Would be nice if Captcha support considered for the guestbook.module included somehow, somepoint for future updates. There are certain hack/fixes by various Drupallers and they seem to work but it would better if guestbook form is support included a guestbook is vulnerable form too
http://drupal.org/node/61054

thanks

CommentFileSizeAuthor
#16 captcha_admin_links_D5_1.png19.65 KBsoxofaan
#16 captcha_admin_links_D5_1.patch2.54 KBsoxofaan
#16 captcha_admin_links_D6_1.patch3.05 KBsoxofaan
#15 captcha_admin_6.patch2.53 KBrobloach
#11 captcha.module.administrationlinks.patch2.15 KBrobloach
#10 captchaadmin.png60.83 KBrobloach
#7 captcha_admin.png64.31 KBica

Comments

soxofaan’s picture

soxofaan commented

Dit you try CAPTCHA version 5.x-3.x? It already supports the guestbook form (I use that all the time when developing CAPTCHA modules). No hacks are needed. And not only the guestbook form is supported, from the CAPTCHA v 5.x-3.x documentation (at the top of the CAPTCHA settings page):

A captcha can be added to virtually each drupal form (which is identified by a form_id). The captcha module comes with some default forms to add a captcha to, but arbitrary forms can be easily added and managed when the option "Add captcha adminstration links to forms" is enabled.

ica’s picture

ica commented

Thanks for pointing this captcha function.
Yes, it works but the inconvenient part is;

when its activated admin of the site gets "Place a captcha challenge here for untrusted users." link on every forms on blocks and rest of the site after selecting the one form (in this case is the guestbook) admin still see the reminder link "Place a captcha challenge here for untrusted users." throughout the site ... when one goes back to
user/captcha/guestbook_form_entry_form?destination=guestbook

and disable the option (in order not to see the link on every form) it also disables the capthca on the form user just activated.

would not be better if there is another option on that; after enabling captcha for an extra form that user should be disable the reminder '"Place a captcha challenge here for untrusted users." but the catchas activated with this function still remain 'active' and if the user thinks he/she needs another catpcha he/she can activate the reminder links on forms back?

thanks

soxofaan’s picture

soxofaan commented

would not be better if there is another option on that; after enabling captcha for an extra form that user should be disable the reminder '"Place a captcha challenge here for untrusted users." but the catchas activated with this function still remain 'active' and if the user thinks he/she needs another catpcha he/she can activate the reminder links on forms back?

That how it works now the captcha administration links are just a tool that can be enabled and disabled, the real CAPTCHAs stay.

Note that the CAPTCHAs are only visible to users without the "skip captcha challenges" permission, so be sure to test it after logging out.
From the same CAPTCHA documentation:

Users with the "skip captcha challenges" permission won't be offered a captcha. Be sure to grant this permission to the trusted users (e.g. site administrators). If you want to test the captcha challenges, be sure to do it as a user without the "skip captcha challenges" permission (e.g. as unauthenticated user).

ica’s picture

ica commented

Just to make it clear as additional followup to above,
Another example is
for instance when forward.module and say Service_links.module active on previews as below

site gets on every view and node a reminder that site gets captcha reminder throughout -something might be useful but inconvenient to see the captcha reminders when once its activated

-------------------------------
Forward this page to a friend

Captcha administration:
The captcha challenge "Image" (by module "image_captcha") is enabled here for untrusted users: edit captcha type or disable captcha.

.................................
Your vote:
Average: 4 (1 vote)

Captcha administration:
Place a captcha challenge here for untrusted users.

----------------------------------
I presume solution would be an option something like
below the

[x]  Add captcha adminstration links to forms
...........................................
[x] Disable captcha reminders on activated forms
[x] Disable captcha reminders on all forms (but keep the captcha activated forms active)

thanks

ica’s picture

ica commented

following your post, In the case described above Admininistrator permisssion option has skip catcha challenges ticked.
yet admin is still seeing a captcha reminder as described above on every form on every node repeated over and over again
in case above forward.module and fivestar.module (not service_links module btw - i made mistake mistyping) and also site search form, search block, live searcsearch block etc.

its just question of inconvenience repeating reminder captcha bit on every form even forms captcha activated.. other solution i can think of instead of this long text reminder a mini, tiny green [C] icon and red [C] with a link to captcha settings and hover explanation of the reminder text, i can think of

thanks

soxofaan’s picture

soxofaan commented
Title: captcha support for the guestbook.module » CAPTCHA administration links

No offense, but I find it very hard to understand what you mean (hint: grammar, punctuation). You appear to be from United Kingdom, so I assume you should know English better than me (I'm from Belgium).

