No More Captcha

Well, I’ve got to say, Drupal’s captcha module is a huge disappointment. The idea is good but the execution is terrible. It caused serious confusion for the session management mechanism, causing people to be randomly logged out, or even sessions confused between different people. That’s a huge security risk, and just made the site so unusable that I couldn’t keep it on.

The good news is that I upgraded to Drupal 4.6.0 in all of this, and the new spam module looks much nicer than the one in 4.5.x. So maybe this will keep me happy for awhile.

4 thoughts on “No More Captcha

  1. I upgraded to 4.6 and installed the captcha module. I hand edited the comments.module since the patch file was no longer current. That patch file isn’t exactly complicated either… just adding two function calls. Anyways, when the module is turned on, anyone (regardless of permissions/roles) who visits a node ends up getting logged out. Doesn’t matter if I take out the two function calls in the patch or not. If captcha is even on it losses the session information :( And I really really wanted captcha…

    Reply

    jgoerzen Reply:

    Yes, that’s exactly the behavior I was seeing, but not just that, sometimes instead of getting logged out, they’d get someone else’s session. Even worse, IMHO.

    Reply

    Anonymous Reply:

    This was fixed a long time back afaik.

    Reply

    jgoerzen Reply:

    Well, the story you’re commenting on was written in April ;-)

Leave a Reply

Your email address will not be published. Required fields are marked *