Wordpress Plugin: Login and Register Anti-Spam Captcha
It is time to update my Anti-Spam robot for wordpress registration page. The hack presented here for spambots is still working for me but I’m getting a bunch of emails from peoples who can’t backup a file and insert a few lines in their register form. So, let’s cut to the chase: I’ve made a plugin that will insert the captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) image automatically in the Login and/or Register page of your wordpress installation. And that is not all, you can play around with 5 different captcha algoritms and customize them the way you want. Hence, ocr geeks have managed to automatically read the image? no problem… change your captcha fonts, color, add some random lines or dots or switch to a different captcha algorithm and you are done.
You will find 5 captcha algorithms in this plugin:
-
(1) PNG-Raz MiXed Fonts : fully customizable
(2) JPG-Tiny Mini : a mini customizable captcha
(3) PNG-GOTCHA from Sol Toure
(4) PNG-phpBB3 8bit Grey from phpBB Group
(5) PNG-PNG-phpBB3 Advanced from phpBB Group
Just use the one you want or you can customize one just for your site. I’m using the PNG-GOTCHA, here is how it looks on my site : register or login. If the captcha alg will mess the image you can refresh/generate another one by clicking on it.
Requirements
This plugin requires Wordpress 2.x.x with PHP 4 (v4.3.0 or newer) and GD Library. GOTCHA alg requires the additional FreeType Library to be installed on your web host for loading the fonts. GD and FreeType Library are usually installed already on your host but if they are not just ask your web host to install them…
Installation
The plugin can be installed in 3 easy steps:
1. Download the plugin (see below).
2. Decompress the .zip archive into your plugins directory (/wp-content/plugins/) keeping zip folder structure intact
3. Enable the plugin in the WordPress Plugins admin page -> Raz-Captcha.
* Go to Options -> Raz-Captcha, adjust the options if necessary and save.
* That’s All! check your login and register pages
Download
Donate
Download
Report*You can find this plugin on Wordpress.org as well (thank you wordpress!)
Final words
If you have the registration hack installed please restore wp-login.php from your backup or remove the “hacked” lines from wp-login. If you don’t, you will end up with two captcha checks on the registration page.
This plugin is work in progress, the first beta release, and any shouts from you are welcomed. Stay safe and clean 
related things:
Author: Raz | On September 4th, 2007 | [ En ], - Raz-Soft News, PHP | 93 Comments
Q: So what can I do next?
A: You can Buy me a Beer or Coffee. You can say Hi! or peek on the related stuff. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Spammers: Beware of » my Dog! «
93 Responses to “Wordpress Plugin: Login and Register Anti-Spam Captcha”
September 5th, 2007 at 2:32 pm
Installed it. Seems to be working well. Thanks for the plugin!!
September 5th, 2007 at 9:07 pm
Installation went OK. I could activate the plug-in, but the image with the generated comments does not show
, and log-in is no onger possible!
A picture of what I get is shown on this page: http://www.chc-telraam.nl/?page_id=3
I hope you can help!
September 6th, 2007 at 8:34 am
@Richard: thank you
@Kees: Well if that happens just remove or rename the plugin folder and Wordpress will deactivate the plugin automatically. Have you changed the folders structure/names? because a part of them are hardcoded, so the image will not get generated because is not found in the same relative path: wp-content\plugins\raz-captcha. If you can get me a source code of your generated login/register page after the plugin is activated will help me out to find out what is going on
Thanks
September 7th, 2007 at 10:21 am
Thanks for the feed-back. I used your gmail account to mail you the information you requested. I really hope you will be able to help out, because the registration spam is starting to become irritating!
Could the cause be found in the GD and/or freetype library? I’m not sure how to find out if these are installed (other than asking the provider!)
September 7th, 2007 at 10:33 am
Hi Kees,
.
Thanks for your mail, I’m on my way with the tests.
Yes, if you don’t have the GD or FreeType lib it will not work because the image can’t get generated. I will update the plugin in the feature versions so that it will warn you if it cannot find them.
