[Looking for Charlie's main web site?]

Want to simplify your Blogcfc (or other Lyla-based) captcha? Here's the XML file.

Posted At : October 7, 2006 3:40 PM | Posted By : Charlie Arehart
Related Categories: blogcfc, captchas
Want to simplify your BlogCFC (or other Lyla-based) captcha? Just grab this updated xml file:

right-click and save this updated xml file

If you're using BlogCFC, you can just drop it into your /blog/client/includes directory (saving your old one to restore if needed, and you may need run the query string option "?reinit=1" to reload blogCFC settings.)

This will instantly your captcha will change from this:

to this:

I've confirmed that the original captcha.xml is the same between releases 5.005 and 5.5 beta 1, where Ray is now including the changed XML file himself in the product itself.

For those curious about what I mean by "simplifying", a few weeks ago I wrote an entry explaining how you could simply your Captcha to just a couple of letters, with a much easier read background and format. I also proposed why I think it's ok. We bloggers don't need to keep out really determined hackers (with a double-keyed deadbolt lock), we just need to keep out the annoying pests (with a screen door).

Since that post, many bloggers have indeed taken up the suggestion, but I have seen blogs where some commenters have pointed our my older entry, with the blogger's saying, "I do plan to get to it". That other entry offered the specific steps to change the captcha.xml file, but if you haven't changed it yourself since implementing BlogCFC, just drop this in. Of course, if you want to do a comparison to make sure, there are lots of good compare tools. My favorite is BeyondCompare.

Comments (11) | Send | del.icio.us | Linking Blogs
Comments
[Add Comment]
I know I'm one of those who said "I gotta simplify captcha" (Just yesterday when I upgraded BlogCFC to whatever the current is). Thanks for the file.

I use WinMerge ( http://winmerge.org/... ), which is free but will have to check out Beyond Compare too.
# Posted By Jeff Houser | 10/8/06 12:16 AM
WinMerge is your friend.....
I just updated the whole of my blog from 5.0 to 5.5 doing compares between the key files to make sure I kept my information but included any new fields.

If you want a captcha that isn't quite so simple I did a post a couple of weeks ago. http://nil.checksite...

Oh and, Charlie, your comments are working fine now after the hiccup the other week.
# Posted By Stephen Moretti | 10/9/06 6:37 AM
Thanks guys. Steve, sadly, we can't declare victory. I am receiveing report of the captcha failing for at least one person even this morning so am investigating.
# Posted By Charlie Arehart | 10/9/06 10:46 AM
Charlie, Just wanted to first thank you for providing this...but then offer a warning. I have had it in place on my blog for about a month or so, and I have seen a significant uptick in spam comments since. I am not sure how they are accomplishing it, though many seem potentially manual, but I went from no spam comments to a few a day after simplifying. I suppose it is a matter of what level of annoyance I am willing to put up with in favor of making it easier for my users to participate.
# Posted By Brian Rinaldi | 12/13/06 10:49 AM
Wow, that's indeed a bummer to hear, but good feedback. Just to clarify, the earlier entries (linked to above) explained exactly what handful of changes I made in the XML file. One can certainly dial some back toward the defaults to see what the impact is on spambots. Naturally, the manual ones can't be stopped in any case.

Actually, your note here reminds me that I did see a slight uptick in any spam recently, so I dialed things back just a little bit (as some will have noticed in my captcha shown when entering comments below). Here are the settings I changed to:

   <config name="useOvals" value="true"/>
   <config name="ovalColor" value="light"/>
   <config name="minOvals" value="5"/>
   <config name="maxOvals" value="10"/>
   <config name="useBackgroundLines" value="true"/>
   <config name="backgroundLineColor" value="light"/>

I'd not yet posted about that or offered a revised captcha.xml file, but your note here has reminded me that it's been a couple weeks since I changed it, and so far so good. Would you be interested in trying this "middle ground"? :-) I'd be interested if it might help you or anyone else who thinks to write.
# Posted By Charlie Arehart | 12/13/06 11:11 AM
http://nil.checksite...

Thats looks distinctly like my setting Charlie. ;oD
# Posted By Stephen Moretti | 12/13/06 1:41 PM
That would be a total coincidence, honestly. :-) I just looked over the settings and changed a few till I found something that seemed a little more random (to challenge bots) while not beeing too difficult to read (to benefit readers). Hopefully it's a happy medium.

The more important point for readers here is that if you're happy with the setting, it's confirmation that it's a good ant-spam variant. Hope it helps Brian in particular. If I get more confirmation, I'll change the file that I offer in the download via the link above.
# Posted By Charlie Arehart | 12/13/06 3:11 PM
Thanks Charlie! I went ahead and plugged those new values in. I will let you know what I find.
# Posted By Brian Rinaldi | 12/13/06 3:47 PM
Charlie, I really need help. The last couple of days have reminded me of my own coding limitations.

The following code, run from the root, creates a captcha image in the directory images/captcha as expected:

<cfset variables.captcha = application.captcha.createHashReference() />
<cfset variables.captcha = application.captcha.createCaptchaFromHashReference("file",variables.captcha.hash) />
<cfoutput>#captcha.filelocation#</cfoutput>

Lyla Captcha is normally initialized in Application.cfm and everythinf is well.

Now, if I try to run the same code one level down in the subdirectory "remote", first it doesn't find the application.captcha any more. OK, I reinitialize Captcha:

<cfset lylaFile = "./../includes/captcha.xml">
<cfset application.captcha = createObject("component","org.captcha.captchaService").init(configFile="#lylaFile#") />
<cfset application.captcha.setup() />
<cfdump var="#application.captcha#">
<!--- ok, all well up to here --->

<cfset variables.captcha = application.captcha.createHashReference() />
<cfdump var="#variables captcha#">
<!--- good also up to here --->

<cfset variables.captcha = application.captcha.createCaptchaFromHashReference("file",variables.captcha.hash) />

but it bombs running this line located in "org\captcha\captchaService.cfc":
<cfset stream = createObject("java", "java.io.FileOutputStream").init(tempFileLocation) />
with the error: "Object Instantiation Exception."

I have just no more noobe pride left. Please help.
# Posted By Walter Conti | 6/30/07 5:30 PM
Walter,

I'm sure Charlie will respond soon.

It seems to me that there is something amiss if the application variable isn't available in the subdirectory. All your other problems stem from that. Here are a few things to check:

a) Did you give the Application a name? It may cause odd behavior if you don't.

b) Does the subdirectory Application.cfm include the top level Application.cfm? Does the Application.cfm in the root directory have the same name as the Application.cfm in the subdirectory?

c) If you don't need an Application.cfm in the subdirectory, don't put one there. CF should automatically go up a level and run the Application.cfm in the parent.

I'm not sure why the createObject would work in the root directory, but not the subdirectory. Perhaps there is a security sandbox involved.
# Posted By Jeffry Houser | 7/1/07 12:22 AM
Walter, , I can't think of anything readily over what Jeff has proposed. If that doesn't get you closer, I think it may be best to run this by Peter Farrell (http://lyla.maestrop...), who created Lyla Captcha. The other faqs there may also be useful for you.
# Posted By Charlie Arehart | 7/2/07 11:26 PM
[Add Comment]
BlogCFC was created by Raymond Camden. This blog is running version 5.005.