who needs social life when you have broadband?

Inventas vitam iuvat excoluisse per artes / Let us improve life through science and art.

How to add CAPTCHA to Joomla!’s com_contact component

January 22nd, 2008 | Category: Joomla!, PHP, Programming, Too much free time

The Dev team has just released Joomla! 1.5 stable. This is great news (after two and a half years of development we finally can use the new baby in production environment) but I've seen that an old problem hasn't been solved yet: people still get a lot of spam due to a weak (or nonexistent) mechanism to check if the e-mails sent through com_contact are from real people or spambots.

The beauty of open source is that anyone can change and improve a piece of software. So, here's my $0.02: changing com_contact to make it can work with your favorite Captcha Plugin! (all files are downloadable at the end of this article)

Here's what you'll need:
- Joomla! 1.5 stable installed and configured.
- Bigo Captcha plugin (should work for OSTCaptcha as well but I didn't tested with it :D), installed, configured and enabled.
- a little bit of PHP ;)

First step: Changing parameters.
In order to turn captchas on and off, you'll need to change administrator/components/com_contact/contact_items.xml and add a new parameter:

PLAIN TEXT
HTML:
  1. <param name="use_captcha" type="radio" default="1" label="Use Captcha" description="Enable Captcha verification">
  2.             <option value="0">No</option>
  3.             <option value="1">Yes</option>
  4. </param>

I've added mine under the "email" group. Just to keep it coherent.

Seccond step: The controller
Next, we'll need to add a new "task" to our controller and insert a method to verify if the user entered the right captcha code. So first, I'll create a displaycaptcha() method inside components/com_contact/controller.php:

PLAIN TEXT
PHP:
  1. /**  
  2.         @author bigo
  3.         @date januray, 2008
  4.     */
  5.     function displaycaptcha() {
  6.         global $mainframe;
  7.        
  8.         $contactId = JRequest::getVar('contact_id', 0, '', 'int');
  9.         // load the contact details
  10.         $model    = &$this->getModel('contact');
  11.         $qOptions['id'] = $contactId;
  12.         $contact        = $model->getContact( $qOptions );
  13.         $params = new JParameter( $contact->params );
  14.        
  15.         if ($params->get('use_captcha')) {    
  16.             $Ok = null;
  17.             $mainframe->triggerEvent('onCaptcha_Display', array($Ok));
  18.             if (!$Ok) {
  19.                 echo "<br/>Error displaying Captcha<br/>";
  20.             }
  21.         }
  22.            
  23.     }


As you can see, it simply calls the "onCaptcha_Display" event (this will fire the plugin and show a random image) if the use_captcha param that we have just added to our com_contact is enabled.

Once we have a displaycaptcha method, we'll need to add a _checkCaptcha() method and to change the original submit() method to make everything work. So here we go. These changes are also in the controller.php:

PLAIN TEXT
PHP:
  1. /**
  2.     @author bigo
  3.     @return boolean 
  4.     */
  5.     function _checkCaptcha() {
  6.         global $mainframe;
  7.  
  8.         $contactId = JRequest::getVar('id', 0, '', 'int');
  9.         // load the contact details
  10.         $model    = &$this->getModel('contact');
  11.         $qOptions['id'] = $contactId;
  12.         $contact        = $model->getContact( $qOptions );
  13.         $params = new JParameter( $contact->params );
  14.        
  15.         // not using captcha!
  16.         if (!$params->get('use_captcha')) {
  17.             return true;
  18.         }
  19.         $return = false;
  20.         $word = JRequest::getVar('word', false, '', 'CMD');
  21.         $mainframe->triggerEvent('onCaptcha_confirm', array($word, &$return));
  22.         if ($return) {
  23.             return true;
  24.         } else return false;
  25.     }

inside submit() I've had simply added:

PLAIN TEXT
PHP:
  1. /**
  2.             Captcha
  3.         */   
  4.         if (!$this->_checkCaptcha()) {
  5.             JError::raiseWarning("666","You have entered the wrong CAPTCHA sequence. Please try again.");
  6.             $this->display();
  7.             return false;
  8.         }

before any code processing...

