Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. Plugins & Extensions
  4. Fighting spam!
  5. Simple Turing Test for v1.6

Simple Turing Test for v1.6

1 Mar 29, 2006 01:33    

What you get with this is a customizable (via the back office) plain text field that your visitors will have to fill in before they can leave a comment, only this time you get it for version 1.6. Registered bloggers are exempt from the test, as are those who've successfully left a comment already. You will be able to customize the test and answer and rejection text in your back office.

Same as the other one, you add a couple of fields to your database: 

INSERT INTO `evo_settings` ( `set_name` , `set_value` )
VALUES (
'comment_test_query', 'Lorem ipsum dolor sit amet, consectetuer adipiscing elit.'
);
INSERT INTO `evo_settings` ( `set_name` , `set_value` )
VALUES (
'comment_test_value', 'Sed hendrerit dolor ac wisi lobortis auctor'
);
INSERT INTO `evo_settings` ( `set_name` , `set_value` )
VALUES (
'comment_test_reject', 'Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas'
);

Same as the other one, you will have to edit 4 files. At least 4 because you might have to do multiple versions of _feedback.php, but that's splitting hairs.

Alphabetically beginning with the admin folder, open _set_general.form.php and look for something close to this, then make it be this: 

$Form->text( 'reloadpage_timeout', (int)$Settings->get('reloadpage_timeout'), 5,
T_('Reload-page timeout'), T_('Time (in seconds) that must pass before a request to the same URI from the same IP and useragent is considered as a new hit.'), 5 );

$Form->end_fieldset();

// this is for the bobobox hack
$Form->begin_fieldset( T_('Turing Test Options') );
$Form->text( 'comment_test_query', $Settings->get('comment_test_query'), 80, T_('Turing Test Question'), T_('This is what visitors will see when they try to comment.'), 255 );
$Form->text( 'comment_test_value', $Settings->get('comment_test_value'), 80, T_('Turing Test Answer'), T_('This is EXACTLY what you expect them to put in the form field.'), 255 );
$Form->text( 'comment_test_reject', $Settings->get('comment_test_reject'), 80, T_('Failed Test Statement'), T_('This is what they see when they don\'t enter your answer correctly.'), 255 );
$Form->end_fieldset();

// --------------------------------------------

if( $current_User->check_perm( 'options', 'edit' ) )

Next in the admin folder open settings.php and find something like this then make it be this: 

$Settings->set( 'reloadpage_timeout', $reloadpage_timeout );

// these three are for the bobobox hack
param( 'comment_test_query', 'string', true );
$Settings->set( 'comment_test_query', $comment_test_query );

param( 'comment_test_value', 'string', true );
$Settings->set( 'comment_test_value', $comment_test_value );

param( 'comment_test_reject', 'string', true );
$Settings->set( 'comment_test_reject', $comment_test_reject );

if( ! $Messages->count('error') )

Now in the htsrv folder edit comment_post.php and find something that looks like this then make it be like this: 

	if( $error = validate_url( $url, $comments_allowed_uri_scheme ) )
{
	$Messages->add( T_('Supplied URL is invalid: ').$error, 'error' );
}

// this is for the bobobox hack
param( 'is_human', 'string' );
if( $is_human != $Settings->get('comment_test_value') )
{
$Messages->add( $Settings->get('comment_test_reject') );
}
}

$user_ip = getIpList( true );

Finally you have to edit skins/_feedback.php, but you also might have to edit skins/skinname/_feedback.php if your skin uses the long version of that file. Anyway it takes a couple of edits so the same thing: it starts sort of like this and you make it be this: 

<?php
	$comment_author = isset($_COOKIE[$cookie_name]) ? trim($_COOKIE[$cookie_name]) : '';
	$comment_author_email = isset($_COOKIE[$cookie_email]) ? trim($_COOKIE[$cookie_email]) : '';
	$comment_author_url = isset($_COOKIE[$cookie_url]) ? trim($_COOKIE[$cookie_url]) : '';
	// get answer for the bobobox hack
	$comment_test_answer = isset($_COOKIE[$cookie_name]) ? $Settings->get('comment_test_value') : '';
?>

