securityimages4

  •  Securityimages 4.0.0 release "enhanced Security "

    This version is now running with:
    • PHP.ini safe mode ON
    • Joomla RG Global Emulation O 
    • PHP.ini register global = Off
    Bugs solved:
    artf4021: php safe mode & com_securityimages
    artf1411: Save setting button changes if config.securiyimages.php is not writable
    artf4989: register_globals Off patch
    artf3206: com_contact
    artf2777: No text displayed in security Image  

    API  changes
    Will work only with new release of akcomment, akobook, etc...

    securityimages < 4.0.0
    in PHP <form>

    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    <?php echo insertSecurityImage("security_refid"); ?>
    <?php echo getSecurityImageText("security_try"); ?>
    <?php echo getSecurityImageTextHeader(); ?> 
    <?php echo getSecurityImageTextHelp(); ?>
    <?php echo getSecurityImageField("security_try"); ?> 
     

    The code above insert the image, and the text,
    You page normally submit information to the server for processing.
    Most of the time, the last 2 lines are inserted in a <form>

    in PHP code checking the <form>

    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');

    $checkSecurity = checkSecurityImage($security_refid, $security_try);

    if $checkSecurity = true //then the user has entered the right text.



    securityimages >= 4.0.0 Introducing a captcha hidden field visibility name
    in PHP <form> include($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php');
    $packageName = 'securityimage_newpass';
     echo "<tr><td>".getSecurityImageTextHeader()." *</td><td>".insertSecurityImage($packageName).
    "<br/>".getSecurityImageTextHelp().""
    .getSecurityImageField($packageName)."</td></tr>";
    in PHP code checking the <form> $securityimage_newpass_refid     = mosGetParam( $_POST, securityimage_newpass_refid', '' );
    $securityimage_newpass_try     = mosGetParam( $_POST, 
    securityimage_newpass_try', '' );
    $securityimage_newpass_reload     = mosGetParam( $_POST, '
    securityimage_newpass_reload', '' );         
    include_once ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    $checkSecurity &= checkSecurityImage($securityimage_newpass_refid, $securityimage_newpass_try, $securityimage_newpass_reload);


    New!
    HNCAPTCHA: now color background is fully configurable

  •  

    The 21 July 2007 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.13 is out!

    These are original Joomla 1.0.13 files modified to support com_securityimages 4.x ONLY:

    • Use securityimages in contact section
    • Use securityimages in login module
    • Use securityimages in registration component
    • Use securityimages in administrator login page
    First upgrade Your site to Joomla 1.0.13, thn apply this patch with FTP/SCP by overwriting one more time files

    --> Download HERE

     

     



    --------------- 1.0.13 Stable Released -- [21-July-2007 16:00 UTC] -----------------

    18-Jul-2007 Rob Schley
    # Fixed admin session problems with immediate logout after login.
    # Fixed a few misc. bugs.

    11-Jul-2007 Sam Moffatt
    ^ Removed assumption that a group exists for a user (may not actually be true)


    04-Jul-2007 Rob Schley
    # Fixed a bug in the administrator login system that prevented users from logging in


    02-Jul-2007 Rob Schley
    * SECURITY A6 [LOW Level]: Fixed [5630] HRS attack on variable "url"
    * SECURITY A1 [LOW Level]: Fixed [5654] Multiple fields subjected to cross-site scripting vulnerabilities
    * SECURITY A7 [LOW Level]: Fixed possible session fixation vulnerability in administrator application


    29-Jun-2007 Louis Landry
    ^ Hardened password storage mechanism to use a random salt
    ! Remember Me cookies will be invalid and require a re-login


    20-May-2007 Rob Schley
    # Fixed key reference lookups to match whole results only
    # Fixed two help screen naming issues.
    ^ Changed RG_EMULATION warning message to refer to Global Configuration Setting


    17-May-2007 Rob Schley
    ^ Moved register globals emulation controls into Global Configuration


