A picture of what I get is shown on this page: http://www.chc-telraam.nl/?page_id=3

I hope you can help!

Could the cause be found in the GD and/or freetype library? I’m not sure how to find out if these are installed (other than asking the provider!)

Tkanks again for a great plug-in

i.e. //wp-content/plugins/raz-captcha/fonts/

My blog home is http://www.dicontas.co.uk/blog/ so it may be that it is not at the domain root that is causing the error in your plugin.

I consider this a small bug as other blog admins may also choose to change the name for increasing security.

Thanks!

This is very good plugin.
I did download and just click activate. It’s working on my site.(i’ll install my other sites on bluehost)

I want to send a some donation for easly and goog plugin but Paypay is say to me:
Currently PayPal accounts in Romania are only able to send payments. This recipient is not eligible to receive funds

Then, i stumble it

Thanks.

Do you mean that some plugin could alter this var? Why and how should I change the session var in the login screen?

It’s very unkind bug…

Tested on 2.2.3 version of Wordpress. If you want to know something more, type to my email.

it works good

but just on firefox ? on Internet Explorer show empty ?

Raz, indeed this is a superb plugin. Seems I don’t get any spam registration anymore. Yipiiieh! I only installed it 2 days ago so it might be too early to give a final OK but so far I’m just happy! Thank you sooo much!

The only little sad thing is that it doesn’t work with James Kelly’s Themed login plugin. The same story Jared wrote about. May be one day you will have some free time and check that out. Will have a look on the news from time to time.

Don’t know how they overcome the CAPTCHA, but obviously they do. It might have something to do with a forum plugin, because always the entry page is /forum. Next step either /wp-register or /forum?action=register.

If I call those pages manually I’m always forced to enter the code. So I don’t have any idea how it is possible to register without filling that field.

Only thing which helps is to block the according IPs. But I don’t have them always as with registration the numbers are not transfered. So I just find them by coincidence in the stats.

Regarding the James Kelly plugin: I deactivated it since I found another way of having nicer registration pages.

Thanks a miilion for caring so much. Actually, I really can’t believe that the registrations were done manually. Although also to me it seems to be the only explanation how they are able to register. Because for the forum they need to register via the usual process as well. So it’s not that logical why they choose this specific path. Doesn’t make sense to me.

Maybe I will get in contact with the developer of the forum. He should have heard about this problem already. All people I know who are fighting with these spammers too are using the forum plugin.

But I’m going to do other investigations as well. Even if I’m not a programer and don’t know much about coding I should be able to detect a pattern of those registrations.

So far all I can say is that the used systems are very old. An example from this morning:

Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10

This is brand new compared to some others (Browser versions from 2002 for example). If there would be a way o say ‘browser versions before 2006 are banned from registrations’ that might be working. Don’t have a clue if that is possible.

What strucks me is that it is not enough to ban a domain from registration (deadbolt or wp-ban plugin). For example ‘domain.com’ or just ‘*.com’. They still can register with such a domain! As I wrote before: Only thing that helps is to ban the IPs.

Ooops … what a long story I wrote. :”> Hopefully the information is useful for you.

Honestly spoken I don’t want to have a stronger CAPTCHA as it also constrains desired people while registration process. And most of all I don’t have the feeling that it will help a lot in fighting with the undesired.

However, will keep you updated.

Thanks again and have a nice day. Enni

  Thank you for your detailed informations and for keeping me updated, they will help me out in the process of improving this little project for spam fighting. On my to do list I will include a user “black” list for registration/login IP/Browser/Domain/Name pattern match. It may not stop all of them but you will have more control over them.
Have a nice and spam-free day

Raz

That version I’m using only with another website and indeed for that I don’t get that much spam registrations. First I thought the reason was a different one but now it seems that’s the main one.

For you it means: you don’t have to add complex items to your plugin which uses plenty of your time. The plugin probably works very well for users who don’t use a forum.

As I promised I will keep you updated and let you know about my experiences once I have upgraded my private site to WP 2.3 plus the latest version of the forum.

Bye for now but not forever.

Enni

 Thanks again for your feedback
Raz

m1chu

Excellent plugin. I have one small problem that I’d like to get to the bottom of.

Google is indexing raz-captcha.php often with interesting results, for example http://www.myhappymedium.net/wp-content/plugins/raz-captcha/raz-captcha.php?captchagen= sometimes returns a captcha image on a page (nothing else) and sometimes returns a headers already sent error.

I would be happy to provide more info if need be. I know I can stop google from indexing these pages but just wondered what was happening? A quick Google suggests a few people have the same problem (or maybe its not a problem!)

Thanks and keep up the great work

 Thanks for your feedback. My guess is that google ‘thinks’ it’s a standard image and he will add it to his database… erros are displayed because the script is accessed directly and vars are not ready yet. Sometimes you can see the image generated because the session was already initialized in your browser. It’s not a problem as far as I can see, it’s just a small glitch which I intend to fix

I will add in the feature versions additional checks to show some standard errors or not let google crawl to the script …

Not sure if this will do the trick but you can add the below lines in your Robots.txt file to disallow crawlers from accessing the captca script:

User-agent: *
Disallow: /*raz-captcha*

Have a nice day

@Marc: Thanks for your feedback, glad it works

Thanks a lot.

1) It doesn’t filter the wordpress comments, it’s only used on register and login forms of your blog to stop automatically registrations with spam bots
2) On the plugin comment I use the same plugin, Raz-Captcha, it’s in beta stage not released yet, work in progress
3) It can’t be customized from the plugin config window, yet …

I have no registration and no login.

