Support

submit a bug report if you need technical support or have questions.

Documentation

Visit the Wiki extensive and up to date documentation at your fingertips.

Contact Me

Missing images/links, any comments, suggestions, need help? Contact me
Why updating?
  • If You want to use more than one Captcha in a page.
  • If  You want Captcha in the administrator page.
  • If Your old version 3.0.8 or 4.0.1 do not work as expected
  • If you use any version < 3.0.4 which has a serious vulnerability injection.

NEW:  Captcha can  now be used in the administrator login page
NEW: more settings for switching On/Off securityimages into Joomla! core
BUG: I was starting another php session with session_start()

click read more for screenshots and details...
NEW Captcha can  now be used in the administrator login page


Note:
  • I've changed the file /administrator/templates/joomla_admin/login.php (insertion of captcha line 57 ) , meaning if You use another administrator template than joomla_admin, You'll have to make the same changes in Your templates
  • I've changed the file /administrator/templates/index.php (checking the captcha challenge), this file is administrator templates independent
  • This mod do not increase the security of the administrator login page, it is more smart to read:
    Todo list for securing your site: http://www.waltercedric.com/content/view/806/102/ and also
    Protecting You Mambo admin panel using htaccess: http://www.waltercedric.com/content/view/706/102/


NEW: more settings for switching On/Off securityimages into Joomla! core
This let You deactivate securityimages in core part of Joomla! more easily.


Note:
  • Switching these flag to true is not ENOUGH, You need to also install a set of files (an exact copy of Joomla! file let's say in a version 1.0.11) that I have modified to support securityimages. Right now Joomla! do not allow me to do it differently.

BUG: I was starting another php session with session_start(),
this has cause a lot of trouble in the admin login page, and has revealed that I must better use:
session_name( md5( $mosConfig_live_site ) );
session_start();
This has the potential of solving issue in Virtuemart (I have not tested it, but problem look similar)

About Joomla core patches I provide to the community
I do not like hacking Joomla! core file, either Joomla! Team provide a way to extends their core code on the fly   (plugins) or I may run in trouble mainly because I have to provide and maintain a patch version of some core files, it is also risky to do that (code is untrusted source even if I am a honest person)...

In order to not overwrite any existing changes You've made in the past, all users of Joomla! should really try to use Beyond Compare, from www.scootersoftware.com. It allow to select 2 directories/zip/files, and by right clicking in windows explorer like interface compare file and merge them  in a 2 way editor (you can copy from left and to the right side of panel part of the code).With this tool, You can even make a compare with a local directory and a remote one (FTP) this let you apply release (official joomla patch 1.0.11 for example)  very easily.

Joomla! core patches are all located in administrator\components\com_securityimages\patches\*.php so the influence on core is minimal. Read them if you want to know how to use securityimages in Your own code.

About release management of my patches:
  • Securityimages 4.0.1 has a new  API and work only with >= JoomlaPatches1.0.11-v1.0.2
  • Securityimages 3.0.8 has the old API  and work only with <= JoomlaPatches1.0.11-v1.0.1
  • Securityimages 4.1.0 has a new  API and work only with >= JoomlaPatches1.0.11-for securityimages 4.1.0 only
My mistake is that I did not document that at all, this is why so much users run in troubles in the past few weeks....

  

comments powered by Disqus

You might like also

Nasty Bug in SecurityImages 5.1.2
Thanks to Margus Pala, a security Flaw has been reported and corrected in SecurityImages version 5.1.2 and previous The flaw is of moderate level, in register forms, spammers are able to register without solving the Captcha! It affect only SecurityImages 5.x for Joomla! 1.5 SecurityImages 6.x for Joomla! 1.6 is not affected In order to resolve this issue, you don’t have to install any new version of SecurityImages, you must either Update your blog with the right version of the …
2793 Days ago
HOW to make your own patches for securityimages
Just in case I take too much time to deliver a ready to use download, duration 5 minutes, but you need to understand basic php coding Create a temporary directory c:\patch Copy an existing patch distribution, under a new name For example, lets download Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip into c:\patch\ and copy it to c:\patch\Joomla_1.5.14-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip Download the latest full zip package of Joomla that target the patch (here 1.5.14), so I download Joomla_1.5.14-Stable-Full_Package.zip and save it in the same directory c:\patch\ Now download …
3451 Days ago
Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
Only for SecurityImages 5.1.x and Joomla! 1.5.13 Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages Are for Joomla! 1.5.13 only and SecurityImages 5.1.x or later 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details Download file Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip (33kB) and overwrite file on your server Go to Joomla! control panel and HIT at least SAVE configuration once, this will add a new …
3461 Days ago
Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
Only for SecurityImages 5.1.x and Joomla! 1.5.12 Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages Are for Joomla! 1.5.12 only and SecurityImages 5.1.x or later 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details Download file Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip (33kB) and overwrite file on your server Go to Joomla! control panel and HIT at least SAVE config once, this will add a new …
3483 Days ago
SecurityImages 5.1.2 available
This version should improve installations on some host, where the plugin securityimages.php did not always install properly. The reason behind is that I did add falsely an additional file index.html in plugin.zip. This may lead to permissions issues during installation. SecurityImages 5.1.2 do not contains any other changes, so If you’re happily running SecurityImages 5.1.1, no need to upgrade! Download Details …
3483 Days ago
Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.1.zip
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.11 Since Joomla 1.5.11 is released...Here are the new patches for SecurityImages 5.1.1 AND Joomla! 1.5.11 Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages Are for Joomla! 1.5.11 only and SecurityImages 5.1.0 or later 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details Download file Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip (33kB) and overwrite …
3514 Days ago
Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.1.zip
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.10 Since Joomla 1.5.10 is released...Here are the new patches for SecurityImages 5.1.1 Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages Are for Joomla! 1.5.10 only and SecurityImages 5.1.0 or later 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details Download file Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip (33kB) and overwrite file on your …
3581 Days ago
SecurityImages 5.2.0 in active development
Following the Preview of SecurityImages 5.2.0, I am currently developing a proof of concept using the Ajax library JQUERY  jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event handling, animating, and Ajax interactions for rapid web development. jQuery is designed to change the way that you write JavaScript. I want to allow generated captcha to be checked asynchronously without needing submit of whole page. This is a major complain since the beginning of SecurityImages, as …
3627 Days ago
New patches for Joomla 1.5.9 and Joomla 1.5.8
Some people have reported issue in the forum I've found the error in my code in some views but not all:      img src="/<?php echo JURI :: root() ?>/index.php? as a result, there is in image URL a double / which cause issues on some web host (no image displayed) I now provide a new patches versions for Joomla! 1.5.8 and 1.5.9 that can be downloaded: Joomla! 1.5 patches 1.5.9 (stable / 2009-01-19)  Download Joomla! 1.5 patches 1.5.8 (stable / …
3649 Days ago
Joomla_1.5.9-Stable-Full_PackageForSecurityImages5.1.0.zip
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.9 Since Joomla 1.5.9 is released...Here are the new patches for SecurityImages 5.1.0 Allow login views, login modules, register, lost password, lost user account and contact section to be protected by SecurityImages Are for Joomla! 1.5.9 only and SecurityImages 5.1.0 or later 14 files has been altered, mostly views, and com_contact/com_user controller, click on picture below for more details Download file Joomla_1.5.9-Stable-Full_PackageForSecurityImages5.1.0_v01.00.00.zip (33kB) and overwrite file on your …
3656 Days ago