Anyway, if I got your message correctly:
* on forms with a CAPCHA: always show "CAPTCHA administration links" for adminstrators
* on forms without a CAPTCHA: only show "CAPTCHA administration links" when the the checkbox ("Add captcha adminstration links to forms") is checked
is that right?

ica’s picture

ica commented
StatusFileSize
new captcha_admin.png64.31 KB

Hi, check out the attached visual mock-up of the idea.
- you might a visual vocabulary more explanatory :)

ps: http://en.wikipedia.org/wiki/Assumption

robloach’s picture

robloach
he/him
commented

Yes, I've noticed that the Captcha Administration links can screw up the visual design, but have ignored it as I didn't think it could be as worse as you're experiencing. I'm not quite sure of what we could use as an alternative other then telling people to disable the administration links after they'd secured all the forms they want to use Captcha on.

soxofaan’s picture

soxofaan commented

The mock-up makes your issue indeed a lot more clear. Thanks.

It seems more a problem of your particular combination of the CAPTCHA module with the forward module (with the forward form setup on the node itself) than a real issue with the CAPTCHA module.
Why don't you just disable the "CAPTCHA administration links" after you're done setting up? It seems the easiest solution.
Also note this issue is only visible to user with the "administer CAPTCHA settings" permission.

Concerning the alternatives you propose:

  1. The collapsing thing seems only worth it for your setup with the forward module. In the remaining 99% of use cases I think collapsing would be worse. It's just one sentence you're hiding.
  2. Differentiating the visibility of the "CAPTCHA administration links" based on form_id seems overkill (again in 99% of use cases), not only code-wise, but also UI-wise and it introduces extra administrative load.
  3. What's the difference between "disable captcha administration on this form type" and "don't show captcha administraion links on this form type"?
  4. What's the difference between "add captcha administration links to forms" and the inverse of "don't show captcha administration links globally on the site"?
  5. Icons are more a theme thing, CAPTCHA should not do it by default and just provide a user friendly text. We could provide means to theme/alter it, but is seems overkill to me.

Note that the CAPTCHA administration links are meant as a temporary configuration tool, so it is hard to justify advanced features for it.

PS: I explicitly stated that I was assuming for the sake of discussion, I didn't take it as truth. Here in Belgium there are a lot of people that doesn't even understand one of our official languages. Even some members of our royal family have/had a hard time with the official language of the biggest part of our country (Dutch). ;-) But let's not make this thread a political one. In any case: no offense intended.

robloach’s picture

robloach
he/him
commented
StatusFileSize
new captchaadmin.png60.83 KB

If we stuck it into a fieldset that's collapsed by default, it might help. See the attached screenshot.

robloach’s picture

robloach
he/him
commented
StatusFileSize
new captcha.module.administrationlinks.patch2.15 KB

Here is the patch to put the CAPTCHA administration links into a fieldset...

robloach’s picture

robloach
he/him
commented
Component: Code » User interface
Priority: Normal » Critical
Status: Active » Needs review
robloach’s picture

robloach
he/him
commented
Title: CAPTCHA administration links » Put CAPTCHA administration links in Field Sets
Assigned: Unassigned » robloach
Status: Needs review » Fixed

This is going in for the next release. Makes the user interface much cleaner.

robloach’s picture

robloach
he/him
commented
Status: Fixed » Patch (to be ported)

Needs port to HEAD for Drupal 6.

robloach’s picture

robloach
he/him
commented
Version: 5.x-3.x-dev » 6.x-2.x-dev
Status: Patch (to be ported) » Needs review
StatusFileSize
new captcha_admin_6.patch2.53 KB

Here we go...

soxofaan’s picture

soxofaan commented
StatusFileSize
new captcha_admin_links_D6_1.patch3.05 KB
new captcha_admin_links_D5_1.patch2.54 KB
new captcha_admin_links_D5_1.png19.65 KB

Now that the CAPTCHA administration links are in a collapsed fieldset, we can maybe present the information in a more structured way instead of the current cram-everyting-in-one-line.

in attachment: screenshot and patch for drupal 5 and drupal 6

robloach’s picture

robloach
he/him
commented
Status: Needs review » Reviewed & tested by the community
soxofaan’s picture

soxofaan commented
Status: Reviewed & tested by the community » Fixed

fixed by
http://drupal.org/cvs?commit=90550
http://drupal.org/cvs?commit=90551

robloach’s picture

robloach
he/him
commented

Wicked cool!

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for two weeks with no activity.