Forum Replies Created
-
Posts
-
Hi,
Yes, I’m using recaptcha.
Additionally, he’s using a bad email address (and variations of the bad email, for instance, email@gmail.com, email1@gmail.com, etc.), so he never receives the second email with the link in which to create a user name and password. So I created a user name and password for his first bad email, but the system still allows him to try to create NEW accounts using that same email.
Also, I have put that email address in the blacklist, but realize it’s pointless because he doesn’t know the user name or password.
How can I prevent this kind of “spam attack”? I can create accounts using whatever email he uses, but the system STILL allows him to try and create new ones. Can you fix it so that once an account is created with username and password, they can’t even try to submit for a new account?
Please help.
Paul
You pointed me to this code in recaptchalib.php:
/**
* Gets the challenge HTML (javascript and non-javascript version).
* This is called from the browser, and the resulting reCAPTCHA HTML widget
* is embedded within the HTML form it was called from.
* @param string $pubkey A public key for reCAPTCHA
* @param string $error The error given by reCAPTCHA (optional, default is null)
* @param boolean $use_ssl Should the request be made over ssl? (optional, default is false)
* @return string – The HTML to be embedded in the user’s form.
*/
function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
{
if ($pubkey == null || $pubkey == ”) {
die (“To use reCAPTCHA you must get an API key from http://recaptcha.net/api/getkey“);
}
if ($use_ssl) {
$server = RECAPTCHA_API_SECURE_SERVER;
} else {
$server = RECAPTCHA_API_SERVER;
}
$errorpart = “”;
if ($error) {
$errorpart = “&error=” . $error;
}
return ‘<script type=”text/javascript” src=”‘. $server . ‘/challenge?k=’ . $pubkey . $errorpart . ‘”></script>
<noscript>
<iframe src=”‘. $server . ‘/noscript?k=’ . $pubkey . $errorpart . ‘” height=”300″ width=”500″ frameborder=”0″></iframe>
<textarea name=”recaptcha_challenge_field” rows=”3″ cols=”40″></textarea>
<input type=”hidden” name=”recaptcha_response_field” value=”manual_challenge”/>
</noscript>’;
}
The article above provided this code (I added the “white” theme name). It says to “add this into the head section of the page on which form is displayed”:
<script type=”text/javascript”> var RecaptchaOptions = { theme : ‘<white>’ }; </script>
I tried unsuccessfully 4x to add this code in this line:
return ‘<script type=”text/javascript” src=”‘. $server . ‘/challenge?k=’ . $pubkey . $errorpart . ‘”></script>
Any suggestions?
Thanks.
Paul H.
Hi Guys,
I checked out the suggested recaptchalib.php and there is nothing apparent to change the skin.
The page source reveals a <table class=”recaptchatable recaptcha_theme_red” …> but I can find no reference to what is calling that (as that would be the place to change a skin).
I posted elsewhere that WP-reCaptcha didn’t work with the eMember profile page, so I deleted it. But they have code to change skins (it added a box on blog comments pages), so I know it’s possible.
WP-reCAPTCHA
Plugin URI: http://www.blaenkdenum.com/wp-recaptcha/
Description: Integrates reCAPTCHA anti-spam solutions with wordpress
Version: 2.9.8.2
Can you add this to an upgraded version? Would be a very nice, and I think relatively easy feature to add to the eMember dashboard.
Thanks.
Paul H.
Good call, found the culprit:
WP-reCAPTCHA
Integrates reCAPTCHA anti-spam solutions with wordpress
Activate | Edit | Delete
Version 2.9.8.2 | By Jorge Peña | Visit plugin site
Thanks!
Paul H.
Thanks guy, I responded to your private email, and will post something here upon resolving the issue.
Paul H.
I renamed the .htaccess in root, and it still generates the same error:
Site error: the file /homepages/31/d110419763/htdocs/newworldview/wordpress/wp-content/plugins/wp-pdf-stamper/wp_pdf_stamp1.php requires the ionCube PHP Loader ioncube_loader_lin_5.2.so to be installed by the site administrator.
I left the root .htaccess renamed, and renamed the root/wordpress/ .htaccess, and the site won’t run at all without that one.
