|
Works like a charm with 3.6.4, thanks :)
|
Sometimes it asks to click a picture, but although the four pics are there, the one it asks you to click is not. Is this correct?
Apart from that it all works fine on 3.6.3 (Apache). With regard to some folk getting a red 'X' instead of a pick, I got that first, and solved it by just closing the browser, and opening a new one. |
Quote:
Change: PHP Code:
PHP Code:
AdminCP -> Plugins & Products -> Plugin Manager -> Extra user verification Click edit and find: PHP Code:
PHP Code:
Then you should be good to go - all this does is stop the directory from being listed. Jason |
Quote:
Jason |
Quote:
I'll have a fiddle later, need to go out now. Thanks. |
|
Looking good - you know you don't have to use _ between words, just name the file and include spaces, the script reads the files as they are and displays the answer as shown in the filename.
|
Great hack - thank you very much :D - working well on 3.6.3 (patched to .4)
Once question - how would I be able to make the image phrase bold - i.e. Bart Simpson instead of Bart Simpson - can't find the phrases anywhere so I'm guessing your script draws them from the image title? Mike :) |
Quote:
|
Quote:
AdminCP -> Styles & Templates -> Style Manager -> [the style you use] -> Edit Templates Find the image_verification template and open that, look for this code PHP Code:
PHP Code:
HTH Jason |
Figured out my problemo. It appears one of the pictures didn't upload for some reason, so must have confused it.
Fully working now. Thanks a lot :) |
Quote:
|
I installed the plugin on vB 3.6.3. When I try to run it I get the following two error messages:
Warning: dir(images/verification/): failed to open dir: No such file or directory in /register.php(202) : eval()'d code on line 6 Fatal error: Call to a member function on a non-object in /[path]/forum/register.php(202) : eval()'d code on line 7 Seems like maybe I installed the "verification/" dir in the wrong place. I first put it in my "wp-includes/images/" dir, but it produced the error messages shown above. Then I created an "images/" dir in the home dir of my vB installation and moved the "verification/" dir into it. Same error messages. Should I put the "verification/" dir elsewhere or is something else causing the problem here? Thanks. |
installed on 3.6.4,working a treat ..
thank you :cool: Quote:
|
Steadi, first of all I commend you on a great effort to defeat the (to me) tremendously growing problem of spam wrecking forums.
Quote:
Quote:
I was thinking of installing this (as I need a solution from somewhere) but I see an inherent problem with this that will surely allow it to be defeated with absolute ease, should it ever reach the popularity that it's worth spending a little time (and that's all it would take) to deal with it. Quite simply, it doesn't need to be programmed to read the image or anything complicated like that. It has four pictures of which it has to click the right one to proceed. The easy way to beat it is to code the bot to just click on images, and go back and repeatedly click on images, until it reaches the accepted part of the page (birthdate or whatever). As there's only four images it's going to do it in a handfull of tries. Whether they get around to coding that I don't know, but if they do it's instantly sunk as far as I can see. The one way I can see to deal with bots doing that is to have the user type in the name of a single image (i.e. "cloud"). That's why captcha is a tougher problem (even though it's beaten atm) because there's a massive amount of inputs that need to be tried, rather than just "pick a number, 1 to 4". Has this occured to you, or do you just believe they won't specifically target your hack, even if it gets popular? |
hiBEES,
Right you are, and thanks. Turns out I installed it in my WordPress installation instead of vBulletin. Now I've installed it in the right place and it works fine. ;) |
Quote:
I appreciate your feedback. Jason |
thanks for this hack - I installed it yesterday, so far no spam signups. one question - is there a log kept anywhere of failed attempts?
regarding whether it can be cracked or not - sure, it probably can. But the object of the exercise is to defeat automated software, so perhaps introducing more randomness is what's needed rather than any one approach. For example, sometimes you ask for an image to be identified, sometimes you ask a simple arithmetic question, sometimes you need a picture clicked on... introducing more random aspects like this would make it increasingly difficult to program a bot for. I think. |
There isn't any log of failed attempts - it may be something I can work into an update, I like your suggestion, something even more random to confuse bots.
