleeplessboy says:

How come it only work on certain theme and don’t work on other theme? Do you have any tips for me to fix this problem??

sleeplessboy

Noviembre 7th, 2005 at 1.43 am

Funny as a Dead Baby — Blog Archive » Avast! says:

[...] I also added Captcha-style verification to my blog comments. I’m truly sorry to those who otherwise would’ve been able to comment (though there are only a few dozen actual humans who have ever commented on the site), but I’m also including a link to my e-mail comment form on my main site, which will allow access to users who need the aforementioned tools but still wish to comment (as well as any broader group who would prefer to comment privately). [...]

Noviembre 7th, 2005 at 5.51 am

Hannu says:

FYI, Captcha! version 1.9 doesn’t seem to be working with current SVN version of Wordpress (1.6-ALPHA-2-still-dont-use). It may be too early to be testing it, but you might want to check it out. The most obvious problem is the TrueType folder path, which is not being saved.

Noviembre 10th, 2005 at 7.33 pm

Carlos says:

Lo he instalado todo correctamente y me genera las imágenes, pero lo curioso es que a la hora de cargarlas en la página muestra un cuadro negro transparente con el texto “This is a captcha-picture…”.

Lo curioso, es que si le digo abrir imagen en ventana nueva copiando la ruta que ha generado, veo la imagen!
Y no es sólo en mi ordenador, lo he probado desde varios: windows y linux.

Alguna idea?

Noviembre 10th, 2005 at 10.17 pm

schimana.net » Blog Archive » Captcha Plugin für Wordpress says:

[...] Veränderungen durchführen muss, was bei Updates meistens hinderlich ist. Nun habe ich doch einen Captcha Plugin für Wordpress installiert. Dieser wird ohne Änderungen an Wordpress installiert. Es gibt eine Seite mitOptionen. Dort kann man TMP-Pfade und kann sogar einen eigenen TrueType-Font verwenden. Mal sehen, ob die Spams weiterhin durchkommen… [...]

Noviembre 13th, 2005 at 11.17 am

Hillsidelounge » Captcha installed says:

[...] Got the Captcha running and a cool truetype font called Angelina installed. We’ll see if I can stop the spam bombing before it starts. Using this one from boriel. and Angelina from dafont.com. Simple to install and get working. Just the way I like it. [...]

Noviembre 13th, 2005 at 11.56 am

MLL says:

Hello there, very cool plugin, thank you ! (nice fonts site too, didn’t know it )

Here’s a french translation that you might want to include:

‘fr’=>array(
‘msg1′=>’Vous devez lire et taper les ‘.$this->chars.’ charactères entre 0..9 et A..F, et envoyer le commentaire.’,
‘msg2′=>’Hélas, je ne peux pas lire ceci. SVP, générez un ‘,
‘buttontext’=>’Envoyer le commentaire’,
‘refreshbuttontext’=>’nouveau code’
)

Cheers.

Noviembre 16th, 2005 at 8.45 pm

Ercin EKER says:

Should i insert some code into comments.php file of the current theme? Cause the Capcha is not included into the comment page

Noviembre 17th, 2005 at 5.04 am

Ercin EKER says:

OK. the problem was my themes comment.php file, changed with an other themes file and now working

Noviembre 17th, 2005 at 5.42 am

Boriel says:

MLL (87): Will be included in future releases. Thanks!

Noviembre 17th, 2005 at 8.27 am

Boriel says:

Ercin (88), (89):
Yes. Some themes are buggy, and do not call some wordpress events.
It’s explained in answer (44):

To fix your wrong theme, simply add

<?php do_action(’comment_form’, $post->ID); ?>

just before the </form> tag in the comments.php file of your theme.
This will fix it, so you can use your favourite theme with captcha.

Noviembre 17th, 2005 at 8.28 am

Weedie says:

This is kinda cool, really….

Noviembre 17th, 2005 at 3.54 pm

Axel Segebrecht » Blog Archive » Open Comments says:

[...] Good news everyone… I’ve installed the CaptCha! plug-in for Wordpress by Jose Rodriguez (a.k.a. Boriel) and you no longer need to be registered to post comments! I hope that makes it easier and encourages you to let me know what you are thinking about my ramblings. [...]

Noviembre 21st, 2005 at 6.10 pm

jo says:

Dun’t know where the problem is, but v1.9 won’t work out of the box with this (pretty nice & ALA-based) Theme: http://www.law-blog.de/get-the-theme/

Anyway, thx for your work.

Noviembre 21st, 2005 at 7.11 pm

EdLucas.com » First Post says:

[...] CaptCha! - for comment spam blocking [...]

Noviembre 23rd, 2005 at 2.25 am

Nomadicoder » Got Captcha says:

[...] I have captcha installed and running. I’m using CaptCha!. Installation was pretty easy. [...]

