Does CATCHA work, and under what circumstances?
jshuster - June 14, 2007 - 14:11
| Project: | CAPTCHA |
| Version: | 5.x-3.x-dev |
| Component: | Miscellaneous |
| Category: | support request |
| Priority: | minor |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
I'd love to start using CAPTCHA, but all the activity on the bug list is pretty intimidating. Under what circumstances does CAPTCHA work reliably, under Drupal 5.1?
A short synopsis along these lines would be very helpful in deciding whether and how to deploy it.
As an aside, has this module become too complicated? Put another way, do we need a very simple "CAPTCHA-Lite" module as a stop-gap? Something that just does math equations on setting up user accounts, and which can be used until the full module is ready.
I realize I may be way off base here, but just a thought ... thanks, all, for your hard work on this.
#1
Subscribing; I'm in the same boat here, and I imagine other potential users are. From my current experiences trying to get captchas to work and from looking at the open issues, it appears to go something like this:
I'm currently trying to debug problems on my site, going the reCAPTCHA route, since textimage has consistently provided impossibly garbled images no matter the settings.
#2
My sentiments exactly.
Captcha gets my vote for the buggiest drupal module. Which is a shame considering how important it is to a functioning site.
#3
See this: http://drupal.org/node/150381
I have had good success with MyCaptcha.
#4
For what it's worth, the following combination seems to be working right now, though I have only tested it a couple of times (one "good" captcha and one "bad") on one captcha point with one role:
Grab 'em here. Your mileage may vary, of course. Or your car may burst into flames. ;-)
(But seriously, thanks for all the work that is going on here!)
#5
Using version 5.x-1.1 with Textimage seems to work.
#6
I had the same feeling. It's a bit sad because decent anti-spam tools should be basic functionality of a CMS nowadays. Anyway, out of frustration I did a big rewrite of the official captcha module (see http://drupal.org/node/153395). A the time of this writing I'm at revision 30 (http://drupal.org/node/153395#comment-264105), which is fairly stable (in my humble but subjective opinion of course). Differences with the standard version: no dependency on form_store/form_collect, easy enabling/disabling of captcha's with "captcha administration links" on all forms (when this option is enabled), only captchas for anonymous visitors, use of a dedicated DB table instead of kinky variable_get/variable_set stuff (which is source of a lot of issues I guess).
however, I did not test it with Textimage or recaptcha yet.
So please, try it out and give feedback on http://drupal.org/node/153395
thanks
soxofaan
#7
I worked for several hours trying to get the Captcha/Text Image/Form Collect & Form Store modules working together. Although I was successful I found it very cumbersome. Also, even after getting it to work, I still was not happy with the position of the captcha questions.
I downloaded & installed MyCaptcha & is simply worked. That's my two cents for what it's worth.
Matthew Jabs
www.issi-central.com
#8
mattjabs, since my client requests a captcha feature then I install the captcha.module. But always has strange problem: some time I need to answer 2 times the math question and sometimes need to refresh the browser page. we have try several days and my client does not satisfy. So, we remove this module.
Until I look at your post then try mycaptcha and .. it's working.
#9
ditto with captcha fails to work, MyCaptcha works easily, and why oh why is this highly critical functionality not part of the Core Drupal??
#10
Thank you very much for this thread. I'm sorry for treating this like a forum but if a voice is a representation of a vote then I am voting for a rock-solid Captcha implementation. It appears that we have in MyCaptcha. Congrats to everybody who worked on security issues, and thanks especially to wundo who's a pioneer in the Drupal Captcha module.
Of course, the biggest thanks goes to Heine from providing a stable and reliable Captcha implementation in MyCaptcha.
Thank God, my prayers have been answered. It's been almost a year.
#11
Got to agree with many of the above comments.
1. A simple *working* captcha system is absolutely critical for many sites these days.
2. captcha for 4.7 doesn't work. You can enter the correct code 5 times, and be told it is incorrect each time, until it decides otherwise.
3. How is it that after all this time it still doesn't work correctly? Perhaps there are spammers in our midst, throwing spanners in the works, breaking the code wherever possible, so that they can continue to take advantage of a widely used, scarcely protected CMS system?
