matthutchinson / acts_as_textcaptcha Goto Github PK

View Code? Open in Web Editor NEW

59.0 5.0 12.0 440 KB

Text-based logic question captcha's for Rails 🚫🤖

Home Page: https://acts-as-textcaptcha.hiddenloop.dev

License: GNU Lesser General Public License v3.0

Ruby 99.70% Shell 0.30%

spam-protection ruby captcha rails activerecord captcha-alternative captcha-generator

acts_as_textcaptcha's People

Contributors

Stargazers

Watchers

Forkers

daem0n bradcrawford arjeno codeabstract socialwod jnaqsh fiverr razitz thiyagarajan armandfardeau dschaerer

acts_as_textcaptcha's Issues

one captcha per session instead of page reload

Hi,

using textcaptcha and my users love it, especially since recaptcha became unreadable.
Also the custom captchas are great as I can tailor the questions to suit my audience.

However my biggest gripe with this gem is that if a user opens a second page that has a textcaptcha, the possible answers get overwritten in the session and doesn't match the answer on the tab that was opened first.
Ideally either the form would contain a reference to the question so that the answer can be matched to the right question,
or the question should always be the same for the duration of the session or until the user has answered a question.

Btw, I doublechecked with the demo on heroku and it has the same behaviour. So I'm not sure if this is a bug or a feature request. :)

Or maybe I just don't know how to do it?

How do you change the captcha timeout? Captchas always fail for me.

Textcaptcha answer was not submitted quickly enough, try another question instead

I always get this. No matter how quickly the form is filled out. Even if it takes just seconds to complete!

Error undefined method `spam_question' for nil:NilClass

Hey Dude... got my key... follow the instructions and got an error in rails...

undefined method `spam_question' for nil:NilClass

I did create my key from the website...
377mqbg9abcwk84wsk0soosc43ghrhhs

Update the Gem File
Lets Add TextCaptcha
gem 'acts_as_textcaptcha'

irb
require 'bcrypt';BCrypt::Engine.generate_salt
=> "$2a$10$qPsPPPOTzq.X3nuWZM9mOO"

Is this Engine need to be the name of the model to protect ? I din't think so....

I include the code in the form...

Is a form _form.html.erb generated by scaffold...

<%= textcaptcha_fields(f) do %>

<%= f.label :spam_answer, @comment.spam_question %>
<%= f.text_field :spam_answer, :value => '' %>

<% end %>

but not sure if is going to conflict with the other form...

The main question is it necesary to create another text field in the model to protect to allocate the spam_question and spam_answer ?

THX Dino.

Custom questions not working

acts_as_textcaptcha is working fine for me.

If I add custom questions in my model by,
acts_as_textcaptcha :api_key => my_key',
:bcrypt_salt => 'salt',
:bcrypt_cost => '3',
:questions => [{ 'question' => '1+1', 'answers' => '2,two' },
{ 'question' => 'The green hat is what color?', 'answers' => 'green' }]

or
If I add question in config/textcaptcha.yml

it is not showing my custom questions, instead it shows the random question.

It shows my custom question if I edit the :api_key value,
example: my 32digit api_key ends with 8 and i changed the last digit from 8 to 9. Now its is working.

Will it cause any issue in future if change the api_key value?
or
How can I show my custom questions without editing the api_key value?

Thanks,
Arivarasan L

API site down

As today (Dec. 10, 2015), the textcaptcha.com API site seems to be down. It was working well yesterday.

This site is currently unavailable, please try again later.

Best,

Why are the answers always incorrect?

