ReCaptcha and FancyCaptcha bouncing back after correct answer!? Ie. they are broken.
CASE CLOSED (see CASE CLOSED message below)
Hello, since MediaWiki appears to recommend this extension and this extension only for bot blocking, I hope someone will hop on this one real fast :)
Ever since I installed MW in this instance, I've had a problem with ReCaptcha where after correctly answering, or answering in general, the page would reload as if you had just hit submit, eg. for an edit, for another round of Captcha. I am pretty floored that I've never been able to find another account of this particular problem since it's basically a game breaker.
For a while I reverted to SimpleCaptcha since it works. But lately bots are becoming a nuisance so I gotta get some better defenses up before I go nuts. This morning I went thru the process of setting up FancyCaptcha (not so crazy about Google myself) but it bounces back just like ReCaptcha, suggesting the problem is in the ConfirmEdit end.
Until I get somewhere on this edits requiring Captcha will just not go thru. The wiki hasn't really caught fire just yet, so hopefully no one will be too bothered, but this is a problem nonetheless that needs to be documented on this page at the least.
Product Version MediaWiki 1.16.2 PHP 5.2.11 (apache2handler) MySQL 5.0.77 Installed extensions
Parser hooks ArrayExtension (Version 1.3.4 alpha) Store and compute named arrays Li Ding, Jie Bao and Daniel Werner ParserFunctions (Version 1.3.0) Enhance parser with logical functions Tim Starling, Robert Rohde, Ross McClure and Juraj Simlovic Subpage Fun (Version 0.3.1) Defines some new parser functions to get advanced informations about subpages. Daniel Werner Other ConfirmEdit (Version 1.0) (r82832) Provides CAPTCHA techniques to protect against spam and password-guessing Brion Vibber and ...
Maybe you should try upgrading to 1.17.x. and try again. ConfirmEdit seems to use some functionalities only available in recent versions. --Bachsau 14:30, 16 October 2011 (UTC)
For the record, 1.16.2 was the stable version of MediaWiki recommended on the website when I installed the ConfirmEdit extension.
Running ConfirmEdit on 1.16 since some early alpha in 2009 without problems. Maybe switch to simple math (at least to have a proper process). Also bot-looking accounts can be human too (that's what I experienced in the past months) so captchas like simple math are not working 100% well.
I stopped them by using $wgCaptchaQuestions using fairly simple insider questions that only my target group can answer. That stopped all spammers from registering and editing. --Subfader 18:49, 16 October 2011 (UTC)
I did say Simple Math does work (in the opening edit) but the two Captcha based options do not. I am familiar with administrating user generated websites. Simple Math isn't cutting it anyway, so I have to up the ante. Simple Math in a MediaWiki website could be conquered by the most rudimentary of scripts. I could code one myself in a half hour.
@Subfader: Please try one of the Captcha options if you can / see if they work for your 1.16 setup or not. Thanks.
Do the maintainers watch this page? I can't imagine there being a more important extension in the MediaWiki stable than this one.
@Bachsau: An upgrade on a lark is something I am not yet quite up to. Plus it seems like a backport would be in order.
OK, so turns out after pouring over the code FancyCaptcha was really fine. I just included an escaped character (single quote) inside the double quoted key and did not realize PHP treats an escape slash as a literal slash when the following character does not technically require escaping. C++ would have produced a single quote. But PHP produced \'.
Still ReCaptcha seems to be broken for some reason, but it's probably safe to not point fingers at ConfirmEdit, since it is an extension of ConfirmEdit. I'm not sure, but it seems like these captchas could be setup to fail more gracefully. For instance an error is indistinguishable from a wrong answer. The form could at least say the last answer was wrong to distinguish between that and a technical mishap.
CASE CLOSED.
