Comments on: Dotclear blogging software and a captcha plugin

By: Matthew Helmke (dot) Net » I have installed an accessible Turing Test

Matthew Helmke (dot) Net » I have installed an accessible Turing Test — Sun, 20 Apr 2008 17:22:49 +0000

[...] will recall from my last post that I wanted an accessible anti-spam measure for this dotclear blog because of a recent rise in [...]

By: matthew

matthew — Tue, 30 Oct 2007 11:43:26 +0000

Trevor: because I had never heard of either. I'm doing some reading now. Thanks for the recommendations. For those who don't have them, and so I don't lose them, here are the links I found: Askimet and Bad Behavior

By: Trevor

Trevor — Tue, 30 Oct 2007 11:38:11 +0000

Why not use Akismet or Bad Behaviour? You’ll get close to the same amount of protection, without inconveniencing your readers.

By: matthew

matthew — Tue, 30 Oct 2007 09:22:04 +0000

Woo hoo! I found my problem. I had moved the site configuration file to a non-default location for security purposes, and I had failed to update a config.php file.

Everything should be working now.

By: matthew

matthew — Tue, 30 Oct 2007 09:16:10 +0000

I am officially frustrated. I have the captcha up and working perfectly on my testbox. When I upload it to this server, I get the error above. For some reason dotclear is not finding the class for the captcha, even though everything is the same here as it is on the testbox…at least as far as I can tell. Obviously something must be different. Okay, I’m still looking. If commenting is broken for the moment, this is why.

By: matthew

matthew — Sun, 28 Oct 2007 17:33:55 +0000

Okay! reCAPTCHA for the win. Thanks for the recommendation, Michael! I will write a followup blog post detailing how to include it in dotclear. It wasn’t difficult, and I like that it is designed with security in mind, that it is designed to be accessible with an audio option, and that users are helping to digitize books for open access. See the upcoming blog post for more details.

EDIT: I confess…I have reCAPTCHA installed, but it is not yet configured correctly. I’m having trouble following the logic flow in dotclear (it would probably help if I could find documentation in a language I can actually read well, but that’s the price I pay for using dotclear, and the only complaint I have so far about it). If anyone knows where the comment post error handling is done, please let me know. I think I have read every php file on my hard drive. It could be that I’m just too tired to see something right in front of my eyes, so I’m going to quit now and get some sleep. Enjoy the look of the captcha, even though it isn’t actually being processed yet.

EDIT #2: I need to do something soon. I had a ton of new spam this morning in comments on old threads. Hopefully I will have some free time later today to get something working. reCAPTCHA is my first choice, but if I can’t wrap my mind around it quickly enough, I may take the easy way out and use something else for the time being.

EDIT #3: I broke the commenting system temporarily. I installed the captcha system I originally linked to in my post, followed the instructions, and for some reason I got the following error:

Fatal error: Class ‘dcCaptcha’ not found in /home/*******/form.php on line 50

Which merely contained the code that inserts the captcha there and calls the function. Odd. I’m going to play around and see why the software isn’t acknowledging the existence of a class that I can clearly see exists…I wish I could have made reCAPTCHA work, at least it would display correctly, even if it didn’t do anything. In the meanwhile, I guess I still have to be vigilant and find/delete spam manually.

By: Michael Gauthier

Michael Gauthier — Sat, 27 Oct 2007 23:58:17 +0000

You could try using reCAPTCHA recaptcha.net/. It is free for personal use and is a more technically correct solution than hiding things with CSS.

By: matthew

matthew — Sat, 27 Oct 2007 18:57:22 +0000

That's not a bad idea, xavier. Thank you.

I'm not opposed to people who leave real comments having a link, though. Hmm. Maybe I could create an additional input box that is human-invisible, but robot visible, and do basically the same thing.

I'll have to think about this while I wait to see if anyone else has a good idea. I probably won't get around to implementing anything until Monday at the earliest, so maybe someone will give an even better idea over the weekend.

By: xavier

xavier — Sat, 27 Oct 2007 18:35:25 +0000

I have modify the css so that the website field in the comments page is now hiden. As a result, a human user cannot see it but the spam robot can. I have also modify the php code to test if this field is empty or not. If it is not empty, I just reject the comment.

I got *zero* spams with this method zero.