Finally: change the view
Go to components/com_contact/views/contact/tmpl/default_form.php

and add

PLAIN TEXT
PHP:
  1. <?php if ($this->params->get('use_captcha')) { ?>            
  2.                 <!-- Bigo Captcha -->
  3.                 <img src="index.php?option=com_contact&task=displaycaptcha&contact_id=<?php echo $this->contact->id; ?>">
  4.                 <br />
  5.                 <input type="text" name="word" />
  6.                 <br />
  7.             <?php } ?>

to insert a captcha image and field to your contact form.

That's it. I tried to create a patch but for some reason it didn't work so I decided to create a gzipped file which you can extract to your root directory and it will replace the com_contact files (you still need to install a captcha plugin to make it work!)
You may download it from here:

com_contact patch

43 Comments so far

  1. karen January 29th, 2008 1:49 am

    Could you throw a .zip version of your patch up for those of us sad individuals forced to host on Windows servers?

    Thanks so much. This is awesome!

  2. Mcodron February 6th, 2008 7:17 pm

    I just used your patch because i am a lazy… and I foud an error (just an oversight i think) in the file components/com_contact/views/contact/view.html.php: you have added a
    print_r($pparams);
    on line 80 that could be very disappointing for newbees… or other lazy men like me ;)
    Although, this patch work.
    Thanks.

  3. Hanly February 26th, 2008 2:00 am

    Hi Bigo,

    Thanks for your Captcha.

    How do I enable the captcha ? Nothing is showing up in my contact form ?

    P.S. I’ve used your patch.

    Thanks Bigo.

    Hanly

  4. Hanly February 26th, 2008 2:29 am

    Hi Bigo,

    My apology to you. YES your captcha is working on my contact form.

    Sorry for previous comment.

    Thanks.

    Hanly

  5. Sonny February 29th, 2008 7:29 am

    Hello,

    Thanks for the patch. But i can’t get it working.
    It don’t shows the image..

    I’m running on linux server.
    Do i need to CHMOD some folder or something?

    Gr,
    Sonny

  6. Steven March 2nd, 2008 7:40 pm

    Try updating your contact component via the websinterface.
    I checked “show image” but don’t know if that did it for me.
    Anyway, it works now.

  7. Francis March 3rd, 2008 4:41 pm

    Hello,

    I installed the patch and the update but i get a under contact code to see (just check my website), can you help me with my problem?

    regards,

    Francis

  8. Fabio March 6th, 2008 9:21 am

    Hi, I’m new user of joomla.
    I have download your component and succeffully ad it to the com_contact but if i would like to ad your catcha to the “register new user” page, where can i add you code ? Thanks for you great component.
    Best regards,
    Fabio

  9. bigodines March 6th, 2008 9:47 am

    hello Fabio.

    Maybe you would like to check this post:
    http://forum.joomla.org/viewtopic.php?f=46&t=234509&st=0&sk=t&sd=a&start=30#p1187631

    :)

    cheers,
    bigo

  10. Fabio March 6th, 2008 4:24 pm

    Thanks thanks thanks….
    Your great plug-ing is perfect…
    :-)
    Best regards,
    Fabio

  11. Yash March 22nd, 2008 12:54 pm

    Hello,
    I have used your captcha for contacts. I have updated the files manually and the captcha is showing properly on my contact page. But it does not check the image. I can submit the form while leaving the captcha field blank or with a wrong code. Can you help me please?
    Thanks.

  12. Thomas March 25th, 2008 8:42 pm

    Hi,
    I want to add BIGO captcha to JOMMLA com-contact just as described above. I used both com_contact-patch and editing files (look above) but there captcha impages will be seen on my page. I’m working local with J1.5.1 and XAMPP, I also looked at forum.joomla.org - there is no help. I use BIGO-captcha with yvComments and thats’s well. Does anyone know help? Thomas

  13. Thomas March 26th, 2008 4:25 am

    Hello
    I want to add BIGO CAPTCHA to com_contact; environment is Joomla 1.5.1 and XAMPP (local installation), captcha 1.2 from this site. I used both com_contact_patch and manuell editing like shown above. But there is no captcha image shown in my page. The forum (hint also above) does not give any help.