Which code will I put where?

And - of cource - Happy New Year!

Happy New Year!

Regards.

I am a bit new to Wordpress, but I am a seasoned programmer and PHP hacker. I was sondering if your code can or will soon work within the Ajax sidebar login plugin? Using the mini-jpg there would be great!

Thankss.

Oh and to dqj - I use ’sidebar login’ with Raz-captcha and a custom login page as well and it (until now) works just fine!!

Try another engine, I’m not sure what is going on, it should not generate black image unless modifications where done to the captcha generator, let me have a look at your blog, give me a link .
Here is the latest beta build, not released yet do to lack of time (not all plans finished), give it a try and let me know how it works on your side.

Thanks for the work.

My server fulfills all prerequisites, aka freetype GD, etc.

using wordpress 2.3.3

* Operating System : Linux
* Server : Apache/2.2.3 (Debian) mod_fastcgi/2.4.2 mod_ssl/2.2.3 OpenSSL/0.9.8c
* Memory usage : 12.8 MByte
* MYSQL Version : 5.0.32-Debian_7etch5-log
* SQL Mode : Not set
* PHP Version : 4.4.4-8 etch4
* PHP Safe Mode : Off
* PHP Allow URL fopen : On
* PHP Memory Limit : 128M
* PHP Max Upload Size : 32M
* PHP Max Post Size : 32M
* PHP Max Script Execute Time : 120s
* PHP Exif support : Yes ( V1.4 )
* PHP IPTC support : Yes
* PHP XML support : Yes

GD support

* GD Version : 2.0 or higher
* FreeType Support : Yes
* FreeType Linkage : with freetype
* T1Lib Support : Yes
* GIF Read Support : Yes
* GIF Create Support : Yes
* JPG Support : Yes
* PNG Support : Yes
* WBMP Support : Yes
* XBM Support : No
* JIS-mapped Japanese Font Support : No

@ovizii: are you trying the beta build? not sure what is going on

@peter: It looks like a bug, it doesn’t get overwrited on my side but you will not get the standard error “user already registered”, that is strange, thanks for your bug report, will be fixed in the next build…

When activated if new user registers, if using a name already registered the original name gets over writen

Just Fixed, please re-download the latest beta build here and give it a try (just overwrite your existing files), it should now show the standard wordpress errors as usual on registration errors.
Thanks

For the Logon protection. If they type in the wrong code you get an error.

[13-Mar-2008 17:03:01] WordPress database error Table ‘mobile.wp_options’ doesn’t exist for query SELECT option_value FROM wp_options WHERE option_name = ’siteurl’ LIMIT 1

The plugin still works, so I guess it is a warning not an error message.

Is this an easy fix for you?

Thanks for the plugin, I can’t tell you how many hours of sorting through bot registrations it saves me!

[01-Apr-2008 10:56:51] PHP Fatal error: Cannot use object of type WP_Error as array in /home/directory/public_html/website/wp-content/plugins/raz-captcha/raz-captcha.php on line 633

Things changed inside last wp version, i’ll get this plugin updated as soon as I’ll get enough time to “dig inside” the new wp version not sure when tho…

Thanks

Thanks for your excellent work!

Warning: Cannot use a scalar value as an array in /var/www/web110627/html/wp-content/plugins/raz-captcha/raz-captcha.php on line 590

PHP Fatal error: Cannot use object of type WP_Error as array in /home/(deleted)/public_html/blog/wp-content/plugins/raz-captcha/raz-captcha.php on line 590

Server was recently upgraded to PHP 5.2.5 as well.

I had to rename the raz-captcha directory so I could re-log into WordPress. Not sure if the new version of WordPress or PHP version is causing the problem.

Get a 500 error when trying to log in now. Had to disable the plugin in order to write posts.

Please update the plugin please. Nothing I hate worse is spammers trying to create fake registrations.

if ($err) {
$error=$err;
$wz_err->add(’error’,__(’WRONG CODE’));
return $wz_err;
}

return $user;
}

}

I hope this helps and ofcourse RAZ you can release this patch with a new version of this great plugin

I found a solution to make this plugin work under 2.5.1 WP , in file raz-captcha.php in wp-content/plugins/raz-captcha/ just do the following :

search for line :

add_action(’wp_authenticate’, ‘check_captcha_login’);

and replace with this one :

add_action(’wp_authenticate_user’, ‘check_captcha_login’);

then search for line :

function check_captcha_login()

and replace ALL the function code with this one :

function check_captcha_login($user)
{
reget_session_options();
if ($_SESSION[’rca_ses_option’][’rca_login’])
{
global $error;
$err=check_captcha();
$wz_err = new WP_Error();

if ($err) {
$error=$err;
$wz_err->add(’error’,__(’WRONG CODE’));
return $wz_err;
}

return $user;
}

}

I hope this helps and ofcourse RAZ you can release this patch with a new version of this great plugin

$wz_err->add(’error’,’WRONG CODE’);

or

$wz_err->add(’error’,’’);

let us know

The first line produces the same Parse error (unexpected T String). The second one seems to work at first, but after activating the plugin, it doesn’t generate any images, neither on the config page nor when registering as a new user.
Another problem of this is that I cannot login anymore when the plugin is active now. The system shows a “wrong password” message.

I have uploaded my raz-captcha modded plugin here can you test it please ?

http://www.filefactory.com/file/cf4f9f/

thanks