reCAPTCHA!vB
 

THIS MODIFICATION SHOULD NOT BE USED WITH VBULLETIN 3.7+ AS IT IS A DEFAULT FEATURE.

Keywords: reCAPTCHA, CAPTCHA, spam, register

Description:
This modification will replaced the default vBulletin registration CAPTCHA with the newer, more advanced reCAPTCHA.

What is CAPTCHA/reCAPTCHA?:
A CAPTCHA is a program that can tell whether its user is a human or a computer. You've probably seen them ? colorful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from "bots," or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.

About 60 million CAPTCHAs are solved by humans around the world every day. In each case, roughly ten seconds of human time are being spent. Individually, that's not a lot of time, but in aggregate these little puzzles consume more than 150,000 hours of work each day. What if we could make positive use of this human effort? reCAPTCHA does exactly that by channeling the effort spent solving CAPTCHAs online into "reading" books.

To archive human knowledge and to make information more accessible to the world, multiple projects are currently digitizing physical books that were written before the computer age. The book pages are being photographically scanned, and then, to make them searchable, transformed into text using "Optical Character Recognition" (OCR). The transformation into text is useful because scanning a book produces images, which are difficult to store on small devices, expensive to download, and cannot be searched. The problem is that OCR is not perfect.

https://vborg.vbsupport.ru/

reCAPTCHA improves the process of digitizing books by sending words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher. More specifically, each word that cannot be read correctly by OCR is placed on an image and used as a CAPTCHA. This is possible because most OCR programs alert you when a word cannot be read correctly.

But if a computer can't read such a CAPTCHA, how does the system know the correct answer to the puzzle? Here's how: Each new word that cannot be read correctly by OCR is given to a user in conjunction with another word for which the answer is already known. The user is then asked to read both words. If they solve the one for which the answer is known, the system assumes their answer is correct for the new one. The system then gives the new image to a number of other people to determine, with higher confidence, whether the original answer was correct.

Currently, we are helping to digitize books from the Internet Archive.

[hr]-[/hr]
Installation:

1. Download and unzip the recaptcha101.zip archive.
2. Upload the functions_recaptcha.php to your /includes/ directory.
3. Import the product-recaptcha.xml via the Product Manager.
4. Obtain a FREE public and private reCAPTCHA key here.
5. Make any desired configuration changes via AdminCP > vBulletin Options > reCAPTCHA Options
6. Make a backup of your register.php file, located in your forum root.
7. Perform ONE (1) of the following methods:
   • Method A:
     • Download the register-patch.zip archive, extract, then upload the register.patch file to your forum root, then apply the patch:
       
       *Note: Please note that this method requires a basic understanding of UNIX shell commands and requires shell access to your host. If you do not have either of these or you are unsure how to use GNU patch, I highly suggest performing Method B instead)
       
       
       Code:

       ---

       # patch -b register.php < register.patch

       ---

       This will perform the file edits automatically. Once finished, you may delete the register.patch file.
   • Method B:
     Perform the following simple file edits:
     • IN register.php:
       1. FIND:
          
          PHP Code:

          ---

          eval('$imagereg = "' . fetch_template('imagereg') . '";'); 


          ---

          REPLACE WITH:
          
          PHP Code:

          ---

          $imagereg = recaptcha_get_html($vbulletin->options['recaptcha_publickey'], $error); 


          ---

       2. FIND AND REMOVE:
          
          PHP Code:

          ---

                          'imagestamp'          => TYPE_STR,
                'imagehash'           => TYPE_STR, 


          ---

       3. FIND:
          
          PHP Code:

          ---

                  // Check Reg Image
        if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
        {
                require_once(DIR . '/includes/functions_regimage.php');
                if (!verify_regimage_hash($vbulletin->GPC['imagehash'], $vbulletin->GPC['imagestamp']))
                {
                        $userdata->error('register_imagecheck');
                }
        } 


          ---

          REPLACE WITH:
          
          PHP Code:

          ---

                  // Check Reg Image
        if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
        {
                $resp = recaptcha_check_answer ($vbulletin->options['recaptcha_privatekey'],
                                                $_SERVER["REMOTE_ADDR"],
                                                $_POST["recaptcha_challenge_field"],
                                                $_POST["recaptcha_response_field"]);

                if (!$resp->is_valid)
                {
                        $userdata->error('register_imagecheck');
                }
        } 


          ---

NOTE: YOU MAY ALSO REPLACE THE CAPTCHA DISPLAYED TO GUESTS WHEN USING THE "CONTACT US" FORM BY FOLLOWING THE INSTRUCTIONS HERE.

[hr]-[/hr]
Tips, tricks and modifications:

• Apply "Method A" without shell access (DOCTOR DAN)
• Restore "image verification" frame around reCAPTCHA panel (DOCTOR DAN)

[hr]-[/hr]
Comments:
As with all my hacks, this modification is provided free of charge. However, if you find this product useful and have money burning a hole in your pocket, feel free to make a small donation, I won't mind.. really. :)

Version History:

• 1.0.0 - Initial release, here's to hoping...
• 1.0.1 - Woops! Forgot to include a aesthetic template edit in the original release. All is well, simply redownload and overwrite the XML. That's it!
• 1.1.0 - Added alternate language support. Now various reCAPTCHA tags and text will be displayed in your selected language. Also added a fieldset to the automatic template edits around the display block for a more uniform look (thanks DOCTOR DAN!).

Currently Known Bugs:

• None

* Please note that this modification was developed on a forum with a userbase of 1 (myself). I've tested it for basic functionality but I cannot guarantee functionality or behavior on your forum. So, please -- make backups before installing this product!

amazingly brilliant, as usual Magnus !!!

[high]* nexialys send some love ![/high]
(my wife will kill me if she knows!)

edit: ah, now it is good, the file !!!

remember to tell to register to get a API key: http://recaptcha.net

FREE

Woops! Forgot to include an aesthetic template edit. Not having it won't cause any functionality issues, you simply won't be able to change themes.

In order to upgrade, simply re-download and import the latest XML, overwriting your existing one. That's it!

This is great!!!

Glad you like. :)

I read about this in the latest Wired magazine, and I just had to put it into vBulletin. :D

very creative putting something like this to good use :)

Suggest this as a default mod built-in to vb v4.0 =]

vb4? LOL :)

nice hack!

Excellent! Thanks a bunch! :D

I've gone ahead and uploaded a register.patch file, which will allow you to utilize the unix patch system to make the necessary file edits automatically. Simply follow the instructions in the original post if you haven't already made manual file edits.

Be sure to backup your original register.php!

If you ever wish to return to the original CAPTCHA, all you need to do is simply overwrite register.php with the backup you made then uninstall the product. That's it!

Could you please explain how the register.patch file works? I read the instructions you posted but I'm not quite sure what it does. Oh and does this work with 3.6.5?

The file register.patch is a GNU patch file. It has the location offsets and changes necessary for the modification to work. Rather than having to edit the file manually, this patch file will do it automatically. If you download the patch file and open it in notepad, you'll get a better understanding of what it's doing. It's basically an automated 'search and replace'.

If the 3.6.5 register.php has a different offset, then the patch file will fail, so you'll need to make the file edits manually in that case.

Either way, none of the changes are irreversable. If something goes awry, you simply overwrite register.php with your backup and you're off and running again. As long as you have a backup of register.php, there's no risk.

One more question. How would this mod be different/better than say a few of the others posted here such as the no spam which has a set of alternating questions a user must answer correctly to register on your site?

Considering I'm not familiar with the specifics of the modification you're speaking about I can only speculate as to it's functionality.

The benefit to reCAPTCHA is it's something any human can answer. Questions, regardless of how easy they are, may be interpreted wrong due to language barriers or possibly even mental capacity. The goal of a CAPTCHA isn't to test the users knowledge, it's to simply confirm they are human.