<!-- form to add a comment -->

If you do NOT want to give your commenters credit for being human just because they ate your comment cookie do the _feedback.php file this way instead: 

<?php
	$comment_author = isset($_COOKIE[$cookie_name]) ? trim($_COOKIE[$cookie_name]) : '';
	$comment_author_email = isset($_COOKIE[$cookie_email]) ? trim($_COOKIE[$cookie_email]) : '';
	$comment_author_url = isset($_COOKIE[$cookie_url]) ? trim($_COOKIE[$cookie_url]) : '';
	// get answer for the bobobox hack
	$comment_test_answer = $Settings->get('comment_test_value');
?>

<!-- form to add a comment -->

Either way you also do this: 

	form_text( 'url', $comment_author_url, 40, T_('Site/Url'), T_('Your URL will be displayed.'), 100, 'bComment' );

	// this is for the bobobox hack
	param( 'is_human', 'string' );
	form_text( 'is_human', $comment_test_answer, 40, T_('Human Test'), $Settings->get('comment_test_query'), 100, 'bComment' );
}

// TODO: use a smaller textarea when using c=1 GET param

Next I'll add this to my 1.7 CVS blogs then check out 1.8 CVS and see about making this be a pluginable plugin. Good times will be had by all, except the spammers who will be forced to either be humans or attack you via trackback.

EDIT: fixed the code to include the corrective bit blueyed provided regarding it not working with register_globals OFF.

Back to top

2 May 15, 2006 08:12

EdB:

Thanks for publishing this.

It works great in 1.6. Hopefully I can forget about spam for awhile! :lol:

Thanks!

Back to top

3 May 15, 2006 09:34

Spoke to soon, if I have an .htaccess file, it stops working. Remove the file, then it works ok! :(

With a .htaccess file I get the error message:

Cannot post comment, please correct these errors:
You didn't answer the test question correctly! ( Did you forget to capitialize the word?)

[Back to comment editing]

Which is the error message if I have the wrong answer. Remove the .htaccess, then I am able to successfully comment.

Here is my .htaccess file

# Apache configuration for the blog folder


# this will select the default blog template to be displayed
# if the URL is just .../blogs/
<IfModule mod_dir.c>
	DirectoryIndex index.php index.html
</IfModule>


# this will make register globals off in b2's directory
# just put a '#' sign before these three lines if you don't want that
<IfModule mod_php4.c>
	php_flag register_globals off
</IfModule>

# If you're using Apache 2, you may wish to try this for clean URLs:
# AcceptPathInfo	On

Any idea why this would break the anti-spam hack?

Thanks!

Back to top

4 May 15, 2006 16:39

It's the "register globals" thing I'm sure, though I've no idea what that means. I suspect that may also be why the fellow over on the .9.1 version of this hack couldn't get it to work on his server.

ANYONE GOT A CLUE WHAT THAT MEANS AND WHAT I CAN/SHOULD/MUST DO TO MAKE A HACK WORK WITH REGISTER GLOBALS OFF?

I hate register globals. I wish register globals would just go away. Forever. Actually I wish someone would make me breakfast.

Back to top

5 May 15, 2006 17:17

*Hands EdB a bacon butty, try this :-

   // this is for the bobobox hack
param( 'is_human', 'string' );
   if( $is_human != $Settings->get('comment_test_value') )
   {
      $Messages->add( $Settings->get('comment_test_reject') );
   }

¥

Back to top

6 May 16, 2006 03:15

¥åßßå wrote:

*Hands EdB a bacon butty, try this :-

   // this is for the bobobox hack
param( 'is_human', 'string' );
   if( $is_human != $Settings->get('comment_test_value') )
   {
      $Messages->add( $Settings->get('comment_test_reject') );
   }

¥

Yabba,

Where does this PHP go? In the .htacess?

Thanks!

