Posted by chadd on May 7, 2008 at 3:47pm
Jump to:
| Project: | CAPTCHA |
| Version: | 6.x-2.x-dev |
| Component: | User interface |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
i see that it is quite easy to add the captcha (reCATCHA) to all user created forms (i'm using the webform module).
but i don't want to give web authors the option of not using the captcha when they create a form.
is there a way for all forms created as a webform have captcha enabled by default? is that something i can do in the content type?
Comments
#1
No, there is currently no way in the core CAPTCHA module to automatically add a CAPTCHA to a (web)form.
If you're comfortable with writing Drupal modules:
An option/workaround is to write a small helper module that sets a CAPTCHA after the webform is created,
for example by programatically submitting the captcha point form (form_id: captcha_point_admin_form) with the desired values.
I don't think this type of functionality should be in the core CAPTCHA module, it makes more sense to put it in a separate (sub)module.
#2
I would be willing to sponsor such a module for Drupal 5.x+ if anyone is interested in working on it.
#3
How about adding wildcard (or even regular expression) matching to determine placement of captcha? It will enable us to eg. add "webform_client_form_*" or "webform_client_form_%" to the list of form_ids that will get captcha. All forms matching that pattern will get a captcha. This functionality can be used for other (future) similar cases too.
Since form names are (usually and by convention) valid PHP function names, there won't be clashes with existing IDs.
#4
working with wildcards could be a possible solution, but I'm not sure yet if it is worth the extra processing it would incur (on every form). And how to handle multiple matches?
#5
Hi,
I like the idea of working with wildcards and I would use it with modules like webform.
Maybe the extra processing can be controlled using a submodule we can activate or not.
#6
Subscribing. I'm also willing to sponsor an update/ module that will add captcha's to all webforms on a site, including newly created ones, automatically.
#7
Subscribing.
Wildcards would do it for me. in #4, Soxofaan wonders how to handle multiple matches. This is an interesting question, but in my opinion not really a hard one:
Rules:
1: Use the most specific one (IE: the one with the least wildcards)
2a: In case of a tie, pick a random option for settings (IE: if one match requires Image Captcha and the other math Captcha, for each time that form is accessed, randomly pick either of Image or Math Captcha).
2b: In case of a tie, pick the 'most secure' (needs a definition!) Captcha between the options (IE: if one match requires Image Captcha and the other math Captcha, for each time that form is accessed, use the Image Captcha, since we consider that more secure).
Either implement 2a or 2b in my opinion. For 2b, it would be nice if it were possible for the administrator to define weights for 'security' of different Captcha methods.
I don't think matching wildcarded form id's should bring a lot of extra computation time. I haven't exactly looked into the code yet, but I figure going through the list of form id's saved for using captcha's exactly once, using regular expression matching in case of wildcards.
Submitting the administration form for Captcha would need a bit more code too, since if a wildcard is used, checking wether the form id is legal currently always says illegal (which is, with the current implementation without wildcards, very reasonable).
I could take a look into developing a patch, if I find the time for it.
#8
In the meanwhile, I managed to get a CAPTCHA on all webforms for anonymous users following #743056: Document how to add a CAPTCHA programmatically. I created a custom module with this:
/*** Implementation of hook_form_alter().
*/
function mymodule_form_alter(&$form, $form_state, $form_id) {
if (ereg("^webform_client_form_[0-9]+$",$form_id) && user_is_logged_in() == FALSE) {
$form['my_captcha_element'] = array(
'#type' => 'captcha',
);
}
}