Friends, I just helped my customer, to test integration of unregistered version of captcha creator (www.captchacreator.com) with amember v3.0.8. The customer does not want to purchase 3.1.2 for the sake of captcha (he is not interested 2-tier affiliates). It is working satisfactorily. I would like to developers and others to comment and find any security issues in this is integration. Three steps involved in customization. google it to download unregistered version of captcha creator. Upload the captcha folder to the root of the amember (other places also works well.) First step: Integration with singup.html template. Insert the following code after name = "price_group" and before type = submit line and Code: <table cellpadding=5 cellspacing=0 bgcolor="#E4F8E4"> <tr bgcolor="#AAD6AA"> <td colspan="2"><font color="#FFFFFF" face="Verdana" size="2"><b>Image Verification</b></font></td> </tr> <tr> <td style="padding: 2px;" width="10"><img src="captcha/captchac_code.php" id="captcha"></td> <td valign="top"><font color="#000000">Please enter the text from the image</font> <br><input type="text" name="Turing" value="" maxlength="100" size="10"> [ <a href="#" onclick=" document.getElementById('captcha').src = document.getElementById('captcha').src + '?' + (new Date()).getMilliseconds()">Refresh Image</a> ] [ <a href="/captcha/whatisturing.html" onClick="window.open('/captcha/whatisturing.html','_blank','width=400, height=300, left=' + (screen.width-450) + ', top=100');return false;">What's This?</a> ] </td> </tr> </table> This generates the required captcha image in your singup page. Step 2: Making the captcha code verified by signup.php page. Required codes have to inserted at different places of the code. The first one to include captchac_lib.php at the beginning of the page. Insert the following codes after include('./config.inc.php'); PHP: require_once('./captcha/captchac_lib.php'); Insert the following codes inside function check_payment_form(){ after the line global $config; PHP: $Turing_code = $_REQUEST["Turing"]; // if ( CheckCaptcha($Turing_code) !=1 ) { $error[] = _SIGNUP_PLEASE_SELECT_CAPTCHA; return !count($error); } Step 3: Create an error message in the language file anywhere with the following code PHP: define('_SIGNUP_PLEASE_SELECT_CAPTCHA', 'The Captcha Image Code you entered is invalid'); Thats all. Your captcha must be working. You can customize the look and feel of the images from the captcha config file situated inside captcha folder. you can also check with the attached pdf file, about inserting required codes.
Thanks skippy. Of course it took about 12 hours to figure it out this way. However, I would like to know from Alex, is it legal to change the codes like this. If not I will instruct my customer to delete this option. I know that creating cutom templates is perfectly legal. Alex can you clarify this point?
A similar integration is also possible with recaptcha http://recaptcha.net). If anybody wants I can help them in implementing. I now realize that amember is one of the well written modular scripts. Highly recommendable
Sorry I was away for a long time from this forum due to change in job and duties. I have resigned that job and started my freelance web development. Here is the recaptcha addin to amember v3.0.8. Step 1: You need to register with recaptcha.net for privateky and publickey for your domain. You can do this from here. Step 2: Download the latest recaptcha library from here (click the download link to the library files. You need only recaptchalib.php) Step 3: upload recaptchalib.php to a convenient location in you webserver. My choice at public_html, so that any form can use this captcha Step 4: You need to edit two files in amember for recaptcha to work: (1) signup.html in amember/template folder and (2) signup.php in amember folder Step 5: changes in signup.html in template folder. This files shows the captcha during signup. You need to add the following scripts just before "<input type="submit" value=" #_TPL_SIGNUP_SUBMIT_CONTINUE# " />" PHP: <script> var RecaptchaOptions = { theme : 'white' }; </script> <table align = "center"> <tr> <td> <?php $publickey = "your publickey code here"; // you got this from the signup page echo recaptcha_get_html($publickey); ?> </td> </tr> </table> <br /> <input type="submit" value=" #_TPL_SIGNUP_SUBMIT_CONTINUE# " /> </form> Step 6: Changes in signup.php file in amember folder. This checks the captcha entry. Enter the following following next to include('./config.inc.php'); This gets the recaptchalib.php. Here installed recaptchalib.php at /public_html/captcha and my amember is at public_html/amember/ PHP: require_once('../captcha/recaptchalib.php'); Then add these lines just after global $config; PHP: //checking data from recaptcha site $privatekey = "your private key here";you got this from the signup page at recaptcha.net $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); // //error prompt if (!$resp->is_valid) { $error[] = _SIGNUP_PLEASE_SELECT_CAPTCHA; return !count($error); } //captcha check ends Thats it. Your signup page must show recaptcha. Check and verify and enjoy. Write back if you have any problem. Enjoy
Thanks chemistry2004! Your code has one error but easily fixable - put // in front of "you got this from the signup page at recaptcha.net" on step 6. Otherwise works great!