    15-May-2007 Rob Schley
    # Fixed [topic,170296] : Typos in Search Mambot configurations


    14-May-2007 Rob Schley
    # Fixed [topic,153233] : "Mail to Friend" parameter checks not checking content item setings
    # Fixed [topic,126371] : IE7 left align problem
    # Fixed [topic,167745] : Added JavaScript alert for empty category title


    28-Apr-2007 Rob Schley
    ^ Changed cookie naming conventions to not break when using HTTPS
    # Fixed [topic,156116] : Optimzed queries for menu creation to improve performance.
    * SECURITY A4 [ LOW Level ]: XSS issue in com_search and com_content
    * SECURITY A4 [ LOW Level ]: XSS vulnerability in mod_login


    16-Apr-2007 Enno Klasing
    # Re-enabled Itemid behaviour of 1.0.11 (optional, default is behaviour of 1.0.12)

     

  • The 10 february 2008 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.14 is out!

    These are original Joomla 1.0.14 files modified to support com_securityimages 4.x ONLY:

    • Use securityimages in contact section
    • Use securityimages in login module
    • Use securityimages in registration component
    • Use securityimages in administrator login page
    First upgrade Your site to Joomla 1.0.14, th4n apply this patch with FTP/SCP by overwriting one more time all files with zip content

    --> Download HERE
  • The 22 february 2008 also marks an incremental bug fixing and security update for Joomla! 1.0 series software." [..]

    Joomla 1.0.15 is out!

    These are original Joomla 1.0.15 files modified to support com_SecurityImages 4.x ONLY:

    • Use SecurityImages in contact section
    • Use SecurityImages in login module
    • Use SecurityImages in registration component
    • Use SecurityImages in administrator login page

    First upgrade Your site to Joomla 1.0.54, then apply this patch with FTP/SCP by overwriting one more time all files with zip content

    Download it here, thanks to the user in my forum mirjam for having prepared them :-)

  • SecurityImages 5.X is only running with Joomla! 1.5 and the redesign of API has introduced some incompatibilities.
    Developers/Hackers/Individuals who want to use the latest version of SecurityImages may want to read the
    following. Basic PHP knowledge  is recommended.

    joomla_1.5

    Architecture

    SecurityImages 4.0.X

    • Only work with Joomla! 1.0.X
    • Provide 2 files that 3rd party code must include:
    • client.php in order to quickly create a captcha and the input box
    • server.php in order to validate user entries and check correctness
    • Everything is packed in one component.
    • Patches for common 3rd party tool are included in code so it ca be referenced by external extensions :
      akobook, akocomment, joomla to name a few.
    • You have to overwrite Joomla! files to add protection of form for login, register, lost password, contact

    SecurityImages 5.0.X

    • Only work with Joomla! 1.5.X
    • Use the event handling mechanism of Joomla! 1.5 to  create captcha and check correctness
    • You'll have to install a system content plugin and a component,
    • it do not contains any patches anymore
    • You have to overwrite Joomla! files to add protection of form for login, register, lost password, contact

    Main differences in securityImages 5.X

    1. There is no client.php and server.php file anymore
    2. API are a lot simpler, and dependency are reduced (no PHP code to include) as it use events.
    3. More object oriented
    4. Image creation is done inside the Joomla! framework while in 4.0.X it was done without any Joomla!
      framework support.

     

    with SecurityImages 4.0.X


    In your PHP code displaying the form, can be a Pat template or a html code

    1. Include my library in page scope

    if (file_exist($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php')) {
    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    }
    $packageName = 'securityChooseUniqueKeyName';
     
    2. At the position where You want the Captcha image to be inserted
     
    <?php echo insertSecurityImage($packageName); ?>

    3. This insert the help text and the input box where the user will have to enter his text
    <?php echo getSecurityImageText($packageName); ?>

    Line at point 3. can be, in some case, depending how much space You have in the presentation HTML layer, replace with
     //will be replace at runtime, depending on user locale
    //with "Please Enter what You see:"
    <?php echo getSecurityImageTextHeader(); ?>
     
