With Geeklog v1.7.0 and heigher version, there is full support built into Geeklog to support the CAPTCHA plugin with the following Geeklog features:

• New User Registration
• Comments
• Email User
• Email Story
• Story submission
• Remote Users
• Calendar submission
• Links submission

Beginning with Forum v2.6, there is full support built into the Forum plugin to support the CAPTCHA plugin with forum posts.

Beginning with Media Gallery v1.5.0, there is full support build into Media Gallery to support the CAPTCHA plugin when sending electronic Postcards.

Support for the rating plugin. If CAPTCHA is enabled, the rating plugin will display it when a user is submitting a review.

Download CAPTCHA

CAPTCHA is a native Geeklog plugin that provides an additional layer of security for spambots.

A CAPTCHA (an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”, trademarked by Carnegie Mellon University) is a type of challenge-response test used in computing to determine whether or not the user is human. By presenting a difficult to read graphic of letters and numbers, it is assumed that only a human could read and enter the characters properly. By implementing the CAPTCHA test, it should help reduce the number of Spambot entries on your site.

CAPTCHA implementations are not full-proof, there are many methods to bypass them. It should only be used to provide another layer of protection to your site. With a layered approach using the Bad Behavior Plugin, SpamX Plugin, SLV Enhancement and the CAPTCHA plugin, together these can provide a very secure Geeklog implementation.

Beginning with Geeklog v1.4.1 there is support built into Geeklog to natively provide a CAPTCHA block for new user registrations, comment submissions, email user, email story and story submissions.

The CAPTCHA Plugin follows the standard Geeklog plugins procedure.

1. As one of your site's Root users

• Visit your {site_url}/admin/plugins.php page
• Upload the plugin archive (.zip) : Select it on your HD and press Upload.
• If upload is successfull then press the install link (see Online Installation below).

2. If the installation completed successfully you are ready to go. Otherwise, check the geeklog error.log for errors.

• <geeklog_dir>/logs/error.log

Below we will document two methods to install the Captcha files, via FTP and via standard shell access to the server.

If you do not have shell access to your server and can only use an FTP client to access your server, follow these instructions. If you have shell access to your server, you may want to jump down to the Shell Access Installation instructions below. To install CAPTCHA, or any Geeklog plugin, you will need to un-archive the plugin on your local computer. The CAPTCHA distribution will automatically create all the proper directories when it is un-archived. To un-archive a .gz file, you can use later copies of WinZIP or WinRAR.

1. Create a temporary directory on your local hard drive to hold the Media Gallery files (let’s use C:\tmp for our example).
2. Open the captcha-3.0.2-1.4.1.tar.gz file with WinRAR.
3. Select Extract All Files and point to the C:\tmp directory as the destination.

Now we should have a local copy of the CAPTCHA Plugin in C:\tmp The directory should look like this:

+ tmp\
     + admin\
     + docs\
     + language\
     + public_html\
     + templates\
     + functions.inc

Now that you have a copy on your local hard drive, it is time to FTP up to your server. Start your FTP program, I recommend FileZilla if you do not have a program you use already. FileZilla is free and supports many different operating systems (Windows, Linux, etc.). Connect to your web server with your FTP program.

Our first FTP will be the entire CAPTCHA distribution to your server. You will want to use the diagrams below to find the proper directory on your server and move the entire c:\tmp\captcha\ directory to the path-to-geeklog/plugins/ directory.

To find the path-to-geeklog you can look in your Geeklog config.php file and see what directory is defined in the $_CONF['path'] line.

SPECIAL NOTE: For the initial FTP of the CAPTCHA distribution, you will want to actually drag the captcha folder from your local computer to the plugins directory on your server. The remaining FTP's below you will actually drag the files, not the parent directory.

 tmp/           path-to-geeklog/
    |                          |
    + captcha/--+              + backups/
                |              + data/
                |              + include/
                |              + language/
                |              + logs/
                |              + pdfs/
                +------------->+ plugins/
                               + public_html/
                               + sql/
                               + system/
                               + config.php

Next, you will need to make a sub-directory under the public_html directory on your server called captcha. For most FTP programs you can create directories by highlighting the parent directory, public_html in this case, then right click the mouse, select New Folder and name it captcha. This procedure may be a little different depending on which FTP program you are using, check their documentation.

path-to-geeklog/
               |
               + backups/
               + data/
               + include/
               + language/
               + logs/
               + pdfs/
               + plugins/
               + public_html/
                            |
                            + captcha <--- Make this subdirectory
               + sql/
               + system/
               + config.php

