Release status: beta
|Description||Requires visitors to pick a kitten out of 5 images as a form of anti-spam control|
|Author(s)||Litso and others|
|Latest version||0.9.1 (2011-04-19)|
|MediaWiki||Tested on 1.16|
Translate the KittenAuth extension if it is available at translatewiki.net
|Check usage and version matrix.|
This extension is a variation on the KittenAuth plugin for other pieces of software. It allows wiki admins to set certain actions that need verification from the user, to prevent automated spam. KittenAuth lets users pick a kitten from a list of five images to verify themselves as human.
This plugin uses a lot of the code from the ConfirmEdit extension, but it differs in some functions and allows wiki admins to configure the settings from LocalSettings.php instead of in the plugin's core file.
- Download and place the file(s) in a directory called
- Add the following code at the bottom of your LocalSettings.php:
- Done - Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
By default, KittenAuth will only ask unregistered users to pick a kitten when they create a page, when they add a new external link to a page, and when they register an account. KittenAuth comes with 17 images of birds and 8 images of cats, and there's the option to add URL and/or IP whitelists. All these settings can be changed.
To start using custom settings at all, first add the following line to LocalSettings.php, after the require_once rule that should already have been added:
$kittenAuth = KittenAuth::setup();
After this you can use the $kittenAuth->someFunction() functions to configure the plugin as described below.
Instead of using kittens, any images can be used. By default all images should go into the 'images' directory of the plugin, but this can be changed (see the bottom of this section). There are no rules for the image names, as long as they are all image files (.png, .jpg, .jpeg, .gif).
All images in the images folder will automatically be included. There should always be at least one kitten and four non-kittens, but the more variety the harder it will get for spammers to automatically detect the kittens. By default the extension comes with 8 kittens and 17 non-kittens. These files are named 1.png through 25.png but any name will do.
It is very important to indicate which images are kittens. If you change the images, define which are kittens (or if the images contain something else, which are the correct answers). You can use this code in LocalSettings (after the ::setup() rule from above):
$kittenAuth->kittens = array('pic1.jpg', 'image5.png', 'kitten.gif');
Also: if you switch from kittens to something else, make sure to change the texts in KittenAuth.i18n.php, which uses the word 'kitten' several times
To see a working example of KittenAuth with custom images, see MansonWiki
Skipping KittenAuth for certain usergroups
By default the kittens will show up only for unregistered users (all the other usergroups have 'skip' set to true). If you want to show KittenAuth to other usergroups as well, use the setSkippedUserGroups() function with an array of usergroups and their 'skip' value. Examples:
- To also force regular users to use KittenAuth, place this in your LocalSettings.php (after the ::setup() line from before):
$kittenAuth->setSkippedUserGroups( array('user' => false) );
- To force everyone except bots and bureaucrats to use KittenAuth, place this in your LocalSettings.php (after the ::setup() line):
$kittenAuth->setSkippedUserGroups( array('user' => false, 'autoconfirmed' => false, 'sysop' => false) );
- To skip KittenAuth for users that confirmed their email, you need to both set the usergroup 'emailconfirmed' to true using the above function, and add the following line:
$kittenAuth->skipConfirmedEmail = true;
There are five "triggers" on which KittenAuth can be displayed:
- 'edit' - triggered on every attempted page save
- 'create' - triggered on page creation
- 'addurl' - triggered on a page save that would add one or more URLs to the page
- 'createaccount' - triggered on creation of a new account
- 'badlogin' - triggered on the next login attempt after a failed one
By default, the only active triggers are 'create', 'addurl' and 'createaccount'. Badlogin is currently not working, see below. To change the settings for each trigger, use the setKittenTriggers() function with an array of actions and their 'trigger' value. Example:
- To show KittenAuth on edits and new accounts but not on new page creation, place this in your LocalSettings.php (after the ::setup() line):
$kittenAuth->setKittenTriggers( array('edit' => true, 'create' => false, 'createaccount' => true) );
Bear in mind that these rules only apply to usergroups that have been set NOT to skip KittenAuth.
URL and IP whitelists
It is possible to define a whitelist of known "good" sites for which the KittenAuth should not kick in, when the 'addurl' action is triggered.
Sysop users can do this by editing the system message page called [[MediaWiki:captcha-addurl-whitelist]] (this is kept the same as in ConfirmEdit to allow combined usage or easy switches between plugins). The expected format is a set of regex's one per line. Comments can be added with # prefix. You can see an example of this usage here, on OpenStreetMap.
This set of whitelist regexes can also be defined using the $kittenAuth->CaptchaWhitelist config variable in LocalSettings.php, to keep the value(s) a secret.
Some other variables you can add to LocalSettings.php:
- $kittenAuth->IPWhitelist- List of IP ranges to allow to skip the KittenAuth
- $kittenAuth->skipConfirmedEmail - Allow users who have confirmed their e-mail addresses to post URL links
- $kittenAuth->kittenDir - set the folder where the images of kittens are located
The following items are still lacking or not working. I'm planning to fix these, but I'm not sure if they are within my capabilities. If any developer would like to give it a try, please let me know and I'd be happy to update the code with new stuff.
- Managing settings through a Special Page instead of LocalSettings
- Showing KittenAuth on bad login (code is in place but $wgMemc seems to break on my side... help would be appreciated)
- Allow customization of image sizes
- Version 0.9.1:
- Arabic translation added, thanks to Ahmad Gharbeia.
- Version 0.9:
- Initial release