joomla10


  • Joomla! 1.0.10 is now available at www.joomla.org

    All existing Joomla! users MUST UPGRADE to this version, due to several High Level vulnerabilities that affect ALL Previous versions of Joomla! 

    1.0.10 contains the following important security fixes:

    • 03 High Level Security Fixes
    • 01 Medium Level Security Fixes
    • 05 Low Level security
    • 40+ General bug fixes
    And onebusiness day after (Ive done my homework), I release:

    Joomla 1.0.10 support for SecurityImages
    these files are from the 1.0.10 distributions plus all changes required to support securityimages in

    • com_contact  "The contact Us section"
    • com_login for the login module
    • com_registration  all registration functions
    Please Note:
    1. this is a FTP patch!
    2. There is now way to deactivate securityimages in com_contact (other than deactivating securityimages sitewide) 

    Do yourself a favor use the latest securityimages version 3.0.5 :-)
    Files are available at Joomla forge in file release and or in my download section. 
     
  •  Securityimages 4.0.0 release "enhanced Security "

    This version is now running with:
    • PHP.ini safe mode ON
    • Joomla RG Global Emulation O 
    • PHP.ini register global = Off
    Bugs solved:
    artf4021: php safe mode & com_securityimages
    artf1411: Save setting button changes if config.securiyimages.php is not writable
    artf4989: register_globals Off patch
    artf3206: com_contact
    artf2777: No text displayed in security Image  

    API  changes
    Will work only with new release of akcomment, akobook, etc...

    securityimages < 4.0.0
    in PHP <form>

    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    <?php echo insertSecurityImage("security_refid"); ?>
    <?php echo getSecurityImageText("security_try"); ?>
    <?php echo getSecurityImageTextHeader(); ?> 
    <?php echo getSecurityImageTextHelp(); ?>
    <?php echo getSecurityImageField("security_try"); ?> 
     

    The code above insert the image, and the text,
    You page normally submit information to the server for processing.
    Most of the time, the last 2 lines are inserted in a <form>

    in PHP code checking the <form>

    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');

    $checkSecurity = checkSecurityImage($security_refid, $security_try);

    if $checkSecurity = true //then the user has entered the right text.



    securityimages >= 4.0.0 Introducing a captcha hidden field visibility name
    in PHP <form> include($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php');
    $packageName = 'securityimage_newpass';
     echo "<tr><td>".getSecurityImageTextHeader()." *</td><td>".insertSecurityImage($packageName).
    "<br/>".getSecurityImageTextHelp().""
    .getSecurityImageField($packageName)."</td></tr>";
    in PHP code checking the <form> $securityimage_newpass_refid     = mosGetParam( $_POST, securityimage_newpass_refid', '' );
    $securityimage_newpass_try     = mosGetParam( $_POST, 
    securityimage_newpass_try', '' );
    $securityimage_newpass_reload     = mosGetParam( $_POST, '
    securityimage_newpass_reload', '' );         
    include_once ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    $checkSecurity &= checkSecurityImage($securityimage_newpass_refid, $securityimage_newpass_try, $securityimage_newpass_reload);


    New!
    HNCAPTCHA: now color background is fully configurable


  • AkoBookwas one of the first guestbook solutions for Joomla/Mambo. It comes with a lot of features like: support for user votes, locations and all major pagers. It has been translated into many different languages and is currently the most used guestbook for Joomla/Mambo.
    i've enhanced the first version of AkoBook to support the major antispam solutions:

    • Securityimages: captcha (user interaction needed)
    • Hashcash: cryptographic challenges (transparent for the user)
    • Akismet: webservices oracle osrting out spams from relevant entries (transparent for the user)
     
    Only for Joomla! 1.X
    Only work for securityimages > 4.x
    • NEW integration of Akismet: a webservices for dealing with spams.
    • BUG register global off patch -> better for security
    • BUG: possible SQL injection in some SQL queries
    • BUG: check update URL descriptions up to date
    Recommended security update for existing users and new users!
    Install normally using Joomla! component  installer!
     
