HEADER

Hi,

I found I couldn't easily read the ChronoContact security images and I wanted to use the same set across my site so I've modified chronocontact.php to use the SecurityImages extension from www.waltercedric.com The hack is in two parts:

in function showform()

Code: Select all

   if ( trim($paramsvalues->imagever) == 'Yes' ){
       /** Hack to include Security Images */
       if ( file_exists($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php')) {
            include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php');
            $packageName = 'securityimage_newpass';
            $imver  = insertSecurityImage($packageName);
            $imver .= "<br />";
            $imver .= getSecurityImageText($packageName);
        } else {
            /* end hack */
          $imver = "
              <img src='$mosConfig_live_site/administrator/components/com_chronocontact/chrono_verification.php'>
              <br />
              <input name='chrono_verification' type='text' id='chrono_verification' value=''>";
        }
   }

and in function uploadandmail()

Code: Select all

   if ( trim($paramsvalues->imagever) == 'Yes' ) {

      /** start hack to include Securityimages if installed */
      if ( file_exists($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php') ) {
            include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
            $securityimage_newpass_refid   = mosGetParam($_POST, 'securityimage_newpass_refid', '');
            $securityimage_newpass_try     = mosGetParam($_POST, 'securityimage_newpass_try', '');
            $securityimage_newpass_reload  = mosGetParam($_POST, 'securityimage_newpass_reload', '');

            $checkSecurity = checkSecurityImage($securityimage_newpass_refid,
                $securityimage_newpass_try, $securityimage_newpass_reload);
        } else {
      $chrono_verification   = $_POST['chrono_verification'];
              if ( md5($chrono_verification) == $_SESSION['chrono_verification'] ) {
                  $checkSecurity = true;
      }
   }
        if ( !$checkSecurity ) {
            // echo "Sorry, You have entered a wrong verification code. <br />";
            echo "<script> alert('Sorry, You have entered a wrong verification code'); window.history.go(-1); </script>\n";
         exit();

      } else {
          echo "Success, your verification code matches!<br />";
      }
      /* end hack */
   }

It should revert to the built in security image if the Security Images component file is not found.

Bob

PS I had some problems with session implementation for Security Images, but once fixed it appears to work well.<br><br>Post edited by: GreyHead, at: 2007/06/04 20:06

Hi Bob,

Great work, thank you!!

But I think its a good idea to keep chronoforms independent so what are the troubles you see with the current images ? I was also thinking on giving more control over this!

Cheers

Max

Hi Max,

The main problem I have is that some of the images are illegible - at least I can't read them with any confidence! For example this one from the Contact page here:



I can see the argument for keeping self contained - but there's also an argument for keeping it simple and focused. Security images are complex to code and generate. You have a basic facility here which is probably good enough for many. My hack just offers a way in for people who want to use another option.

Again, not really a suggestion, more a hack.

Bob

Post edited by: GreyHead, at: 2007/06/04 13:42<br><br>Post edited by: GreyHead, at: 2007/06/04 13:43

Here, for comparison is the Security Images image that I'm using.

Ok, thats right then, I will try to get a better security images support at the next release, for now your hack is available to everybody :)

Thanks

Max