CAPTCHA added in amember pro v3.0.8

Discussion in 'Customization & add-ons' started by chemistry2004, Aug 24, 2008.

  1. chemistry2004

    chemistry2004 Member

    Joined:
    Jan 26, 2007
    Messages:
    78
    Friends,
    I just helped my customer, to test integration of unregistered version of captcha creator (www.captchacreator.com) with amember v3.0.8. The customer does not want to purchase 3.1.2 for the sake of captcha (he is not interested 2-tier affiliates). It is working satisfactorily. I would like to developers and others to comment and find any security issues in this is integration.
    Three steps involved in customization. google it to download unregistered version of captcha creator. Upload the captcha folder to the root of the amember (other places also works well.)

    First step: Integration with singup.html template. Insert the following code after name = "price_group" and before type = submit line and
    Code:
    <table cellpadding=5 cellspacing=0 bgcolor="#E4F8E4">
    <tr bgcolor="#AAD6AA">
    <td colspan="2"><font color="#FFFFFF" face="Verdana" size="2"><b>Image Verification</b></font></td>
    </tr>
    <tr>
    <td style="padding: 2px;" width="10"><img src="captcha/captchac_code.php" id="captcha"></td>
    <td valign="top"><font color="#000000">Please enter the text from the image</font> &nbsp; <br><input type="text" name="Turing" value="" maxlength="100" size="10">
    [ <a href="#" onclick=" document.getElementById('captcha').src = document.getElementById('captcha').src + '?' + (new Date()).getMilliseconds()">Refresh Image</a> ] [ <a href="/captcha/whatisturing.html" onClick="window.open('/captcha/whatisturing.html','_blank','width=400, height=300, left=' + (screen.width-450) + ', top=100');return false;">What's This?</a> ]
    </td>
    </tr>
    </table>
    This generates the required captcha image in your singup page.

    Step 2: Making the captcha code verified by signup.php page. Required codes have to inserted at different places of the code. The first one to include captchac_lib.php at the beginning of the page. Insert the following codes after include('./config.inc.php');
    PHP:
    require_once('./captcha/captchac_lib.php');
    Insert the following codes inside function check_payment_form(){ after the line global $config;
    PHP:
    $Turing_code $_REQUEST["Turing"];
        
    //

       
    if ( CheckCaptcha($Turing_code) !=) {
            
    $error[] = _SIGNUP_PLEASE_SELECT_CAPTCHA;
          return !
    count($error);
          }
    Step 3: Create an error message in the language file anywhere with the following code
    PHP:
    define('_SIGNUP_PLEASE_SELECT_CAPTCHA''The Captcha Image Code you entered is invalid');
    Thats all. Your captcha must be working. You can customize the look and feel of the images from the captcha config file situated inside captcha folder. you can also check with the attached pdf file, about inserting required codes.
  2. skippybosco

    skippybosco CGI-Central Partner Staff Member

    Joined:
    Aug 22, 2006
    Messages:
    2,526
    This is really great! Thank you so much for sharing!!
  3. chemistry2004

    chemistry2004 Member

    Joined:
    Jan 26, 2007
    Messages:
    78
    Thanks skippy. Of course it took about 12 hours to figure it out this way. However, I would like to know from Alex, is it legal to change the codes like this. If not I will instruct my customer to delete this option. I know that creating cutom templates is perfectly legal. Alex can you clarify this point?
  4. skippybosco

    skippybosco CGI-Central Partner Staff Member

    Joined:
    Aug 22, 2006
    Messages:
    2,526
    My Guess,

    Legal, probably yes..

    Supported in case of upgrade time, not sure..
  5. chemistry2004

    chemistry2004 Member

    Joined:
    Jan 26, 2007
    Messages:
    78
    A similar integration is also possible with recaptcha http://recaptcha.net). If anybody wants I can help them in implementing. I now realize that amember is one of the well written modular scripts. Highly recommendable
  6. frybread

    frybread Member

    Joined:
    Jul 14, 2008
    Messages:
    42
    I'd love to see recaptcha in amember! Please post the details
  7. chemistry2004

    chemistry2004 Member

    Joined:
    Jan 26, 2007
    Messages:
    78
    Sorry I was away for a long time from this forum due to change in job and duties. I have resigned that job and started my freelance web development. Here is the recaptcha addin to amember v3.0.8.

    Step 1: You need to register with recaptcha.net for privateky and publickey for your domain. You can do this from here.

    Step 2: Download the latest recaptcha library from here (click the download link to the library files. You need only recaptchalib.php)

    Step 3: upload recaptchalib.php to a convenient location in you webserver. My choice at public_html, so that any form can use this captcha

    Step 4: You need to edit two files in amember for recaptcha to work: (1) signup.html in amember/template folder and (2) signup.php in amember folder

    Step 5: changes in signup.html in template folder. This files shows the captcha during signup. You need to add the following scripts just before "<input type="submit" value="&nbsp;&nbsp;&nbsp;#_TPL_SIGNUP_SUBMIT_CONTINUE#&nbsp;&nbsp;&nbsp;" />"

    PHP:
    <script>
     var RecaptchaOptions = {
        theme : 'white'
     };
     </script>
    <table align = "center">
    <tr>
        <td>    
    <?php
    $publickey 
    "your publickey code here"// you got this from the signup page
    echo recaptcha_get_html($publickey);
    ?>
    </td>
    </tr>
    </table>
    <br />
    <input type="submit" value="&nbsp;&nbsp;&nbsp;#_TPL_SIGNUP_SUBMIT_CONTINUE#&nbsp;&nbsp;&nbsp;" />
    </form>
    Step 6: Changes in signup.php file in amember folder. This checks the captcha entry. Enter the following following next to include('./config.inc.php'); This gets the recaptchalib.php. Here installed recaptchalib.php at /public_html/captcha and my amember is at public_html/amember/
    PHP:
    require_once('../captcha/recaptchalib.php');
    Then add these lines just after global $config;
    PHP:
    //checking data from recaptcha site
        
    $privatekey "your private key here";you got this from the signup page at recaptcha.net
         $resp 
    recaptcha_check_answer ($privatekey,
                                    
    $_SERVER["REMOTE_ADDR"],
                                    
    $_POST["recaptcha_challenge_field"],
                                    
    $_POST["recaptcha_response_field"]);
        
        
    //
        //error prompt
               
    if (!$resp->is_valid) {
                              
    $error[] = _SIGNUP_PLEASE_SELECT_CAPTCHA;
                              return !
    count($error);
        }
       
    //captcha check ends
    Thats it. Your signup page must show recaptcha. Check and verify and enjoy.

    Write back if you have any problem.

    Enjoy
  8. zdr81

    zdr81 New Member

    Joined:
    Sep 1, 2006
    Messages:
    9
    Thanks chemistry2004! Your code has one error but easily fixable - put // in front of "you got this from the signup page at recaptcha.net" on step 6. Otherwise works great!

Share This Page