I have a question about your installation: what captcha engine did you used? Try switching to another engine. The default one : PNG-GOTCHA needs the freetype lib but the rest of them need only the GD lib. The safest one is PNG-phpBB3 8bit Grey because it doesn’t need GD or FreeType lib but the engine itself is not so strong against spam-bots, ocr geeks, hackers or whatever you call them
Thanks
September 7th, 2007 at 11:13 am
Checking what extensions are installed on your host it’s easy, just create a php file with the following code on your server: < ?php phpinfo(); ?> and then open the file thro your browser and search for the GD and free library support, if you can’t find them then they are not installed…
Hope it helps.
September 7th, 2007 at 9:34 pm
Raz,
. Thanks a lot for your support! The problem was not your plug-in, but my Wordpress Install
.
The plug-in is working now
Tkanks again for a great plug-in
September 7th, 2007 at 10:29 pm
You’re welcome! Glad it got fixed and glad I could help
September 10th, 2007 at 11:04 pm
Hi,
Thanks for plugin, but when I activated plugin, then go to Options tab, the plugin has an error in the homepath with double foward slahes between the root directory and the plugin path to the fonts directory:
i.e. //wp-content/plugins/raz-captcha/fonts/
My blog home is http://www.dicontas.co.uk/blog/ so it may be that it is not at the domain root that is causing the error in your plugin.
September 10th, 2007 at 11:38 pm
realized the error - you need to keep the plugin folder called raz-captcha. I missed out the dash in the folder name.
I consider this a small bug as other blog admins may also choose to change the name for increasing security.
September 11th, 2007 at 8:46 am
Hi Dicontas.
This is still beta and in the second install step I’ve warned you: “Decompress the .zip archive into your plugins directory (/wp-content/plugins/) keeping zip folder structure intact“. By renaming the folder you’ll don’t get much security, your folder path/script renamed name will be visible in the page browser source anyway. Bots would not be stopped if they just need to do a simple parse job, trust me
Good luck and thanks for your feedbak.
September 13th, 2007 at 7:52 am
Hello, I am using the themed registration plug in here:
http://www.jameskelly.org/wordpress-plugins/custom-login-and-registration-forms-plugin/
Because of that your plug in isn’t showing up on the registration page. I think I would be able to hack that plug in and add your code into it to make it work. What code do I need to add to the form?
Thanks!
September 13th, 2007 at 9:06 am
Hi Jared,
The themed plug you’re using, as far as I can see, it doesn’t install the same hooks as wordpress does on login and register pages, is not plugin aware. The only way i can see it working is to modify the themed plug so that it will call the hooks just like wordpress does (see wp-login.php file actions/filters). Not sure if it works but give it a try. If you’re a coder have a look in the wp-login.php of your wordpress instalation, raz-captcha needs this hooks actions:
do_action(’login_head’);
do_action(’wp_authenticate’);
do_action(’registration_errors’);
do_action(’register_form’);
I will have a look at the themed plug when I’ll have some free time tho, Good luck!
September 20th, 2007 at 4:16 pm
Hi, Raz.
This is very good plugin.
I did download and just click activate. It’s working on my site.(i’ll install my other sites on bluehost)
I want to send a some donation for easly and goog plugin but Paypay is say to me:
Currently PayPal accounts in Romania are only able to send payments. This recipient is not eligible to receive funds
Then, i stumble it
Thanks.
September 20th, 2007 at 4:31 pm
Hi emre murat,
PayPal didn’t support my country for a while. But it is supported now, see Donations page here. Thank you very much for your support and donation!
September 21st, 2007 at 6:28 pm
Great, just installed your plugin. Are you interested in a gettexted version of your plugin? I could make all changes and translate it to german. Just mail me if you are interested.
September 21st, 2007 at 7:11 pm
It is a great plugin but isn’t working for me. I am using Wordpress 2.3 beta. Options pages is working. Although I tried it several times, I couldn’t log in. I really spelled the captcha correct. Is support for Wordpress 2.3 planed?
