X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/3c86cd4a6a8f2801a39403ca9db893a18ad1b302..800e3f0daba85df86b5b74c440a3d3219d112738:/doc/todo/require_CAPTCHA_to_edit.mdwn
diff --git a/doc/todo/require_CAPTCHA_to_edit.mdwn b/doc/todo/require_CAPTCHA_to_edit.mdwn
index e42ac259c..ad38d9235 100644
--- a/doc/todo/require_CAPTCHA_to_edit.mdwn
+++ b/doc/todo/require_CAPTCHA_to_edit.mdwn
@@ -2,6 +2,8 @@ I don't necessarily trust all OpenID providers to stop bots. I note that ikiwik
I imagine a plugin that modifies the login screen to use . You would then be required to fill in the captcha as well as log in in the normal way.
+-- [[users/Will]]
+
> I hate CAPTCHAs with a passion. Someone else is welcome to write such a
> plugin.
>
@@ -36,6 +38,8 @@ I imagine a plugin that modifies the login screen to use
>>>> it means that someone else is taking care of keeping it ahead of
>>>> the bot authors.
+>> As [[spam_fighting]] shows, OpenID spam is now real. Yahoo, at least, would need to be blocked, according to the above, which seems like a bold move. --[[anarcat]]
+
Okie - I have a first pass of this. There are still some issues.
Currently the code verifies the CAPTCHA. If you get it right then you're fine.
@@ -55,7 +59,7 @@ ignored.
> This is still not fixed. I would have thought the following patch would
> have fixed this second issue, but it doesn't.
-(code snipped as a working patch is below)
+(code snipped as a working [[patch]] is below)
>> What seems to be happing here is that the openid plugin defines a
>> validate hook for openid_url that calls validate(). validate() in turn
@@ -89,15 +93,15 @@ ignored.
--- a/IkiWiki/Plugin/openid.pm
+++ b/IkiWiki/Plugin/openid.pm
-@@ -18,6 +18,7 @@ sub getopt () { #{{{
+@@ -18,6 +18,7 @@ sub getopt () {
error($@) if $@;
Getopt::Long::Configure('pass_through');
GetOptions("openidsignup=s" => \$config{openidsignup});
+ GetOptions("openidneedscaptcha=s" => \$config{openidneedscaptcha});
- } #}}}
+ }
- sub formbuilder_setup (@) { #{{{
-@@ -61,6 +62,7 @@ sub formbuilder_setup (@) { #{{{
+ sub formbuilder_setup (@) {
+@@ -61,6 +62,7 @@ sub formbuilder_setup (@) {
# Skip all other required fields in this case.
foreach my $field ($form->field) {
next if $field eq "openid_url";
@@ -105,7 +109,7 @@ ignored.
$form->field(name => $field, required => 0,
validate => '/.*/');
}
-@@ -96,6 +98,18 @@ sub validate ($$$;$) { #{{{
+@@ -96,6 +98,18 @@ sub validate ($$$;$) {
}
}
@@ -150,19 +154,19 @@ use warnings;
use strict;
use IkiWiki 2.00;
-sub import { #{{{
+sub import {
hook(type => "formbuilder_setup", id => "recaptcha", call => \&formbuilder_setup);
-} # }}}
+}
-sub getopt () { #{{{
+sub getopt () {
eval q{use Getopt::Long};
error($@) if $@;
Getopt::Long::Configure('pass_through');
GetOptions("reCaptchaPubKey=s" => \$config{reCaptchaPubKey});
GetOptions("reCaptchaPrivKey=s" => \$config{reCaptchaPrivKey});
-} #}}}
+}
-sub formbuilder_setup (@) { #{{{
+sub formbuilder_setup (@) {
my %params=@_;
my $form=$params{form};
@@ -272,7 +276,7 @@ EOTAGS
});
}
}
-} # }}}
+}
# The following function is borrowed from
# Captcha::reCAPTCHA by Andy Armstrong and are under the PERL Artistic License
@@ -323,4 +327,3 @@ sub check_answer {
}
1;
-