Audio/image captchas
I was a bit confused by how image_captcha / audio_captcha work. I think I've figured out what they do, but I'm not entirely clear on how they're used. I don't think they match my mental model of how such a service should work.
When I call image_captcha with a :session_id, I first thought this simply retrieved an image URL. Upon trying it (and rereading the docs), though, I now believe it *generates* an image and returns the URL.
Thus, if I call image_captcha and audio_captcha with the same :session_id, only the last one called will actually be correct. There's no way to generate an image/audio pair of captchas which have the same solution. True?
I was expecting to be able to get both captchas, embed them on my webpage, and have one textfield for the solution. It now looks like if I want that, I'll need to use two different :session_ids, and check the user's text against both of them. (That doesn't seem ideal from either a user-interface point of view, or a scaling point of view, but it's not too bad.)
Or I could show just the image_captcha, with a "listen..." link, which leads to a second page that has just an audio captcha. But I don't like the idea of using a second page -- every extra step I require of users means fewer will follow through. I'd probably give up if I had to click that many times just to submit some text (type text, submit, captcha page, audio captcha page, ok).
I suppose I could also use Javascript to generate the audio captcha only if needed, without leaving the page, but the whole point of an audio captcha is for accessibility, and I feel like requiring Javascript there has a good chance of defeating the whole purpose of designing for accessibility.
Is my understanding of the captcha functions now correct? How do other people use the audio captcha? Is there no way to get an image/audio captcha pair which have the same solution?
Thanks!
It is indeed true that in an
It is indeed true that in an earlier version of the server, a session could only be associated to or an image, or an audio captcha (as in the Drupal module where javascript is used to request the audio captcha). This issue has however been solved for about two weeks now. You can call both getImageCaptcha and getAudioCaptcha and display them both on a page (as in done in the Wordpress plugin).
OK, now I'm really confused.
OK, now I'm really confused. :-)
First, because that's not what I got from reading the docs. It says calling getImageCaptcha or getAudioCaptcha (the XMLRPC names for the Ruby image_captcha / audio_captcha methods) "generates" a captcha. You're saying it doesn't necessarily generate a *new* captcha, but simply returns the captcha associated with the (session_id, author_ip) I pass -- correct? Is a given (session_id, author_ip) always supposed to return the same captcha? That would be great, but:
Second, that doesn't seem to match what it's doing. I do this:
require 'mollom_client'
m = Mollom.new(:public_key => xxx, :private_key => yyy)
ip = '1.2.3.4'
sesn = 'xyzzy'
image_url = (m.image_captcha :author_ip => ip, :session_id => sesn)['url']
audio_url = (m.audio_captcha :author_ip => ip, :session_id => sesn)['url']
and the captchas are obviously different. (Audio captchas are letters only, while image captchas have upper- and lower-case and digits, but even apart from that they're completely different.) And the last *_captcha call is the one that's associated with this session_id, and the other is forgotten.
I looked at wp-mollom.php. I don't know PHP, but the above looks basically like what they do: in _mollom_show_captcha it gets two captchas, passing in the same author_ip and session_id, and in _mollom_check_captcha it checks the solution with that author_ip and session_id, but only makes one check (so it appears to assume they're the same).
Third, when posting this, I forgot my mollom.com login, so I filled out the "forgot password" form here, and tried using the audio captcha, and couldn't get it to work at all (in multiple tries), but the image captcha worked fine. So I suspect it's not just me, but then again I might just be going crazy.
Thanks again,