September 21st, 2007 at 11:46 pm
Hi Kretzschmar,
Yeah, you can modify/translate the plugin for your needs. I don’t mind as long as you keep the original authors in place
I didn’t do tests with v2.3 of wordpress, but it should work… If you can get the image to generate but not validate make sure you don’t clear the $_SESSION var where the random code hash is saved ( $_SESSION[’raz_captcha_gen’] ) when accessing the login/register page.
Thanks
September 25th, 2007 at 9:59 pm
I don’t want to make my ‘own’ version. I would like to send you my changes so you could use them in future versions.
I don’t know if you are familar with gettext but the base language would be english and only if tranlsation files are used, the plugin would translate those.
Do you mean that some plugin could alter this var? Why and how should I change the session var in the login screen?
September 25th, 2007 at 10:26 pm
Hi Kretzschmar,
) has just entered in the box and fails, I don’t see other reason for failing…
Is not the var itself that is changed, it’s kinda unique name (i guess) but the entire $_SESSION could be cleared … do an echo test before the register validations / image generation in your login/register page, see if the var is there: echo $_SESSION[’raz_captcha_gen’]; It should print the password hash, if it doesn’t then your $_SESSION is cleared for some reason.. because it doesn’t find the previous generated hash to match with the one the user (or spammer
Yes, send your changes on my gmail.com account: razvaR -at- gmail -dot- com and I will include them in the next release (not sure when that will happen tho)
Thanks
September 26th, 2007 at 9:25 pm
Hello, i think that i was discover some kind of bug in your script. In file raz-captcha.php in line 198 and 199 you firstly load class method and than you set hashed $password to the session. And there is a problem, because $_SESSION[’raz_captcha_gen’] is empty or incorrect after token was type. I saw through execute method and at the end of them you are killing the script (exit;). And script can’t set session value. You should replace line 198 with 199 and vice verse’a, for example:
$_SESSION[’raz_captcha_gen’]=md5($password);
$captcha->execute($password, time());
Than you firstly set session than you execute your method and at the end you will stop the script. Everything should works fine.
It’s very unkind bug…
Tested on 2.2.3 version of Wordpress. If you want to know something more, type to my email.
September 27th, 2007 at 8:49 am
Hi m1chu,
Thanks for your fix
October 11th, 2007 at 2:10 pm
this magnificent
it works good
but just on firefox ? on Internet Explorer show empty ?
October 21st, 2007 at 8:32 pm
@qwe: For me it works fine with IE. At least with version 7.x.
Raz, indeed this is a superb plugin. Seems I don’t get any spam registration anymore. Yipiiieh! I only installed it 2 days ago so it might be too early to give a final OK but so far I’m just happy! Thank you sooo much!
The only little sad thing is that it doesn’t work with James Kelly’s Themed login plugin. The same story Jared wrote about. May be one day you will have some free time and check that out. Will have a look on the news from time to time.
October 22nd, 2007 at 8:59 am
@qwe: Thanks, works fine on IE (6 or 7) , what captcha engine are you using?
. I can’t do much about James Kelly’s Themed login plugin, as far as I can see the themed login does not let other plugins (like my captcha) to interact with the login/register forms as wordpress does. So, i think you should ask the plugin author to add the same actions/hooks request as wordpress does to support wp plugins.
@Enni: Thank you for your feedback. If you’re geting registration spammers just change your image generation engine, or customize one with the custom engine: PNG-Raz MiXed Fonts
October 24th, 2007 at 4:29 am
Hi Raz, unfortunalety I rejoiced too soon. Still I get those registrations. Also with the mixed fonts.
Don’t know how they overcome the CAPTCHA, but obviously they do. It might have something to do with a forum plugin, because always the entry page is /forum. Next step either /wp-register or /forum?action=register.
If I call those pages manually I’m always forced to enter the code. So I don’t have any idea how it is possible to register without filling that field.
Only thing which helps is to block the according IPs. But I don’t have them always as with registration the numbers are not transfered. So I just find them by coincidence in the stats.
Regarding the James Kelly plugin: I deactivated it since I found another way of having nicer registration pages.
