We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Need Help with Weblogin and Captcha

    • 21759
    • 139 Posts
    nootkan Reply #1, 13 years, 1 month ago
    Is it possible to implement a captcha with the WebLogin 1.1 snippet that came with the demo content for web users to comment on the blog articles when you first install MODx Evo 1.04? I have tried copying the code from the FormSignup chunk and placed it inside of the FormLogin chunk to get the image to show under the username and password text boxes in the right column
    <fieldset>
    <h3>Your Login Details</h3>
    <label for="username">User: <input type="text" name="username" id="username" tabindex="1" onkeypress="return webLoginEnter(document.loginfrm.password);" value="[+username+]" /></label>
    <label for="password">Password: <input type="password" name="password" id="password" tabindex="2" onkeypress="return webLoginEnter(document.loginfrm.cmdweblogin);" value="" /></label>
    <p>Enter the word/number combination shown in the image below.</p>
    <p><a href="[+action+]"><img align="top" src="manager/includes/veriword.php" width="149" height="60" alt="If you have trouble reading the code, click on the code itself to generate a new random code." style="border: 1px solid #039" /></a></p>
    <label>Form code:*
    <input type="text" name="formcode" class="inputBox" size="20" /></label>
    <input type="checkbox" id="checkbox_1" name="checkbox_1" tabindex="3" size="1" value="" [+checkbox+] onclick="webLoginCheckRemember()" /><label for="checkbox_1" class="checkbox">Remember me</label>
    <input type="submit" value="[+logintext+]" name="cmdweblogin" class="button" />
    <a href="#" onclick="webLoginShowForm(2);return false;" id="forgotpsswd">Forget Your Password?</a>
    {{register}}

    {{manager user}}
    </fieldset>

    and placed the &useCaptcha=`1` inside of my snippet call like follows:
    <h2>Login:</h2>
    <div id="sidebarlogin">[!WebLogin? &tpl=`FormLogin` &loginhomeid=`[(site_start)]` &useCaptcha=`1`!]</div>
    But it doesn’t seem to validate. You can view the site here: http://www.grstreamkeepers.com look at the lower right corner side bar and you’ll see the login with captcha. You can use tester with test123 to see what I mean.

    I also tried copying the code (in red) from the WebSignup snippet and pasted into the WebLogin snippet but that doesn’t seem to work either:
    WebLogin 1.1 Snippet Code
    # Snippet customize settings
    $liHomeId = isset($loginhomeid)? explode(",",$loginhomeid):array($modx->config[’login_home’],$modx->documentIdentifier);
    $loHomeId = isset($logouthomeid)? $logouthomeid:$modx->documentIdentifier;
    $pwdReqId = isset($pwdreqid)? $pwdreqid:0;
    $pwdActId = isset($pwdactid)? $pwdactid:0;
    $loginText = isset($logintext)? $logintext:’Login’;
    $logoutText = isset($logouttext)? $logouttext:’Logout’;
    $tpl = isset($tpl)? $tpl:"";
    $useCaptcha = isset($useCaptcha)? $useCaptcha : $modx->config[’use_captcha’] ;
    // Override captcha if no GD
    if ($useCaptcha && !gd_info()) $useCaptcha = 0;

    The login form seems to work fine with captcha disabled, however when I disable the captcha feature I get bombarded by bots trying to register with the registration page which uses the FormSignup chunk in conjunction with the WebSignup 1.1 snippet therefore I have to enable the captcha to avoid the bots.

    Can anyone help me with this? Am I missing something?
      • 21759
      • 139 Posts
      nootkan Reply #2, 13 years, 1 month ago
      Okay, I am close I think but my lack of php coding skills is causing me grief. I can only copy and paste what I think I need based on word recognition (captcha). In other words, I see words or code with captcha included and I copy/paste that code into the weblogin.inc.php file from the websignup.inc.php (see below).
      <?php
      # WebLogin 1.0
      # Created By Raymond Irving 2004
      #::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

      defined(’IN_PARSER_MODE’) or die();

      # load tpl
      if(is_numeric($tpl)) $tpl = ($doc=$modx->getDocuments($tpl)) ? $doc[’content’]:"Document ’$tpl’ not found.";
      else if($tpl) $tpl = ($chunk=$modx->getChunk($tpl)) ? $chunk:"Chunk ’$tpl’ not found.";
      if(!$tpl) $tpl = getWebLogintpl($useCaptcha);

      // verify form code
      if($useCaptcha && $_SESSION[’veriword’]!=$formcode) {
      $output = webLoginAlert("Incorrect form code. Please enter the correct code displayed by the image.").$tpl;
      return;
      }
      // extract declarations
      $declare = webLoginExtractDeclarations($tpl);
      $tpls = explode((isset($declare["separator"]) ? $declare["separator"]:"<!--tpl_separator-->"),$tpl);

      if(!isset($_SESSION[’webValidated’])){
      ob_start();
      // if(isset($_COOKIE[$cookieKey])) {
      // $cookieSet = 1;
      // $sitename = $_COOKIE[$cookieKey];
      // $thepasswd = substr($site_id,-5)."crypto"; // create a password based on site id
      // $rc4 = new rc4crypt;
      // $thestring = $rc4->endecrypt($thepasswd,$sitename,’de’);
      // $uid = $thestring;
      // }else{
      $uid = isset($_POST[’username’])? $modx->db->escape(htmlspecialchars($_POST[’username’], ENT_QUOTES)):’’;
      // }

      ?>

      This is what I get when I try to login using the weblogin




      If anyone can help me with this I would greatly appreciate it.