SecurityImages 5.0 BETA for Joomla! 1.5

User Rating:  / 0

Tweet

Share

Beta to be released before end of week! 

NEW: No HTML warning, XHTML compliant
NEW:  GPL v3 The FSF Compliance Lab has published A Quick Guide to GPLv3, a developer-friendly article explaining the new features and benefits of GPLv3. Be sure to check it out.
NEW: full translation now possible of static pages about.html, developer.html and troubles.html
NEW: migration to Joomla! 1.5 API, security, database factory, logging, installer -> reduction of code
NEW: unique language files following Joomla! 1.5 convention (ini files)
NEW: utf8 support
NEW: no PHP warning in logs

Architectural changes
NEW: a system plugin (to install separately) for generating captcha in any 3rd party component using events trigger

NEW: MVC model for the public component part. Now all request creating images are going through the component controller for:

• improved security
• having access to Joomla! framework (no more session or database issues)

Developer can now request to use a particular captcha plugin:

This request give you the captcha defined in the administrator panel configuration of SecurityImages

http://localhost/prod2/index.php?option=com_securityimages&task=displaycaptcha

While this request, let you specify the plugin and version

http://localhost/prod2/index.php?option=com_securityimages&task=displayCaptchaByPlugin&plugin=hncaptcha&version=1.0

To check what the user has entered:

$return = false;  
$securityImagesJoomlaContactUserTry = JRequest::getVar('securityImagesJoomlaContactUserTry', false, '', 'CMD');  
$mainframe->triggerEvent('onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));

If return is true, then the user / bots has solved the captcha correctly.

Attention: SecurityImages is still WAY to intrusive toward Joomla! as core file has to be changed in order to use captcha.

Moreover Joomla! 1.5 use now a kind of hashcash protection to avoid request forgeries (a crypto encrypted time/server dependent magic value in form)

Insert in any HTML form with JHTML::_( 'form.token' )
check in your controller with JRequest::checkToken() or die( 'Invalid Token' );

You might also like:

255 days ago

Nasty Bug in SecurityImages 5.1.2

Thanks to Margus Pala, a security Flaw has been reported and corrected in SecurityImages version 5

913 days ago

HOW to make your own patches for securityimages

Just in case I take too much time to deliver a ready to use download, duration 5 minutes, but you ne

923 days ago

Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.

Only for SecurityImages 5.1.x and Joomla! 1.5.13 Allow login views, login modules, register, lost

945 days ago

Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.

Only for SecurityImages 5.1.x and Joomla! 1.5.12 Allow login views, login modules, register, lost