Two captchas on the same page

misc · February 15, 2012, 2:27am

Hello,

I have two forms (login and register) on single page and they both required captcha. I know is not common but I cannot change this biz requirement because this is a special request. Currently they both shared the same captcha but I cannot refresh them independently. Anyone has any ideas?

Someone suggests that I would design the page so that only one displays and is used for both login and register functions. This is maybe an option but I want to make sure I can be done with two captchas.

Thank you

softark · February 15, 2012, 2:53am

I hope it can be done by manually specifying ‘id’ and ‘captchaAction’ of the CCaptcha widget.




// in view

$this->widget('CCaptcha', array(

	'clickableImage' => true,

	'showRefreshButton' => false,

	'id' => 'first-captcha',

	'captchaAction' => 'captcha1st',

	)

);


...


$this->widget('CCaptcha', array(

	'clickableImage' => true,

	'showRefreshButton' => false,

	'id' => 'second-captcha',

	'captchaAction' => 'captcha2nd',

	)

);


// in controller


	public function actions()

	{

		return array(

			// captcha action renders the CAPTCHA image displayed on the contact page

			'captcha1st'=>array(

				'class'=>'CCaptchaAction',

				'backColor'=>0xFFFFFF,

			),

			'captcha2nd'=>array(

				'class'=>'CCaptchaAction',

				'backColor'=>0xFFFFFF,

			),

			...

		);

	}

yiqing95 · February 15, 2012, 3:02am

the captcha validating rely on the session . $_SESSION[‘captchaKey’] will save the content .

both captcha share the same key ; what you should do is that : config the captch action twice:





     // captcha action renders the CAPTCHA image displayed on the contact page

            'captcha' => array(

                'class' => 'CCaptchaAction',

                'backColor' => 0xFFFFFF,

             ), 

 'captcha2' => array(

                'class' => 'CCaptchaAction',

                'backColor' => 0xFFFFFF,

            ),

then in your view specify the captchaAction:

‘captchaAction’=>‘captcha’;

another widget use :

‘captchaAction’=>‘captcha2’;

i never test it . just from the code CCaptchaAction code get this solution .

yiqing95 · February 15, 2012, 3:06am

i and softark seems give the solution same ! when i commit my post just see the softark has posted !

the key code is this :




 

        /**

         * Returns the session variable name used to store verification code.

         * @return string the session variable name

         */

        protected function getSessionKey()

        {

                return self::SESSION_VAR_PREFIX . Yii::app()->getId() . '.' . $this->getController()->getUniqueId() . '.' . $this->getId();

        }

the validation use this key to check in the $session . “$this->getId()” is the captchaActionId , you just make it different !

softark · February 15, 2012, 3:20am

Maybe you don’t have to specify 'id’s manually … Yii will take care of them.

misc · February 15, 2012, 3:50pm

I tried this but it doesn’t work because the following code is still validating against the first captcha.

public function rules()

{

return array(

...


array('verifyCode', 'captcha', 'allowEmpty'=&gt;&#33;CCaptcha::checkRequirements(), 'caseSensitive'=&gt;false),

);

}

I don’t know how to tell the second form to validate against the text in the second captcha.

softark:

I hope it can be done by manually specifying ‘id’ and ‘captchaAction’ of the CCaptcha widget.




// in view

$this->widget('CCaptcha', array(

	'clickableImage' => true,

	'showRefreshButton' => false,

	'id' => 'first-captcha',

	'captchaAction' => 'captcha1st',

	)

);


...


$this->widget('CCaptcha', array(

	'clickableImage' => true,

	'showRefreshButton' => false,

	'id' => 'second-captcha',

	'captchaAction' => 'captcha2nd',

	)

);


// in controller


	public function actions()

	{

		return array(

			// captcha action renders the CAPTCHA image displayed on the contact page

			'captcha1st'=>array(

				'class'=>'CCaptchaAction',

				'backColor'=>0xFFFFFF,

			),

			'captcha2nd'=>array(

				'class'=>'CCaptchaAction',

				'backColor'=>0xFFFFFF,

			),

			...

		);

	}

softark · February 15, 2012, 5:16pm

Alas, I haven’t thought of the validation.

I also have tried some, but in vain. I’m very sorry.

[EDIT]

OK, I think I got it.

Try this …




public function rules()

{

    return array(

        ...

        array('verifyCode1', 'captcha', ...

        array('verifyCode2', 'verifycaptcha2', ...

    );

}


public function verifycaptcha2($attribute, $params)

{

	$captcha2 = Yii::app()->getController()->createAction('captcha2nd');

	if (!$captcha2->validate($this->verifyCode2, false))

	{

		$this->addError('verifyCode2', 'invalid captcha.');

	}

}

The validation for the 2nd captcha is performed by a dedicated function called ‘verifycaptcha2’ in which the proper instance of the 2nd captcha action is created by ‘Yii::app()->getController()->createAction(‘captcha2nd’)’.

misc · February 16, 2012, 3:16pm

This works great. Thank you. Now I have to find a way to extend this because the captcha is too easy to read for spammer.

softark:

Alas, I haven’t thought of the validation.

I also have tried some, but in vain. I’m very sorry.

[EDIT]

OK, I think I got it.

Try this …
public function rules()

{

    return array(

        ...

        array('verifyCode1', 'captcha', ...

        array('verifyCode2', 'verifycaptcha2', ...

    );

}


public function verifycaptcha2($attribute, $params)

{

	$captcha2 = Yii::app()->getController()->createAction('captcha2nd');

	if (!$captcha2->validate($this->verifyCode2, false))

	{

		$this->addError('verifyCode2', 'invalid captcha.');

	}

}
The validation for the 2nd captcha is performed by a dedicated function called ‘verifycaptcha2’ in which the proper instance of the 2nd captcha action is created by ‘Yii::app()->getController()->createAction(‘captcha2nd’)’.

softark · February 17, 2012, 9:01am

One of the easiest ways to make captcha robust is, IMO, using non-ascii characters.

Although you have to limit the visitors to some people(e.g. Japanese only, Chinese only, … etc.), requiring non-ascii characters in captcha seems very effective.

Here’s an example that I’ve made with an extended yii captcha. It requires “Hirakana” of Japanese characters.

Contact form of isarigami.net

You can try posting just for fun.