  • with antispamming and smileys skinning facilities...

    Not endorsed by Arthur Konze, All credits to Athur Konze.

  • Askimet is a service hosted at www.askimet.com which use traind bayesian filters and other measure to categorize comments as spam or not spam. User can find  the Akismet plug-in for WordPress or one of the third party Akismet implementations

    What is bad  is that there is currently no Joomla! implementation for Askimet, until now! I will deliver shortly a new component, which act  one more time as a framework, and let 3rd party components integrate Askimet in their code. OpenComment will be the first Joomla! plugin to use that new possibility!

    Askimet statistics:

    • 543,878,439 spams caught so far
    • 1,544,713 so far today
    • 94% of all comments are spam
  • This is the component  which integrate Askimet for Joomla!

    This component wouldn't exist without these developer, as I use their portable PHP engine:
    How it work?
    When a new comment, trackback, or pingback comes to your blog it is submitted to the Akismet web service which runs hundreds of tests on the comment and returns a thumbs up or thumbs down.
    Read Akismet site for more details

    What does this component do?

    This Joomla! component is UNUSABLE alone: other components HAVE TO USE IT. Consider this component as a Framework. It help other developers integrate Akismet  in their code. OpenComment will be the first component to use it.

    Extract for Askimet FAQ

    How can I support Akismet?

    You might consider buying a pro-blogger license for $5/mo. If you would like to participate in the development of the GPL Akismet WordPress plugin or discuss adapting the Akismet API for a different platform, join the Spam Stopper mailing list and introduce yourself and your ideas. The more the merrier. :)

    Warranty
    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
    A GNU-GPL release

    Download it in my download section.



  • Please Note:
    • Opencomment Betado not migrate previous akocomment entries, it use its own mysql tables. But he final version will.
    • Do not use in production, it shall not break anything but we never know ;-)
    • Opencomment Beta do not require captcha (com_SecurityImages) [www.captcha.net], since it use a derivative of com_Hashcash [www.hashcash.org]. Robots or Bots can't submit entries wihtout parsing the form and sending at each request a valid serverTicket and articleTicket. Both have timeout and are encrypted to avoid replaying attacks. If somehow it wont be enough, I am currently polishing the integration of  com_SecurityImages and may also release com_askimet[Askimet]

    Install:
    You need to install the component com_opencomment3.0.0beta.zip AND mos_opencomment3.0.0beta.zip. You can download them OpenComment Installation, all beta version will be available there. based on your finding, I will increase the patch number: 3.0.1, 3.0.2 and so on...

    Bugs & change requests:
    Please report them in the forums: OpenComment Bugtracker and Feature Requests

    Know Bugs:
    • Not all translations are  done, a lot of fix texts are still in  code.
  • Whats new:
    • A Real Admin panel
    • New: Text editor for modifying  the language file,
    • New: Huge manual with screenshots on how to activate hashcash for Your homepage
    • A more complete About menu with credits and links
    • New: Check latest version link to easily check if You have the latest code
    • A more robust and Object Oriented approach

    Note this component still require You to install com_log4php before!

    Download HEREor at Joomla forge

    I will make a break, 1 or 2 days but will then concentrate on polishing com_jommlacloud !!!

    {mosgoogle center}


  • Whats new:
    • A Real Admin panel
    • Text editor for modifying  the log4php configuration file,
    • Huge Documentation
    • About menu
    • Check latest version link to easily check if You have the latest code

    Download HEREor at Joomla forge

    {mosgoogle center}

  • The core component of JOOMLA: com_login and com_registration will soon be able to support my framework com_securityimages, here is a screenshot of an already running code. I've made change in com_securityimages in order to scale the resulting picture (which is in login 75% smaller than in normal case).

    • The code will be check in com_securityimages CVS
    • A binary installer will be release soon (will require com_securityimages1.1.3.zip)
  • You can see here the state of com_opencomment cvs HEAD after a coding marathon...

    Dont be so enthousiast, there is some nasty bugs in it...and not all functionalities are in place (email, rating) but the opencommentbot is more than finished...