October 24th, 2007 at 8:54 am
Hi Enni, sorry to hear about that, my only guess is that they are maybe ‘manually’ registred, you may be a target of those kind of spam that are registred by a human not a bot? Not much I can do about that, except to save the IP of the registred user and ‘manually ‘ ban him from the admin, something like: “disallow registration from this IP list”, I think that will be a nice feature
later: I see you are using numbers only in your captcha, try including some chars, some special ones like @ or $
In the plugin settings you have the option to set what type of chars to random generate in your captcha, by default it has numbers only but you can set any type of character. Just add @!#$�CDEFGHIJKLMNPWRSTUVWXYZ to the Accepted Chars box and hit the save button to make your captcha stronger…
October 24th, 2007 at 10:12 am
Dear Raz,
Thanks a miilion for caring so much. Actually, I really can’t believe that the registrations were done manually. Although also to me it seems to be the only explanation how they are able to register. Because for the forum they need to register via the usual process as well. So it’s not that logical why they choose this specific path. Doesn’t make sense to me.
Maybe I will get in contact with the developer of the forum. He should have heard about this problem already. All people I know who are fighting with these spammers too are using the forum plugin.
But I’m going to do other investigations as well. Even if I’m not a programer and don’t know much about coding I should be able to detect a pattern of those registrations.
So far all I can say is that the used systems are very old. An example from this morning:
Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10
This is brand new compared to some others (Browser versions from 2002 for example). If there would be a way o say ‘browser versions before 2006 are banned from registrations’ that might be working. Don’t have a clue if that is possible.
What strucks me is that it is not enough to ban a domain from registration (deadbolt or wp-ban plugin). For example ‘domain.com’ or just ‘*.com’. They still can register with such a domain! As I wrote before: Only thing that helps is to ban the IPs.
Ooops … what a long story I wrote. :”> Hopefully the information is useful for you.
Honestly spoken I don’t want to have a stronger CAPTCHA as it also constrains desired people while registration process. And most of all I don’t have the feeling that it will help a lot in fighting with the undesired.
However, will keep you updated.
Thanks again and have a nice day. Enni
October 24th, 2007 at 11:19 am
Dear Enni,
Thank you for your detailed informations and for keeping me updated, they will help me out in the process of improving this little project for spam fighting. On my to do list I will include a user “black” list for registration/login IP/Browser/Domain/Name pattern match. It may not stop all of them but you will have more control over them.
Have a nice and spam-free day
Raz
October 24th, 2007 at 11:38 am
Thank you!
October 24th, 2007 at 2:06 pm
Raz, before you are overloaded with work: I just was in contact with the forum developer. In the latest version of his plugin he added some simple calculation as spam protection option which is automatically been used for the WP registration!
That version I’m using only with another website and indeed for that I don’t get that much spam registrations. First I thought the reason was a different one but now it seems that’s the main one.
For you it means: you don’t have to add complex items to your plugin which uses plenty of your time. The plugin probably works very well for users who don’t use a forum.
As I promised I will keep you updated and let you know about my experiences once I have upgraded my private site to WP 2.3 plus the latest version of the forum.
Bye for now but not forever.
Enni
October 26th, 2007 at 12:05 pm
Thanks Enni, current version of the plugin doesn’t work with v2.3 as reported/fixed above by m1chu (thanks!) , I’ll update the plug with more features and the fix for wp 2.3 as soon as I get my hands on some free time, till then you may “hack” the plug a “little bit” to work with your wordpress 2.3 installation
Thanks again for your feedback
Raz
October 26th, 2007 at 12:22 pm
No problem
I was testing my exchange on your mod (this from my last entry) in Wordpress 2.3 version and it’s should works fine. I think it may help you in your works with update.
m1chu
November 1st, 2007 at 3:01 pm
Thanks, this is a really good plugin and it works, no spam anymore!!!
November 3rd, 2007 at 3:14 am
Hi Raz
Excellent plugin. I have one small problem that I’d like to get to the bottom of.
Google is indexing raz-captcha.php often with interesting results, for example http://www.myhappymedium.net/wp-content/plugins/raz-captcha/raz-captcha.php?captchagen= sometimes returns a captcha image on a page (nothing else) and sometimes returns a headers already sent error.