    //will be replace at run time, depending on user locale with
    //"If You do not see...Hit reload"
    <?php echo getSecurityImageTextHelp(); ?> 
     
    //will be replace at run time with the input box
    <?php echo getSecurityImageField($packageName); ?> 

    The code above insert the image, and the text, You page normally submit information to the server for processing. Most of the time, the last 2 lines are inserted in a <form> </form> HTML tags

    In the server code where you process the data...
    Few lines are required...

    if (file_exist($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php')) {
    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    }
    $packageName = 'securityChooseUniqueKeyName';
    $security_refid  = mosGetParam( $_POST, $packageName.'_refid', '' );
    $security_try      = mosGetParam( $_POST, $packageName.'_try', '' );
    $security_reload = mosGetParam( $_POST, $packageName.'_reload', '' );
    $checkSecurity = checkSecurityImage($security_refid, $security_try);


    If the has entered the right text then $checkSecurity = true

     


    with SecurityImages 5.0.X   joomla_1.5

    Due to the Joomla! 1.5 object model, you have basically 2 options:

    1. If your component has been made for running natively and follow Joomla! 1.5 best practices and
      recommendations..you' did probably use a real MVC paradigm in the front end part (N views,
      M models and one controller), go to point A
    2. If your component has been made for running natively or in legacy mode and do not use a MVC pattern
      (HTML code embedded in PHP code, or you use pat templates), go to point B

    Point A, MVC approach joomla_1.5

    Lets take the contact section of Joomla! 1.5 as  an example.

    It is always recommended to use a switch in all your component to activate deactivate SecurityImages per
    components  through the administrator control panel.

    This is done by adding to administrator/components/com_contact/contact_items.xml the following code:

    <param
       name="useSecurityImages" type="radio" default="1"
       label="Use SecurityImage Captcha"
       description="Enable Captcha verification">  
             <option value="0">No</option>
              <option value="1">Yes</option>
    </param>

    Joomla will read this xml file on the fly  and build the graphical user interface for the contact settings.

    Since Joomla! 1.5 now use a Model View Controller paradigm, we have to alter the controller, and add a new Task displaySecurityImagesCaptcha()in  components/com_contact/controller.php:

    function displaySecurityImagesCaptcha() { 
            global $mainframe; 
            //Per contact you can define if the user has to resolve the capctha 
    $contactId = JRequest::getVar('contact_id', 0, '', 'int'); 
    // load the contact details 
    $model    = &$this->getModel('contact'); 
    $qOptions['id'] = $contactId; 
    $contact        = $model->getContact( $qOptions ); 
    $params = new JParameter( $contact->params ); 
            if ($params->get('useSecurityImages')) {     
                $check = null; 
                $mainframe->triggerEvent('onSecurityImagesDisplay', array($check)); 
                if (!$check) { 
                    echo "<br/>Erreur affichage du Captcha<br/>"; 
                } 
            } 
        }

    As you can see, the event "onSecurityImagesDisplay" is triggered on a per contact name basis.
    That mean that some contact can have a Captcha while other have not.  You are free to define
    your own activation rules in the controller method.
    The next step is to add the task checkSecurityImagesCaptcha() checking the captcha in the
    components/com_contact/controller.php

    function checkSecurityImagesCaptcha() { 
            global $mainframe; 
    $contactId = JRequest::getVar('id', 0, '', 'int'); 
    // load the contact details 
    $model    = &$this->getModel('contact'); 
    $qOptions['id'] = $contactId; 
    $contact        = $model->getContact( $qOptions ); 
    $params = new JParameter( $contact->params ); 
            //check if that user has a capctha 
    if (!$params->get('useSecurityImages')) {  
                return true; 
            } 
    $return = false; 
    $securityImagesJoomlaContactUserTry = JRequest::getVar('securityImagesJoomlaContactUserTry', false, '', 'CMD'); 
    $mainframe->triggerEvent('onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));
            return $return;
        } 

