Posted by astro75 on November 5, 2012 at 12:48pm
3 followers
Jump to:
| Project: | BOTCHA Spam Prevention |
| Version: | 7.x-1.3 |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | PatchRanger |
| Status: | closed (duplicate) |
Issue Summary
Updated from 1.0 to 1.3 and now module blocks every form submit. Tried reinstalling, but it still blocks everything. I get these in my log:
user-login post blocked by BOTCHA: submission looks like from a spambot.
Failed 1 of 5 recipes [obscure_url] from "default" recipe book.
Comments
#1
Your report is accepted, I am working to fix it.
#2
Do you have Drush? If yes you could disable BOTCHA module using
drush dis botcha -ylogin as admin, enable BOTCHA again and then disable ObscureUrl recipe. It will let your site to work while I am fixing the issue.
If no, then do you have database access? If yes you should delete user_login and user_login_block from botcha_recipebook_form - it will allow you to login without reenabling the module. It is safe, no data will be lost, it will just turn off the BOTCHA protection for login forms.
#3
Do you have clean url enabled? You could check it on admin/config/search/clean-urls.
#4
I don't have drush. I have database acces. Clean urls are always enabled.
After disabling ObscureUrl I got this:
user-login post blocked by BOTCHA: submission looks like from a spambot.Failed 1 of 4 recipes [timegate] from "default" recipe book.
#5
It appears that somebody has submitted the login form too fast.
'Too fast' is 8 seconds - if form is submitted faster, it became 'looks like from a spambot'.
You can manipulate this parameter if you think that 8 seconds is too much: update 'variable' table by setting 'botcha_timegate' variable to the value you prefer (if it does not exist - insert it).
#6
It was actually me who submitted that form. 8 seconds for login form is too much.
I made a copy of my site to test things. ObscureUrl problem didn't show up on my test site.
The problem is with AJAX comment module. It doesn't work when BOTCHA is enabled on that form. Even with no recipes selected.
#7
Botcha does not support AJAX (yet). See #1270986: Make BOTCHA work with AJAX
#8
Then you should update 'variable' table as described above. The UI for such things is in the development (see #1815080: Create RecipeUI) - but is not ready yet. If you want this feature to be implemented faster, you could participate in patch crowd funding for that concrete issue (see https://drupal.org/project/botcha#how-much-does-it-cost for details).
It means that some characteristics differ on your live environment and on your localhost setup. I guess on localhost you have Apache - right? And what kind of HTTP-server do you have on the live? Is it IIS? You could check it at admin/reports/status.
Ok, let me rename the issue then.
#9
It did work with 1.0
Or I can disable it on login form with reicpe
I made a copy on the same server in a subdomain. And the server runs on Apache.
The only solution now is go back to 1.0 or use another similar module. Thanks for your help.
#10
Please try the 7.x-2.0 or later version. There you could find the "AJAX friendly" recipe book, which plays nice with AJAX since it doesn't include JavaScript-recipes - so if the problem remains with JS-recipes, you could just switch all forms to "AJAX friendly" recipe book. Though it will provide less protection - it works without hackings or workarounds while we are looking for how to make it to work with AJAX.
Closing as a duplicate of #1270986: Make BOTCHA work with AJAX.