Simple Captcha Problem

Rails
1

I am using simple_captcha plugin. I have successfully tested it with
the my simple form. But my problem is that I get the following error
‘secrect code do not match’ when I tried it to use with my restful
authentication login plugin.

2

is your text_field for entering captcha character matched with captcha
validation params ?

Regard
Reinhart
http://teapoci.blogspot.com

FREE eBook Ruby & PhP :
http://teapoci.blogspot.com/search/label/eBook

3

yes it does.

On Apr 21, 12:26 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

4

i need to see your view code about that captcha form and
controller/model to process captcha form input.

Reinhart
http://teapoci.blogspot.com

FREE eBook Ruby & PhP :
http://teapoci.blogspot.com/search/label/eBook

5

user.rb

require ‘digest/sha1’
class User < ActiveRecord::Base
#################################
#captcha
apply_simple_captcha
before_create :build_inbox

def inbox
folders.find_by_name(“Inbox”)
end

def build_inbox
folders.build(:name => “Inbox”)
end
#################################

#acts_as_ferret

Virtual attribute for the unencrypted password

has_one :contact_information
has_one :personal_information
has_one :education_detail
has_one :job_experience
attr_accessor :password
has_many :friendships
has_many :friends,
:through => :friendships,
:conditions => “status = ‘accepted’”,
:order => :firstname

has_many :requested_friends,
:through => :friendships,
:source => :friend,
:conditions => “status = ‘requested’”,
:order => :created_at

has_many :pending_friends,
:through => :friendships,
:source => :friend,
:conditions => “status = ‘pending’”,
:order => :created_at

####################################
has_many :sent_messages, :class_name => “Message”, :foreign_key =>
“author_id”
has_many :received_messages, :class_name =>
“MessageCopy”, :foreign_key => “recipient_id”
has_many :folders
##################################
#acts_as_ferret

validates_presence_of :login
validates_presence_of :password, :if
=> :password_required?
validates_presence_of :password_confirmation, :if
=> :password_required?
validates_length_of :password, :within => 4…40, :if
=> :password_required?
validates_confirmation_of :password, :if
=> :password_required?
validates_length_of :login, :within => 3…40
#validates_length_of :email, :within => 3…100
validates_uniqueness_of :login
before_save :encrypt_password
before_create :make_activation_code

prevents a user from submitting a crafted form that bypasses

activation

anything else you want your user to change should be added here.

attr_accessible :login, :password, :password_confirmation, :firstname,
:lastname

Activates the user in the database.

def activate
@activated = true
self.activated_at = Time.now.utc
self.activation_code = nil
save(false)
end

def active?
# the existence of an activation code means they have not
activated yet
activation_code.nil?
end

Authenticates a user by their login name and unencrypted

password. Returns the user or nil.
def self.authenticate(login, password)
u = find :first, :conditions => [‘login = ? and activated_at IS
NOT NULL’, login] # need to get the salt
u && u.authenticated?(password) ? u : nil
end

Encrypts some data with the salt.

def self.encrypt(password, salt)
Digest::SHA1.hexdigest("–#{salt}–#{password}–")
end

Encrypts the password with the user salt

def encrypt(password)
self.class.encrypt(password, salt)
end

def authenticated?(password)
crypted_password == encrypt(password)
end

def remember_token?
remember_token_expires_at && Time.now.utc <
remember_token_expires_at
end

These create and unset the fields required for remembering users

between browser closes
def remember_me
remember_me_for 2.weeks
end

def remember_me_for(time)
remember_me_until time.from_now.utc
end

def remember_me_until(time)
self.remember_token_expires_at = time
self.remember_token = encrypt("#{email}–
#{remember_token_expires_at}")
save(false)
end

def forget_me
self.remember_token_expires_at = nil
self.remember_token = nil
save(false)
end

Returns true if the user has just been activated.

def recently_activated?
@activated
end

protected
# before filter
def encrypt_password
return if password.blank?
self.salt = Digest::SHA1.hexdigest("–#{Time.now.to_s}–
#{login}–") if new_record?
self.crypted_password = encrypt(password)
end

def password_required?
  crypted_password.blank? || !password.blank?
end

def make_activation_code

  self.activation_code =

Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
end

end

==========================================================
and new.html.erb

<%=error_messages_for :user%>
<%=form_tag :action=>‘create’ %>

Sign Up


First Name<%=text_field ‘user’,‘firstname’%>

Last Name<%=text_field ‘user’,‘lastname’%>

Email<%=text_field ‘user’,‘login’%>

Password<%=password_field ‘user’,‘password’%>

Verify<%=password_field ‘user’,‘password_confirmation’%>

<%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>


<%=submit_tag ‘submit’%>

On Apr 21, 1:13 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

6

and my action in user_controller is

================================
def create
@letters = “ABCDEFGHIJKLMNOPQRSTUVWXYZ”.split("")
cookies.delete :auth_token
# protects against session fixation attacks, wreaks havoc with
# request forgery protection.
# uncomment at your own risk
# reset_session
@user = User.new(params[:user])
@user.save_with_captcha
if @user.errors.empty?
self.current_user = @user
#redirect_back_or_default(’/’)
#flash[:notice] = “Thanks for signing up!”

