Closed (duplicate)
Project:
BOTCHA Spam Prevention
Version:
7.x-1.3
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Reporter:
Created:
5 Nov 2012 at 12:48 UTC
Updated:
20 Nov 2012 at 11:23 UTC
Updated from 1.0 to 1.3 and now module blocks every form submit. Tried reinstalling, but it still blocks everything. I get these in my log:
user-login post blocked by BOTCHA: submission looks like from a spambot.
Failed 1 of 5 recipes [obscure_url] from "default" recipe book.
Comments
Comment #1
PatchRanger commentedYour report is accepted, I am working to fix it.
Comment #2
PatchRanger commentedDo you have Drush? If yes you could disable BOTCHA module using
drush dis botcha -ylogin as admin, enable BOTCHA again and then disable ObscureUrl recipe. It will let your site to work while I am fixing the issue.
If no, then do you have database access? If yes you should delete user_login and user_login_block from botcha_recipebook_form - it will allow you to login without reenabling the module. It is safe, no data will be lost, it will just turn off the BOTCHA protection for login forms.
Comment #3
PatchRanger commentedDo you have clean url enabled? You could check it on admin/config/search/clean-urls.
Comment #4
astro75 commentedI don't have drush. I have database acces. Clean urls are always enabled.
After disabling ObscureUrl I got this:
Comment #5
PatchRanger commentedIt appears that somebody has submitted the login form too fast.
'Too fast' is 8 seconds - if form is submitted faster, it became 'looks like from a spambot'.
You can manipulate this parameter if you think that 8 seconds is too much: update 'variable' table by setting 'botcha_timegate' variable to the value you prefer (if it does not exist - insert it).
Comment #6
astro75 commentedIt was actually me who submitted that form. 8 seconds for login form is too much.
I made a copy of my site to test things. ObscureUrl problem didn't show up on my test site.
The problem is with AJAX comment module. It doesn't work when BOTCHA is enabled on that form. Even with no recipes selected.
Comment #7
iva2k commentedBotcha does not support AJAX (yet). See #1270986: Make BOTCHA work with AJAX
Comment #8
PatchRanger commentedThen you should update 'variable' table as described above. The UI for such things is in the development (see #1815080: Create RecipeUI) - but is not ready yet. If you want this feature to be implemented faster, you could participate in patch crowd funding for that concrete issue (see https://drupal.org/project/botcha#how-much-does-it-cost for details).
It means that some characteristics differ on your live environment and on your localhost setup. I guess on localhost you have Apache - right? And what kind of HTTP-server do you have on the live? Is it IIS? You could check it at admin/reports/status.
Ok, let me rename the issue then.
Comment #9
astro75 commentedIt did work with 1.0
Or I can disable it on login form with reicpe
I made a copy on the same server in a subdomain. And the server runs on Apache.
The only solution now is go back to 1.0 or use another similar module. Thanks for your help.
Comment #10
PatchRanger commentedPlease try the 7.x-2.0 or later version. There you could find the "AJAX friendly" recipe book, which plays nice with AJAX since it doesn't include JavaScript-recipes - so if the problem remains with JS-recipes, you could just switch all forms to "AJAX friendly" recipe book. Though it will provide less protection - it works without hackings or workarounds while we are looking for how to make it to work with AJAX.
Closing as a duplicate of #1270986: Make BOTCHA work with AJAX.