Snippet List
This is a snippet for a simple CAPTCHA. A random image from a list of images is shown, and the form checks if the correct solution was given.
Normally I would use django-simple-captcha or maybe reCAPTCHA, but in this case I wanted to have a number of fixed images, nothing dynamically generated.
I wanted to include the contact form in multiple pages, most of which are `direct_to_template` generic views.
However, passing the random image to the `extra_context` of `direct_to_template` didn't work, because the value was only initialized once on startup.
Therefore I pass the list of possible choices to `extra_context`, and use the template filter `|random` to select one image. The form's clean method will check if the correct solution was given when `form.is_valid()` is called in the view. If not, the view will display a new captcha.
Of course there are other, more elegant solutions like a custom template tag or overriding the generic view, but this works fine for me. Using a fixed number of images will probably not provide good protection for sites that are of much interest to spammers, but for smaller sites it should be sufficient.
You can see the CAPTCHA in action at [http://www.lackieren-in-polen.de/](http://www.lackieren-in-polen.de/)
This math captcha field and widget was inspired by Justin Quick's django-math-captcha, but I wanted to make it into one form field and not have anything in settings.py. I removed the division and modulo operators to avoid people having to input fractions, and just randomly select the operator.
It leverages Django's built-in MultiValueField to set up the hidden hashed answer to compare the user's input to instead of rendering strings for the fields like django-math-captcha does.
Unit tests soon to follow, but this is used in production at: http://btaylorweb.com/. Enjoy!
- simple
- captcha
- field
- widget
- math
- multiwidget
- multifield
My previous snippet with captcha wasn't very portable but Marco Fucci figured out the thing that I couldn't - value_from_datadict function. So all credits go to him and his snippet, I adapted it to my needs, maybe you like my version better - it doesn't need any captcha libraries and let's you modify the widget's html easily. Also I added an option to pass remoteip to google api's verify method.
How to use it:
In your settings.py add:
RECAPTCHA_PUBKEY = 'your recaptcha public key'
RECAPTCHA_PRIVKEY = 'your recaptcha private key'
After that just import and use ReCaptchaField in your form as you would any other field. That's it.
*** Important *** If you want to have peace of mind in case google decided that the remoteip parametr is mandatory then:
Derive every form that has the captcha field from ReCaptchaForm and when you create the form object after receiving POST/GET, pass a remoteip parameter like that:
form = YourCaptchaForm(data=request.POST, remoteip=request.META['REMOTE_ADDR'])
It is not so portable and easy as I wanted it to be because of how django forms work - they don't play well with recaptcha.
To get it to work:
* Add two variables to your app settings, **RECAPTCHA_PUBKEY** and **RECAPTCHA_PRIVKEY**
* Derive forms you want to have a captcha from the provided `ReCaptchaForm` class (how to get it working with ModelForm? any ideas?)
* * If you override the form's clean method make sure you firstly call the `ReCaptchaForm`'s clean method *
* In your view, upon receiving the form data initialize the objects like this `form = YouFormClassDerivedFromReCaptchaForm(remoteip=request.META['REMOTE_ADDR'], data=request.POST)` (or request.GET of course) - this is because reCaptcha needs the user's remote ip.
Integrating [reCAPTCHA](http://recaptcha.net/) with Django.
**Warning**: although *remoteip* is used as optional parameter in this snippet, it is likely to become mandatory in the future. Please see [the comment by Jim Garrison](http://www.marcofucci.com/tumblelog/26/jul/2009/integrating-recaptcha-with-django/#comment-262) for more detail.
Generic version of [this snippet](http://www.djangosnippets.org/snippets/433/).
1. Register on [reCAPTCHA](http://recaptcha.net/) to get your public/private key pair
2. Add your keys in settings.py
3. Add [recaptcha-client](http://pypi.python.org/pypi/recaptcha-client) to your project
4. Put ReCaptchaField and ReCaptcha widget somewhere (I've used a generic app `marcofucci_utils`)
5. Configure your form
More information on my website [marcofucci.com](http://www.marcofucci.com/tumblelog/26/jul/2009/integrating-recaptcha-with-django/).