I would be happy to provide more info if need be. I know I can stop google from indexing these pages but just wondered what was happening? A quick Google suggests a few people have the same problem (or maybe its not a problem!)
Thanks and keep up the great work
November 3rd, 2007 at 10:29 am
Hi Matt,
Thanks for your feedback. My guess is that google ‘thinks’ it’s a standard image and he will add it to his database… erros are displayed because the script is accessed directly and vars are not ready yet. Sometimes you can see the image generated because the session was already initialized in your browser. It’s not a problem as far as I can see, it’s just a small glitch which I intend to fix
I will add in the feature versions additional checks to show some standard errors or not let google crawl to the script …
Not sure if this will do the trick but you can add the below lines in your Robots.txt file to disallow crawlers from accessing the captca script:
Have a nice day
@Marc: Thanks for your feedback, glad it works
December 20th, 2007 at 9:51 pm
- Will this plugin can be used to filter anonymous comments?
- Which CAPTCHA plugin are you using here?
- How can I customize the message “Please enter the code shown above:” ?
Thanks a lot.
December 20th, 2007 at 9:54 pm
- Will this plugin can be used to filter comments in Wordpress?
- Which plugin are you using here?
- How can I customize the message “Please enter the code shown above:” ?
December 22nd, 2007 at 6:19 pm
Hi Narcis Garcia ,
1) It doesn’t filter the wordpress comments, it’s only used on register and login forms of your blog to stop automatically registrations with spam bots
2) On the plugin comment I use the same plugin, Raz-Captcha, it’s in beta stage not released yet, work in progress
3) It can’t be customized from the plugin config window, yet …
December 31st, 2007 at 2:20 pm
Hello!
I have i separate comment.php and the only thing I want is to put a CAPTCHA for the commnets.
I have no registration and no login.
Which code will I put where?
And - of cource - Happy New Year!
January 2nd, 2008 at 2:35 pm
Hi Nisse, raz-captcha doesn’t support wp comments form yet, I will release an update for this plugin which includes captcha test on comments as well . But that will happen when I’ll get back home from vacation, if you want a beta (the same used on my comments form here) let me know
Happy New Year!
January 2nd, 2008 at 7:59 pm
Raz:
Hi, yes I want your beta, thanks.
Regards.
January 8th, 2008 at 7:11 pm
Which captcha algorithm do you suggest to use? Which one is the strongest against bots and spammers? By the way, you wrote that you use PNG-GOTCHA on your blog but it looks absolutely different than GOTCHA image generated with your plugin.
January 8th, 2008 at 8:46 pm
Hi Lesiu,
. When I’ve wrote this post GOTCHA algorithm was set on my blog and because I’ve made some changes to the plugin core (to include a captcha image on comments as well) I’ve switched to a weakest one: JPG-Tini Mini. This one proved not to be that weak, it works just great for both comments and registrations. So peek any captcha engine and give it a try
My best guess is on the GOTCHA algorithm: it features different font for each character, sizes, colors, grid and it’s more human readable
January 9th, 2008 at 12:55 pm
Raz, this GOTCHA is so strong, that people might have some trouble reading it. Maybe this is the way it should be.
January 9th, 2008 at 1:13 pm
The image can be refreshed/re-generated on click if the image generated with PNG-GOTCHA (or any other engine) is not to human readable, it’s up to you to use it or not. The most readable and a little week against ocr spammer geeks is the JPG-Tini Mini and PNG-phpBB3 8bit Grey engines.
Good luck.
January 9th, 2008 at 2:14 pm
Yes, I know that I have to click to refresh it. Raz, it’s really good plugin for WP, that’s for sure. I just wrote about troubles, because I had some. I think the best way to use it is just to implement it only on registeration page. If a human wants to register, he will succeed.
January 17th, 2008 at 8:36 am
[…] to hunt down a captcha solution for the comments, but I do have captcha in place for logins with Raz-Captcha and my contact form with Contact Form 7. This keeps bots from spamming and trying to crack your […]
January 19th, 2008 at 10:22 pm
Hi -
I am a bit new to Wordpress, but I am a seasoned programmer and PHP hacker. I was sondering if your code can or will soon work within the Ajax sidebar login plugin? Using the mini-jpg there would be great!