    The feature show/hide a la Phil Taylor (many request) is working but do not forget that it use a trick: it only change wih javascript the visibility of a DIV element -> the user is still loading all comments and the page is still as heavy as before, the only win is that the user do not get disturb by the number of comments...

    Concerning existing comments, no worry, I will provide during the install scripts to rename, alter the akocomment tables.

    New functionnalities are what You see in the picture +
    //below are settings with still no panel entries
    $opencomment_allowcommenttracking = "1";
    $opencomment_allowrevisiontracking = "0";
    $opencomment_textAreaSize = "8";
    $opencomment_textAreaWidth = "75%";
    //0 beside textarea
    //1 below toolbar
    //2 below textarea
    $opencomment_smiley_position = "0";
    $opencomment_smiley_perLine = "3";
    //mail sent to user as html or txt?
    $opencomment_templateAs = "html";

    //show unhide link in each comment footer
    $opencomment_commentRating = "1";
    $opencomment_commentPermalink = "1";
    $opencomment_commentDisplayRate = "1";
    $opencomment_commentEmailIt = "1";

    Code is in CVS, any help or support as always is appreciated ;-)

  • Has been released at Joomla Forge, see details here

    It is also rnning on my homepage so it is a pretty stable version ;-) tested against akcomment, akobook, contact

    Securityimages 3.0.0rc2

    • new: Logged in Users No/Yes Switch off the system for logged in users? 
    • new: new plugin HNCapctha which create beautiful captcha  (as seen on my site)
    • new: better localization of installation 
    • new: A system class detector which detect GD library and help users 
    • new: add 3 more fonts 
    • bug: reverse logic for displaying reload, sound button 
    • new start sound support, not active in this release. 
    • new better admin panel with screenshots of possible captcha and securityimage virtual box
    • Refactoring:
      - OO improvments: 8 new classes, DAO, move common setting to general tabs
      - move fonts to root of components/com_securityimages so they can be share among plugins
  •   I am  currently in the process of  moving all my open source project (7!) in CVS Head to the latest Joomla API 1.1.X. I've tried to summarize in the following table some conversion rules

    In Joomla 1.0.Xhas to be converted in Joomla 1.1.XWhere
    mosMenuBar::startTable();
    JMenuBar::startTable();PHP code
    defined('_VALID_MOS') or die('Direct Access to this location is not allowed.');defined( '_JEXEC' ) or die( 'Restricted access' );PHP code
    require_once( $mainframe->getPath( 'toolbar_html' ) );require_once( JApplicationHelper::getPath( 'toolbar_html' ) );PHP code
    <?xml version="1.0" encoding="iso-8859-1"?>
    <mosinstall type="component" version="1.0.0">
    ....
    <?xml version="1.0" encoding="iso-8859-1"?>
    <install type="component" version="1.0.0">
    ....
    Installer XML file
    More to come...

    Bad news
    • New code wont work in Joomla 1.0.X or latest
    • New code wont work in Mambo 4.X or latest

    Some links which may help also Help You:

    {mosgoogle}

  •  

    </life>


    I am not any more providing support for Joomla! 1.0.

    Since July 22nd 2009: Joomla 1.0 has reached end-of-life.

    Reasons for the Move

    • Security. Older extensions are often built using older and potentially unsafe coding methods.
    • Support. 1.0 has a large number of older and unsupported extensions.
    • End-of-life. Joomla 1.0 won't be maintained after the July end-of-life date, so it is a logical step to also stop supporting 1.0 extensions.
    • Focus. Allow Joomla developers to concentrate on developing for the current Joomla 1.5 version and also for 1.6.

    Visit the official anouncement here

    The demo site for Joomla! 1.0 extensions has been deleted.

