Uses the Gregwar/Captcha package to provide Captcha authentification to a form.
The captcha is completely auto-generated, you should not have to worry about any defaults. The captcha rendering is done using a midcom-exec callback linking into the current PHP session (where the captcha phrase is stored).
Security considerations:
The captcha passphrases are made unique for each invocation of this type. This is accomplished by creating a random session key during initialize where the passphrase is stored. This session key is made persistent using a hidden request variable. Every passphrase is only valid for a single submission call. Every successful submit will invalidate the passphrase in the user's session thus triggering a new captcha being generated.
Implementation Limitation:
Due to the nature of the way how the captcha passphrase is passed to the captcha image server, it is currently not possible to have more then one captcha per unique REQUEST_URI within the user's PHP Session space.
Integration Guide:
Integrating Captcha support does not need any changes to your components, you just have to add a new field into your DM2 schema using the captcha type/widget with null storage:
'captcha' => Array
(
'title' => 'User Verification',
'storage' => null,
'type' => 'captcha',
'widget' => 'captcha',
),
todo | Enable multiple captchas per page. |
---|---|
package | midcom.helper.datamanager2 |
boolean
Indicating Success