Thankss.
January 24th, 2008 at 5:12 am
Hi There I have been using Raz for about 3 months on WP 2.2.2 without problems but recently the image box thingy has gone black so no one can read it!! I tried a fresh install same deal. Please help as this seriously affects my site.
Oh and to dqj - I use ’sidebar login’ with Raz-captcha and a custom login page as well and it (until now) works just fine!!
January 24th, 2008 at 10:08 am
Hi Krystal,
Try another engine, I’m not sure what is going on, it should not generate black image unless modifications where done to the captcha generator, let me have a look at your blog, give me a link
.
Here is the latest beta build, not released yet do to lack of time (not all plans finished), give it a try and let me know how it works on your side.
February 1st, 2008 at 1:32 am
[…] Raz-Captcha adds a CAPTCHA to user login and/or user registration. I just have it turned on for registration, because too many spammers were automatically registering accounts in the vain hope that being logged in would let their spammy comments through my spam filter (it didn’t). […]
February 4th, 2008 at 5:51 pm
Will you announce the new release of Raz-Captcha in this page? Should I track this post to detect the new version?
Thanks for the work.
February 18th, 2008 at 10:49 am
I have the same problem, the image does not appear and once I log out, I have to delete the raz folder from the server to be able to log in again. I will activate it now, here: http://pacura.ru so you can have a look.
My server fulfills all prerequisites, aka freetype GD, etc.
using wordpress 2.3.3
February 18th, 2008 at 10:58 am
tiny mini works although I have:
Server Settings
* Operating System : Linux
* Server : Apache/2.2.3 (Debian) mod_fastcgi/2.4.2 mod_ssl/2.2.3 OpenSSL/0.9.8c
* Memory usage : 12.8 MByte
* MYSQL Version : 5.0.32-Debian_7etch5-log
* SQL Mode : Not set
* PHP Version : 4.4.4-8 etch4
* PHP Safe Mode : Off
* PHP Allow URL fopen : On
* PHP Memory Limit : 128M
* PHP Max Upload Size : 32M
* PHP Max Post Size : 32M
* PHP Max Script Execute Time : 120s
* PHP Exif support : Yes ( V1.4 )
* PHP IPTC support : Yes
* PHP XML support : Yes
GD support
* GD Version : 2.0 or higher
* FreeType Support : Yes
* FreeType Linkage : with freetype
* T1Lib Support : Yes
* GIF Read Support : Yes
* GIF Create Support : Yes
* JPG Support : Yes
* PNG Support : Yes
* WBMP Support : Yes
* XBM Support : No
* JIS-mapped Japanese Font Support : No
February 20th, 2008 at 3:29 am
When activated if new user registers, if using a name already registered the original name gets over writen
February 20th, 2008 at 9:59 am
@Narcis Garcia: new releases will be announced on site, as a new post/thread, get the site rss feed here or register here for news. Or check this post comments for beta builds and/or quick fixes
@ovizii: are you trying the beta build? not sure what is going on
@peter: It looks like a bug, it doesn’t get overwrited on my side but you will not get the standard error “user already registered”, that is strange, thanks for your bug report, will be fixed in the next build…
February 20th, 2008 at 10:48 am
Just Fixed, please re-download the latest beta build here and give it a try (just overwrite your existing files), it should now show the standard wordpress errors as usual on registration errors.
Thanks
February 20th, 2008 at 11:14 am
Affects this bug to the stable version?
February 20th, 2008 at 11:23 am
Yes it does, this bug is from the first release of this plugin, I encourage you to use the latest build, it also introduces captha check on comments, very good against comments bots (not useful for trackbacks tho, but a decent spam filter such as Akimset should suffice for trackbacks) .
Good luck
March 4th, 2008 at 3:06 am
Excelente plugin, era casi lo que buscaba. Me interesaría que la persona que se registre pueda ser author. gracias.