  • These files are from the 1.0.11 Joomla distributions plus all changes required to support securityimages in
    • com_contact
    • com_login
    • com_registration
    Please Note:
    1. this is a FTP patch!
    2. There is now way to deactivate securityimages in com_contact (other than deactivating securityimages sitewide)

    Patch is available in my download section and at Joomla Forge HERE

    Do yourself a favor and always use the latest securityimages version 3.0.7 . All versions of securityimages with a release  <= 3.0.5  have a  highly critical  securty flaws (server takeover) so UPGRADE

  • To solve any problems with securityimages and the admin sessions (bug in Joomla 1.0.13), it avoid you being kicked out of admin every other link.
    You'll have to upload these files with FTP/SCp and overwrite existing Joomla! 1.0.13 files!
    BUG: Patches for Joomla 1.0.13 that includes the admin session fixes? Thanks to users in my forum


    Download JoomlaPatches for Joomla 1.0.13 for securityimages 4.x only

  •   In order to solve  to following issues in Joomla 1.0.9

    Warning: Invalid argument supplied for foreach() in /var/www/vhosts/waltercedric.com/httpdocs/includes/frontend.php on line 85

    Edit the file includes/frontend.php , this is the correct code: 

    /**
    * Cache some modules information
    * @return array
    */
    function &initModules() {
    global $database, $my, $Itemid;

    if (!isset( $GLOBALS['_MOS_MODULES'] )) {
    $query = "SELECT id, title, module, position, content, showtitle, params"
    . "\n FROM __modules AS m"
    . "\n INNER JOIN __modules_menu AS mm ON mm.moduleid = m.id"
    . "\n WHERE m.published = 1"
    . "\n AND m.access <= '". $my->gid ."'"
    . "\n AND m.client_id != 1"
    . "\n AND ( mm.menuid = '".$Itemid."' OR mm.menuid = 0 )"
    . "\n ORDER BY ordering";

    $database->setQuery( $query );
    $modules = $database->loadObjectList();
    foreach ($modules as $module) {
    $GLOBALS['_MOS_MODULES'][$module->position][] = $module;
    }
    }
    return $GLOBALS['_MOS_MODULES'];
    }
    In yellow what has changed in that  method (extract)
    . "\n AND m.access <= '".$my->gid ."'"
    and
    . "\n AND ( mm.menuid = '".$Itemid."'OR mm.menuid = 0 )"



    All credits goes to user Mathinka(JoomlaPortal.de)
  •  

    Joomla! 1.0.9 is now available at www.joomla.org

    It is strongly recommended to upgrade to this version.  1.0.9 contains the following changes:

    • 12 Low Level Security Fixes
    • 160+ General bug fixes
    • Several Performance enhancements
    And onebusiness day after (Ive done my homework), I release:

    Joomla 1.0.9 support for SecurityImages
    these files are from the 1.0.9 distributions plus all changes required to support securityimages in

    • com_contact  "The contact Us section"
    • com_login for the login module
    • com_registration  all registration functions
    Please Note:
    1. this is a FTP patch!
    2. There is now way to deactivate securityimages in com_contact (other than deactivating securityimages sitewide) 

    Do yourself a favor use the latest securityimages version 3.0.5 :-)
    Files are available at Joomla forge in file release and at www.waltercedric.com

  • Joomla! 1.0.5 is now available on the forge for download here. This is a Bug and Security Release, which means it contains fixes for Security Vulnerabilities. It is highly recommend that you upgrade to this version.
  • ImageJoomla! 1.0.8 [ Sunshade ] is now available as of Sunday 26th February 2006 07:00 UTC for download here.

    We Highly Recommend that you upgrade to this version. 

    1.0.8 contains the following work:

    • 37 Security Fixes
    • 70+ General bug fixes
    • Several Performance enhancements

    1.0.8 is available as a Full Package, which contains all Joomla! files and Patch Packages which contain only the files that have been changed by the Stability work conducted.

  •  

    The 21 July 2007 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.13 is out!

    These are original Joomla 1.0.13 files modified to support com_securityimages 4.x ONLY:

    • Use securityimages in contact section
    • Use securityimages in login module
    • Use securityimages in registration component
    • Use securityimages in administrator login page
    First upgrade Your site to Joomla 1.0.13, thn apply this patch with FTP/SCP by overwriting one more time files

    --> Download HERE

     

     



    --------------- 1.0.13 Stable Released -- [21-July-2007 16:00 UTC] -----------------

    18-Jul-2007 Rob Schley
    # Fixed admin session problems with immediate logout after login.
    # Fixed a few misc. bugs.

