Hello to the Drupal Team and the captcha maintainer,

we do have a problem here. We run 3 domains on one drupal installation. Every one uses the very same php code. Modules on all the same, no caching. It's Drupal 5.2, php5.2.0, apache2 btw.

On the first domain we set up everything is fine. We can use any captcha and it works.

Then we set the next domain that uses the same drupal php code but a new mysql database for it's own. Before we activated captchas we set up a third domain that shares the php code and most of the second database. Only a view tables differ and some variables defined in the settings.php. On those two domains captchas are _NOT_ possible.

All we get on every try is: Invalid captcha token.

Any hint?

CommentFileSizeAuthor
#6 ppcnux.de_.txt10.84 KBRalf Saalmueller
#5 ppcnux.com_.txt10.57 KBRalf Saalmueller

Comments

soxofaan’s picture

soxofaan commented

"Invalid captcha token." is typically an issue with sessions.

Do you have a "sessions" table for each site?

Does CAPTCHA fail for all sorts of users: anonymous and authenticated?

Ralf Saalmueller’s picture

Ralf Saalmueller commented

I haven't seen the point with sessions. At least it should run on one of the shared domains but none is working.

I have seperated the session into different tables for side B and C. Site A has it's own database. New entries are stored. But still "captcha token invalid".

And I have to add that although textimage shows and works on side A, the image lacks on side B and C. Another strange thing.

We use captchas to stop spam accounts. So you have to deal with it when you like to register an account. Haven't used it otherwise.

Ralf Saalmueller’s picture

Ralf Saalmueller commented

Still no correct captcha.

Session table splitted. Domain A has database A. Domain B & C have database B with one table for Domain B and another one for Domain C.

Still no correct captcha with Domain B or C for guests. No captchas for registered users.

soxofaan’s picture

soxofaan commented
Component: Miscellaneous » Code
Status: Active » Postponed (maintainer needs more info)

Can you put 

  header('Content-Type: text/plain');
  var_dump($form_id);
  var_dump($captcha_token);
  var_dump($_SESSION['captcha']);

before line 522 or somthing from captcha.module, which reads:

  // Check if captcha_token exists
  if (!isset($_SESSION['captcha'][$form_id][$captcha_token])) {
    form_set_error('captcha_token', t('Invalid captcha token.'));
  }

and post the stuff that it spits out (as text file in attachment preferably) for each of your sites?

Ralf Saalmueller’s picture

Ralf Saalmueller commented
StatusFileSize
new ppcnux.com_.txt10.57 KB

Thanks for your answer and your time in first place!

After I altered the captcha.module source domain B & C did have a different output. The Domein that does have it's own database still works and has no altered output (it uses textimage).

The html code has 3 lines in front and the third is "NULL".

Ralf Saalmueller’s picture

Ralf Saalmueller commented
StatusFileSize
new ppcnux.de_.txt10.84 KB

... and the second attachment:

soxofaan’s picture

soxofaan commented

The html code has 3 lines in front and the third is "NULL".

the "NULL" means that there is no session data available. Session data is required for the CAPTCHA module to work.
Is there anything special about your setup concerning sessions?

Also, you mentioned "textimage", do you mean http://drupal.org/project/textimage ?
The CAPTCHA implementation in that module is not compatible with CAPTCHA 5.x-3.x. Use the Image CAPTCHA packaged with the base CAPTCHA module for image CAPTCHAs.

Ralf Saalmueller’s picture

Ralf Saalmueller commented

Sorry, I wasn't correct. It's captcha image.

A list of all active modules:
ACL 5.x-1.3
Forum Access 5.x-1.7

Aggregator 5.2
Color 5.2
Comment 5.2
Drupal 5.2
Forum 5.2
Help 5.2
Locale 5.2
Menu 5.2
Path 5.2
Poll 5.2
Profile 5.2
Search 5.2
Statistics 5.2
Taxonomy 5..2
Tracker 5.2
Upload 5.2

Inactive User 5.x-1.1
Printer-friendly pages 5.x-1.1
Scheduler 5.x-1.4
Secure Login 5.x-1.x-dev
Site menu 5.x-1.0
Troll 5.x-1.1
Extended user status notifications 5.x-1.1

Captcha 5.x-3.x-dev
Image captcha 5.x-3.x-dev
Captcha Riddler 5.x-3.0
Text captcha 5.x-3.x-dev

Views 5.x-1.6
Views RSS 5.x-1.6
Views Theme Wizard 5.x-1.6
Views UI 5.x-1.6

The very same setup as the domain that does captchas.

Ralf Saalmueller’s picture

Ralf Saalmueller commented

Shame on ME!

Sorry for the fuzz, the problem wasn't drupal neither captcha. Thank's for your great job that lead us to the point.

We imported over 1.000 user into drupal and user uid=0 was somehow corrupted and deleted. But without uid=0 there's no session for anonymous users and that's why they can't use captchas.

I'm verry verry sorry for the fuzz. Again, thank very much!

Ralf

robloach’s picture

robloach
he/him
commented
Status: Postponed (maintainer needs more info) » Fixed

Haha, oops. It is nice for users to have a user ids! No problem, it's really good to get issues, as it helps us find out what's wrong with the module.

RobRoy’s picture

RobRoy commented
Title: captchas don't work on second site » Resolved: Captchas don't work on second site (was missing user UID 0 in database)

We had the user UID 0 problem as well. Nice catch!

robloach’s picture

robloach
he/him
commented

Hmm, why does that happen?

RobRoy’s picture

RobRoy commented

Because the {sessions} table must do a JOIN on {users} somewhere and will barf if that user doesn't exist in the table. So no anonymous session vars will persist if that user doesn't "exist" in {users}.

Ralf Saalmueller’s picture

Ralf Saalmueller commented

at Rob Loach

We imported via mysql 1000 user accounts fromphpnuke into drupal. We took care of uid1 but haven't hat uid 0 in mind. Is that the answer to your question?

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)
soxofaan’s picture

soxofaan commented
Issue tags: +captchauid0

tagging

giorgio79’s picture

giorgio79 commented

This could be a duplicate of #243423: User with uid=0 will change uid when copied/inserted to {users} table with MySQL and MyISAM table, breaks anonymous postings if you imported the first db into the second, and the anon userid got corrupted.