[pmwiki-users] pmform captchas bypassed on thinkhost.com
Hans
design5 at softflow.co.uk
Mon Jul 14 10:05:32 CDT 2008
Monday, July 14, 2008, 3:28:29 PM, Patrick R. Michaud wrote:
> I see three possible solutions to this:
> 1. Make Captcha part of the core, with Site.EditForm preconfigured to
> display a captcha whenever $EnablePostRequiresCaptcha is set.
> 2. Leave Captcha as a recipe, but modify the distributed Site.EditForm
> to display a captcha whenever $EnablePostRequiresCaptcha is set.
> 3. Provide a Site.EditForm with the Captcha recipe, and instructions
> to tell an admin how to configure it into the system (this actually
> may be the status quo).
I don't like any of these, as I don't see the point in a Captcha on
the edit form. Most wikis I guess trust their editors enough not to
require them to input captcha values. Often the edit access is
restricted by password.
I see a value in a captcha on apage with a form, where submitting is
possible by site visitors.
I recommend to advise admins who want to use the Captcha recipe
to add something like this to config.php, for wikis with edit
access restrictions:
$EnablePostCaptchaRequired = 1;
if (CondAuth($pagename,'edit'))
$EnablePostCaptchaRequired = 0;
include_once('cookbook/captcha.php');
~Hans
More information about the pmwiki-users
mailing list