Looks as though I'll be using the myCaptcha module for my 5.1 sites
(Ps - love the "slay the dragon" comment! Funny AND true)
#12
As the person who initiated this thread, I see it's attracting a rich set of comments. That's probably a good thing, but it may also be frustrating to those deeply involved in the development work.
I've been following all the activity on the module, and if this isn't the most active part of Drupal right now, it's got to rank in the top ten.
Lest my original intent become lost, my hat's off to all who are working on this problem -- thank you!
#13
Well I can't use MyCaptcha either, since form_store doesn't support PostgreSQL and the http://drupal.org/node/149988 patch doesn't work, so I guess I'm left without an option. I just want to stop the spam bots that are already attacking my site: even though I've locked out anonymous commenting and require administrative approval of new accounts, I don't want them even getting as far as the request. Anyway, I'll check up on this later, I have great confidence in the Drupal community, it just takes a little time :-)
#14
Well, you have an option:
http://drupal.org/node/153395#comment-270126 (big rewrite of captcha module to make it "just work")
At this point I ported also the image captcha functionality of MyCaptcha in this rewrite. Advantages for you: no form_store dependency, PostgresSQL support. I did not test the PostgresSQL support however, so I would appreciate if you could test it.
feel free to give feedback
thanks
#15
Yeah, CAPTCHA is worthless..
First of all here is my list of bugs:
1) First-time captcha doesn't work it gives a validation error on correct answers
2) If you put captcha on user-login Block, it still wont work because it distorts the whole website, how dumb... I dont think Captcha developers test anything, no offense.
3) Lets say you enter a blank or a wrong math answer for the question in a login form, then it will say you made an error, BUT it will still let you login, .....
So then what the heck is the point of this module, just delete it.
#16
1) If an open-source system is broken, you don't delete it, you fix it and make it work again
2) If an open-source system is broken, you can't insult the developers for contributing their time and effort into the project
3) If an open-source system isn't suiting your needs, stating your experience with using it and suggesting constructive criticism will be more beneficial to everyone than saying the whole system is worthless
We are people contributing our free time to this to try and get it working. Your input was both insulting and unhelpful. Either give constructive criticism, which the developers can use to better the system, or get out of open-source.
#17
I'm setting this to fixed. If you have any issues with the DRUPAL-5--3 branch of Captcha in the CVS, please make a new issue.
#18
Hey, Rob Loach, please don't think that one negative comment represents all of our great community who are standing behind you with full support and gratitude for your fantastic work.
Sending you the love!
P.S. Just installed 3.0RC1 and it works great!!! YOU ROCK!
#19
I had actually almost given up on Captcha after getting some problems over a long time, to which ! got no solution, but today after downloading the latest version, I think it's simply great, also the very appearance of the text image - and the idea of the text captcha! :)
I have a question or 2, though ....
I did not see on the configuration page how to include other pages - like the Guestbook, where I found some spam, some of which came in today after I updated to D-5.2. It'd be good if the submission form or Guestbook entry comment form also profited. ... or probably some other form belonging to some other module. ... ummmm - like "story" submission? I have several categories of stories...
or even some self-made content type - like "kids" submit images they have drawn ....
Are there non-custom solutions for people who cannot program?
Thanks & regards
#20
On the captcha settings page (at the top): enable "Add captcha adminstration links to forms.". Then go to the form on which you want a captcha challenge. You'll find there (on the place where the captcha challenge will come) a captcha administration link "Place a captcha challenge here for untrusted users.". Click it and you'll be able to select a captcha challenge for that form.
#21
Many thanks! :)
#22
I also switched to MyCaptcha. Why? Because it works!
#23
@lcfranson:
Does the official captcha module (version 3.0-rc1 or higher that is), not work for you?
Could you comment/elaborate on that so we can make it better? Thanks.
#24
To eradicate possible misunderstandings: There is nothing 'official' about projects, such as captcha, that are hosted on Drupal.org. They are simply hosted on Drupal.org. This does _not_ indicate endorsement by Drupal core developers or the security team for example. Of course, benefits of hosted projects include: a standard issue tracker and support for the update status module.
#25