X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/1fc3f034191d3eec78b4d5da343e282092a221be..d09bf0754f650399b7fc7227106f761ddbd24f0d:/doc/todo/require_CAPTCHA_to_edit.mdwn
diff --git a/doc/todo/require_CAPTCHA_to_edit.mdwn b/doc/todo/require_CAPTCHA_to_edit.mdwn
index 83ba07eb0..921e6254a 100644
--- a/doc/todo/require_CAPTCHA_to_edit.mdwn
+++ b/doc/todo/require_CAPTCHA_to_edit.mdwn
@@ -38,6 +38,8 @@ I imagine a plugin that modifies the login screen to use
>>>> it means that someone else is taking care of keeping it ahead of
>>>> the bot authors.
+>> As [[spam_fighting]] shows, OpenID spam is now real. Yahoo, at least, would need to be blocked, according to the above, which seems like a bold move. --[[anarcat]]
+
Okie - I have a first pass of this. There are still some issues.
Currently the code verifies the CAPTCHA. If you get it right then you're fine.
@@ -89,6 +91,7 @@ ignored.
>>>> prusue my idea of not doing the captcha validation in the validate
>>>> hook.
+[[!format diff """
--- a/IkiWiki/Plugin/openid.pm
+++ b/IkiWiki/Plugin/openid.pm
@@ -18,6 +18,7 @@ sub getopt () {
@@ -127,6 +130,7 @@ ignored.
return_to => IkiWiki::cgiurl(do => "postsignin"),
trust_root => $config{cgiurl},
+"""]]
Instructions
=====
@@ -134,8 +138,10 @@ Instructions
You need to go to and get a key set.
The keys are added as options.
- reCaptchaPubKey => "LONGPUBLICKEYSTRING",
- reCaptchaPrivKey => "LONGPRIVATEKEYSTRING",
+[[!format perl """
+reCaptchaPubKey => "LONGPUBLICKEYSTRING",
+reCaptchaPrivKey => "LONGPRIVATEKEYSTRING",
+"""]]
You can also use "signInSSL" if you're using ssl for your login screen.
@@ -144,6 +150,7 @@ The following code is just inline. It will probably not display correctly, and
----------
+[[!format perl """
#!/usr/bin/perl
# Ikiwiki password authentication.
package IkiWiki::Plugin::recaptcha;
@@ -325,3 +332,4 @@ sub check_answer {
}
1;
+"""]]