From: Philipp Spitzer <philipp@spitzer.priv.at>
Date: Tue, 12 Feb 2013 21:33:06 +0000 (+0100)
Subject: Session cookie is configurable. Added apache2 config example.
X-Git-Url: https://git.toastfreeware.priv.at/toast/cookiecaptcha.git/commitdiff_plain/0ec705f53a33d957020d750e6064bad99e7464f5

Session cookie is configurable. Added apache2 config example.
---

diff --git a/CookieCaptcha.class.php b/CookieCaptcha.class.php
index a859736..b96ac4c 100644
--- a/CookieCaptcha.class.php
+++ b/CookieCaptcha.class.php
@@ -10,7 +10,8 @@ class CookieCaptcha extends SimpleCaptcha {
 	 * @return bool
 	 */
 	function keyMatch( $answer, $info ) {
-		if (isset($_COOKIE['cookiecaptcha'])) {
+		global $wgCaptchaCookieName;
+		if (isset($_COOKIE[$wgCaptchaCookieName])) {
 			wfDebug( "CookieCaptcha: Found cookie\n" );
 			return true;
 		} else {
@@ -43,11 +44,12 @@ class CookieCaptcha extends SimpleCaptcha {
 	 * Insert the captcha prompt into the edit form.
 	 */
 	function getForm() {
-		global $wgLogo;
+		global $wgCaptchaCookieName, $wgCaptchaCookieImage, $wgCaptchaCookieAlt, $wgCaptchaCookieStyle;
 		return "<p>" .
 			Html::element( 'img', array(
-				'src'    => $wgLogo,
-				'alt'    => '' ) ) .
+				'src'    => $wgCaptchaCookieImage,
+				'alt'    => $wgCaptchaCookieAlt,
+				'style'  => $wgCaptchaCookieStyle ) ) .
 			"</p>\n";
 	}
 
diff --git a/CookieCaptcha.php b/CookieCaptcha.php
index 30a0317..82b265c 100644
--- a/CookieCaptcha.php
+++ b/CookieCaptcha.php
@@ -26,13 +26,33 @@
  * @ingroup Extensions
  */
 
+/* The idea of this "captcha" is to let the browser download an image that sets a cookie.
+Research showed that spam bots don't load images. You have to setup the cookie e.g. in the apache2
+configuration file. Here is an example where an image that's uploaded with mediawiki is used:
+
+<Directory /var/www/mediawiki/images/d/d0>
+    <Files "MyImage.png">
+        Header append Set-Cookie "mediawiki_token=%t; Path=/; HttpOnly"
+        ExpiresActive On
+        ExpiresDefault "access plus 5 second"
+    </Files>
+</Directory>
+*/
+
+
 if ( !defined( 'MEDIAWIKI' ) ) {
 	exit;
 }
 
 $dir = __DIR__;
 require_once $dir . '/ConfirmEdit.php';
+
 $wgCaptchaClass = 'CookieCaptcha';
+$wgCaptchaCookieName = 'mediawiki_token';                     // make it look "realistic". Idea: use $wgCookiePrefix . '_token'
+$wgCaptchaCookieImage = '/mediawiki/images/d/d0/MyImage.png'; // You _have_ to specify an existing image
+$wgCaptchaCookieAlt = '';                                     // alt attribute for the image
+$wgCaptchaCookieStyle = 'display:none;';                      // CSS inline style applied to the image
+
 
 $wgExtensionMessagesFiles['CookieCaptcha'] = $dir . '/CookieCaptcha.i18n.php';
 $wgAutoloadClasses['CookieCaptcha'] = $dir . '/CookieCaptcha.class.php';