    11-Jul-2007 Sam Moffatt
    ^ Removed assumption that a group exists for a user (may not actually be true)


    04-Jul-2007 Rob Schley
    # Fixed a bug in the administrator login system that prevented users from logging in


    02-Jul-2007 Rob Schley
    * SECURITY A6 [LOW Level]: Fixed [5630] HRS attack on variable "url"
    * SECURITY A1 [LOW Level]: Fixed [5654] Multiple fields subjected to cross-site scripting vulnerabilities
    * SECURITY A7 [LOW Level]: Fixed possible session fixation vulnerability in administrator application


    29-Jun-2007 Louis Landry
    ^ Hardened password storage mechanism to use a random salt
    ! Remember Me cookies will be invalid and require a re-login


    20-May-2007 Rob Schley
    # Fixed key reference lookups to match whole results only
    # Fixed two help screen naming issues.
    ^ Changed RG_EMULATION warning message to refer to Global Configuration Setting


    17-May-2007 Rob Schley
    ^ Moved register globals emulation controls into Global Configuration


    15-May-2007 Rob Schley
    # Fixed [topic,170296] : Typos in Search Mambot configurations


    14-May-2007 Rob Schley
    # Fixed [topic,153233] : "Mail to Friend" parameter checks not checking content item setings
    # Fixed [topic,126371] : IE7 left align problem
    # Fixed [topic,167745] : Added JavaScript alert for empty category title


    28-Apr-2007 Rob Schley
    ^ Changed cookie naming conventions to not break when using HTTPS
    # Fixed [topic,156116] : Optimzed queries for menu creation to improve performance.
    * SECURITY A4 [ LOW Level ]: XSS issue in com_search and com_content
    * SECURITY A4 [ LOW Level ]: XSS vulnerability in mod_login


    16-Apr-2007 Enno Klasing
    # Re-enabled Itemid behaviour of 1.0.11 (optional, default is behaviour of 1.0.12)

     

  • The 10 february 2008 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.14 is out!

    These are original Joomla 1.0.14 files modified to support com_securityimages 4.x ONLY:

    • Use securityimages in contact section
    • Use securityimages in login module
    • Use securityimages in registration component
    • Use securityimages in administrator login page
    First upgrade Your site to Joomla 1.0.14, th4n apply this patch with FTP/SCP by overwriting one more time all files with zip content

    --> Download HERE
  • The 22 february 2008 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.15 is out!

    These are original Joomla 1.0.15 files modified to support com_SecurityImages 4.x ONLY:

    • Use SecurityImages in contact section
    • Use SecurityImages in login module
    • Use SecurityImages in registration component
    • Use SecurityImages in administrator login page

    First upgrade Your site to Joomla 1.0.54, then apply this patch with FTP/SCP by overwriting one more time all files with zip content

    Download it here, thanks to the user in my forum mirjam for having prepared them :-)

  • I write a small tool, it will be never complete, but it has help me a lot.

    A poor man approach (a macro) in order to solve trivial (and boring) migration code of Joomla 1.X code to Joomla 1.5 code...

    1. Dowload Jedit from www.jedit.org (stable version 4.2 for example)
    2. Save this file joomla1x_to_joomla15.bsh in
      C:\Documents and Settings\{yourWindowsLogin}\.jedit\macros\
    3. Start jedit and open ALL FILES in the same windows,
    4. Go to macros menu and run the macro joomla1x_to_joomla15
    Note: this macro just replace text and won't do any architecture analysis/changes, even if they are needed in order to make your component run in Joomla! 1.5


    This tool is not perfect or bullet proof, use at your own risk, feel free to make changes and report them to me

    license http://www.gnu.org/copyleft/gpl.html GNU/GPL

    Download HERE
  • SecurityImages 5.X is only running with Joomla! 1.5 and the redesign of API has introduced some incompatibilities.
    Developers/Hackers/Individuals who want to use the latest version of SecurityImages may want to read the
    following. Basic PHP knowledge  is recommended.