I really don't understand why the answers are always incorrect.

app/controllers/landing_controller.rb

class LandingController < ApplicationController
 def index
   @contact  = Contact.new
   @contact.textcaptcha
 end

app/models/contact.rb

class Contact < ActiveRecord::Base
  attr_accessible :name, :email, :message, :contact_type, :status
  validates :name, :email, :contact_type, :message, :status, :presence => true
  validates :message, :length => { :minimum => 15, :maximum => 100 }

  acts_as_textcaptcha  :http_read_timeout    => 60,
                  :http_read_timeout    => 10,
                  :cache_expiry_minutes => 10,
                  :questions            => [{ 'question' => 'Quanto é 1 + 1?', 'answers' => '2,dois' },
                                            { 'question' => 'Qual a cor do chapéu verde?', 'answers' => 'verde' }]

app/views/landing/index.html.erb

<form id="contact" method="post" action="contact" accept-charset="UTF-8">
  <input name="authenticity_token" type="hidden" value="<%= form_authenticity_token %>"/>
  <h2>ENTRE EM CONTATO</h2>
  <div>
    <label>Nome</label>
    <input type="text" placeholder="Nome" id="contact[name]" name="contact[name]" />
  </div>
  <div>
    <label>E-mail</label>
    <input type="text" placeholder="E-mail" id="contact[email]" name="contact[email]" />
  </div>
  <div>
    <label>Tipo</label>
    <select name="contact[contact_type]" id="contact[contact_type]">
      <option value="1">Sugestão</option>
      <option value="2">Reclamação</option>
      <option value="3">Elogio</option>
      <option value="4">Comercial</option>
    </select>
  </div>
  <div>
    <label>Mensagem</label>
    <textarea placeholder="Mensagem" id="contact[message]" name="contact[message]"></textarea>
  </div>
  <div>
    <label for="contact_textcaptcha_answer"><%= @contact.textcaptcha_question %></label>
    <input id="contact_textcaptcha_answer" placeholder="<%= @contact.textcaptcha_question %>" name="contact[textcaptcha_answer]" type="text" value="" />
  </div>
  <input id="contact_textcaptcha_key" name="contact[textcaptcha_key]" type="hidden" value="xxxxxxxxxxx" />
  <input type="submit" class="lnk blue fR" value="ENVIAR">
</form>

So, the questions are shown correctly. When submiting I'm receiving:

Started POST "/contact" for 127.0.0.1 at 2014-03-27 23:02:40 -0300
Processing by LandingController#contact as HTML
Parameters:      {"authenticity_token"=>"I9+5hvM620qpifeKGB3fez7JuAU+V72EViOoE6UhfHE=", "contact"=>{"name"=>"[FILTERED]", "email"=>"[FILTERED]", "contact_type"=>"1", "message"=>"asdasdsadasdasdads", "textcaptcha_answer"=>"frio", "textcaptcha_key"=>"xxxxxx"}}
(0.2ms)  BEGIN
(0.2ms)  ROLLBACK
Could not save contact. Exception: Textcaptcha answer was not submitted quickly   enough, try another question instead
Redirected to http://localhost:3000/
Completed 302 Found in 2472ms (ActiveRecord: 0.4ms)

Where am I having a mistake?

Mongoid implementation

How does one get this working using a MongoDB and the Mongoid gem?

perform validation

Hi,

I have a really dumb question about this. I have it installed and 'kind of' working, but how do I actually do the validation? Do I do it in the target action (form submit) of the controller? Would you be able to post the source code of your project hosted on heroku? I appreciate you taking the time to help me.

Thank you,

Dan Sullivan

How to do the text captcha with just the params

Hi,
We have a requirement such that when ever a user wanted to reset password he will just submit the email id and we will send the email instructions to the user.

We wanted to implement the captcha here. Basically we don't even save any data but we wanted to validate the captcha with the parameters received.
Is there a way to do it? If so can you please explain.

Error messages are not translatables

As it was raised in this (closed ?) issue, error messages are not translatable

Add `config.cache_store = :memory_store` to documentation

Add the need to set config.cache_store = :null_store to config.cache_store = :memory_store in config/environments/development.rb, won't work otherwise. Thanks!

spam_answers should not be attr_accessible

Or else you could simply ignore the question, set spam_answers to something for which you have an answer already (like say, a previously answered question!), set spam_answer to the appropriate answer... and you're good to go!

EDIT: ok whoops, I guess i might have spoken too soon. This isnt so much a vulnerability issue, as a logical issue. spam_answers shouldnt be revealed or visible publicly; but I fail to see why it should be made attr_accessible... Care to explain?