    Are there any new ideas? When I understand correctly the the must work as other users say.
    Greeting
    Thomas

  14. Thomas March 26th, 2008 7:13 am

    Hello again
    I’m very sorry - the error is part of my own environment. I have an additional com_contact_patch wich exchanges the position of city and zip code (in Germany: 1. zip 2. city).
    This patch ist installed in /myTemplate/html/com_contact and overrides some datasets of the origin com_contact. To correct my error I also had to insert the code for default_form.php in my first patch. Captcha works fine and looks good. Thank you very much bigo for your fine work.
    Greetings Thomas

  15. Kelly March 31st, 2008 7:42 pm

    Hi,

    I’m trying to use BigoCaptcha on a com_contact page and it’s not working for me. The plugin is installed and enabled. I’ve edited contact_items.xml, controller.php, and default_form.php as instructed above. The Use Captcha parameter is set to Yes for my desired contact. However, no image shows up on my contact page!

    The form field that allows you to enter your text shows up, but no image. If I view source on my contact page, this is the code that is where the image should be:

    I have no idea why I can’t get this to work. Do you have any ideas?

    Thanks in advance,
    Kelly

  16. Kelly March 31st, 2008 7:44 pm

    The view source code did not appear in my previous post. Here it is:

  17. Kelly March 31st, 2008 7:45 pm

    Jeez, the forum must be stripping HTML. Sorry for the multiple posts. Here is the code that shows up on the contact us page in place of the captcha image:

    I’ve removed the brackets in hopes that it will post this time.

    img src=”index.php?option=com_contact&task=displaycaptcha&contact_id=6″

  18. bigodines April 1st, 2008 9:53 am

    Does the error_log say anything? This could be happening because of your image library (I doubt!) or safe_mode enabled (probably)

  19. Snippy April 9th, 2008 5:57 pm

    Hi,

    when installing the com_contact patch i see the following data above

    JParameter Object ( [_raw] => contact_icons=0 icon_address= icon_email= icon_telephone= icon_fax= icon_misc= show_headings=1 show_position=1 show_email=0 show_telephone=1 show_mobile=1 show_fax=1 bannedEmail= bannedSubject= bannedText= session=1 customReply=0 [_xml] => [_elements] => Array ( ) [_elementPath] => Array ( [0] => /usr/home/web/snl100207/libraries/joomla/html/parameter/element ) [_defaultNameSpace] => _default [_registry] => Array ( [_default] => Array ( [data] => stdClass Object ( [contact_icons] => 0 [icon_address] => con_address.png [icon_email] => emailButton.png [icon_telephone] => con_tel.png [icon_fax] => con_fax.png [icon_misc] => [show_headings] => 1 [show_position] => 1 [show_email] => 1 [show_telephone] => 1 [show_mobile] => 1 [show_fax] => 1 [bannedEmail] => [bannedSubject] => [bannedText] => [session] => 1 [customReply] => 0 [show_contact_list] => 0 [show_category_crumb] => 0 [icon_mobile] => con_mobile.png [page_title] => Contact me [show_page_title] => 1 [pageclass_sfx] => -color2 [menu_image] => -1 [secure] => 0 [page_description] => Joomla! - De dynamische portaalmotor en artikelbeheersysteem [show_name] => 1 [show_street_address] => 1 [show_suburb] => 1 [show_state] => 1 [show_postcode] => 1 [show_country] => 1 [show_webpage] => 1 [show_misc] => 1 [show_image] => 1 [allow_vcard] => 0 [use_captcha] => 1 [show_email_form] => 1 [show_email_copy] => 1 ) ) ) [_errors] => Array ( ) )
    Contact me

    i think there is something wrong a file which displays the parameters..

  20. bigodines April 9th, 2008 7:59 pm

    Snippy, check the second user comment in this article.

  21. Steve C April 10th, 2008 5:04 pm

    Hi,

    Just installed the registration and contact modules and it all seems to be working well.

    All I have to do is change the functionality so that the form isn’t cleared if the wrong sequence is entered!

    Thanks for the module.

    Steve C

  22. Clay April 27th, 2008 3:34 pm

    “The form field that allows you to enter your text shows up, but no image.”

    I had the same problem, then realized that I forgot to enable the CAPTCHA plugin in the Plugin Manager. After that… PERFECTO!