Cheers Jason |
Could you have it re-order the 4 pictures each time they are presented? So that a click on image #1 would sometimes be correct and sometimes not? Also have the required image name be changed. For instance, one time it asks for the butterfly, the next it may ask for the soccer ball (randomly of course), and each time it changes both the question, and the location of the proper response?
Possibly also expand the hack to include many more possible images, but only randomly choose 4 at a time to display. Along with your idea of a 24hr lock out for "x" amount of wrong answers, this could be a formidable hack. I'm no coder... so I have no idea how hard this would be. But it seems to me that this randomness would keep the Bots at bay for quite some time. |
Quote:
|
1 Attachment(s)
i cant get the images to show up i am running a 3.6.2 forum heres a screen shot
|
Quote:
|
Quote:
PHP Code:
Jase |
@ GaryK & JD45:
First thing - check to make sure you have the GD libraries installed - see this post. If you don't have GD installed it won't work - if it is installed try this - Check the structure of the images - they should be: forum root/images/verification Here's something to check if that is all correct, in templates check image_verification, and find this code: PHP Code:
PHP Code:
If all else fails PM your site details and I can take a look. HTH Jason |
1 Attachment(s)
I notice today that the radom images dont work well in my forum see attachemnt .
|
Hmmm that's very unusual - try holding Ctrl and pressing F5 or refresh and see if that clears it up - it shouldn't cache any image but it's the only thing I can think that's causing it - if you still have problems let me know I can take a look into it.
Cheers Jason |
test on 3.6.2, does not work... upgrading
|
This is very unusual, it should work on 3.6.x - I'm eager to know why sometimes it doesn't work.
I might put together a quick FAQ. Jase |
Did you find an answer to garyk's problem above? I have the same issue
|
The most obvious problem is with the structure - if you check the thread above it shows how to check and correct if it's not right - if all else fails I can check your forum and see if I can figure it out from that.
The only real reasons for the images not showing are GD libraries aren't installed and the /verification directory isn't in the correct place. Let me know and we can go from there. Cheers Jason |
ok ... the reason for the 2 different images not showing on here .. (ie the one with red x and one just with writing) is by the looks of it depenedant on whether firefox or explorer is used ..... explorer shows the crosses, and firefox doesnt..
Anyways, checked the gd in the php.ini and is same as your example .... also right clicked on red cross and clicked properties, and it does show the correct path to show.php so guessing it has to be something there... Is a windows server dunno if that makes a difference.... Any other ideas? |
I was using vB 3.6.0 and it worked fine. I just upgraded to 3.6.4 and it doesn't work. It just goes to the rules page when you click Register.
|
Quote:
edit to get around the image verification page, all you have to do is go to register, click back when on the image verification page, then then go to re-register, and you don't get the verification page again :/ |
Quote:
I implemented this solution and did not receive any spam until today. so that was about 4 or 5 days without spam when we were getting loads. So it did work but now they are getting through again. How is that possible ? Im no techie but these people who make these bots need to get decent jobs because they must be a rather intelligent bunch. |
It is likely they are just getting lucky with "clicks" they are finding the right combination, plus they may also know about this thread and have combatted how it works - I'm going to try and get on to the strike system to see if it's possible to make it more secure.
I'm PM'ing people with problems to try and help solve these issues. Cheers Jason |
Thanks.
Im wondering if making the number of images displayed change an extra layer of security or perhaps it makes no difference to how the bots work. So like sometimes its 5 images. But regardless of the fact they have made it through now , it has 100% cut down on the number we were getting and the latest was not porn. :) |
If you'd like to use more than 5 I can knock up a quick hack to change this - it's something I'm working into version 2 as well, an option to select how many images you can show.
|
Guys don't you see, the bots arnt guessing the right image, its humans signing up and then passing the details onto the computer bots who do all the posting work.
There is nothing you can do about that other than delete their posts. |
This is no defense against anything programmed to defeat it. All it would have to do is keep on clicking image #1 until it happened to be right. So basically this only works for things that aren't programmed to defeat it, and given that, you may as well just add an extra clickthrough page to confuse the bot just as effectively but with less inconvenience to human registrants and web admins alike.
|
| All times are GMT. The time now is 09:22 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|