    One more step is to alter the original submit() method of the controller in components/com_contact/controller.php

    global $mainframe; 
    if (!$this->checkSecurityImagesCaptcha()) {
    JError::raiseWarning("999","Invalid Captcha Code");
    $this->display();
                return false;
     } 

    And finally altering the view /com_contact/views/contact/tmpl/default_form.php
    to display the Captcha field

    <?php if ($this->params->get('useSecurityImages')) { ?>
    <img src="/index.php?option=com_contact&task=displaySecurityImagesCaptcha&contact_id=<?php echo $this->contact->id; ?>"> 
    <br /> 
    <input type="text" name="securityImagesJoomlaContactUserTry" /> 
    <br /> 
    <?php } ?>

    Point B, Legacy approachjoomla_1.5


    In your PHP code displaying the form, can be a Pat template or a html code

    if you want to display the captcha define in administrator panel

    <img src="/index.php?option=com_securityimages&task=displaySecurityImagesCaptcha?>"> 
    <br /> 
    <input type="text" name="securityImagesmy3rdpartyExtensions" /> 

    If you want to use a particular implementation different than the one define in administrator panel, useful where you know that you want to use a smaller/bigger captcha than usual

    <img src="/index.php?option=com_securityimages&task=displayCaptchaByPlugin&plugin=hncaptcha&version=1.0?>"> 
    <br /> 
    <input type="text" name="securityImagesmy3rdpartyExtensions" /> 
     
    To check user entry with the captcha define in administrator panel
    $check = null;$userEntry = JRequest::getVar('userEntry', false, '', 'CMD');
    $mainframe->triggerEvent('onSecurityImagesCheck', array($userEntry, $check));
     
    if $check ==  true then user has solved the captcha
     
    To check user entry with the captcha against a particular plugin implementation
     
    $check = null;$check = null;
    $userEntry = JRequest::getVar('userEntry', false, '', 'CMD');
    $mainframe->triggerEvent('onSecurityImagesCheckByPlugin', array('hncaptcha', '1.0', $userEntry, $check));

     

     

     Post your questions in the forums or enhance the WIKI with your finding. I will start to maintain more and more the WIKI and put
    good documentation there.

  • Why updating?
    • If You want to use more than one Captcha in a page.
    • If  You want Captcha in the administrator page.
    • If Your old version 3.0.8 or 4.0.1 do not work as expected
    • If you use any version < 3.0.4 which has a serious vulnerability injection.

    NEW:  Captcha can  now be used in the administrator login page
    NEW: more settings for switching On/Off securityimages into Joomla! core
    BUG: I was starting another php session with session_start()

    click read more for screenshots and details...
    NEWCaptcha can  now be used in the administrator login page


    Note:
    • I've changed the file /administrator/templates/joomla_admin/login.php (insertion of captcha line 57 ) , meaning if You use another administrator template than joomla_admin, You'll have to make the same changes in Your templates
    • I've changed the file /administrator/templates/index.php (checking the captcha challenge), this file is administrator templates independent
    • This mod do not increase the security of the administrator login page, it is more smart to read:
      Todo list for securing your site: http://www.waltercedric.com/content/view/806/102/and also
      Protecting You Mambo admin panel using htaccess: http://www.waltercedric.com/content/view/706/102/


    NEW: more settings for switching On/Off securityimages into Joomla! core
    This let You deactivate securityimages in core part of Joomla! more easily.


    Note:
    • Switching these flag to true is not ENOUGH, You need to also install a set of files (an exact copy of Joomla! file let's say in a version 1.0.11) that I have modified to support securityimages. Right now Joomla! do not allow me to do it differently.

