kolanos / kohana-captcha Goto Github PK

/controller/captcha
public function action_index($group = 'default')
{
+ $this->response->headers('Content-Type' , 'image/png');
+ $this->response->headers('Cache-Control' , 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
+ $this->response->headers('Pragma' , 'no-cache');
+ $this->response->headers('Connection' , 'close');
Captcha::instance($group)->render(FALSE);
}

With the actual Version I get often very long page loading time. Firebug says Keep-Alive: 5

I have fix this for me:

...\kohana\modules\captcha\classes\controller\captcha.php

FIND:
$this->request->headers['Content-Type'] = File::mime($captcha);

AFTER ADD NEW LINE:
$this->request->headers['Connection'] = 'close';

I hope this help. :)

Your Version fails with Kohana V3.3.
So you must rename all Variables/Files to right Case.

Kohana 3.3 is case sensitiv so when you call the Class Captcha and the file is named captcha.php it will fail.

To Fix -> rename the file to Captcha.php so Kohana can find it.

Obsolote and not working anymore:

In Word.php under classes/Captcha line 22 Kohana:Config is not longer exist in 3.3 and is now -> Kohana::$config->load('captcha.words')

In Line 29 -> utf8::strlen($word) change it to UTF8::strlen($word) in fact case sensitive writing.

Hi Michael,
Nice to see you have used my bugs fixes in your corrections.

Here is the working code for other suggestions i like you to consider.
I have tested them on the 9 main browsers and it seems to work correctly

This proposition mainly adds the following functionalities
1: sends the headers to the browser before outputting the image (and not after)
2: compute the content length correctly :-)
3: add gzip output compression config option and the code in order to gzip the image
4. exit the system

A- file: config/captcha.php
Add gzip compression configuration option

// Group Options:
// [+] gzip gzip compression flag, set to TRUE to enable gzip compression when outputting of the image resource

'default' => array( // [+] 'gzip' => FALSE ),

B- file: classes/captcha.php

public static $config = array( // [ + ] 'gzip' => FALSE );

public function image_render($html)
{
// Output html element
if ($html === TRUE)
return '';

    // [-] [+] Main modifications are there

    // Pick the correct output function
    $function ='image'.$this->image_type;

    // Get the request instance singleton
    $request = Request::instance();

    // Detect the server HTTP protocol to use (HTTP/1.0 or HTTP/1.1) and set the HTTP status line header, code 200 and message OK (by default)
    $request->headers[ (isset($_SERVER['SERVER_PROTOCOL']))? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1' ] = $request->status.' '.Request::$messages[$request->status];

    // Set the correct HTTP headers to send to the browser
    $request->headers['Content-Type'] = 'image/'.$this->image_type;
    $request->headers['Cache-Control'] = 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0';
    $request->headers['Pragma'] = 'no-cache';


    // Check gzip compression config flag, if TRUE set content encoding header to gzip and output the image gzipped
    if(Captcha::$config['gzip'] === TRUE)
    {
            // Set the content encoding header to gzip 
            $request->headers['Content-Encoding'] = 'gzip';

            // Send the headers before outputing the image 
            $request->send_headers();

             // START the output buffer
             ob_start();

             // Start output buffer with ob_gzhandler callback function to gzip the output, in order to reduce captcha image response time
             // @note that the gzip compression gain is very small unless image uses big width and height
             ob_start("ob_gzhandler");

            // Output the image resource
            $function($this->image);

            // Flush gzipped ouput buffer
            ob_end_flush();
    }
    else
    {
            // Send the headers before outputing the image 
            $request->send_headers();

            // START the output buffer
            ob_start();

            // Output the image resource
            $function($this->image);

    }

    // Send the Content-Length header by getting the output buffer length
    header('Content-Length: '.ob_get_length(), TRUE);
    header('Connection: close', TRUE);

    // Flush (send) the output buffer and turn off output buffering
    ob_end_flush();

    // Free up the image resource from memory
    imagedestroy($this->image);

}

C- file: controller/captcha.php

class Controller_Captcha extends Controller
{

// This line should be removed
// [-] public $auto_render = FALSE;

public function action_index($group = 'default')
{
        Captcha::instance($group)->render(FALSE);
}

public function after()
{
        Captcha::instance()->update_response_session();

        // [+] exit from system as we have already sent the request headers and outputed the image as response to the browser
        exit;
}

} // End Captcha_Controller

I hope you will understand why the [output -> headers -> image] sequence is better designed than in the previous render method

Best regards
Philippe Jos

Having php-setup session.auto_start variable = 1 causes exception

Captcha seems to try to restart the session, which causes an exception in the Session-class of Kohana.

See also: http://dev.kohanaframework.org/issues/3349

Quick solution is, obviously, to set session.auto_start variable = 0 in php.ini , but this really needs to be fixed in Captcha I guess.

As text based CAPTCHAs (riddle, math) are rendered without using the route or controller, the method update_response_session() is never called.
Adding this line before the return (string) in render() will fix this;

$this->update_response_session();

I guess making captcha.php like;

public function render($html = TRUE);
{
    if ($html)
        $this->update_response_session();
}

and (eg riddle.php) like;

public function render($html = TRUE)
    parent::render($html);
    return $this->riddle;
}

and taking update_response_session() out of the controller would do the trick.
A bit ugly though. Maybe HMVC is the answer.