  23. Birks May 9th, 2008 9:00 pm

    Hiya, I have been implement this on a site I have in development (thanks very much by the way!), and I thought I would mention that if you’re using custom html files in your template like Beez, be sure to put the front end html in that, rather than in components/com_contact/views/contact/tmpl/default_form.php, or you won’t see it..
    It took me a while to actually realise this, making me feel very dumb afterwards.

    One issue though, after filling in the form, if you get the captcha wrong, it clears the entire form. If I were using it on some site it would really annoy me to see what I wrote just get wiped like that.
    What can we do to keep the information in the form if the captcha is entered in wrong?

    Thank you!
    Birks

  24. Robert May 23rd, 2008 10:26 am

    Haven’t checked the archive, but the *shown* code has 2 snags as of 2008-05-23:

    Your displaycaptcha function pulls the contact ID from a ‘contact_id’ session var which is OK because you’ve set that yourself in the view - in the checkCaptcha function (I don’t hold with underscores here, private is what we mean after all), however, the info you need is in ‘id’… Moving the config check out to the submit function will show that quickly, apart from saving a few lines.

    The view html uses two unescaped ampersand in an attribute value and fails to close the img tag. No, Joomla’s doctype is not html4 any longer even if the core itself violates this in places…

    To make up for my tone, a gift: In the view, up in the script declaration (which should IMHO play safe and use htmlspecialchars around JText::_), add
    Window.onDomReady(function(){
    document.formvalidator.setHandler(’captcha’, function (value) { return /^[0-9a-z]{4}$/i.test(value); });
    });

    and in the markup make the input read

    - of course, you could also add a custom alert to this validation…

    oh, and my img tag also carries an onclick=”this.src=this.src.replace(/^(.*)(?:\x26rnd=[0-9]+)?$/,’$1\x26rnd=’ + Math.random());” attribute (which is explained in a tooltip)…

  25. Robert May 23rd, 2008 10:34 am

    Damn, your sites silently fail all over with disabled cookies and I didn’t copy to clipboard…

    so, shortened radically:
    In the article (archive not checked) 2 errors: The session var containing the contact ID ist not ‘contact_id’ but ‘id’ in the check case (display OK as you set it yourself)
    Markup has two unescaped ampersands and an unclosed tag.

    Not going to retype my improvement suggestion (make use of the client side validator, and some simple onclick code for the img to request a new captcha)

  26. Dave June 12th, 2008 9:15 pm

    Hi,

    I installed the com_contact patch, and when I first went to view the contact.php page, I had the dreaded red cross.

    After I refreshed the page a couple of times, the captcha appeared, but when I refreshed again, it disapearred, never to be seen again.

    I have checked on my server that GD is installed, I have double checked this with the hosting company and they have checked it through on my site.

    I also checked to make sure that they are not running php safe_mode.

    Other scripts that require GD also work on this server.

    Most/all of the relevant permissions are set to 755 - do I need to change that - and if so which ones specifically?

    Any ideas where my captcha went?

    Thanks

    Dave

  27. Moonray June 19th, 2008 12:52 am

    Great plugin. Simply awesome.
    For me, it works perfectly on localhost (Windows with Apache environment, Joomla 1.5.3).
    However, on live server (Linux with Joomla 1.5.3), CAPTCHA works perfectly on the registration page. That means that the plugin is working fine.
    However, the contact page does not show the CAPTCHA image. The form shows fine, I have enabled the plugin (of course) and also enabled captcha in the component backend. Server has safe_mode off…
    Appreciate any clues.
    Thanks!

  28. iamalive July 9th, 2008 12:48 pm

    Hi
    Just to say thank you. It’s such a neat addition. I sincerely hope this will be taken up for incorporation in the core.
    Terrific!

    Greets!

  29. Grazioli August 7th, 2008 5:20 pm

    Hallo bigo,

    ich versuche Dein Hack in verbingund mit EasyCaptcha, leider bring ich dies nicht hin! Weist Du evt. wie ich dies lösen könnte!?!