Next you will need to FTP all the files from the c:\tmp\captcha\public_html\* directory to your server. Here you will want to select all the files and sub-directories in the public_html\ directory, not just the public_html\ folder. Follow the diagram below:

 tmp\            path-to-geeklog/
    |                           |
    + captcha\                  + backups/
             |                  + data/
             + public_html/*-+  + include/
                             |  + language/
                             |  + logs/
                             |  + pdfs/
                             |  + plugins/
                             |  + public_html/
                             |               |
                             +-------------->+ captcha/
                                + sql/
                                + system/
                                + config.php

Next, you will need to make a sub-directory under the admin/plugins/ directory on your server called captcha.

 path-to-geeklog/
                |
                + backups/
                + data/
                + include/
                + language/
                + logs/
                + pdfs/
                + plugins/
                + public_html/
                |            |
                |            + admin\
                |                   |
                |                   + plugins\
                |                            + captcha <--- Make this subdirectory
                + sql/
                + system/
                + config.php

Next you will need to FTP all the files from the c:\tmp\captcha\admin\* directory to your server. Here you will want to select all the files and sub-directories in the admin\ directory, not just the public_html\ folder. Follow the map below:

 tmp\        path-to-geeklog/
    |                       |
    + captcha               + backups/
             |              + data/
             + admin/---+   + include/
                        |   + language/
                        |   + logs/
                        |   + pdfs/
                        |   + plugins/
                        |   + public_html/
                        |                + admin/
                        |                       + plugins/
                        +----------------------->        + captcha/
                           + sql/
                           + system/
                           + config.php

Congratulations! You should now have all the files uploaded to your server and you are ready to skin to the Online Installation step below.

1. It is always a good ideas to perform a site backup. The CAPTCHA plugin does not create any database tables, but you should always make a backup prior to installing a plugin.
2. Uncompress the CAPTCHA plugin archive while in the path-to-geeklog/plugins directory. The archive will create a directory called captcha.
3. In your public_html directory, create a directory called captcha.
4. Under public_html/admin/plugins/ directory, create a directory called captcha.
5. Change to your path-to-geeklog/plugins/captcha directory.
6. Copy the files in the admin directory to the admin/plugins/captcha directory you created in step 4.
7. Copy the files in the public_html directory to the public_html/captcha directory you created in step 3.

Now that you have the files loaded on your server, it is time to actually perform the CAPTCHA installation into Geeklog.

1. Go to the plugin administration page. The CAPTCHA plugin should show up with a link to install it. Click this link. The install page will tell you if it was successful or not. If not, examine the Geeklog error.log in path-to-geeklog/logs/ to see what the problem was. Fix the problem and re-install.
2. Be sure and modify the CAPTCHA config.php file to enable CAPTCHA support for the features you wish to use. By default, CAPTCHA is turned off for all items. See Configuration section below.

If you are upgrading from v2 or earlier, the upgrade process is very straight forward. Try the automatic install or simply copy the new files over your existing CAPTCHA installation, then run the plugin upgrade by going into Admins Only → Plugins → CAPTCHA → Update.

Also, all the class files in the public_html/captcha/class/ directory have been moved. You should delete the public_html/captcha/class/ directory after upgrade.

Upgrading from the original gl-captcha hack

If you have the gl-captcha custom registration hack already installed, there is no need to upgrade to the CAPTCHA plugin unless you are running Geeklog v1.4.1+ or Forum 2.6+. The CAPTCHA plugin does not offer any new features unless you are running the latest Geeklog or Forum releases.

If you wish to upgrade, you will need to uninstall the existing gl-captcha hack before installing the plugin.

Follow these steps:

1. Disable Geeklog’s custom registration (change $_CONF['custom_registration'] to equal false in Geeklog’s config.php file.
2. Remove the public_html/captcha/ files and directory.
3. Remove the /captcha-images/ files and directory.
4. Remove the edits to lib-custom.php and memberdetail.thtml that you made to install the gl-captcha hack.

Once the new CAPTCHA plugin has been installed, you can re-install the custom registration feature by following the directions below in Integrating with older Geeklog Releases.

Keep in mind, you do not have to use Geeklog’s custom registration to enable CAPTCHA if you are running Geeklog v1.4.1 or greater.

By default, after installation, CAPTCHA features are turned on.

The CAPTCHA plugin can log each time an invalid string is entered or an attempt to bypass the normal entry method is detected. CAPTCHA maintains its own log file in your Geelog logs/ directory. The log file is called captcha.log. You can turn on/off the log on the configuration page.