Don't know how to build task 'textcaptcha:config'

Anybody else getting this? Using Rails 6. Thanks!

Spam Answer is always incorrect

I'm trying to use this gem to stop spam comments, but for some reason I'm always getting "Spam answer is incorrect, try another question instead" when I try to make a new comment, either via the form or on the Rails console.

I've added the gem in my Gemfile.

Controller:

@comment = Comment.new
@comment.textcaptcha

Model:

class Comment < ActiveRecord::Base
  attr_accessible :text, :name

  validates_presence_of :text, :name

  acts_as_textcaptcha bcrypt_salt: Settings.text_captcha_salt,
                      questions: [{ 'question' => '1+1', 'answers' => '2,two' }]
end

Form view:

= simple_form_for @comment do |f|
  = f.input :name
  = f.input :text, as: :text

  = f.label :spam_answer, comment.spam_question
  = f.text_field :spam_answer, value: ''
  %br

  = f.submit "Post Comment"

acts_as_textcaptcha config file:

development: &common_settings
  bcrypt_salt: <salt omitted>
  bcrypt_cost: 10
  questions:
      - question: 'Is ice hot or cold?'
        answers: 'cold'
      - question: 'what color is an orange?'
        answers: 'orange'
      <rest of the questions omitted>

test:
  <<: *common_settings
  bcrypt_salt: <salt omitted>
  bcrypt_cost: 1

production:
  <<: *common_settings

Adding comment through Rails console:

> a = Comment.new("name"=>"Hi", "text"=>"asdf", "spam_answer"=>"2")
> a.valid?
 => false 
> a.errors.messages
 => {:spam_answer=>["is incorrect, try another question instead"]}

Can you see if I'm missing something obvious? Thanks!

version 2.x not compatible with rails 2.3?

Hi,
I see it nowhere mentioned but is this gem not compatible with rails 2.3 since version 2?
With any gem version above 2 I get the exception below, while the gem version 1.2.1 works fine in rails 2.3.8 / ree 1.8 / Ubuntu Lucid Lynx.

=> Rails 2.3.11 application starting on http://0.0.0.0:3000
/usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:466:in `load_missing_constant': uninitialized constant Rails::Railtie (NameError)
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:106:in `const_missing'
from /usr/local/lib/ruby/gems/1.8/gems/acts_as_textcaptcha-2.2.1/lib/acts_as_textcaptcha/textcaptcha.rb:19
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `gem_original_require'
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:547:in `new_constants_in'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/acts_as_textcaptcha-2.2.1/lib/acts_as_textcaptcha.rb:1
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `gem_original_require'
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:547:in `new_constants_in'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/rails/gem_dependency.rb:217:in `load'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:307:in `load_gems'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:307:in `each'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:307:in `load_gems'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:164:in `process'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:113:in `send'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/initializer.rb:113:in `run'
from /home/ak/Aptana Studio 3 Workspace/railchive/config/environment.rb:10
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `gem_original_require'
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:547:in `new_constants_in'
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:182:in `require'
from /usr/local/lib/ruby/gems/1.8/gems/rails-2.3.11/lib/commands/server.rb:84
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `gem_original_require'
from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:29:in `require'
from script/server:3

Error messages are not translatable

it seems the error messages are not translatable:

acts_as_textcaptcha/lib/acts_as_textcaptcha/textcaptcha.rb

Lines 76 to 82 in 6aaa8c0

    
           def add_textcaptcha_error(too_slow: false) 
        
             if too_slow 
        
               errors.add(:textcaptcha_answer, :expired, message: "was not submitted quickly enough, try another question instead") 
        
             else 
        
               errors.add(:textcaptcha_answer, :incorrect, message: "is incorrect, try another question instead") 
        
             end 
        
           end

	def add_textcaptcha_error(too_slow: false)
	if too_slow
	errors.add(:textcaptcha_answer, :expired, message: "was not submitted quickly enough, try another question instead")
	else
	errors.add(:textcaptcha_answer, :incorrect, message: "is incorrect, try another question instead")
	end
	end