One of the added benefits of reCAPTCHA is the fact it takes something as trivial as registering on a forum and uses those "human processes" to do something productive. Helping to translate words that even the best OCR software in the world cannot translate is helping to advance the digitizing of books printed before the digital age.

Not to mention, reCAPTCHA uses 2 words to authenticate humans. One of the words is one that has been proven to be previously untranslated by bots. That's a pretty good security measure, if you ask me. :)

@magnus

Very nice hack. One question, I am confused to where I put the
code: # patch -b register.php < register.patch

Does this go in the patch file, register.php or else where?

No, that line is a command that needs to be run from a shell prompt -- provided you have shell access (the '#' indicates a shell prompt, the remaining text is the actual command to be run). Otherwise, you'll need to perform the edits manually as noted in Method B.

Also, please remember that these methods are exclusive of each other. You need to perform either Method A or Method B. Not both!

im not that bright, so i went ahead and manually edited the register page... and i am happy i took the time the stop.. this is very nice.. and replaces another hack i had in place... installed.... nominated

I ran and got this error : An error occurred while attempting to execute your query. The following information was returned.
error number: 1064
error desc: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'patch -b register.php < register.patch' at line 1

I still have No Spam! and AjaxReg hacks installed as I wanted to keep them also. Could one or both hacks of these hacks be causing a conflict or should I just try and edit the reg.php manually?

Wait, what? Why are you trying to execute the patch via SQL? Forget the patch. Remove any and all reference to it. Do not perform Method A, instead do what's listed in Method B. Perform the file edits manually.

Using the GNU patch method should be reserved for those with basic UNIX knowledge and shell access to their hosts. Everyone else should follow the instructions in Method B.

Glad to hear you go everything works. By the way, I love your forum's header image. It looks great. :)

Yep, I did Method B and it works fine. *Installed* works great and thanks! :)

@magnus

Anyway maybe in your next release you could include the recaptcha to show up when sending mail via clicking "contact us"?

Actually, I have this done already. I'll put up a post with the required file edits.

al-righty then, gonna give this a whirl. :)

Thanks magnus, looking forward to your post.

Looks like a great addition.
Will it work alongside Ajax Registration ?

There's no reason for it not to. This simply replaces the default CAPTCHA.

I can tell you I am using AjaxReg and No Spam! with this hack and it works with no problems. :)

Installed and working well .. thanks magnus :up:

Perform the following file edits in order to replace the default CAPTCHA displayed to guests when using "Contact Us" with a reCAPTCHA
[hr]-[/hr]
In sendmessage.php - BE SURE TO MAKE A BACKUP BEFORE EDITING!

1. FIND:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['contactustype'] == 2 AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_regimage.php');
        if (!verify_regimage_hash($vbulletin->GPC['imagehash'], $vbulletin->GPC['imagestamp']))
        {
            $errors[] = fetch_error('register_imagecheck');
        }
    } 


   ---

   REPLACE WITH:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['contactustype'] == 2 AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_recaptcha.php');
        $resp = recaptcha_check_answer($vbulletin->options['recaptcha_privatekey'],
                        $_SERVER["REMOTE_ADDR"],
                        $_POST["recaptcha_challenge_field"],
                        $_POST["recaptcha_response_field"]);
        if (!$resp->is_valid)
        {
            $errors[] = fetch_error('register_imagecheck');
        }
    } 


   ---

2. FIND AND REMOVE:
   
   PHP Code:

   ---

           if ($imagehash)
        {
            $db->query_write("DELETE FROM " . TABLE_PREFIX . "regimage WHERE regimagehash = '" . $db->escape_string($imagehash) . "'");
        } 


   ---

3. FIND:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['contactustype'] == 2 AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_regimage.php');
        $imagehash = fetch_regimage_hash();
        eval('$imagereg = "' . fetch_template('imagereg') . '";');
    } 


   ---

   REPLACE WITH:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['contactustype'] == 2 AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_recaptcha.php');
        $imagereg = recaptcha_get_html($vbulletin->options['recaptcha_publickey']);
    } 