Noviembre 24th, 2005 at 5.08 am

Deichgraf says:

Hola Juan,
pues has hecho un plugin de … madre! Lo unique que me ha jodido era la configuración en wordpress, es decir ajustarlo a que encuentre las imagines producidas. Pero ahora va muy bien! Gracias!
Saludos desde Frankfurt, Alemania

Noviembre 25th, 2005 at 3.06 pm

weblogbuch vom deichgraf » Blog Archive » Kommentar-Spam says:

[...] .. habe in nun dank Boriels Captcha Plugin abgestellt. Hoffe, daß automatische Spammer mich nun in Ruhe lassen?! Das Plugin integriert sich sehr schön in Wordpress. D.h. man muss keine zusätzliche Codierung vornehmen. Bleibt einzig die Angabe der Pfade unter denen das Plugin die Captcha-Bilder ablegt, was bei mir leider nicht auf Anhieb lief. Da gibt es zwei Angaben zu machen: der interne Verweis auf diesen Pfad und den von extern erreichbaren Verweis. Bei mir hängt das Zeug nun folgendermassen drinnen: TMP Folder: /<em><geheimer Pfad auf Server></geheimer></em>/www.b615.com/wp/wp-content/images/tmp/ TMP Path URL: http://b615.com/wp-content/images/tmp/ Vielleicht nützt Euch diese Info?! [...]

Noviembre 25th, 2005 at 3.18 pm

Marian says:

HOLA! Subi el plug in por ftp, cuando estoy intentando entrar al blog para editar las opciones (o para ver el blog) me da error:
Warning: main(captcha/hn_captcha.class.x1.php): failed to open stream: No such file or directory in /www/docs/loader.com.ar/public_html/blog/wp-content/plugins/captcha.php on line 31

Fatal error: main(): Failed opening required ‘captcha/hn_captcha.class.x1.php’ (include_path=”) in /www/docs/loader.com.ar/public_html/blog/wp-content/plugins/captcha.php on line 31

Alguna idea que puede ser?? Muchas gracias!!!

Noviembre 26th, 2005 at 3.58 pm

Sharroll says:

Well, I don’t know what’s giong on. I know I have the GD Library and stuff, because I went round and round with my host to have them install when I was using MT. I get the little box but no letters or numbers. Everything has been CHMODed correctly I think. I am unsure what else could be the problem.

Noviembre 26th, 2005 at 8.35 pm

Olajide Olaolorun says:

Boriel? Guess what, i was looking at me school, well the one i’m going to start in January’s website, http://www.gpc.edu and went to the campus website i would be attending. Just going to the Contact Us page, i saw Captcha being used:

http://www.gpc.edu/Faculty_and_Students/mail_form.php3?to=ncngevp3

Just thought i would let you know. I do not know the developer of the site yet as i have not started their but may get to know him/her when i start

Noviembre 28th, 2005 at 3.57 am

Little Bit Tired, Little Bit Worn » Blog Archive » WordPress 2.0 Beta and Spamkarma says:

[...] The options are few I suppose. #1 Return to WP 1.5 #2 Disable SK #3 Live with it #4 Find another plugin to control spam I’ve gone with Captcha at least until the SK issue has been dealt with either by the WP people or by SK’s Dr. Dave. I’d rather use SK as it is more user friendly for those leaving comments. [...]

Noviembre 30th, 2005 at 6.14 am

Rob says:

Hmm, got the garbage error today. Strange. Here’s the debug output I get when trying to post:

A GARBAGE ERROR has occured!
Go to the Contact section and notify to me!

Warning: Cannot modify header information - headers already sent by (output started at /home/electro/public_html/wp-content/plugins/captcha.php:175) in /home/electro/public_html/wp-comments-post.php on line 51

lines 51-53 and 55-58 are setcookies and header info. I’ve tried emptying the image cache manually. No luck. Any ideas?

Diciembre 1st, 2005 at 7.25 am

detrimental postulation » do i get a cake? says:

[...] Update — I have changed my verification to Boriel’s excellent CaptCha! It’s prettier, easier to install, and better than the last one I used. See? I do care about my readers after all. [...]

Diciembre 1st, 2005 at 11.23 pm

Marty says:

I too am getting Garbage error.

Diciembre 5th, 2005 at 3.19 am

The Bob Gentry Journal » Captcha Beast says:

[...] The 1st I downloaded was something called "Spam Karma 2- Reloaded"… That seemed to work pretty good but for some reason it started to over-ride the option of "moderation"…it basically took over like RISE OF THE MACHINES from Terminator 3. I started messing with the settings on it more and STILL couldn’t get it to the way I liked…and then I remembered the Juggler telling me about something he installed called "Captcha" ….which works like blogger.com’s anti-spam comment feature. It seems to NOW be working on my journal but there’s 2 submit buttons (not sure why). Anyway…in order to comment you must type in the 5 digit code after everything’s filled out and then click either submit button. Tricky….and even trickier for me to install [I ride the Little Yellow Wordpress Bus]. Hopefully this will solve my Spam troubles…more on this to come. [...]

Diciembre 7th, 2005 at 1.42 am

What I Learned Today…»Blog Archive » Spam says:

[...] Tonight I’m going to see about installing Captcha! or some other spam protection so that I don’t have to moderate comments anymore. • • • [...]

Diciembre 12th, 2005 at 3.45 pm

Stefan Haubolds weblog » Testing Comments says:

[...] I have re-enabled comments and I am using a Captcha Plugin now to prevent Comment Spam. [...]

Diciembre 14th, 2005 at 1.07 pm