Heine

  • Home
  • Drupal
  • About
Home

Math captcha for anonymous users

Heine —Sat, 2007/02/24 - 12:58

This morning I broke down and wrote a simple math captcha module (for Drupal) to use with user registration and anonymous commenting on this site.

Because this site uses caching for anonymous users, the module needs to make sure that whenever a captcha is displayed, the page is not added to the cache.

Caching is handled by includes/common.inc:

function drupal_page_footer() {
  if (variable_get('cache', 0)) {
    page_set_cache();
  }
  module_invoke_all('exit');
}

So whenever a captcha is added to a form (hook_form_alter), we simply set the global cache variable to FALSE.

// Add captcha to the form.
// ...
$GLOBALS['conf']['cache'] = FALSE;

This certainly has drawbacks, but those are mitigated when the comment form is displayed on a seperate page.

To bad that math captcha's are easy to bypass or break by simple trial and error or automated calculation.

The module can be downloaded from my public Subversion repository. See also Adding settings to Captcha.

  • Drupal
  • Captcha

Recent posts

  • Teampassword manager's password generator is biased
  • Other vectors for SA-CORE-2014-005?
  • Lazy loading: hook_hook_info is for hook owners only.
  • "Always offline" problem in EA's Origin due to antivirus
  • From bug to exploit - Bakery SSO
more

Security reviews

I provide security reviews of custom code, contributed modules, themes and entire sites via LimoenGroen.

Contact us for a quote.

Follow @ustima

Copyright © 2021 by Heine Deelstra. All rights reserved.

  • Home
  • Drupal
  • About