The latest 6.x versions of the Mollom module support the Pressflow lazy session handling, however it's not clear how that support works without looking through the code or issue #562374: Mollom incompatible with Pressflow's (and Drupal 7's) session handling -- causes CAPTCHAs to fail. The 'more help' link in the module settings contains the mode descriptions from the old module, which does mentioned captch cache effects, but not everyone will look here. When the comment form is configured to only use the Mollom captcha, anonymous comments are enabled, and the comment form is displayed on a node view, a session is started for ALL node views. Without looking in one of those places mentioned, most people would be confused about why they are seeing none of their content getting cached. Can the the captcha cache warning be made more prominent? It might also make sense to add a prominent warning based on the sites cache mode.

#8 0001-723422-by-sun-Clarify-protection-mode-options.patch4.28 KBsun
PASSED: [[SimpleTest]]: [MySQL] 5,809 pass(es).
[ View ]
#7 admin-protection-modes.7.png11.35 KBsun
#7 mollom.admin-protection.7.patch3.95 KBsun
PASSED: [[SimpleTest]]: [MySQL] 6,477 pass(es).
[ View ]


Title:Captcha cache/session warningAdd note about sessions/caching of pages containing CAPTCHAs
Version:6.x-1.12» 6.x-1.x-dev

Hm. Not sure where to put this. Ideally, README.txt...

Status:Active» Fixed

I think this is no longer the case, as we've made the module compatible with browsers/clients not supporting cookies over in #775398: Disabled cookies == no session data, impossible to submit a protected form

Status:Fixed» Needs work

This is not entirely fixed. The patch in #775398 makes it better but we still have a $GLOBALS['conf']['cache'] = 0; in the mollom_process_mollom() to prevent pages with CAPTCHAs from getting cached. The reason we can't cache those pages is because the URLs to the CAPTCHAs are session specific.

Maybe that is something to document on the form protection settings page? It can be a reason to choose 'text analysis mode' over 'CAPTCHA only mode'.

Either way, I'm going to set this to 'needs work'.

Status:Needs work» Active

Version:6.x-1.x-dev» 7.x-1.x-dev
Category:feature» task

Title:Add note about sessions/caching of pages containing CAPTCHAsImprove note about page caching for CAPTCHA-only protection
Version:7.x-1.x-dev» 7.x-2.x-dev

Due to another issue that got fixed recently, the latest stable release outputs a note for the CAPTCHA-only protection now:


Only choose CAPTCHA if text analysis is not suitable. Page caching is disabled on all pages containing CAPTCHA-only protected forms.

The wording of this note can definitely be improved.

Title:Improve note about page caching for CAPTCHA-only protectionClarify protection mode options
Component:Documentation» User interface
Issue summary:View changes
Status:Active» Needs review
new3.95 KB
PASSED: [[SimpleTest]]: [MySQL] 6,477 pass(es).
[ View ]
new11.35 KB

Attached patch...

1. Clarifies the recommended option for all settings.
2. Clarifies the difference between text analysis and CAPTCHA-only.
3. Ensures that the recommended option always comes first.


Revised protection modes

Version:7.x-2.x-dev» 6.x-2.x-dev
new4.28 KB
PASSED: [[SimpleTest]]: [MySQL] 5,809 pass(es).
[ View ]

Version:6.x-2.x-dev» 7.x-2.x-dev
Status:Needs review» Fixed

Thanks for reporting, reviewing, and testing! Committed to all branches.

A new development snapshot will be available within the next 12 hours. This improvement will be available in the next official release.

Status:Fixed» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.