Hi Folks. 1st, by way of introduction, check out my blog.
I’ve implemented a Turing test anti-spam tool for my comments. Now, I’m a good enough programmer to know that this is not the most elegant solution. I’d renamed the members.php script in desperation, and so I was in a hurry to hack something together so I could undo that. I’m one of those bloggers who doesn’t want to require registration.
Anyways, to implement this, if you want to try it out, 4 files need editing. And you need to snag the images. Note that my webhost doesn’t have the mime type properly configured for gzipped tarballs, so you’ll have to shift-click, or something like that (I have no idea what works in IE or Opera).
Let’s see if I can describe this in a useful way. But before I do, let me just add a disclaimer and some other necessary cruft.
Use at your own risk. I make no warranty or representation that this will work for anybody. I assume no responsibility of liability for any damages of any kind.
License You can use this code any way you want. It’s free. You may not sell it, or any code derived from it. Keep it free.
Testing I haven’t done anything like exhaustive testing. My web host is running Apache 1.3.29 and PHP 4.3.10. My test machine is Apache 2.0 with PHP 4.3.4. If your web host is running an old (really old) PHP, things like $_POST might not be there. Easy enough to mod, in that case, but don’t say I didn’t warn you.
Limited fuctionality This blocks only unregistered users. Shouldn’t be too tough to make it work regardless of registration status. Well, I was in a hurry. 
For the record I haven’t looked at anyone else’s CAPTCHA code. I suspect it looks better anyway. And I didn’t feel like diving into generating images on the fly. I mean, yeah it’s cool to do that sort of stuff. I try to keep things simple when I can.
Now that that’s out of the way ... <phew>
in pm/inc.lib.php - add the following at the end of the “DEFINE DEFAULT VARIABLES” section
// JSB: Stuff for turing test
if (!isset($alanuser)) $alanuser = '';
if (!isset($alancheck)) $alanuser = '';
in pm/language/english/messages.php - add this at the end, before the closing ?> It’s all one line, I’ve broken it up so it doesn’t whack out the display here.
$L_MESSAGE['900'] = "Turing test failure. If you're a real human
commenter, please try again. If you're a comment spammer,
crawl back into your cesspool and don't come out again. $backlink";
in pm/lib/comment.fns.php
1) in the function weblog_comment_form, after the globals (well, that’s where I put it) add (again, all one line, unless you prefer to break after the commas—doesn’t really matter with this one anyway)
// JSB Turing test array for images
$tuname = array ('happy.gif', 'grumpy.gif', 'sleepy.gif',
'doc.gif', 'bashful.gif', 'dopey.gif', 'sneezey.gif', 'bert.gif',
'ernie.gif', 'alan.gif');
2) find this code at about line 200
if ($formtype != 0)
$require_reg = 'no';
if ($require_reg == "no")
{
and add the following right after it (before the $my_name = htmlspecialchars(stripslashes($my_name));)
// JSB: adding turing test generation
// (note the next is all one line, broken here)
$form .= '<div class="human">Are you human?<br /><br />
If so, enter the following number when submitting your comment.
Don\'t bother with it if you\'re going to preview. It\'s required only
when you hit the submit button.<br /><br />';
// (end all one line section)
for ($i = 1; $i <= 5; $i++) {
$n = rand(0, 9);
$tstring .= $n;
$form .= '<img src="images/alan/';
$form .= $tuname[$n];
$form .= '" />';
}
// (another statement all on one line)
$form .= ' <input type="text" name="alanuser" size=5
maxlength=5 /><input type="hidden" name="alancheck" value="';
// (end all on one line)
$form .= md5($tstring);
$form .= '" /></div>';
// end turing mods
and, in pm/lib/comment.add.php, at about line 162
immediately after
// ---------------------------------------------
// IF REGISTRATION IS NOT REQUIRED
// ---------------------------------------------
if ($require_reg == "no")
{
insert the following (before if (($preview == 0) && (timelock(”{$weblog}_comments”)==false)))
// JSB Turing test check
if (($_POST['submit'] == " SUBMIT ") && (md5($alanuser) != $alancheck)) {
return header("location:$memdir$messagespage$sfx?m=900");
}
Create the directory images/alan (note, not pm/images/alan), copy that tarball into it, and untar it using `tar zxvf turing_images.tgz`. If you on a Windows host, well, what can I say.
That should do it. If you find this useful, hey, cool! And if so, maybe you could throw a link my way? I mean, don’t feel like you have too, but it’d be appreciated.