All CAPTCHA configuration options are controlled in the on-line CAPTCHA Administration Screen. You can edit the CAPTCHA settings to disable/enable where you want the CAPTCHA strings to display.

By default, CAPTCHA will not use a graphics package, instead it comes out of the box setup to use static images. The advantage to using static images is that this will work in any environment, but it does not provide a high a level of protection since there are a finite number of images to use.

For the best level of protection, you should try using dynamic images which require either GD libraries compiled into PHP or the external graphics package ImageMagick. Both of these packages must support True Type Fonts in order to create the CAPTCHA image.

To configure CAPTCHA to use a graphics package change the following in the CAPTCHA Administration Screen.

You can control which Geeklog features (with Geeklog v1.4.1 or greater) will use the CAPTCHA validation with the following configuration options:

Once you set the above options, Geeklog will automatically enable the CAPTCHA validation for the items you have enabled. No other configuration is required.

The defacto standard Forum Plugin for Geeklog available from www.portalparts.com has native support for the CAPTCHA plugin beginning with Forum v2.6 and above.

If you are running Forum v2.6 or above, all that is required is to enable the Forum support in the CAPTCHA Administration Screen. Simply check Enable Forum and the CAPTCHA block will appear on the forum topic entry screen.

If you are running Media Gallery v1.5.0 or above, all that is required is to enable the Media Gallery support in the CAPTCHA Administration Screen. Simply check Enable Media Gallery and the CAPTCHA block will appear on the postcard email screen.

If you are using Geeklog's custom registration feature, you will need to 'merge' CAPTCHA into your existing Custom Registration implementation.

You will need to modify the custom registration functions in your lib-custom.php

Add the following code into the CUSTOM_userForm() function, this should go immediately before the following line: $user_templates→parse('output', 'memberdetail');

    /*
     * Check to see if CAPTCHA plugin is installed and enabled
     * if yes, call the function to add the CAPTCHA image.
     */
    if ( function_exists('plugin_templatesetvars_captcha') ) {
        plugin_templatesetvars_captcha('registration', $user_templates);
    }

Edit your custom memberdetail.thtml file and make sure you have the CAPTCHA template variable defined in the template, below is an example:

        <tr>
            <td align="right" class="alignleft"  style="vertical-align:middle;padding-left:10px;"><b>{EMAIL_CONF}</b><br{xhtml}><small style="color:#676767">{EMAIL_CONF_HELP}</small></td>
            <td align="left" valign="middle"><input type="text" name="email_conf" size="32" maxlength="96" value="{email_conf}"{xhtml}></td>
        </tr>
        {captcha}
        <tr>
            <td align="center" colspan="3"><input type="hidden" name="uid" value="{user_id}"{xhtml}><hr{xhtml}><br{xhtml}>
            <input type="hidden" name="mode" value="{postmode}"{xhtml}>{submitbutton}</td>
        </tr>

To enable the CAPTCHA plugin to seamlessly integrate with your Geeklog installation, each Geeklog integration has a separate template file. If you are not using the default professional theme or have modified it, you may need to modify the CAPTCHA templates as well.

The CAPTCHA templates are located in the plugins/captcha/templates/ directory.

NOTE: If you are not using the standard professional theme included with Geeklog v1.4.1, you will need to add the template variable to your theme. The following templates need the variable, see the stock professional theme files to determine where to place the variable.

• comment/commentform.thtml
• comment/commentform_advanced.thtml
• profiles/contactauthorform.thtml
• profiles/contactuserform.thtml
• submit/submitstory.thtml
• submit/submitstory_advanced.thtml
• users/registrationform.thtml

CAPTCHA v3.0.0 and above only support Geeklog v1.4.1 or above. Please see CAPTCHA v2.1.2 for integration with older releases of Geeklog.

Whether or not a CAPTCHA implementation is the correct solution to meet your needs is only a question you can answer. CAPTCHAs do have drawbacks; the main drawback to any CAPTCHA implementation is that is makes it almost impossible for visually impaired individuals to use. In some cases, even those users who are not visually impaired may have a difficult time reading the CAPTCHA string since they are designed to be difficult to read. Also, there may be accessibility laws in your area that you must conform to as well.

CAPTCHAs are not fool proof and they are not a final solution against spam bots. OCR (Optical Character Recognition) has been used to break many CAPTCHA implementations. Also, there have been reports on using cheap 'sweat shop' labor to get around CAPTCHA implementations by having people perform the registrations en mass. See Wikipedia for a more detailed discussion on drawbacks and how CAPTCHA can be circumvented.