  reset_session
   flash[:notice] = "Thanks for signing up!"
  redirect_to :controller=>'users',:action=>'index'

else
  render :action => 'new'
end

end

On Apr 21, 1:13 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

7

[Try it]

def create
@letters = “ABCDEFGHIJKLMNOPQRSTUVWXYZ”.split("")
@user = User.new(params[:user])
@user.save_with_captcha
if @user.errors.empty?
self.current_user = @user

   reset_session
    flash[:notice] = "Thanks for signing up!"
   redirect_to :controller=>'users',:action=>'index'

 else
   render :action => 'new'
 end
 cookies.delete :auth_token

end

[2] I dont see def save_with_captcha in User.rb

[3] in your view :
<%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>

Where is field_text to enter captcha confirmation/verification?

Reinhart

8

NO it didn’t work.
2>I am using simple_captcha plugin
3><%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>
creates its own text_field

and I have done the same thing for these

classified_controller

def create
@classified = Classified.new(params[:classified])

if @classified.save_with_captcha
  redirect_to :action => 'list'
else
  render :action => 'new'
end # if end
  end #create end

=========================================
classified.rb

class Classified < ActiveRecord::Base
#for captcha
apply_simple_captcha

validates_presence_of
:firstname,:lastname,:company,:start_date,:end_date,:ad_title,:bid_type
validates_numericality_of :budget,:phone
validates_format_of :email,
:with => /^[A-Z0-9._%-]+@([A-Z0-9-]+.)+[A-Z]
{2,4}$/i,
:message => “must be a valid email address”

#######################################
def pictureimg=(picture_field)
return if picture_field.blank?
self.content_type = picture_field.content_type.chomp
self.picture = picture_field.read
end
end

=============================================
view/classified/new.html.erb

<%=stylesheet_link_tag ‘global_view’%>
Post new classified

<%=error_messages_for ‘classified’ %>
<%=form_tag ({:action => ‘create’}, :multipart=>true) %>

First Name

<%= text_field ‘classified’, ‘firstname’ %>

Last Name

<%= text_field ‘classified’, ‘lastname’ %>
Email
<%= text_field ‘classified’, ‘email’ %>


<%=
show_simple_captcha(:object=>“classified”,:image_style=>‘embosed_silver’,:distortion=>‘medium’,:code_type=>‘alphabetic’)
%>

<%= submit_tag “Create” %>

<%= link_to 'Back', {:action => 'list'} %>

==========================================
however the simple_captcha work for this classified controller.

On Apr 21, 3:42 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

9

NO it didn’t work.
2>I am using simple_captcha plugin
3><%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>
creates its own text_field

and I have done the same thing for these

classified_controller

def create
@classified = Classified.new(params[:classified])

if @classified.save_with_captcha
  redirect_to :action => 'list'
else
  render :action => 'new'
end # if end
  end #create end

=========================================
classified.rb

class Classified < ActiveRecord::Base
#for captcha
apply_simple_captcha

validates_presence_of
:firstname,:lastname,:company,:start_date,:end_date,:ad_title,:bid_type
validates_numericality_of :budget,:phone
validates_format_of :email,
:with => /^[A-Z0-9._%-]+@([A-Z0-9-]+.)+[A-Z]
{2,4}$/i,
:message => “must be a valid email address”

#######################################
def pictureimg=(picture_field)
return if picture_field.blank?
self.content_type = picture_field.content_type.chomp
self.picture = picture_field.read
end
end

=============================================
view/classified/new.html.erb

<%=stylesheet_link_tag ‘global_view’%>
Post new classified

<%=error_messages_for ‘classified’ %>
<%=form_tag ({:action => ‘create’}, :multipart=>true) %>

First Name

<%= text_field ‘classified’, ‘firstname’ %>

Last Name

<%= text_field ‘classified’, ‘lastname’ %>
Email
<%= text_field ‘classified’, ‘email’ %>


<%=
show_simple_captcha(:object=>“classified”,:image_style=>‘embosed_silver’,:distortion=>‘medium’,:code_type=>‘alphabetic’)
%>

<%= submit_tag “Create” %>

<%= link_to 'Back', {:action => 'list'} %>

==========================================
however the simple_captcha work for this classified controller.
On Apr 21, 3:42 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

10

NO it didn’t work.
2>I am using simple_captcha plugin
3><%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>
creates its own text_field

and I have done the same thing for these

classified_controller

def create
@classified = Classified.new(params[:classified])

if @classified.save_with_captcha
  redirect_to :action => 'list'
else
  render :action => 'new'
end # if end
  end #create end

=========================================
classified.rb

class Classified < ActiveRecord::Base
#for captcha
apply_simple_captcha

validates_presence_of
:firstname,:lastname,:company,:start_date,:end_date,:ad_title,:bid_type
validates_numericality_of :budget,:phone
validates_format_of :email,
:with => /^[A-Z0-9._%-]+@([A-Z0-9-]+.)+[A-Z]
{2,4}$/i,
:message => “must be a valid email address”

