Sat Feb 24 14:21:51 2024 UTC
New “major” release, 0.2.00, is available. In this release, another token (nonce) is added to the CAPTCHA test procedure. For every successful test, the pair of the time and the nonce is stored on the server (for at least the time of test validity) disallowing to reuse the same CAPTCHA challenge for creating more than one session. Configuraton files of existing sites need to be slightly updated; hence the version number change. Also in this version:
%[lhead:]
,
%[ltail:]
, %[lindex:]
and
%[thalassa_version:]
;topics
and iftopic
added to the
%[cmtinfo:]
macro;%[sess:username]
function);/thalcgi.cgi/cmtadmin
local URI; the page
lists all active comment topics (that is, IDs of all pages for which there
are existing comments) and allows to list all comments for each of them;
this makes it possible, e.g., to find old hidden comments.If you use the Smoky template, simply update the base/
subdirectory's content, and (hopefully) you're done. Otherwise, find the
CAPTCHA form in your thalcgi.ini
file; the set of
“hidden” fields, which for earlier versions looked like this:
+<input type="hidden" name="captcha_ip" value=%[q:%[captcha:ip]] /> +<input type="hidden" name="captcha_time" value=%[q:%[captcha:time]] /> +<input type="hidden" name="captcha_token" value=%[q:%[captcha:token]] />
must now include one more field, captcha_nonce
, sending the
value returned by %[captcha:nonce]
; the following line is to
be added:
+<input type="hidden" name="captcha_nonce" value=%[q:%[captcha:nonce]] />
The whole thing will now look like this:
+<input type="hidden" name="captcha_ip" value=%[q:%[captcha:ip]] /> +<input type="hidden" name="captcha_time" value=%[q:%[captcha:time]] /> +<input type="hidden" name="captcha_nonce" value=%[q:%[captcha:nonce]] /> +<input type="hidden" name="captcha_token" value=%[q:%[captcha:token]] />