Back to top

8 May 22, 2006 01:05

Thanks to everyone who pointed out the flaws and corrective action required. The initial post in this thread is now the latest and greatest. I set up a 0.9.2 installation and did the register_globals OFF thing then (after a bit of screwing around) installed blueyed's corrective action and it works as one would expect.

Note that I haven't tested this in a 1.6 installation, and probably won't. I don't feel like doing much with 1.6 since 1.8 is like way different, so I'm going to wait for 1.8 to come out before tinkering again.

Back to top

9 May 24, 2006 03:29

EdB,

Anyway thanks for all your help with this. I installed it in 1.6 and it seems to be working.

Back to top

10 Jun 08, 2006 10:50

I have a couple of questions regarding this hack. I've installed it on two 1.6 site:
www.grumpygamer.biz
www.cartmel-bar.co.uk

My first question is this. The box where the answer should appear already has the answer in it. Is it supposed to work like that?

Secondly, on the first of the two sites I've listed there's a problem on the backend page where the question can be set. It doesn't seem to save the changes to the database. Whereas the changes are saved on the cartmel-bar website. Why could this be?

Back to top

11 Jun 08, 2006 10:58

The box autofills the answer for people who previously passed the test and have your comment cookie. It should NOT be filled in for a visitor who has not commented before, but that obviously is happening. I'll get a 1.6 installation up again and see if I can duplicate the problem.

I've no idea why you're seeing the second problem. Are the two sites hosted on different servers? All I can guess at is that something about how the server is set up is causing this problem for you. Hopefully someone smart will come along and ask intelligent questions that explain what's going on there!

Back to top

12 Jun 08, 2006 11:04

Yes the two sites, although hosted by the same company, are on different servers. It's not really a problem though. I can edit the question/answer via phpmyadmin anyway.

It's the box being filled in already that's the major issue I think.

It's a great hack by the way - though I struggled to get the box to appear on my kubrick2evo skin because the sybtax is different than your example. Here's what I had to do, perhaps this is why I have the problem? Notice my form on that skin is different to the one in your example. You can see towards the bottom where I placed the Turing box.

<?php
			if( is_logged_in() ) { // User is logged in: ?>
				<p><strong>
				<?php echo T_('User') ?>:
				<?php $current_User->preferred_name()?></strong>
				<?php user_profile_link( ' [', ']', T_('Edit profile') ) ?>
				</p>

				<?php } else { // User is not loggued in: ?>
				<p>
				<input type="text" name="author" id="author" value="<?php echo $comment_author ?>" size="40" tabindex="1" class="bComment" />
				<label for="author"><?php echo T_('Name') ?></label>
				</p>

				<p>
				<input type="text" name="email" id="email" value="<?php echo $comment_author_email ?>" size="40" tabindex="2" class="bComment" />
				<label for="email"><?php echo T_('E-mail') ?></label>
				</p>

				<p>
				<input type="text" name="url" id="url" value="<?php echo $comment_author_url ?>" size="40" tabindex="3" class="bComment" />
				<label for="url"><acronym title=\"Uniform Resource Identifier\">URL</acronym></label>
				</p>




				<?php } ?>

			<p>
			<label for="comment"><?php echo T_('Your Comment'); ?></label>
			<br />
			<textarea name="comment" id="comment" cols="70" rows="4" tabindex="4"></textarea>
			</p>

			<p>
			<?php echo T_('Options') ?>:<br />
			<?php if(substr($comments_use_autobr,0,4) == 'opt-') { ?>
				<input type="checkbox" name="comment_autobr" value="1" <?php if($comments_use_autobr == 'opt-out') echo ' checked="checked"' ?> tabindex="6" id="comment_autobr" class="chekbox" /> <label for="comment_autobr"><?php echo T_('Auto-BR') ?></label> <span class="notes">(<?php echo T_('Line breaks become &lt;br /&gt;') ?>)</span><br />
				<?php }
			if( ! is_logged_in() ) { // User is not logged in: ?>
				<input type="checkbox" name="comment_cookies" value="1" checked="checked" tabindex="7" id="comment_cookies" class="chekbox" /> <label for="comment_cookies"><?php echo T_('Remember me') ?></label> <span class="notes"><?php echo T_('(Set cookies for name, email &amp; url)') ?></span>
				<?php } ?>
			</p>