#######################################
def pictureimg=(picture_field)
return if picture_field.blank?
self.content_type = picture_field.content_type.chomp
self.picture = picture_field.read
end
end

=============================================
view/classified/new.html.erb

<%=stylesheet_link_tag ‘global_view’%>
Post new classified

<%=error_messages_for ‘classified’ %>
<%=form_tag ({:action => ‘create’}, :multipart=>true) %>

First Name

<%= text_field ‘classified’, ‘firstname’ %>

Last Name

<%= text_field ‘classified’, ‘lastname’ %>
Email
<%= text_field ‘classified’, ‘email’ %>


<%=
show_simple_captcha(:object=>“classified”,:image_style=>‘embosed_silver’,:distortion=>‘medium’,:code_type=>‘alphabetic’)
%>

<%= submit_tag “Create” %>

<%= link_to 'Back', {:action => 'list'} %>

==========================================
however the simple_captcha work for this classified controller.

On Apr 21, 3:42 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

11

NO it didn’t work.
2>I am using simple_captcha plugin
3><%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>
creates its own text_field

and I have done the same thing for these

classified_controller

def create
@classified = Classified.new(params[:classified])

if @classified.save_with_captcha
  redirect_to :action => 'list'
else
  render :action => 'new'
end # if end
  end #create end

=========================================
classified.rb

class Classified < ActiveRecord::Base
#for captcha
apply_simple_captcha

validates_presence_of
:firstname,:lastname,:company,:start_date,:end_date,:ad_title,:bid_type
validates_numericality_of :budget,:phone
validates_format_of :email,
:with => /^[A-Z0-9._%-]+@([A-Z0-9-]+.)+[A-Z]
{2,4}$/i,
:message => “must be a valid email address”

#######################################
def pictureimg=(picture_field)
return if picture_field.blank?
self.content_type = picture_field.content_type.chomp
self.picture = picture_field.read
end
end

=============================================
view/classified/new.html.erb

<%=stylesheet_link_tag ‘global_view’%>
Post new classified

<%=error_messages_for ‘classified’ %>
<%=form_tag ({:action => ‘create’}, :multipart=>true) %>

First Name

<%= text_field ‘classified’, ‘firstname’ %>

Last Name

<%= text_field ‘classified’, ‘lastname’ %>
Email
<%= text_field ‘classified’, ‘email’ %>


<%=
show_simple_captcha(:object=>“classified”,:image_style=>‘embosed_silver’,:distortion=>‘medium’,:code_type=>‘alphabetic’)
%>

<%= submit_tag “Create” %>

<%= link_to 'Back', {:action => 'list'} %>

==========================================
however the simple_captcha work for this classified controller.

On Apr 21, 3:42 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

12

NO it didn’t work.
2>I am using simple_captcha plugin
3><%=
show_simple_captcha(:object=>“user”,:image_style=>‘embosed_silver’,:distortion=>‘low’,:code_type=>‘alphabetic’)
%>
creates its own text_field

and I have done the same thing for these

classified_controller

def create
@classified = Classified.new(params[:classified])

if @classified.save_with_captcha
  redirect_to :action => 'list'
else
  render :action => 'new'
end # if end
  end #create end

=========================================
classified.rb

class Classified < ActiveRecord::Base
#for captcha
apply_simple_captcha

validates_presence_of
:firstname,:lastname,:company,:start_date,:end_date,:ad_title,:bid_type
validates_numericality_of :budget,:phone
validates_format_of :email,
:with => /^[A-Z0-9._%-]+@([A-Z0-9-]+.)+[A-Z]
{2,4}$/i,
:message => “must be a valid email address”

#######################################
def pictureimg=(picture_field)
return if picture_field.blank?
self.content_type = picture_field.content_type.chomp
self.picture = picture_field.read
end
end

=============================================
view/classified/new.html.erb

<%=stylesheet_link_tag ‘global_view’%>
Post new classified

<%=error_messages_for ‘classified’ %>
<%=form_tag ({:action => ‘create’}, :multipart=>true) %>

First Name

<%= text_field ‘classified’, ‘firstname’ %>

Last Name

<%= text_field ‘classified’, ‘lastname’ %>
Email
<%= text_field ‘classified’, ‘email’ %>


<%=
show_simple_captcha(:object=>“classified”,:image_style=>‘embosed_silver’,:distortion=>‘medium’,:code_type=>‘alphabetic’)
%>

<%= submit_tag “Create” %>

<%= link_to 'Back', {:action => 'list'} %>

==========================================
however the simple_captcha work for this classified controller.
On Apr 21, 3:42 pm, Visit Indonesia 2008 <rails-mailing-l…@andreas-

13

I found this,

http://blog.guitarati.com/2007/11/restful-authentication-plus.html

hope it helps

regards

14

Thank you Carlos. It works.