I ran info.php again, and it shows ioncube to be installed:
PHP Version 5.2.14
System Linux infong 2.4 #1 SMP Wed Nov 4 21:12:12 UTC 2009 i686 GNU/Linux
Build Date Aug 13 2010 12:53:55
Configure Command ‘../configure’ ‘–program-suffix=5’ ‘–with-pear=/usr/lib/php5’ ‘–with-config-file-path=/usr/lib/php5’ ‘–with-mysqli’ ‘–with-kerberos’ ‘–with-imap-ssl’ ‘–enable-soap’ ‘–with-xsl’ ‘–enable-mbstring=all’ ‘–with-curl’ ‘–with-mcrypt’ ‘–with-gd’ ‘–with-pdo-mysql’ ‘–with-freetype-dir’ ‘–with-libxml-dir’ ‘–with-mysql’ ‘–with-zlib’ ‘–enable-debug=no’ ‘–enable-safe-mode=no’ ‘–enable-discard-path=no’ ‘–with-png-dir’ ‘–enable-track-vars’ ‘–with-db’ ‘–with-gdbm’ ‘–enable-force-cgi-redirect’ ‘–with-ttf’ ‘–enable-ftp’ ‘–enable-dbase’ ‘–enable-memory-limit’ ‘–enable-calendar’ ‘–enable-wddx’ ‘–with-jpeg-dir=/usr/src/kundenserver/jpeg-6b’ ‘–enable-bcmath’ ‘–enable-gd-imgstrttf’ ‘–enable-shmop’ ‘–enable-mhash’ ‘–with-mhash’ ‘–with-openssl’ ‘–enable-xslt’ ‘–with-xslt-sablot’ ‘–with-dom’ ‘–with-dom-xslt’ ‘–with-dom-exslt’ ‘–with-imap’ ‘–with-iconv’ ‘–with-bz2’ ‘–with-gettext’ ‘–enable-exif’ ‘–with-idn’ ‘–with-sqlite’ ‘–enable-sqlite-utf8’ ‘–enable-zip’ ‘–with-tidy’ ‘–enable-gd-native-ttf’
Server API CGI
Virtual Directory Support disabled
Configuration File (php.ini) Path /usr/lib/php5
Loaded Configuration File /homepages/31/d110419763/htdocs/newworldview/wordpress/php.ini
Scan this dir for additional .ini files (none)
additional .ini files parsed (none)
PHP API 20041225
PHP Extension 20060613
Zend Extension 220060519
Debug Build no
Thread Safety disabled
Zend Memory Manager enabled
IPv6 Support enabled
Registered PHP Streams https, ftps, compress.zlib, compress.bzip2, php, file, data, http, ftp, zip
Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters zlib.*, bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed
Zend logo This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
with the ionCube PHP Loader v3.3.20, Copyright (c) 2002-2010, by ionCube Ltd
Any other suggestions?
Thanks,
Paul H.
Hi,
Thanks for the response.
I ran the loader-wizard.php. Initially it said that there was an error. Unfortunately I did not record it. It also suggested that I copy the php.ini file into the /wordpress/ioncube/ subdirectory, which I did.
At one point, the wizard claimed to have created a php.ini file in root, but when I checked nothing was there. So I copied it there to no avail.
I ran the wizard again and it said:
“ionCube Loader Wizard
An updated version of this Wizard script is available here.
The ionCube Loader 3.3.20 is already installed and encoded files should run without problems.
Please note that if encoded files in a different directory from the Wizard fail then you should attempt to copy the php.ini file to each directory in which you have encoded files.
Please contact the script provider if you do experience any problems running encoded files.
For security reasons we advise that you remove this Wizard script from your server now that the ionCube Loader is installed.”
###
So I copied php.ini into root, root/wordpress, and root/wordpress/ioncube, and again received the following error message when attempting to activate the PDF-Stamper plug-in:
“Site error: the file /homepages/31/d110419763/htdocs/newworldview/wordpress/wp-content/plugins/wp-pdf-stamper/wp_pdf_stamp1.php requires the ionCube PHP Loader ioncube_loader_lin_5.2.so to be installed by the site administrator.”
Any further suggestions?
Could this have to do with my running wordpress in a subdirectory with a password protected /wordpress/ as temporary root. Could the .htaccess files in /wordpress and /root be causing this?
Again, the tech from my webserver originally placed the php.ini in /wordpress/
Thanks,
Paul H.
Hi,
I have read all the posts, tried some tweaks (all failed), and then installed the min_require_checker:
Minimum Requirement Checker v1.0
Summary
IonCube Decoder Present (this has a red X)
CURL Library Present (this has a green check)
PHP Version 5.2.14
My server uses WP 3.01
WP Stamper installed okay, but when activated still produces the following error:
“Site error: the file /homepages/31/d110419763/htdocs/newworldview/wordpress/wp-content/plugins/wp-pdf-stamper/wp_pdf_stamp1.php requires the ionCube PHP Loader ioncube_loader_lin_5.2.so to be installed by the site administrator.”
So, I called my ISP, and they helped me install the proper ionCube PHP loader zipfile for their server. Now, when I run “info.php” in my root directory, I get the following:
“This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
with the ionCube PHP Loader v3.3.20, Copyright (c) 2002-2010, by ionCube Ltd.”
They had me add a php.ini file (not php5.ini as someone posted earlier, I tried changing the name to no avail) to my /wordpress/ directory which is not the root directory (it’s a prototype, so it’s installed in a subdirectory and I have a .htaccess file in the subdirectory protecting the subdirectory while we prototype).
The php.ini file my webhost provided has two lines (I don’t believe the [zend] line used in the above php5.ini example is a problem or is it?):
zend_optimizer.optimization_level=15
zend_extension=/homepages/31/d110419763/htdocs/newworldview/wordpress/ioncube/ioncube_loader_lin_5.2.so
The path name is correct to the correct file in the correct directory.
Any suggestions?
Thanks in advance!
Paul H.