CAPTCHA is only one layer of protection against spam bots. You should consider using the other protections available for the latest release of Geeklog, the Bad Behavior plugin, Dirk's SLV Spam-X class and trackback validation.

For any support issues, please use the support forums at:

geeklog Support Site

• Ensure you have enabled CAPTCHA in the CAPTCHA Administration Screen.
• Try using the static images first, if they work you know the integration is working.
• Make sure your theme has been updated to support the new template variable.

The original captcha code was written by Pascal Rehfeldt and packaged as a PHP class. The ImageMagick code was originally written by Thom Skrtich in SecureImage, a CAPTCHA implementation for WordPress. These two GPL’ed, Open Source projects were combined and customized to work with Geeklog by Mark R. Evans. The project is now maintened by ::Ben from http://geeklog.fr

v3.4 Coming soon

• Fix css color issue

v3.3.1 Dec 03, 2010

• Fix hard coded language in logview page

v3.3.0.1 May 12, 2010

• Replace all credit infos

v3.3.0 May 11, 2010

• Add proper credit to each modificated files
• Introduce a style.css file to custom the captcha input box
• Fix bugs in registration, email story and contact form. Coudn't reload the captcha
• Fix bugs introduced in v 3.1.1

v3.2.0 April 26, 2010

• Add support for Calendar Plugin
• Add support for Links Plugin

v3.1.2 Sept 4, 2009

• Change link to online documentation
• Check compatibility for geeklog 1.6.0

v3.1.1 April 30, 2009

• Fix bugs in contact and emailstory template.
• Fix language file where 2 words where missing.
• Fix bug in the Logviewer for non existing log file.

v3.1.0 Oct 17, 2008

• Successful install reported successful upgrade.
• Bug in expire time checking did not use configured expire time setting.
• Added support to turn off logging of invalid captcha attempts
• Initial support for Rating Plugin
• Several small fixes, validate all variables are properly initialized.

v3.0.2

• Fixed a typo which caused SQL error when CAPTCHA tried to write the session data.
• MSSQL Support - now fully supports both MySQL and MSSQL Geeklog installations.

v3.0.1

• Fixed a bug where CAPTCHA did not validate the CAPTCHA string in the Forum integration.
• Enhanced the error logging for debugging purposed.

v3.0.0

• Removed reliance on PHP sessions - now use a custom session handler.
• Added support for Geeklog remote users (in preparation for the OpenID integration to Geeklog).
• Added support for Media Gallery's Postcard email feature.
• Added limit on the number of times a new image can be requested (ensures no spambots can do a denial of service attack by overloading your server with graphic requests).

v2.1.2 - Security Release

• Fixes a security vulnerability
• Minor tweak to suppress session_start() errors

v2.1.1 - Small bug fix

• Fixed a small coding bug where an array was not properly declared.

v2.1.0 - Small enhancements / bug fixes

• Fixed error in detecting non-logged-in users
• Moved configuration to an online configuration no longer need to edit config.php
• New feature to allow the CAPTCHA image to be reloaded (generate a new image) without reloading the entire page.
• Ability for admins to include their own set of static images

v2.0.2 - Minor bug fix

• PHP4 requires template names to be passed by reference. In my zest to remove a warning generated by PHP5 on pass by reference calls, I removed too much.

v2.0 - Geeklog Pluign Release

• Converted to a true Geeklog Plugin
• Native support for Geeklog API’s to allow much easier integration to Geeklog core functions (Geeklog v1.4.1+ Only):
  • comments
  • story submission
  • email contact
  • email story
  • registration
• Support for Forum 2.6+

v1.0 - First production release.

• Combined the static / dynamic versions into a single distribution.
• Added email_conf field to insure compatibility with Geekog v1.4.1cvs
• Added ability to email administrator
• Added ability to refresh CAPTCHA image
• Added multi-language support

v0.5 - Beta Release

• Implemented Static Image support for those without TTF support in ImageMagick or GD libs.

v0.4 - Beta Release

• Enhanced to support multiple graphic formats, jpg and png.
• Moved configuration options to captcha.php
• Added a debugging option for ImageMagick implementations

v0.3 - Beta Release

• Added ImageMagick Support

v0.2 - Beta Release

The initial release of gl-captcha relied on a user attempting to register using the normal Geeklog New User link. After a lot of investigation it became clear that BOTS were registering on Geeklog sites by calling /users.php directly as a HTTP POST while passing the username and email variables. Since the standard New User screen was never called, the CAPTCHA was never initialized and rendered useless. We now check for this situation and deny the registration.

v0.1 - Initial beta release.

• Implémenter un système de questions-réponses simples