Note: the if ($html) above stops update_response_session() being called twice.

Output the captcha challenge on captcha controller is working well on IE browser,but it seem get in trouble on Firefox or Chrome.So I do some fix as follow:

BEFORE:

$this->request->response = Captcha::instance($group)->render(FALSE);

AFTER:

$captcha = Captcha::instance($group)->render(FALSE);
$this->request->headers['Content-Type'] = File::mime($captcha);
$this->request->headers['Content-length'] = filesize($captcha);
$this->request->response = $captcha;

It is working well on all browsers :)

public function after()
{
    Captcha::update_response_session();
}

"Non-static method Captcha::update_response_session() should not be called statically, assuming $this from incompatible context"

First, thank you kolanos for your port of the captcha module for kohana v3.

I am actually doing a cross-browser web application, and the captcha image does not render in Safari 4.5 or 5.0 on windows.
It works well and renders on the following browsers : chrome, explorer, firefox, flock, sea-monkey, opera and netscape.

I have tried to figure out from where the problem was coming and I finally found that it was the content-length header which causes the bug in safari.

in /modules/captcha/classes/controller/captcha.php (line 4)

$captcha = Captcha::instance($group)->render(FALSE);

$this->request->headers['Content-Type'] = File::mime($captcha);

$this->request->headers['Connection'] = 'close';

$this->request->headers['Content-length'] = filesize($captcha);

$this->request->response = $captcha;

Perhaps a problem with the image filesize calculation.
(Note that I have tried to use either a gif or a png background and had the same bug for both mime types.)

Commenting the line which sets the content-length header or not sending it if the user agent is safari, will both fix the bug.
Here is my Bug fix :-)

1- lazy : Comment the following line

// $this->request->headers['Content-length'] = filesize($captcha);

2- better: Replace with the following code

// If the user agent is safari, don't send the content-length header

if( ! preg_match('/safari/i', strtolower($_SERVER['HTTP_USER_AGENT']) ) ){

$this->request->headers['Content-length'] = filesize($captcha);

}

To explain this issue, please read this first:

http://dev.kohanaframework.org/issues/2957

As I explained in the issue above, when the Session is instantiated before Captcha, the 'captcha_response' value will not be written in the session because Session::write was called first in the queue of register_shutdown_function. Auth will more like cause this issue to arise because it uses the Session, and it's very likely that Auth is called before Captcha.

If in case my suggested fix is rejected (which is very likely), I'm wondering if you can fix this issue by not calling register_shutdown_function but instead, call the Captcha::update_response_session() somewhere else where it doesn't need to be called on shutdown.

Thanks!

I don't know if I considered all the scenarios already, but there should be a solution somewhere.

In IE8 very often captcha doesn't display.
In Firefox very often captcha doesn't full display: http://i43.tinypic.com/foluoh.jpg (height is 50)

More: http://github.com/kolanos/kohana-captcha/issues/issue/3/#issue/3

EDIT:

I have change ..\kohana\modules\captcha\classes\controller\captcha.php

comment out this line:

//$this->request->headers['Content-length'] = filesize($captcha);

Now its working in Opera, IE8 and Firefox.

EDIT2:

I have found this:

Output is that:

public function action_index($group = 'default')
{
    // Output the Captcha challenge resource (no html)
    // Pull the config group name from the URL
    $captcha = Captcha::instance($group)->render(FALSE);
    $this->request->headers['Content-Type'] = File::mime($captcha);
    $this->request->headers['Connection'] = 'close';
    //$this->request->headers['Content-length'] = filesize($captcha); // fix
    $this->request->response = $captcha;
}

Now i look in render(FALSE) => \modules\captcha\classes\captcha\basic.php
last line => return $this->image_render($html);

Now i look in image_render() => \modules\captcha\classes\captcha.php
here => $this->request->headers['Content-Type'] = 'image/'.$this->image_type;
Why? I can comment it out. :)

@see #17

You should update your work according to this post:

http://forum.kohanaframework.org/discussion/9426/solved-ko-3.2-kohana-captcha-module-issues/p1

Hi,

I had some problems with $session_type in this module.
In Config file I was using $session_type = 'database' - be cause I'm using a database to store Sessions.

When Page wiith Captha was loaded, and I click anchor to another page without Captcha (leaving the form), I allways recived this error:
"The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'"

So, I was looking for solution, and I found it. The problem with session was with the "$session_type" parameter. I changed some code in Core file "captcha.php", and its start to run petty well.

Below it's my solusion:
Before:

Session::instance(Captcha::$config['session_type'])->set('captcha_response', sha1(strtoupper($this->response)));

After:

Session::instance()->set('captcha_response', sha1(strtoupper($this->response)));


Resume:
I changed ALL "Session::instance(Captcha::$config['session_type'])" to Session::instance() and the problem was solved;

every once in a while (avg 1 out of 3) on IE8 & IE7 the captcha doesn't display, as shown on pic
http://i43.tinypic.com/9fw1af.png