    joomla_1.5

    Architecture

    SecurityImages 4.0.X

    • Only work with Joomla! 1.0.X
    • Provide 2 files that 3rd party code must include:
    • client.php in order to quickly create a captcha and the input box
    • server.php in order to validate user entries and check correctness
    • Everything is packed in one component.
    • Patches for common 3rd party tool are included in code so it ca be referenced by external extensions :
      akobook, akocomment, joomla to name a few.
    • You have to overwrite Joomla! files to add protection of form for login, register, lost password, contact

    SecurityImages 5.0.X

    • Only work with Joomla! 1.5.X
    • Use the event handling mechanism of Joomla! 1.5 to  create captcha and check correctness
    • You'll have to install a system content plugin and a component,
    • it do not contains any patches anymore
    • You have to overwrite Joomla! files to add protection of form for login, register, lost password, contact

    Main differences in securityImages 5.X

    1. There is no client.php and server.php file anymore
    2. API are a lot simpler, and dependency are reduced (no PHP code to include) as it use events.
    3. More object oriented
    4. Image creation is done inside the Joomla! framework while in 4.0.X it was done without any Joomla!
      framework support.

     

    with SecurityImages 4.0.X


    In your PHP code displaying the form, can be a Pat template or a html code

    1. Include my library in page scope

    if (file_exist($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php')) {
    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    }
    $packageName = 'securityChooseUniqueKeyName';
     
    2. At the position where You want the Captcha image to be inserted
     
    <?php echo insertSecurityImage($packageName); ?>

    3. This insert the help text and the input box where the user will have to enter his text
    <?php echo getSecurityImageText($packageName); ?>

    Line at point 3. can be, in some case, depending how much space You have in the presentation HTML layer, replace with
     //will be replace at runtime, depending on user locale
    //with "Please Enter what You see:"
    <?php echo getSecurityImageTextHeader(); ?>
     
    //will be replace at run time, depending on user locale with
    //"If You do not see...Hit reload"
    <?php echo getSecurityImageTextHelp(); ?> 
     
    //will be replace at run time with the input box
    <?php echo getSecurityImageField($packageName); ?> 

    The code above insert the image, and the text, You page normally submit information to the server for processing. Most of the time, the last 2 lines are inserted in a <form> </form> HTML tags

    In the server code where you process the data...
    Few lines are required...

    if (file_exist($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php')) {
    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    }
    $packageName = 'securityChooseUniqueKeyName';
    $security_refid  = mosGetParam( $_POST, $packageName.'_refid', '' );
    $security_try      = mosGetParam( $_POST, $packageName.'_try', '' );
    $security_reload = mosGetParam( $_POST, $packageName.'_reload', '' );
    $checkSecurity = checkSecurityImage($security_refid, $security_try);


    If the has entered the right text then $checkSecurity = true

     


    with SecurityImages 5.0.X   joomla_1.5

    Due to the Joomla! 1.5 object model, you have basically 2 options:

    1. If your component has been made for running natively and follow Joomla! 1.5 best practices and
      recommendations..you' did probably use a real MVC paradigm in the front end part (N views,
      M models and one controller), go to point A
    2. If your component has been made for running natively or in legacy mode and do not use a MVC pattern
      (HTML code embedded in PHP code, or you use pat templates), go to point B

    Point A, MVC approach joomla_1.5

    Lets take the contact section of Joomla! 1.5 as  an example.

    It is always recommended to use a switch in all your component to activate deactivate SecurityImages per
    components  through the administrator control panel.

    This is done by adding to administrator/components/com_contact/contact_items.xml the following code:

    <param
       name="useSecurityImages" type="radio" default="1"
       label="Use SecurityImage Captcha"
       description="Enable Captcha verification">  
             <option value="0">No</option>
              <option value="1">Yes</option>
    </param>

    Joomla will read this xml file on the fly  and build the graphical user interface for the contact settings.

