I'm moving my websites over to a new server but I've discovered that the captcha doesn't work on the new server (worked fine on the old server). It's now failing the verification every time.
What are the server requirements for this to work? What differences should I check out on the new server that might make a perfectly working captcha stop working?
OpenGlobal
Hi Matt,
There's nothing special. I've seen this happen when the domain uses cloaking so there is an automatic redirect involved. And some people have seen it for an as yet unknown cause. If there is nothing obvious the simplest solution might be to switch to another form of anti-spam check.
Which version of ChronoForms are you using?
You can find the version from Site Admin | Extensions | Install/Uninstall | Components in Joomla! 1.5 or Site Admin | Extensions | Extension Manager | Manage in Joomla! 1.6/1.7/2.5.
Bob
It was initially using 4.0 RC3.21, but I upgraded to 4.0 RC3.5.2 to see if that fixed anything.
OpenGlobal
Hi Matt,
We've seen this a few times recently; so far I have no good explanation as to why it is happening. I suggest that you switch the site to use ReCaptcha or Security Questions in place of the ChronoForms Captcha :-(
Bob
I've put a load of echo statements all over the place and it seems that every time the form loads, the session gets wiped. I can keep refreshing the non-form pages, and I can keep refreshing the captcha image and everything works fine. The session counter increases and the info is stored and retrievable. But as soon as I load the form page, the session is reset, the session counter is reset and the chrono_verification is missing from the session.
Very strange. What can possibly reset the session?
OpenGlobal
This has now suddenly started happening with my other hosting company (and they swear they haven't make any changes to the server, but I don't believe them). So I've been doing a bit more investigation.
I think it may be something to do with the joomla index.php and the chrono_verification.php (the script that generates the captcha image) being in different directories. I copied the script to the root directory next to index.php and now the session data is being transferred between the script and joomla.
I don't really understand how this is so because surely the PHP session isn't directory-specific.
OpenGlobal
Why is chrono_verification.php a standalone script rather than a joomla component script? I guess switching it to a joomla script would probably fix this problem altogether.
Can it be done?
OpenGlobal
I have discovered a very quick fix. There seems to be a bug in "something" on some hosts which causes the PHP sessionn to be lost if you navigate from a page in a directory with a php.ini file to a page in a directory without a php.ini file (or vice versa). I haven't been able to identify exactly where the bug is, although there is some indication that it's to do with suhosin.
My root directory has a php.ini file, and my administrator directory, but of course not the components/com_chronoforms directory. The simple fix is to just create a blank php.ini file in that directory:
touch components/com_chronoforms/php.ini
OpenGlobal
Hi MattLG,
Well found, I would not have thought of that possibility in a long time.
I think that Max wrote the image file as a separate file so that it could be used just to create the image and be included in the page - but I'm far from certain about that.
Bob