I have MiniBB 2.0.2a and Captcha oct. 31 2006. PHP 5.0.1.6 and MySql 5.0.22½ GD and FreeType on.
Maybee all functions work except that I can't see any picture (the code) in the Captcha log in window and therefore can not log in as anonymeus.

The test, the generated image displaying (8fy7u) worked fine every time (and when I say everytime it is because I have done a lot of trying by beginning again from beginning - and with diffent installations and settings)

looking at one example output from my browser it says this:

<form name="contact" action="http://127.0.0.1/debat/index.php?" method="post" class="formStyle">
<img src="http://127.0.0.1/debat/addon_captcha.php?md5=fCB6fz0%3D" style="border:0px" alt="" />

and the next time I try to log in I can find another ...mc15=something. Dosn't that shows that a kind of code is generated?

I have not done anything about the default and I have tried it also in a new MiniBB installation where I am sure not to have messed anything around.

I have tried diffent font paths for example
1. $fontsPath='http://127.0.0.1/debat/fonts';
2. $fontsPath='./fonts';
3, $fontsPath='C:\Apache\hjemsted\debat\fonts'; (FROM url SERVER SCRIPT)

Any help?
Thank you.

Problem solved!

It helped with a little slash ind the end of fonts path.

So in the readme file when you add a little "e" to "last" so it says "least" then you also should add a little slash in the end of fonts path :-)

Anyway, the default Captcha options.php has the slash.
(It was so I found out, it was just stupid me who thought I should follow the install instructions :-))

Now I am happy again and I am very impressed of both MiniBB, Captcha and you and lots of folks contributing here in the forum.

Thank you!

I think in default settings it says

/* Direct path to the directory where image fonts are placed. Slash at the end. */

Anyway, thank you for the suggestions. I will fix this all in the README and hope everybody else will be able to install the addon with no problems, specifying correct path.

I am unable to get mine to work.

Guest tries to submit. Takes them to the captcha page. It produces a readable captcha. Guest types in the information. Gets error message "You have entered invalid code." I am using the standard post a message then goes to the captcha screen, not the javascript popup.

Tried changing the info in setup_options.php to $allForumsReg=FALSE, making sure the two slashes were not in front.

Any other suggestions?

I've met this error twice and in all cases the reason was there is some problem with sessions. Try to create this type of session checking script:

<?php
session_start();
if(!isset($_SESSION['testvar'])){
$_SESSION['testvar']='123';
echo 'new session var started: '.$_SESSION['testvar'];
}
else{
echo 'session var is kept: '.$_SESSION['testvar'];
}
?>

If you run this script for the first time, it should produce 'new session var started: 123'. But when you refresh it, it should produce 'session var is kept: 123'. If it will produce 'new session var started: 123' all the time, it means exactly what I think, and this error can be investigated/fixed only by the hosting provider.

Nope, didn't keep the session. New session every time.

What should I tell my hosting provider to look for? I am new at this.

Got it figured out the hosting provider. They said they needed to edit some php ini file and save sessions to a directory file. Something like that. Thank you Paul!!

I hope that will work for you...

When enabled for direct email addon, one gets the following error when clicking the send email link (at the end of direct email form):

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at .../addon_directemail.php:32) in ..../addon_authorize.php on line 12

Captcha addon code for bb_plugins.php needs to be pasted at the top of this file. Like:

<?php
if (!defined('INCLUDED776')) die ('Fatal error.');

/* Captcha Authorization addon */

.....


Other plugins code must follow below.

Thanks Paul!

Recently I've got a custom request from one of my top customers, which asked on how to enable Captcha for search for anonymous users.

There is a very simple solution for that. Modify code for bb_plugins.php and at the place where it lists $cond1, $cond2, $cond3... add below the following:

$cond4=($user_id==0 and $action=='search' and !isset($_GET['loc']));

The final condition should list the following:

if($cond1 or $cond2 or $cond3 or $cond4) $enableCaptcha=TRUE;

It's a question of why actually would be needed to enable Captcha for search. I personally think it's not a question of instant bulking or attacking the site calling the search algorithm (any server should have a protection against such kind of primitive flood; Apache has it for sure).

I could suspect this is done because forum owners are carrying about the protection of their data, which is "automatically stolen and classified" through the search mechanism.

I would be more than happy if somebody writes a program, which steals the data from miniBB forums - why not? All references are kept anyway. But you probably need to be more than a legend before somebody will even try to do so ;-)

I think stealing content could evoke a serious problem - I've had two examples when someone used a proxy server to enter my site and then --- for unknown reasons --- google indexed the proxy site instead of the main site. Others could link to the proxy site instead of the main site to create duplicate penalty..

That's true, but how the search panel is involved? ;-) Search pages should not be cached in Google at all - this section has NOINDEX,NOFOLLOW tag (until you customly change this of course).

That's true, but how the search panel is involved? ;-)
You are right - it's not directly related to the search panel but more to general website content. I would also be interested to hear from opinions of others why some sites have captcha on search option too..