    Since Joomla! 1.5 now use a Model View Controller paradigm, we have to alter the controller, and add a new Task displaySecurityImagesCaptcha()in  components/com_contact/controller.php:

    function displaySecurityImagesCaptcha() { 
            global $mainframe; 
            //Per contact you can define if the user has to resolve the capctha 
    $contactId = JRequest::getVar('contact_id', 0, '', 'int'); 
    // load the contact details 
    $model    = &$this->getModel('contact'); 
    $qOptions['id'] = $contactId; 
    $contact        = $model->getContact( $qOptions ); 
    $params = new JParameter( $contact->params ); 
            if ($params->get('useSecurityImages')) {     
                $check = null; 
                $mainframe->triggerEvent('onSecurityImagesDisplay', array($check)); 
                if (!$check) { 
                    echo "<br/>Erreur affichage du Captcha<br/>"; 
                } 
            } 
        }

    As you can see, the event "onSecurityImagesDisplay" is triggered on a per contact name basis.
    That mean that some contact can have a Captcha while other have not.  You are free to define
    your own activation rules in the controller method.
    The next step is to add the task checkSecurityImagesCaptcha() checking the captcha in the
    components/com_contact/controller.php

    function checkSecurityImagesCaptcha() { 
            global $mainframe; 
    $contactId = JRequest::getVar('id', 0, '', 'int'); 
    // load the contact details 
    $model    = &$this->getModel('contact'); 
    $qOptions['id'] = $contactId; 
    $contact        = $model->getContact( $qOptions ); 
    $params = new JParameter( $contact->params ); 
            //check if that user has a capctha 
    if (!$params->get('useSecurityImages')) {  
                return true; 
            } 
    $return = false; 
    $securityImagesJoomlaContactUserTry = JRequest::getVar('securityImagesJoomlaContactUserTry', false, '', 'CMD'); 
    $mainframe->triggerEvent('onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));
            return $return;
        } 

    One more step is to alter the original submit() method of the controller in components/com_contact/controller.php

    global $mainframe; 
    if (!$this->checkSecurityImagesCaptcha()) {
    JError::raiseWarning("999","Invalid Captcha Code");
    $this->display();
                return false;
     } 

    And finally altering the view /com_contact/views/contact/tmpl/default_form.php
    to display the Captcha field

    <?php if ($this->params->get('useSecurityImages')) { ?>
    <img src="/index.php?option=com_contact&task=displaySecurityImagesCaptcha&contact_id=<?php echo $this->contact->id; ?>"> 
    <br /> 
    <input type="text" name="securityImagesJoomlaContactUserTry" /> 
    <br /> 
    <?php } ?>

    Point B, Legacy approachjoomla_1.5


    In your PHP code displaying the form, can be a Pat template or a html code

    if you want to display the captcha define in administrator panel

    <img src="/index.php?option=com_securityimages&task=displaySecurityImagesCaptcha?>"> 
    <br /> 
    <input type="text" name="securityImagesmy3rdpartyExtensions" /> 

    If you want to use a particular implementation different than the one define in administrator panel, useful where you know that you want to use a smaller/bigger captcha than usual

    <img src="/index.php?option=com_securityimages&task=displayCaptchaByPlugin&plugin=hncaptcha&version=1.0?>"> 
    <br /> 
    <input type="text" name="securityImagesmy3rdpartyExtensions" /> 
     
    To check user entry with the captcha define in administrator panel
    $check = null;$userEntry = JRequest::getVar('userEntry', false, '', 'CMD');
    $mainframe->triggerEvent('onSecurityImagesCheck', array($userEntry, $check));
     
    if $check ==  true then user has solved the captcha
     
    To check user entry with the captcha against a particular plugin implementation
     
    $check = null;$check = null;
    $userEntry = JRequest::getVar('userEntry', false, '', 'CMD');
    $mainframe->triggerEvent('onSecurityImagesCheckByPlugin', array('hncaptcha', '1.0', $userEntry, $check));

     

     

     Post your questions in the forums or enhance the WIKI with your finding. I will start to maintain more and more the WIKI and put
    good documentation there.