    Danke und Gruess aus der Schweiz

    Grazioli

  30. bigodines August 9th, 2008 9:04 pm

    ich habe nichts verstanden. :) Bitte versucht auf English zu schrieben

  31. Rene September 13th, 2008 3:17 am

    Hi bigo,

    I tried to follow your instructions but in the end I got the same problem like Kelly (see post from Kelly March 31st, 2008 7:45 pm). I don’t get an image on the contact page.

    safe_mode is off and the error.log tells the following:

    [Sat Sep 13 08:08:19 2008] [error] [client 127.0.0.1] File does not exist: C:/xampp/htdocs/Joomla_1.5.6/images/content, referer: http://localhost/Joomla_1.5.6/index.php?option=com_contact&view=contact&id=1&Itemid=9
    [Sat Sep 13 08:08:19 2008] [error] [client 127.0.0.1] File does not exist: C:/xampp/htdocs/images, referer: http://localhost/Joomla_1.5.6/index.php?option=com_contact&view=contact&id=1&Itemid=9

    Thanks for all,
    Rene

  32. Viagem Virtual October 21st, 2008 1:54 am

    Great, it´s cool.

    Thank´s!

    Muito bom mesmo.
    Valeu!

  33. Russell E November 13th, 2008 1:33 pm

    I can’t find controller.php in the components/com_contact file.

    Can anyone think of an obvious reason for this?

    Thanks

  34. Simon November 20th, 2008 6:49 am

    Followed this to the letter but I can’t get anything appearing. Plugin is activated, downloaded and overwrote the com_ files in administrator and the template folders.
    Now I see a print_r() function being called which pours the contents of stdClass Object onto the contact page. After 2 days of searching for a captcha solution to a Joomla page I am nearly ready to jump off a cliff. WHY DOES THIS NOT WORK!!!

  35. Stan Bush November 28th, 2008 7:36 pm

    Tried your captcha on the site rksmithconstruction … the image doesn’t show up. Editied pages manually first, downloaded two files next…then used complete administrator/componenents zip file.
    Still couldn’t get the image to load? Help ? Any?

  36. Cory December 12th, 2008 7:00 pm

    Thanks for the great plugin! It’s a life saver!

    I have one problem. I am trying to run this on a client’s server, but the image is not displaying. I think it is due to the php memory_limit on the server. Can you tell me the recommended memory_limit for running this plugin?

    Thanks again!

  37. Sivakumar January 10th, 2009 9:00 am

    Thanks for a great work.

    It is very useful to me.

  38. JamFX January 25th, 2009 3:17 am

    Thank your for this post! Great.

  39. Matt January 29th, 2009 5:48 pm

    My only negative comment on this great addition is that on the Contact form, if you fail to get the ‘captcha’ correct, it wipes out the entire set of data (name, email address, subject, body) of the e-mail they were trying to send. Would really irritate someone who fat-fingered the image… no? :)

    Thanks for the tool!

    Matt

  40. Leah February 21st, 2009 4:40 pm

    Thank you SO much!!! I’ve been trying to go to medical school and fight off bots everyday for MONTHS. I basically have only a slight clue of what I’m doing online, but I think it’s really important to have my site for my profession.

    I used your patch and your previously advised forum post: http://forum.joomla.org/viewtopic.php?f=46&t=234509&st=0&sk=t&sd=a&start=30#p1187631 and it’s perfect.

    Thank you for saving me 20-30 minutes a day blocking spammers and deleting vile posts on my Joomla and phpBB3 bridged forum. All that time was seriously shortening my time on earth.

    Thanks, Doc.

    LEAH!

  41. Siegbert March 6th, 2009 3:47 am

    Hi bigo,
    the captcha works fine without one thing. If user filled all form-fields and make a little mistake in filling out the captcha-field, then alle the text in the other fields is lost.
    Is there a way to show the “you did not enter the captche”-message without loosing all othe inputs?

    Thanks,
    Siegbert

  42. Harry April 2nd, 2009 2:51 am

    Worked fine until I updated to Joomla 1.5.10. Is there a new patch, because I suspect just re-updating old com_contact patch will overwrite some of the bug-fixes repaired in 1.5.10. Seems like everything is working, except reloading page after the Send button is selected - getting 404 error. Any ideas?

  43. Owen Rubin May 14th, 2009 1:51 am

    I tried this on 1.5.8, and used the two sample files included WAY above as a test on registration. It is activated, but I see no image at all. I am NOT in safe mode. Any idea why the image never shows? Not much use if you cannot see what you are supposed to type. Any ideas? I never saw anyone answer why this might now work.

    Also, any one try and get this working with Chrono Forms?

    Thanks in advance.
    -Owen-

Leave a reply