Miscellaneous Hacks - reCAPTCHA!vB

THIS MODIFICATION SHOULD NOT BE USED WITH VBULLETIN 3.7+ AS IT IS A DEFAULT FEATURE.

Keywords: reCAPTCHA, CAPTCHA, spam, register

Description:
This modification will replaced the default vBulletin registration CAPTCHA with the newer, more advanced reCAPTCHA.

What is CAPTCHA/reCAPTCHA?:
A CAPTCHA is a program that can tell whether its user is a human or a computer. You've probably seen them ? colorful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from "bots," or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.

About 60 million CAPTCHAs are solved by humans around the world every day. In each case, roughly ten seconds of human time are being spent. Individually, that's not a lot of time, but in aggregate these little puzzles consume more than 150,000 hours of work each day. What if we could make positive use of this human effort? reCAPTCHA does exactly that by channeling the effort spent solving CAPTCHAs online into "reading" books.

To archive human knowledge and to make information more accessible to the world, multiple projects are currently digitizing physical books that were written before the computer age. The book pages are being photographically scanned, and then, to make them searchable, transformed into text using "Optical Character Recognition" (OCR). The transformation into text is useful because scanning a book produces images, which are difficult to store on small devices, expensive to download, and cannot be searched. The problem is that OCR is not perfect.



reCAPTCHA improves the process of digitizing books by sending words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher. More specifically, each word that cannot be read correctly by OCR is placed on an image and used as a CAPTCHA. This is possible because most OCR programs alert you when a word cannot be read correctly.

But if a computer can't read such a CAPTCHA, how does the system know the correct answer to the puzzle? Here's how: Each new word that cannot be read correctly by OCR is given to a user in conjunction with another word for which the answer is already known. The user is then asked to read both words. If they solve the one for which the answer is known, the system assumes their answer is correct for the new one. The system then gives the new image to a number of other people to determine, with higher confidence, whether the original answer was correct.

Currently, we are helping to digitize books from the Internet Archive.

[hr]-[/hr]
Installation:

1. Download and unzip the recaptcha101.zip archive.
2. Upload the functions_recaptcha.php to your /includes/ directory.
3. Import the product-recaptcha.xml via the Product Manager.
4. Obtain a FREE public and private reCAPTCHA key here.
5. Make any desired configuration changes via AdminCP > vBulletin Options > reCAPTCHA Options
6. Make a backup of your register.php file, located in your forum root.
7. Perform ONE (1) of the following methods:
   • Method A:
     • Download the register-patch.zip archive, extract, then upload the register.patch file to your forum root, then apply the patch:
       
       *Note: Please note that this method requires a basic understanding of UNIX shell commands and requires shell access to your host. If you do not have either of these or you are unsure how to use GNU patch, I highly suggest performing Method B instead)
       
       
       Code:

       # patch -b register.php < register.patch

       This will perform the file edits automatically. Once finished, you may delete the register.patch file.
   • Method B:
     Perform the following simple file edits:
     • IN register.php:
       1. FIND:
          
          PHP Code:

          eval('$imagereg = "' . fetch_template('imagereg') . '";'); 

          REPLACE WITH:
          
          PHP Code:

          $imagereg = recaptcha_get_html($vbulletin->options['recaptcha_publickey'], $error); 

       2. FIND AND REMOVE:
          
          PHP Code:

                          'imagestamp'          => TYPE_STR,
                'imagehash'           => TYPE_STR, 

       3. FIND:
          
          PHP Code:

                  // Check Reg Image
        if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
        {
                require_once(DIR . '/includes/functions_regimage.php');
                if (!verify_regimage_hash($vbulletin->GPC['imagehash'], $vbulletin->GPC['imagestamp']))
                {
                        $userdata->error('register_imagecheck');
                }
        } 

          REPLACE WITH:
          
          PHP Code:

                  // Check Reg Image
        if ($vbulletin->options['regimagecheck'] AND $vbulletin->options['regimagetype'])
        {
                $resp = recaptcha_check_answer ($vbulletin->options['recaptcha_privatekey'],
                                                $_SERVER["REMOTE_ADDR"],
                                                $_POST["recaptcha_challenge_field"],
                                                $_POST["recaptcha_response_field"]);

                if (!$resp->is_valid)
                {
                        $userdata->error('register_imagecheck');
                }
        } 


NOTE: YOU MAY ALSO REPLACE THE CAPTCHA DISPLAYED TO GUESTS WHEN USING THE "CONTACT US" FORM BY FOLLOWING THE INSTRUCTIONS HERE.

[hr]-[/hr]
Tips, tricks and modifications:

• Apply "Method A" without shell access (DOCTOR DAN)
• Restore "image verification" frame around reCAPTCHA panel (DOCTOR DAN)

[hr]-[/hr]
Comments:
As with all my hacks, this modification is provided free of charge. However, if you find this product useful and have money burning a hole in your pocket, feel free to make a small donation, I won't mind.. really.

Version History:

• 1.0.0 - Initial release, here's to hoping...
• 1.0.1 - Woops! Forgot to include a aesthetic template edit in the original release. All is well, simply redownload and overwrite the XML. That's it!
• 1.1.0 - Added alternate language support. Now various reCAPTCHA tags and text will be displayed in your selected language. Also added a fieldset to the automatic template edits around the display block for a more uniform look (thanks DOCTOR DAN!).

