Security code required for New users to sign-in

Added a little security to manage account generation with _i3user.htm.

KitCADi3 New user account sign-up’s are required to use a security code that is random generated. For example an image shows the text of “2jim”, and a form input requires the text be entered by the user to confirm if they are an annoyed human (or a happy special robot 🙂 ).

Further information about Captcha can be found at bumblebeeware

5 Responses to “Security code required for New users to sign-in”

  1. Admin Says:

    Taint mode is disabled for Captcha to use the UnLink perl command.

    Some security is performed on input which should always be checked (or better yet, server generated)

    The _i3user.htm kitcadi3_user.cgi kitcadi3_captcha.cgi and kitcadi3_check-captcha.cgi files may be updated again at a later date to use server generated tracking methods.

  2. Admin Says:

    Updated kitcadi3_user.cgi with kitcadi3_security_uri.cgi sub function named checktimeuri that provides a basic option to remove un-wanted text before a file command is made. (will also add kitcadi3_security_uri.cgi to other cgi files as required – if no folder is found then the write is aborted by perl system errors)

    Added an option to enable or disable the captcha security by editing the kitcadi3_cgi.conf file. $usecaptcha=”true”; is default for enable.
    To disable use $usecaptcha=”false”;

  3. Admin Says:

    updated and added kitcadi3_security_uri.cgi to other cgi files

  4. Admin Says:

    Added a audio sound option with the additional script of kitcadi3_sound-captcha.cgi that will play pre-mixed wav files.

    No WAV sound files have been recorded – and there is no plan to record any soon. As such the icon prompt in _i3user.htm to listen to the WAV sound is remarked until sound files are created (view source of the file _i3user.htm to see remarked sound icon comments).

  5. Admin Says:

    A 2006 Pear package proposal for the solution of captcha sound can be found at http://pear.php.net/pepr/pepr-proposal-show.php?id=433

    _i3user.htm and kitcadi3_sound-captcha.cgi may be modified in at a later date to include this Pear solution.

    The $ripip.wav output may be replaced with a php/redirect