[Logo] JForum - Powering Communities
  [Search] 搜尋   [Recent Topics] 最新主題   [Hottest Topics] 熱門主題   [Top Downloads] 熱門下載   [Members] 會員列表   [Groups] 回首頁 
[Moderation Log] 管理日誌   [Register] 會員註冊 /  [Login] 登入 


JForum 2.5.0 released, download it from here.
Configuration of enabling the Captcha?  RSS feed
討論區首頁 » Developer Forum
發表人 內容
vTest


註冊時間: 2013/1/16
文章: 14
離線
In our installation, the captcha is not working. I can make a post without a correct match text. Where I can enable it?
andowson


註冊時間: 2011/6/30
文章: 188
離線
You can check the default setting in your jforum's WEB-INF/config/SystemGlobals.properties first:
# ########
# Captcha
# ########
captcha.registration = true
captcha.posts = true
captcha.ignore.case = true

captcha.width = 250
captcha.height = 75

captcha.min.words = 4
captcha.max.words = 6

captcha.min.font.size = 25
captcha.max.font.size = 35


And if you want to match captcha case, change captcha.ignore.case to false.
Add the setting into your jforum's WEB-INF/config/jforum-custom.conf to override the default setting:
captcha.ignore.case = false
vTest


註冊時間: 2013/1/16
文章: 14
離線
Thanks for your reply.

I check the configuration files. Our installation uses the Captcha default configuration as what you show in your answer. And there isn't any Captcha related configuration in the jforum-custom.conf file. The version number is 2.3.5-SNAPSHOT. I can make a post without entering any text in the Captcha field. Any other configuration would change the behaviour? I hope that I don't need to turn on the debugger to find the cause of this problem at PostAction class.
andowson


註冊時間: 2011/6/30
文章: 188
離線
Hi, I've tested it in my development environment, the captcha for post is enabled by default. And if I didn't enter any text in the captcha field, although I can press the save button, JForum will prompt me to enter the captcha.
vTest


註冊時間: 2013/1/16
文章: 14
離線
I notice the Captcha works on this JForum installation. That lets me wondering why it doesn't work on our installation with the same configuration.
andowson


註冊時間: 2011/6/30
文章: 188
離線
Please provide your system configuration for more information. Thanks~
vTest


註冊時間: 2013/1/16
文章: 14
離線
andowson wrote:Please provide your system configuration for more information. Thanks~


I am not sure what system configuration you need.

With a debugger, I find the problem is on the following line:
		boolean needCaptcha = SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS)
			&& request.getSessionContext().getAttribute(ConfigKeys.REQUEST_IGNORE_CAPTCHA) == null;
		
		if (needCaptcha && !us.validateCaptchaResponse(this.request.getParameter("captcha_anwser"))) {
			this.context.put("post", post);
			this.context.put("start", this.request.getParameter("start"));
			this.context.put("error", I18n.getMessage("CaptchaResponseFails"));				
			this.insert();				
			return;			
		}

and the cause is in the following method:
	public boolean validateCaptchaResponse(String origUserResponse)
	{
		String userResponse = origUserResponse;
		if ((SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION) 
				|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
				&& this.imageCaptcha != null) {
			
			if (SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_IGNORE_CASE)) {
				userResponse = userResponse.toLowerCase(Locale.US);
			}
			
			final boolean result =  this.imageCaptcha.validateResponse(userResponse).booleanValue();
			this.destroyCaptcha();
			return result;
		}
		
		return true;
	}

The condition check line
SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION) 
				|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
				&& this.imageCaptcha != null

returns false. And I find the this.imageCaptcha is null and that alone can make the condition false. So why it is null then?
andowson


註冊時間: 2011/6/30
文章: 188
離線
I found that this issue can be reproduced at the first time Java VM starts to load the Captcha engine.
When the Captcha engine is not ready, the imageCaptcha will return null.
A quick fix is to replace the last return statement from return true to return false.

	public boolean validateCaptchaResponse(String origUserResponse)
	{
		String userResponse = origUserResponse;
		if ((SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION) 
				|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
				&& this.imageCaptcha != null) {
			
			if (SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_IGNORE_CASE)) {
				userResponse = userResponse.toLowerCase(Locale.US);
			}
			
			final boolean result =  this.imageCaptcha.validateResponse(userResponse).booleanValue();
			this.destroyCaptcha();
			return result;
		}
		
		return false;
	}
vTest


註冊時間: 2013/1/16
文章: 14
離線
andowson wrote:I found that this issue can be reproduced at the first time Java VM starts to load the Captcha engine.
When the Captcha engine is not ready, the imageCaptcha will return null.
A quick fix is to replace the last return statement from return true to return false.

	public boolean validateCaptchaResponse(String origUserResponse)
	{
		String userResponse = origUserResponse;
		if ((SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_REGISTRATION) 
				|| SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_POSTS))
				&& this.imageCaptcha != null) {
			
			if (SystemGlobals.getBoolValue(ConfigKeys.CAPTCHA_IGNORE_CASE)) {
				userResponse = userResponse.toLowerCase(Locale.US);
			}
			
			final boolean result =  this.imageCaptcha.validateResponse(userResponse).booleanValue();
			this.destroyCaptcha();
			return result;
		}
		
		return false;
	}


With the change, I can't pass Captcha with a correct matched text.

Also, I do notice that the Captcha comes up late. A message "Captcha unavailable" shows up first.

I also try to use the new method I create:
	private ImageCaptcha testImageCaptcha(){
		if(this.imageCaptcha == null)
			this.imageCaptcha =  Captcha.getInstance().getNextImageCaptcha();
		
		return this.imageCaptcha;
	}

and call this method instead of this.imageCaptcha in this.imageCaptcha != null. The change, however, blocks Captcha - I can't pass Captcha with a matched characters.
andowson


註冊時間: 2011/6/30
文章: 188
離線
Please provide your system environment for more information. Thanks~
vTest


註冊時間: 2013/1/16
文章: 14
離線
andowson wrote:Please provide your system environment for more information. Thanks~


I run it in Tomcat on Windows 7. I can't see how the problem relates with those systems.
andowson


註冊時間: 2011/6/30
文章: 188
離線
Hi, I've commit the fix as r224.
JForum will disable the submit button until the captcha image is fully loaded.
Please check out and test if this works.
vTest


註冊時間: 2013/1/16
文章: 14
離線
andowson wrote:Hi, I've commit the fix as r224.
JForum will disable the submit button until the captcha image is fully loaded.
Please check out and test if this works.


Thanks. I am current working on other tasks. I will report back once I have a chance to test it out. I need to remind our integration build team to get the latest version of JForum.
ashok


註冊時間: 2015/3/18
文章: 3
離線
Hi,
i have installed jForum 2.3.5 in my localhost and in the live server. The captcha verification is working on my localhost, but it is not working on my server. So, currently i have disabled the captcha verification. Any suggestion, how to fix this problem?
andowson


註冊時間: 2011/6/30
文章: 188
離線
Please check your web container's log file(for example, Tomcat's catalina.out)
And see if there are some error messages as a hint for what's going wrong there.
Also, you'd better provide some environment information like OS version, Java version, etc.

Since JForum use JCaptcha as the capacha engine, you can check the FAQ on JCaptcha project website.
For Example, if you're running JForum on Linux server, you have to set the option in your JAVA_OPTS
-Djava.awt.headless=true


BTW, JForum 2.3.5 is not secure, you'd better install JForum 2.4.0 or later.
 
討論區首頁 » Developer Forum
前往:   
行動版
Powered by JForum 2.5.0 © 2018 JForum Team • Maintained by Andowson Chang and Ulf Dittmer