    BUG: I was starting another php session with session_start(),
    this has cause a lot of trouble in the admin login page, and has revealed that I must better use:
    session_name( md5( $mosConfig_live_site ) );
    session_start();
    This has the potential of solving issue in Virtuemart (I have not tested it, but problem look similar)

    About Joomla core patches I provide to the community
    I do not like hacking Joomla! core file, either Joomla! Team provide a way to extends their core code on the fly   (plugins) or I may run in trouble mainly because I have to provide and maintain a patch version of some core files, it is also risky to do that (code is untrusted source even if I am a honest person)...

    In order to not overwrite any existing changes You've made in the past, all users of Joomla! should really try to use Beyond Compare, from www.scootersoftware.com. It allow to select 2 directories/zip/files, and by right clicking in windows explorer like interface compare file and merge them  in a 2 way editor (you can copy from left and to the right side of panel part of the code).With this tool, You can even make a compare with a local directory and a remote one (FTP) this let you apply release (official joomla patch 1.0.11 for example)  very easily.

    Joomla! core patches are all located in administrator\components\com_securityimages\patches\*.php so the influence on core is minimal. Read them if you want to know how to use securityimages in Your own code.

    About release management of my patches:
    • Securityimages 4.0.1 has a new  API and work only with >= JoomlaPatches1.0.11-v1.0.2
    • Securityimages 3.0.8 has the old API  and work only with <= JoomlaPatches1.0.11-v1.0.1
    • Securityimages 4.1.0 has a new  API and work only with >= JoomlaPatches1.0.11-for securityimages 4.1.0 only
    My mistake is that I did not document that at all, this is why so much users run in troubles in the past few weeks....

      

  • I did not see that I was using a feature only available in PHP5 while coding the class administrator/components/com_securityimages/classSecurityimagesSession.php(Singleton holding database connections)

    And this PHP5 and was looking at how the database connection is done in Joomla! 1.5. I am providing a patch for that that will allow all of you to run SecurityImages on PHP4 and PHP5, download SecurityImages 4.3.1

    Remember: PHP4 is discontinued:

    As mentioned in this post on PHP.net the PHP4 life cycle is finally coming to a close:

    Today it is exactly three years ago since PHP 5 has been released. In those three years it has seen many improvements over PHP 4. PHP 5 is fast, stable & production-ready and as PHP 6 is on the way, PHP 4 will be discontinued.

    &160;&160;&160; The PHP development team hereby announces that support for PHP 4 will continue until the end of this year only. After 2007-12-31 there will be no more releases of PHP 4.4. We will continue to make critical security fixes available on a case-by-case basis until 2008-08-08. Please use the rest of this year to make your application suitable to run on PHP 5.

    They also&160; link to a migration guide for users moving up from PHP4 to PHP5 including guides for the PHP 5.0 to 5.1 switch and the PHP 5.1 to 5.2 switch.

    + You can expect 25% more speed just by going to PHP5.

    &160;

    Visiting www.gophp5.org may also help in your migration
    Since the launch of GoPHP5.org, over 100 software projects and over 200 web hosts have come on board to support the adoption of PHP 5.2.



  • I am back online...my notebook crashed last week and was promptly replaced by Hewlett Packard and the new hard disk died one day after being renewed...and as usual, a lot of backup (powerquest v2i protector), but I was not able to restore them, as it seems that my disk was silently dying since weeks , and "check backup afterward for consistency" is not checked as default. I work yesterday 3 hours on securityimages, and test it with a new secure PHP4 installation.

    OpenCommentis also currently tested, I am removing uneeded functionnality (not fully developed or tested), as soon as it work, I will deploy it to http://demo.waltercedric.com. I hope to be able to use it here on my homepage before end of next week...So all Beta tester are welcome (Colin :-))

    Click read more to see what has changed in securityimages 4.0.0





    Securityimages 4.0.0 release "enhanced Security "

    This version is now running with:
    • PHP.ini safe mode OFF 
    • Joomla RG Global Emulation O 
    • PHP.ini register global = Off
    I' will also in the future only develop with that PHP settings, so that will mean more securities for all  users and host running my code.