March 4th, 2008 at 10:49 am
Hi albertcito,
Thanks for your feedback, didn’t quite understand what you’re “interesaría”. English please
March 6th, 2008 at 12:39 pm
Albercito said: Excellent plugin, it was almost what I was looking for. I wish who registers could be author. thanks.
March 14th, 2008 at 3:11 pm
[…] nebeneinander. mit dem tool simple captcha schütze ich den kommentarbereich und das plugin raz-captcha verhindert die anmeldung von robots. simple captcha ist tatsache recht einfach und bietet keinerlei […]
March 24th, 2008 at 4:03 pm
I used Akismet and this one! Like them both! Thanx for the site!
March 25th, 2008 at 11:20 am
I sed it too! Really good
March 31st, 2008 at 8:52 am
Still works with 2.5 with one bug.
For the Logon protection. If they type in the wrong code you get an error.
April 4th, 2008 at 2:14 am
I’m getting an error since upgrading to WP 2.5
[13-Mar-2008 17:03:01] WordPress database error Table ‘mobile.wp_options’ doesn’t exist for query SELECT option_value FROM wp_options WHERE option_name = ’siteurl’ LIMIT 1
The plugin still works, so I guess it is a warning not an error message.
Is this an easy fix for you?
Thanks for the plugin, I can’t tell you how many hours of sorting through bot registrations it saves me!
April 4th, 2008 at 2:15 am
Sorry - wrong error - it’s been a long day!
[01-Apr-2008 10:56:51] PHP Fatal error: Cannot use object of type WP_Error as array in /home/directory/public_html/website/wp-content/plugins/raz-captcha/raz-captcha.php on line 633
April 9th, 2008 at 8:25 am
That error is the same i’m getting. It only if you type in the CAPTCHA code in wrong. But at least isn’t not fatal.
April 9th, 2008 at 1:05 pm
Hi all and thanks for your feedback
Things changed inside last wp version, i’ll get this plugin updated as soon as I’ll get enough time to “dig inside” the new wp version
not sure when tho…
Thanks
April 12th, 2008 at 2:44 pm
[…] nicht einschaltet (schade…) musste eine andere Lösung her. Die Lösung heisst “Login and Register Anti-Spam Captcha” und bietet einen Captcha (Completely Automated Public Turing test to tell Computers and […]
April 17th, 2008 at 9:09 pm
Is it possible to have the “Captcha engine” option in the “Raz-Captcha Options” page default to PNG-Raz Mixed Fonts or one of the others besides PNG-GOTCHA? If so, please porvide document and line.
Thanks for your excellent work!
April 21st, 2008 at 8:16 am
Very nice, thank you, I can’t wait to try it out. Sorry I replied on the other post, not realizing the date.
April 29th, 2008 at 12:04 am
After moving to a new server (database backup), the plugin shows the following error:
Warning: Cannot use a scalar value as an array in /var/www/web110627/html/wp-content/plugins/raz-captcha/raz-captcha.php on line 590
April 29th, 2008 at 7:55 am
After upgrading to WordPress 2.5.1, I am getting a blank white page when trying to login. The following php error is generated:
PHP Fatal error: Cannot use object of type WP_Error as array in /home/(deleted)/public_html/blog/wp-content/plugins/raz-captcha/raz-captcha.php on line 590
Server was recently upgraded to PHP 5.2.5 as well.
I had to rename the raz-captcha directory so I could re-log into WordPress. Not sure if the new version of WordPress or PHP version is causing the problem.
May 2nd, 2008 at 10:50 pm
[…] zur Plugin-Homepage Series Navigation Kategorien: HinweiseTags: Captcha, plugins, Wordpress Über den […]
May 9th, 2008 at 6:16 am
Latest version of Wordpress doesn’t like this plug in.
Get a 500 error when trying to log in now. Had to disable the plugin in order to write posts.
Please update the plugin please. Nothing I hate worse is spammers trying to create fake registrations.
May 9th, 2008 at 6:19 am
PHP 5 here BTW too.
