X-Git-Url: https://git.toastfreeware.priv.at/toast/cookiecaptcha.git/blobdiff_plain/65178dfeda0c6e5eae59cffe743d2096ab6a4d29..c26f02d56081d59a53673885508b03d2ed80047d:/CookieCaptcha.php diff --git a/CookieCaptcha.php b/CookieCaptcha.php index dc57bea..83b60a6 100644 --- a/CookieCaptcha.php +++ b/CookieCaptcha.php @@ -26,36 +26,41 @@ * @ingroup Extensions */ +/* +TODO: + * Delete: "Delete"/link CookieCaptcha.i18n.php + * Use timestamp in cookie + * Version 2: Without apache + * Provide sample image? + */ + +/* The idea of this "captcha" is to let the browser download an image that sets a cookie. +Research showed that spam bots don't load images. You have to setup the cookie e.g. in the apache2 +configuration file. Here is an example where an image that's uploaded with mediawiki is used: + + + + Header append Set-Cookie "mediawiki_token=%t; Path=/; HttpOnly" + ExpiresActive On + ExpiresDefault "access plus 5 second" + + +*/ + + if ( !defined( 'MEDIAWIKI' ) ) { exit; } $dir = __DIR__; require_once $dir . '/ConfirmEdit.php'; -$wgCaptchaClass = 'FancyCaptcha'; - -/** - * The name of a file backend ($wgFileBackends) to be used for storing files. - * Defaults to FSFileBackend using $wgCaptchaDirectory as a base path. - */ -$wgCaptchaFileBackend = ''; - -global $wgCaptchaDirectory; -$wgCaptchaDirectory = "$wgUploadDirectory/captcha"; // bad default :D -global $wgCaptchaDirectoryLevels; -$wgCaptchaDirectoryLevels = 0; // To break into subdirectories +$wgCaptchaClass = 'CookieCaptcha'; +$wgCaptchaCookieName = 'mediawiki_token'; // make it look "realistic". Idea: use $wgCookiePrefix . '_token' +$wgCaptchaCookieImage = '/mediawiki/images/d/d0/MyImage.png'; // You _have_ to specify an existing image +$wgCaptchaCookieAlt = ''; // alt attribute for the image +$wgCaptchaCookieStyle = 'display:none;'; // CSS inline style applied to the image -global $wgCaptchaSecret; -$wgCaptchaSecret = "CHANGE_THIS_SECRET!"; - -/** - * By default the FancyCaptcha rotates among all available captchas. - * Setting $wgCaptchaDeleteOnSolve to true will delete the captcha - * files when they are correctly solved. Thus the user will need - * something like a cron creating new thumbnails to avoid drying up. - */ -$wgCaptchaDeleteOnSolve = false; -$wgExtensionMessagesFiles['FancyCaptcha'] = $dir . '/FancyCaptcha.i18n.php'; -$wgAutoloadClasses['FancyCaptcha'] = $dir . '/FancyCaptcha.class.php'; +$wgExtensionMessagesFiles['CookieCaptcha'] = $dir . '/CookieCaptcha.i18n.php'; +$wgAutoloadClasses['CookieCaptcha'] = $dir . '/CookieCaptcha.class.php';