This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

Captchas without server state

A view to generate a captcha image and/or wav file, and to verify user input against it.

A cookie is used to transfer state from one request to the next. The state is used, together with a server-side secret, to create a random string of characters, which in turn is displayed as a captcha image, or transformed to an audio file. Verification happens case-insensitively.

Note that the captcha ‘word’ is only usable for 5-10 minutes, after which the view will not accept it any more. Moreover, a different word will be generated for a given session key every 5 minutes.

This makes these captchas replayable for up to 10 minutes if a determined user keeps sending the same session id. Because of the server-secret though, captchas are not transferrable between sites.

Installing

This package requires Plone 2.5 or later, and plone.keyring 1.1 or later.

Installing without buildout

Install this package in either your system path packages or in the lib/python directory of your Zope instance. You can do this using either easy_install or via the setup.py script. You’ll also need to install plone.keyring in the same fashion.

After installing the package it needs to be registered in your Zope instance. This can be done by putting a collective.captcha-configure.zcml file in the etc/package-includes directory with this content:

<include package="collective.captcha" />

or, alternatively, you can add that line to the configure.zcml in a package or Product that is already registered.

Installing with buildout

If you are using buildout to manage your instance installing collective.captcha is even simpler. You can install collective.captcha by adding it to the eggs line for your instance:

[instance]
eggs = collective.captcha
zcml = collective.captcha

The last line tells buildout to generate a zcml snippet that tells Zope to configure collective.captcha.

If another package depends on the collective.captcha egg or includes its zcml directly you do not need to specify anything in the buildout configuration: buildout will detect this automatically.

After updating the configuration you need to run the ”bin/buildout”, which will take care of updating your system, including installing the plone.keyring dependency.

Registering plone.keyring KeyManager

On any Plone version prior to 3.1, you’ll need to make sure that the plone.keyring KeyManager utility has been registered. In the Zope ZMI, use the portal_setup tool to run the plone.keyring KeyManager registration profile.

Using the view

See the captcha.txt doctest in the collective.captcha.browser package, as well as captcha.txt in collective.captcha.form.

collective.captcha changes

1.7 (2012-02-27)

  • Disuse ‘zope.testing.doctest’ in favor of stdlib’s ‘doctest’. [tseaver]
  • Suppress ‘sha’ deprecation under Python 2.6+ [tseaver]
  • Suppress ‘Globals.package_home’ deprecation under Zope 2.12+. [tseaver]
  • Add verify to the list of allowed attributes on the Captcha view, allowing restricted code to verify submitted captchas. [mj]
  • Better session id generation & redundant sha1 removal. [serhat]
  • Increase captcha image specling from 0.3 to 1.5 [serhat]

1.6 (2011-05-29)

1.4 (2008-05-02)

  • Switched to using plone.keyring to provide the secret.

1.3 (2008-02-22)

  • SkimpyGimpy now does have an egg, thanks to Reed O’Brien! Updated installation instructions and setup.py.
  • Update test to reflect reduced character set used.

1.2 (2007-12-13)

  • Add a captcha field and widget for zope.formlib.
  • Reduced the characters used to generate the captcha to uppercase letters and numbers only; user testing showed that even humans had trouble solving the captchas.

1.1 (2007-11-21)

  • Delete the captcha cookie from the response if one is present to prevent premature expiration. This would happen when creating a new captcha after verification (because verification failed or the form would have to be redisplayed for other reasons). Thanks to David Glick for pointing this out.

1.0 (2007-11-19)

  • Initial release
Release History

Release History

1.7

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.6

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.5

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.4

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.3

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

1.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
collective.captcha-1.7.zip (599.6 kB) Copy SHA256 Checksum SHA256 Source Feb 27, 2012

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting