CaptchaPlugin
A visual challenge-response test to prevent automated scripts from using the wikiOn this page:
Description
This plugin tries to prevent automated scripts from creating users and spam your wiki. It does so by requiring a simple test to ensure that the request is done by a human being. The Captcha encodes information into a distorted image containing letters and digits. This information is easy to generate for the computer, easy to read for human beings but hard to recognize by computers. Note however, that Captchas aren't 100% bullet proof. They only raise the bar for automated scripts to pass the test. There are regular reports of Captchas of a specific kind being solved automatically for high profile internet sites. CaptchaPlugin tries to create challenge-response tests hard enough to solve for computers, but does not claim that its tests are unbreakable on any scale. Read more about captchas at http://en.wikipedia.org/wiki/CAPTCHA.Syntax Rules
CAPTCHA
This macro renders a simple captcha interface based on thejqCaptcha jQuery plugin (an image and a click handler to reload it). In most
cases you'd use the CAPTCHAFORM macro for a more ready-to-use widget.
CAPTCHAFORM
This simply expands to the captcha form as defined in thecaptcha.tmpl template.
Parameters:
- validateonsubmit: boolean value specifying when the form is being validated. If set to true (default) validation of the captcha will be performed on the client already when clicking on the "Submit" button. If set to false, validation happens on the server side only.
- disableonsuccess: boolean value specifying when the challenge is going to be "consumed" while validating it on the client side. This defaults to false so that the server validation check on the same challenge gets a chance to pass as well.
CAPTCHACHECK
This macro can be used in own wiki applications to check a challenge at some point. It takes a challenge identifier and a response and verifies it while expanding the macro. Based on the result eithererror or success is returned.
Parameters:
- challenge: the captcha challenge identifier
- response: the response as provided by the user
- error: format string to be returned when validation failed
- success: format string to be returned when validation succeeded
Example
You type:
<form action="%SCRIPTURLPATH{view}%/%WEB%/%TOPIC%#example" id="example">
<div class="foswikiFormSteps">
%CAPTCHAFORM%
<div class="foswikiFormStep">
%BUTTON{"%MAKETEXT{"Submit"}%" icon="tick" type="submit"}%
%CLEAR%
</div>
</div>
</form>
%CAPTCHACHECK{
challenge="%URLPARAM{"captcha_challenge"}%"
response="%URLPARAM{"captcha_response"}%"
error="%JQICON{"error"}% There was an error checking the validation code."
success="%JQICON{"accept"}% The validation code has been checked successfully."
}%
You get:
You get (if installed)
Captcha-protected editing of topics
By switching on the{EnableSave} parameter in your Foswiki configuration, editing wiki topics will be guarded by
requiring a captcha challenge to be passed. This feature is disabled by default as Foswiki core's own Strike-One mechanism
is already well suited to protect accidental save actions to be performed (e.g. as performed by spam bots). In some cases
an additional captcha guard might be interesting as to allow unauthenticated guests of a wiki to do regular edits.
Use the {EnableSave} switch to enable this. The captcha challenge for topic edits can also be demanded even for registered
users by enabling the {SaveForAll} flag. WARNING: this might raise the barrier to contribute to the wiki a bit too high
for practical use. Only enable this feature when you really know what you are doing.
As by now the {EnableSave} feature is best integrated into the NatEditPlugin while
needing extra provisions for other editors.
Installation Instructions
You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server. Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install". If you have any problems, or if the extension isn't available inconfigure, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.
Dependencies
| Name | Version | Description |
|---|---|---|
| Foswiki::Contrib::JsonRpcContrib | >=1.30 | Required. |
| Foswiki::Plugins::JQueryPlugin | >=6.00 | Required. |
| GD | >=2.39 | Required. |
Change History
| 02 Dec 2014: | moving from jquery.tmpl to jsrender |
| 28 Aug 2014: | specify rest security settings |
| 04 Apr 2014: | flag rest handlers that don't require authentication |
| 17 Jul 2013: | brought back to live and improved - Foswiki:Main.MichaelDaum |
| 24 Dec 2009: | started to port to foswiki - Foswiki:Main.SvenDowideit |
| 28 Oct 2007: | Fixed bug on RegistrationAgent |
| 16 Aug 2007: | Added black and white shades only; Added editcaptcha.tmpl; Moved all attributes to LocalSite.cfg; Removed DeleteAfterRegistration |
| 08 Aug 2007: | Added support for captcha on topic save (thanks Foswiki:Main.KwangErnLiew), fixed some minor bugs, added some free fonts |
| 06 Aug 2007: | Colourised fonts; Randomised font type, font size, background colour, and font positioning; Fixed hash display on user pages; Modified oopscaptcha.tmpl |
| 03 Aug 2006: | Renamed to CaptchaPlugin, adapted to Dakar (TWiki 4.0.x). |
| 03 Jan 2006: | Fixed some problems with expiry, also optimised according to FastPluginHints. |
| 10 Oct 2005: | Strip hash and text from arguments to register binary, or they will end up in the newly created user topic. |
| 07 Oct 2005: | Initial version |
Copyright © by the contributing authors. All material on this site is the property of the contributing authors. Ideas, requests, problems regarding AustLII Communities? Send feedback
This website is using cookies. More info.
That's Fine