		<?php   param( 'is_human', 'string' );
				   form_text( 'is_human', $comment_test_answer, 40, T_('Human Test'), $Settings->get('comment_test_query'), 100, 'bComment' );
  ?>

			<p><input name="submit" type="submit" tabindex="5" value="<?php echo T_('Send comment') ?>" /></p>

			</fieldset>

			</form>
			<?php }
		} ?>

Back to top

13 Jun 08, 2006 21:46

Agreed on the major issue piece. I am currently doing a 1.6 install and adding this hack as per this thread. I'll let you know where I'm at, but so far I am amazed to see that "admin" has to tell it the answer! I do not have the box auto-filled, but I'm using only the 'custom' skin so far. I will grab and install the kubrick2evo skin and see how that goes.

BTW I wrote the hack using the 'custom' skin *knowing* many skins out there do things differently. It is up to the individual blogger to adapt this hack to their skin. K2E was fun to make, but I never gave it a thought when I did this hack. Thanks for sharing how to get this in that, and if I can I'll clean it up a bit for you.

Stay tuned...

Back to top

14 Jun 08, 2006 22:46

Thanks for the reply and the help.

I have been fiddling with it today to see if I can fix the form being filled. But with no luck. It's mainly guesswork on my part, I don't really know PHP, but I learn bits here and there by tinkering with my websites. :)

Back to top

15 Jun 09, 2006 02:08

Gotta go make some money soon, and I haven't been able to duplicate your issue, but I can give you a nicer look for your turing test box and maybe a way out of the real problem. First the easy one: fixing the look in the k2e skin. The bit you added under the comment text box can be removed and replaced with this bit under the URI box instead. Of course you could add it under the comment text box if you wanted. The only thing I did was got it to look like the other three short boxes. 

				<p>
				<input type="text" name="url" id="url" value="<?php echo $comment_author_url ?>" size="40" tabindex="3" class="bComment" />
				<label for="url"><acronym title=\"Uniform Resource Identifier\">URI</acronym></label>
				</p>

<?php param( 'is_human', 'string' ); ?>
<p>
<input type="text" name="is_human" value="<?php echo $comment_test_answer ?>" size="40" tabindex="3" class="bComment" />
<label for="is_human"><?php echo $Settings->get('comment_test_query') ?></label>
</p>

				<?php } ?>

			<p>
			<label for="comment"><?php echo T_('Your Comment'); ?></label>


Obviously the beginning and end bits here are 'original material' bits.

Now for the big problem: autofilling the answer for new visitors. I can't duplicate the issue so it's hard to troubleshoot it, but it shouldn't be too hard to guess where it's going wrong. 

// get answer for the bobobox hack
$comment_test_answer = isset($_COOKIE[$cookie_name]) ? $Settings->get('comment_test_value') : '';


That is supposed to set $comment_test_answer to *the answer from the database* if they have the name cookie, and *blank* if they don't, but is giving everyone the answer from the database even though it doesn't give out a free answer for the name field. Cool. Let's take advantage of that and see how this works for you. 

// get answer for the bobobox hack
if( $comment_author != '' ) {
$comment_test_answer = $Settings->get('comment_test_value');
} else {
$comment_test_answer = '';
}

No promises there, and you'll want to test it by not being logged in and visiting your blog to leave a comment, but it's worth a shot.

Back to top

16 Jun 09, 2006 04:12

With your post and some patience on my part I went back through everything. Seems I'd made a couple of mistakes and now those are fixed, and with your cleaned up version of the form box I've got it working on both sites.

It is now saving the new settings in the admin menus. The turing box is empty and it's all working fine.

Thanks so much for your help.

Back to top


Form is loading...