Yesterday I searched this forum up and down, because it's not possible for unregistred users to comment when captcha is activated.
The log always displays this message:
Captcha not valid (Eingegeben: 2CHMY, Erwartet: )
Then for some reason I enabled capture use for registred users as well,
and it works!
HuH?!?!?
A had a closer look at the cookies:
For the registered users 2 cookies are set:
Name serendipity[old_session]
Value fdc72513a7715dbc6294f83ff4158dc4
Host .div-blog.burgsommerspiele.de
Path /
Secure No
Expires At End Of Session
Name PHPSESSID
Value fdc72513a7715dbc6294f83ff4158dc4
Host div-blog.burgsommerspiele.de
Path /
Secure No
Expires At End Of Session
For unregistered users the cookies are always different:
Value c78c5e3b48f4e361518b5b3a4fe5872c
Host .div-blog.burgsommerspiele.de
Path /
Secure No
Expires Mittwoch, 25. April 2007 16:33:37
Name PHPSESSID
Value db7649d65eca1d56f7d2933d7bae02ee
Host div-blog.burgsommerspiele.de
Path /
Secure No
Expires At End Of Session
So what is going wrong?
Any ideas welcome!
I'm using serendipity 1.1.2 und PHP 4.3.10-2
with Spam Protector from
Autor: Garvin Hicking, Sebastian Nohn; version: 1.61
Captcha not working for unregistered users
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Captcha not working for unregistered users
Hi!
This sounds as if your PHP sessions server-side are strangely configured.
When you check the phpinfo() what settings did you set for the "session.*" values?
Logged-in authors do have different cookies containing a permanent author registration routine, so that's okay. WHen cookie/session setup is the problem, try to log in to your s9y WITHOUT checking the option "remember me", does it then still work?
Regards,
Garvin
This sounds as if your PHP sessions server-side are strangely configured.
When you check the phpinfo() what settings did you set for the "session.*" values?
Logged-in authors do have different cookies containing a permanent author registration routine, so that's okay. WHen cookie/session setup is the problem, try to log in to your s9y WITHOUT checking the option "remember me", does it then still work?
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany
Hi Garvin!
whole site is in german, so I switched to english, but can't find this "remember me". Don't have a login-box in the sidebar configured in the frontend yet. Always came from the backend.
Is it the same as the "Save information"-checkbox from the admin-login?
I never used it.
Here is what phpinfo() tells about sessions:
Session Support enabled
Registered save handlers files user
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /var/lib/php4 /var/lib/php4
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
Best regards
Christiane
whole site is in german, so I switched to english, but can't find this "remember me". Don't have a login-box in the sidebar configured in the frontend yet. Always came from the backend.
Is it the same as the "Save information"-checkbox from the admin-login?
I never used it.
Here is what phpinfo() tells about sessions:
Session Support enabled
Registered save handlers files user
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /var/lib/php4 /var/lib/php4
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid Off Off
Best regards
Christiane
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Can you tell me the URL to your blog? I'd like to check the cookies there. To me it sounds as if everytime a new session is started, instead of using the old one.
Best regards,
Garvin
Can you tell me the URL to your blog? I'd like to check the cookies there. To me it sounds as if everytime a new session is started, instead of using the old one.
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Hm, I just commented (without being logged in) successfully.
Can you try to reproduce the situation in which it doesn't work? Because I also saw no captchas...
Regards,
Garvin
Hm, I just commented (without being logged in) successfully.
Can you try to reproduce the situation in which it doesn't work? Because I also saw no captchas...
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Hi!
Ah. The HTTP authentication tries to authenticate a s9y user based on what you entered for the browser. That might have mismatched, and thus a new session was created everytime because the user was invalid.
If you protect a s9y directory with .htaccess, you must edit serendipity_config.inc.php and disable the "useHTTP-AuthenticatioN" option.
Best regards,
Garvin
Ah. The HTTP authentication tries to authenticate a s9y user based on what you entered for the browser. That might have mismatched, and thus a new session was created everytime because the user was invalid.
If you protect a s9y directory with .htaccess, you must edit serendipity_config.inc.php and disable the "useHTTP-AuthenticatioN" option.
Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany
-
chrissie42
- Regular
- Posts: 6
- Joined: Tue Mar 27, 2007 10:01 am
- Location: Hannover, Germany