SecurityImages 5.0 BETA for Joomla! 1.5

Tweet

Share

Beta to be released before end of week! 

NEW: No HTML warning, XHTML compliant
NEW:  GPL v3 The FSF Compliance Lab has published A Quick Guide to GPLv3, a developer-friendly article explaining the new features and benefits of GPLv3. Be sure to check it out.
NEW: full translation now possible of static pages about.html, developer.html and troubles.html
NEW: migration to Joomla! 1.5 API, security, database factory, logging, installer -> reduction of code
NEW: unique language files following Joomla! 1.5 convention (ini files)
NEW: utf8 support
NEW: no PHP warning in logs

Architectural changes
NEW: a system plugin (to install separately) for generating captcha in any 3rd party component using events trigger

NEW: MVC model for the public component part. Now all request creating images are going through the component controller for:

• improved security
• having access to Joomla! framework (no more session or database issues)

Developer can now request to use a particular captcha plugin:

This request give you the captcha defined in the administrator panel configuration of SecurityImages

http://localhost/prod2/index.php?option=com_securityimages&task=displaycaptcha

While this request, let you specify the plugin and version

http://localhost/prod2/index.php?option=com_securityimages&task=displayCaptchaByPlugin&plugin=hncaptcha&version=1.0

To check what the user has entered:

$return = false;  
$securityImagesJoomlaContactUserTry = JRequest::getVar('securityImagesJoomlaContactUserTry', false, '', 'CMD');  
$mainframe->triggerEvent('onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));

If return is true, then the user / bots has solved the captcha correctly.

Attention: SecurityImages is still WAY to intrusive toward Joomla! as core file has to be changed in order to use captcha.

Moreover Joomla! 1.5 use now a kind of hashcash protection to avoid request forgeries (a crypto encrypted time/server dependent magic value in form)

Insert in any HTML form with JHTML::_( 'form.token' )
check in your controller with JRequest::checkToken() or die( 'Invalid Token' );

You might also like:

362 days ago

Nasty Bug in SecurityImages 5.1.2

Thanks to Margus Pala, a security Flaw has been reported and corrected in SecurityImages version 5

1020 days ago

HOW to make your own patches for securityimages

Just in case I take too much time to deliver a ready to use download, duration 5 minutes, but you ne

1030 days ago

Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.

Only for SecurityImages 5.1.x and Joomla! 1.5.13 Allow login views, login modules, register, lost

1052 days ago

Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.

Only for SecurityImages 5.1.x and Joomla! 1.5.12 Allow login views, login modules, register, lost

1052 days ago

SecurityImages 5.1.2 available

This version should improve installations on some host, where the plugin securityimages.php did no

1083 days ago

Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.1.zip

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.11 Since

1150 days ago

Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.1.zip

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.10 Since

1196 days ago

SecurityImages 5.2.0 in active development

Following the Preview of SecurityImages 5.2.0, I am currently developing a proof of concept using th

CedThumbnails