    Bugs solved:
    artf4021: php safe mode & com_securityimages
    artf1411: Save setting button changes if config.securiyimages.php is not writable
    artf4989: register_globals Off patch
    artf3206: com_contact
    artf2777: No text displayed in security Image  

    API  changes
    Will work only with new release of akcomment, akobook, etc...

    securityimages < 4.0.0
    in PHP <form>

    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    <?php echo insertSecurityImage("security_refid"); ?>
    <?php echo getSecurityImageText("security_try"); ?>
    <?php echo getSecurityImageTextHeader(); ?> 
    <?php echo getSecurityImageTextHelp(); ?>
    <?php echo getSecurityImageField("security_try"); ?> 
     

    The code above insert the image, and the text, You page normally submit information to the server for processing. Most of the time, the last 2 lines are inserted in a <form>

    in PHP code checking the <form>

    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');

    $checkSecurity = checkSecurityImage($security_refid, $security_try);

    if $checkSecurity = true //then the user has entered the right text.



    securityimages >= 4.0.0 Introducing a captcha hidden field visibility name
    in PHP <form> include($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php');
    $packageName = 'securityimage_newpass';
     echo "<tr><td>".getSecurityImageTextHeader()." *</td><td>".insertSecurityImage($packageName)."<br/>".getSecurityImageTextHelp()."".getSecurityImageField($packageName)."</td></tr>";
    in PHP code checking the <form> $securityimage_newpass_refid     = mosGetParam( $_POST, securityimage_newpass_refid', '' );
    $securityimage_newpass_try     = mosGetParam( $_POST, 
    securityimage_newpass_try', '' );
    $securityimage_newpass_reload     = mosGetParam( $_POST, '
    securityimage_newpass_reload', '' );         
    include_once ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    $checkSecurity &= checkSecurityImage($securityimage_newpass_refid, $securityimage_newpass_try, $securityimage_newpass_reload);


    New!
    HNCAPTCHA: now color background is fully configurable








  • Use only this version, it replace the buggy release 4.0.0. it has all the promise o the 4.0.0, with less bugs :-)



    Note, You will have to download the component com_securityimages4.0.1.zip AND replace Joomla! core file with the patch JoomlaPatches1.0.11-v1.0.2.zip

    Files are in my download section.
     
  • BUG: links to downloadable Joomla patches change from Joomla Forge to www.waltercedric.com
    NEW: a new plugin watercap
    NEW: possibility to remove the backlink to this site in admin panel.
    BUG: akocomment switch for activating securityimage was the same as akobook switch

    Following has been done to resolve common issues support in forum.
    NEW: better detection of GD library and warnings if not detected during installation
    NEW: error message if GD is not detected instead of a broken image during runtime.

    Thanks to Lukas Wymann
    BUG: "Switch component OFF globally" and "Switch component to debug" switch were exchanged
    BUG: constant $copyright not initialized in 2 places, $refreshlink not created
    BUG: missing files calculator.jpg in installer

    To be release in a few hours

    Do not forget that GD library is required, 90% of forums entries are related to this issues.

    GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG and GIF images, among other formats. GD is commonly used to generate charts, graphics, thumbnails, and most anything else, on the fly. While not restricted to use on the web, the most common applications of GD involve web site development. from http://www.libgd.org/

    How to install GD
    SecurityImages manual
  • Visit my download section to grab the latest version of securityimages 4.2.1

    NEW
    /BUG Better compatibility of session handling with SMF Bridge/FacileForms
    NEW: Dutch translations courtesy of Henk von Pickartz, aka Boswachter - http://boswachter.free.fr
    BUG: links to downloadable Joomla patches change from Joomla Forge to www.waltercedric.com
    NEW: a new plugin watercap
    NEW: possibility to remove the backlink to this site in admin panel.
    BUG: akocomment switch for activating securityimage was the same as akobook switch

    Following has been done to resolve common issues support in forum.
    NEW: better detection of GD library and warnings if not detected during installation
    NEW: error message if GD is not detected instead of a broken image during runtime.