   ---

4. FIND:
   
   PHP Code:

   ---

       // image verification
    if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_regimage.php');
        $imagehash = fetch_regimage_hash();
        eval('$imagereg = "' . fetch_template('imagereg') . '";');
    } 


   ---

   REPLACE WITH:
   
   PHP Code:

   ---

       // image verification
    if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_recaptcha.php');
        $imagereg = recaptcha_get_html($vbulletin->options['recaptcha_publickey']);
    } 


   ---

5. FIND:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_regimage.php');
        if (!verify_regimage_hash($vbulletin->GPC['imagehash'], $vbulletin->GPC['imagestamp']))
        {
            standard_error(fetch_error('register_imagecheck'));
        }
    } 


   ---

   REPLACE WITH:
   
   PHP Code:

   ---

       if (!$vbulletin->userinfo['userid'] AND $vbulletin->options['regimagetype'])
    {
        require_once(DIR . '/includes/functions_recaptcha.php');

        $resp = recaptcha_check_answer ($vbulletin->options['recaptcha_privatekey'],
                        $_SERVER["REMOTE_ADDR"],
                        $_POST["recaptcha_challenge_field"],
                        $_POST["recaptcha_response_field"]);

        if (!$resp->is_valid)
        {
            standard_error(fetch_error('register_imagecheck'));
        }
    } 


   ---

6. FIND AND REMOVE: THERE WILL BE TWO (2) OCCURANCES OF THIS STRING. REMOVE BOTH
   
   PHP Code:

   ---

           'imagestamp'    => TYPE_STR,
        'imagehash'     => TYPE_STR, 


   ---

Installed, not having much luck changing themes. Is that theme dropdown suppose to work?

Edit: Ok, I tried the 3 themes and the only that shows for me is that butt-ugly red one. :p

If you're having a problem with themes, chances are the automatic template edit isn't taking effect. Simply make the edit manually.

In the register template:

• FIND:
  
  HTML Code:

  ---

                          $imagereg

  ---

  REPLACE WITH::
  
  HTML Code:

  ---

                          <script type='text/javascript'>
                        var RecaptchaOptions = {
                          theme : "$vboptions[recaptcha_theme]",
                          tabindex : $vboptions[recaptcha_tabindex]
                        };
                        </script>

                        $imagereg

  ---

And, just for good measure you might want to disable the automatic template edit plugin. In AdminCP > Plugins & Products > Plugin Manager look for Automatically modify register template (located under reCAPTCHA!vB) and uncheck the box, then click "Save Active Status".

That should do it!

@magnus

Thank you for posting instructions here on how to make captcha work for guest using "Contact Us" form.

Works great and thanks again. :)

Would be absolutely great if this could also be used by registred users for things like replies, quick replies, new threads, etc. Even better if it could be used for registered users with less than x postings to their credit. So that it will help drive those manual spammers away.

Why would you want registered users to be subjected to CAPTCHA's?

I think that I followed all of the instructions but when I click on "register" it does go to /register.php but its blank. I replace it with the original and its ok. I did the upload etc. and added the keys to the product in the appropriate spaces. I have double and triple checked my typing. Any suggestions?

Thanks

// Check Reg Image
if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
{
$resp = recaptcha_check_answer ($vbulletin->options['recaptcha_privatekey'],
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"];

if (!$resp->is_valid)
{
$userdata->error('register_imagecheck');
}
}

if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
{
$imagereg = recaptcha_get_html
($vbulletin->options['recaptcha_publickey'],
$error);
}
else
{
$imagereg = '';
}

You're missing a close bracket ')' in the following block (highlighted in red):
Also, why are you typing out the code changes manually? Just copy and paste them from the original post to make sure there are no typo's and to retain proper formatting.

Thanks for your help, I knew that it was something stupid. Works great now. I guess that it was midnight, that I didn't think to cut & paste.

Love this method, love this hack, works flawlessly so far, and much more in keeping with my board ^^

Go you!

Glad you like it! :)