Currently Known Bugs:

• None

* Please note that this modification was developed on a forum with a userbase of 1 (myself). I've tested it for basic functionality but I cannot guarantee functionality or behavior on your forum. So, please -- make backups before installing this product!

[Smoothie]

Quote:

Originally Posted by magnus

I've gone ahead and uploaded a register.patch file, which will allow you to utilize the unix patch system to make the necessary file edits automatically. Simply follow the instructions in the original post if you haven't already made manual file edits.

Be sure to backup your original register.php!

If you ever wish to return to the original CAPTCHA, all you need to do is simply overwrite register.php with the backup you made then uninstall the product. That's it!

Could you please explain how the register.patch file works? I read the instructions you posted but I'm not quite sure what it does. Oh and does this work with 3.6.5?

[magnus]

Quote:

Originally Posted by Smoothie

Could you please explain how the register.patch file works? I read the instructions you posted but I'm not quite sure what it does. Oh and does this work with 3.6.5?

The file register.patch is a GNU patch file. It has the location offsets and changes necessary for the modification to work. Rather than having to edit the file manually, this patch file will do it automatically. If you download the patch file and open it in notepad, you'll get a better understanding of what it's doing. It's basically an automated 'search and replace'.

If the 3.6.5 register.php has a different offset, then the patch file will fail, so you'll need to make the file edits manually in that case.

Either way, none of the changes are irreversable. If something goes awry, you simply overwrite register.php with your backup and you're off and running again. As long as you have a backup of register.php, there's no risk.

[Smoothie]

One more question. How would this mod be different/better than say a few of the others posted here such as the no spam which has a set of alternating questions a user must answer correctly to register on your site?

[magnus]

Quote:

Originally Posted by Smoothie

One more question. How would this mod be different/better than say a few of the others posted here such as the no spam which has a set of alternating questions a user must answer correctly to register on your site?

Considering I'm not familiar with the specifics of the modification you're speaking about I can only speculate as to it's functionality.

The benefit to reCAPTCHA is it's something any human can answer. Questions, regardless of how easy they are, may be interpreted wrong due to language barriers or possibly even mental capacity. The goal of a CAPTCHA isn't to test the users knowledge, it's to simply confirm they are human.

One of the added benefits of reCAPTCHA is the fact it takes something as trivial as registering on a forum and uses those "human processes" to do something productive. Helping to translate words that even the best OCR software in the world cannot translate is helping to advance the digitizing of books printed before the digital age.

Not to mention, reCAPTCHA uses 2 words to authenticate humans. One of the words is one that has been proven to be previously untranslated by bots. That's a pretty good security measure, if you ask me.

[Alibass]

@magnus

Very nice hack. One question, I am confused to where I put the
code: # patch -b register.php < register.patch

Does this go in the patch file, register.php or else where?

[magnus]

Quote:

Originally Posted by Alibass

@magnus

Very nice hack. One question, I am confused to where I put the
code: # patch -b register.php < register.patch

Does this go in the patch file, register.php or else where?

No, that line is a command that needs to be run from a shell prompt -- provided you have shell access (the '#' indicates a shell prompt, the remaining text is the actual command to be run). Otherwise, you'll need to perform the edits manually as noted in Method B.

Also, please remember that these methods are exclusive of each other. You need to perform either Method A or Method B. Not both!

[TheBlackPoet]

im not that bright, so i went ahead and manually edited the register page... and i am happy i took the time the stop.. this is very nice.. and replaces another hack i had in place... installed.... nominated

[Alibass]

Quote:

Originally Posted by magnus

No, that line is a command that needs to be run from a shell prompt -- provided you have shell access (the '#' indicates a shell prompt, the remaining text is the actual command to be run). Otherwise, you'll need to perform the edits manually as noted in Method B.

Also, please remember that these methods are exclusive of each other. You need to perform either Method A or Method B. Not both!

I ran and got this error : An error occurred while attempting to execute your query. The following information was returned.
error number: 1064
error desc: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'patch -b register.php < register.patch' at line 1

I still have No Spam! and AjaxReg hacks installed as I wanted to keep them also. Could one or both hacks of these hacks be causing a conflict or should I just try and edit the reg.php manually?

[magnus]

Quote:

Originally Posted by Alibass

I ran and got this error : An error occurred while attempting to execute your query. The following information was returned.
error number: 1064
error desc: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'patch -b register.php < register.patch' at line 1

I still have No Spam! and AjaxReg hacks installed as I wanted to keep them also. Could one or both hacks of these hacks be causing a conflict or should I just try and edit the reg.php manually?

Wait, what? Why are you trying to execute the patch via SQL? Forget the patch. Remove any and all reference to it. Do not perform Method A, instead do what's listed in Method B. Perform the file edits manually.

Using the GNU patch method should be reserved for those with basic UNIX knowledge and shell access to their hosts. Everyone else should follow the instructions in Method B.

[magnus]

Quote:

Originally Posted by TheBlackPoet

im not that bright, so i went ahead and manually edited the register page... and i am happy i took the time the stop.. this is very nice.. and replaces another hack i had in place... installed.... nominated

Glad to hear you go everything works. By the way, I love your forum's header image. It looks great.