If, like me, you've had trouble installing the [Python Imaging Library](http://www.pythonware.com/products/pil/) or [FreeType](http://freetype.sourceforge.org), you may have also had trouble getting a captcha to work. Here's my quick and dirty workaround — be warned, this is _very_ low level security, and shouldn't be used on high-profile sites.
Originally published at <http://gregbrown.co.nz/code/django-captcha-without-freetype-or-pil/>
Credit to the author of [django-simple-captcha](http://code.google.com/p/django-simple-captcha/), from whom I borrowed most of this code.
### Usage
from django import forms
from ABOVE-FILE import CaptchaField
class CaptchaTestForm(forms.Form):
myfield = forms.TextField()
security_check = CaptchaField()
This security field is based on the perception that spambots post data to forms in very short or very long regular intervals of time, where it takes reasonable time to fill in a form and to submit it for human beings.
Instead of captcha images or Ajax-based security interaction, the SecurityField checks the time of rendering the form, and the time when it was submitted. If the interval is within the specific range (for example, from 5 seconds till 1 hour), then the submitter is considered as a human being. Otherwise the form doesn't validate.
Usage example:
class TestForm(forms.Form):
prevent_spam = SecurityField()
# ... other fields ...
The concept works only for unbounded forms.
- captcha
- security
- form
- field
- antispam
- antibot
There already is a [snippet on here](http://www.djangosnippets.org/snippets/433/) that shows how to use reCAPTCHA with Django, but being the lazya-- that I am, I wanted the form to:
* display the captcha when as_table is used
* handle captcha validation for me
So RecaptchaForm does the trick. Just subclass from it and voila, your form will include reCAPTCHA validation.
Other than that, you need to
* be on Django trunk version (or use clean_data instead of cleaned_data for 0.96)
* set RECAPTCHA_PRIVATE_KEY and RECAPTCHA_PUBLIC_KEY in your settings.py
* make sure that the [captcha module](http://pypi.python.org/pypi/recaptcha-client) is available somewhere (i.e. that "import captcha" works)
This code works like that in the Google Groups you see and when try to see an e-mail and it is like this "[email protected]" with a link to write a captcha code and see the true value.
You can use it for anything you want: links, blocks of texts, block of HTML, etc.
To use in your template, place the a code like this (remember to load the template tags file with a {% load file_name %} before):
{% protectantirobots %}
<a href="mailto: {{ office.email }}">{{ office.email }}</a>
{% endprotectantirobots %}
You can also use **django-plus** application to do this:
[http://code.google.com/p/django-plus/](http://code.google.com/p/django-plus/)
- captcha
- security
- protect
- anti
- robots
- safe
Simple mathematical captcha where human is asked to solve a simple mathematical calculation like 2+3=?. Don't require database access or external libraries like PIL.
To use MathCaptchaForm subclass it and add your fields.
For example of usage and discussion about security of this captcha comparing with traditional image captcha please see my blog entry
[Improved Mathematical Captcha](http://www.mysoftparade.com/blog/improved-mathematical-captcha/)
Recaptcha is a free service that helps you protect your forms against spam bots by displaying a picture showing 2 words or playing an audio file telling 8 digits for the visually handicapped.
After registration on http://recaptcha.net a private and a public key are
generated. Put the keys in settings.py.
Find client code for recaptcha at http://pypi.python.org/pypi/recaptcha-client. Put the file captcha.py into application root.
A middleware we are using to stop "spam" on Curse. It makes the user fill in a captcha box whenever they submit a form unless a cookie is set (which expires by default after 6 hours)
See also [the template](http://www.djangosnippets.org/snippets/128/)
Note: render_template is simply a shortcut function we have for doing render_to_response with a request context
15 snippets posted so far.