May 9th, 2008 at 11:33 pm
[…] z wyżej podanego powodu wprowadziłem gotowe rozwiązania, a mianowicie m.in. Raz-Captcha. Część osób miało problem z systemem weryfikacji graficznej, które autor modyfikacji w dziwny […]
May 20th, 2008 at 11:07 pm
The registration page looks fine, but the login page now throws this error:
Fatal error: Cannot use object of type WP_Error as array in /home/seethehu/public_html/wp-content/plugins/raz-captcha/raz-captcha.php on line 590
May 20th, 2008 at 11:38 pm
Also, the logout page throws same error (this is on different blog, same host):
Fatal error: Cannot use object of type WP_Error as array in /home/seethehu/public_html/tuscolamops/wp-content/plugins/raz-captcha/raz-captcha.php on line 590
May 20th, 2008 at 11:44 pm
I got the same thing when upgrading to 2.5.
I had to drop the plug-in altogether and go for Register Plus, IMO better anyway.
http://skullbit.com/wordpress-plugin/register-plus/
May 28th, 2008 at 10:41 am
function check_captcha_login($user)
{
reget_session_options();
if ($_SESSION[’rca_ses_option’][’rca_login’])
{
global $error;
$err=check_captcha();
$wz_err = new WP_Error();
if ($err) {
$error=$err;
$wz_err->add(’error’,__(’WRONG CODE’));
return $wz_err;
}
return $user;
}
}
I hope this helps and ofcourse RAZ you can release this patch with a new version of this great plugin
May 28th, 2008 at 10:45 am
sorry you can delete previous comment is a wrong post here it is full version :
I found a solution to make this plugin work under 2.5.1 WP , in file raz-captcha.php in wp-content/plugins/raz-captcha/ just do the following :
search for line :
add_action(’wp_authenticate’, ‘check_captcha_login’);
and replace with this one :
add_action(’wp_authenticate_user’, ‘check_captcha_login’);
then search for line :
function check_captcha_login()
and replace ALL the function code with this one :
function check_captcha_login($user)
{
reget_session_options();
if ($_SESSION[’rca_ses_option’][’rca_login’])
{
global $error;
$err=check_captcha();
$wz_err = new WP_Error();
if ($err) {
$error=$err;
$wz_err->add(’error’,__(’WRONG CODE’));
return $wz_err;
}
return $user;
}
}
I hope this helps and ofcourse RAZ you can release this patch with a new version of this great plugin
May 28th, 2008 at 3:00 pm
@hubevolution:
With that change I’m unable to reactivate the plugin: It produces a fatal error in line 594, an “unexpected T String”:
$wz_err->add(’error’,__(’WRONG CODE’));
May 28th, 2008 at 4:13 pm
quite strane it works fine for me are you in php4 or php5 ? I am on php5 , well actually you can try this way :
$wz_err->add(’error’,’WRONG CODE’);
or
$wz_err->add(’error’,’’);
let us know
May 28th, 2008 at 9:17 pm
MySQL Client 5.0.32
The first line produces the same Parse error (unexpected T String). The second one seems to work at first, but after activating the plugin, it doesn’t generate any images, neither on the config page nor when registering as a new user.
Another problem of this is that I cannot login anymore when the plugin is active now. The system shows a “wrong password” message.
June 2nd, 2008 at 8:36 am
Confirming Axel - I did exactly what he did and I’m in the same place!
June 3rd, 2008 at 9:09 am
well we have to understand where is the difference between your environments and mine since I am using it on wordpress 2.5.1 without any problem.
I have uploaded my raz-captcha modded plugin here can you test it please ?
http://www.filefactory.com/file/cf4f9f/
thanks
June 3rd, 2008 at 12:49 pm
same problem: plugin can be activated and adjusted but does not generate images.
June 12th, 2008 at 7:27 pm
[…] to hunt down a captcha solution for the comments, but I do have captcha in place for logins with Raz-Captcha and my contact form with Contact Form 7. This keeps bots from spamming and trying to crack your […]
September 27th, 2008 at 2:03 pm
[…] system is to protect by Automated Attacks by BOTS , but I do have captcha in place for logins with Raz-Captcha and for Registration process , Comment you can use this WP-Recaptcha . This keeps bots from […]