    Thanks to Lukas Wymann
    BUG: "Switch component OFF globally" and "Switch component to debug" switch were exchanged
    BUG: constant $copyright not initialized in 2 places, $refreshlink not created
    BUG: missing files calculator.jpg in installer
  • Thanks to jaylenongin my forums, a security concern in securityimages 4.2.1 has been found and corrected.

    It is recommended to use SecurityInmages 4.2.2, download it HERE

  •    

    securityimages 4.2.3

    NEW Italian translation by Carlo Dalle Molle
    NEW: Translation SecurityImages into Russian by pittpv
    NEW: Translation SecurityImages into Slovak. Michal Gejdoš (This email address is being protected from spambots. You need JavaScript enabled to view it.)
    BUG: if PHP GD library can not ouput gif or png picture, these option won't be available in admin panel of core plugin, solve ‰PNG  Received this back when ran the test URL'S, User can also check their php_info() page:  GIF Read Support Yes, GIF Create Support Yes,  JPG Support Yes, PNG Support Yes are optional if you output only jpg picture :-)
    NEW: improved detection of GD, better help after install if your system do not meet the minimal requirement,
    NEW: detection of outputting capabilities (PNG, JPG, GIF) of your PHP GD library  after install

    Download it HERE 

     

  • With the list of new functionalities below...

    NEW: No more data save in SESSION storage, I have to go that path since
    • Joomla! 1.5 use a more complex session scheme than Joomla! 1.0.X and create issue with my component and/or I create Joomla! session issues :-)
    • All files imageGenerator.php can be called in an URL and has no access to Joomla framework (having all drawback of an Ajax entry point without using Ajax)
    A new database table __SecurityImagesSession now store Securityimages private and public key and simulate a session storage. The cleanup is done by date and number of access. This will solve hopefully all issues with administrator panel login issues and allow me, as soon as I have back ported these changes in Joomla! 1.5 branch, to deliver Securityimages 5.0 for Joomla! 1.5

    NEW: A new menu entry (sorry but I wont rewrite the administrator panel with Ajax/changing layout for Joomla! 1.0.x version): Check Your System, currently
    • Report if you are able to create images at all (GD library detected), output jpeg, png or gif
    • Output an image for each plugin
    securityimages.4.2.3.checkSystem.gif

    NEW
    : Component tested with the strongest PHP error reporting E_ALL (see php.ini), All errors and warnings (doesn't include E_STRICT) are now corrected in my code before being shipped.

    In order to increase quality, your feedback is valuable to me, in the meantime I will try to improve quality by using PHPUnit from http://www.phpunit.de/ and a WEB test case tool
  • Maintenance release

    BUG: reported by webharvest, dependent on the switch off for logged in user.  The problem is only the image and enter box disappear the following text is still present:
    Enter what you see: *. Code is now inherited from version SecurityImages 5.0.0

    BUG: Solved thanks to user itacloro,No Images load with SecurityImages 4.3.2 on joomla 1.0.15 on PHP 4.4.7

    BUG: remove trailing space when a user enter several font names separated by a comma in hncaptcha plugin

    BUG: In com_securityimages 4.3.2 (with Joomla 1.0.13) I get the following error message when sending an e-mail via our contacts page, when the option to send an e-mail to the administrator after a certain number of spam attempts is set, even though I have set a valid e-mail address for the administrator:
    Warning: Missing argument 1 for sendMailLogsToAdmin(), called in /var/www/administrator/components/com_securityimages/logger.php on line 80 and defined in /var/www/administrator/components/com_securityimages/logger.php on line 88

    BUG: the image doesn't refresh at all with the button in IE6 and IE7. The only way is to refresh the entire page. The button just works with FireFox. This is due to a cache issue or browser. workaround done add a timestamp in image URL to force browser to emit request!

     

    Available in my Download section!