CFImage Captcha

Similar Messages

• CFIMAGE captcha issue - Cannot find /CFFileServlet, possibly because server and webroot are on different drives

  CFIMAGE captcha was working on my DEV system, where the wwwroot is in the same folder as CFServer is installed.
  It is NOT working when I move it to staging, which is identical to production - including the fact that CFServer is on D: drive, but wwwroot is on E: drive.
  Is there a way to map a location for the CFFileServlet folder?  I think this is the reason it isn't working in staging.
  V/r,
  ^_^

  May want to check your web server to be sure it's not Denying access to that folder based URL Request filtering.  Part of the ColdFusion lockdown guide recommends to Deny access to this folder unless you use CFImage, CFChart, CFPresentation, or CFReport.
  Page 30 here:
  http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf11/cf11-lockdown-guid e.pdf

• Cfimage captcha not showing locally

  I am on cf9 and vista business.
  When i upload my code to my host i can see the cfimage captcha, when i try it locally i don't see anything.
  When i check the image url i get: http://localhost/CFFileServlet/_cf_captcha/_captcha_img3011810602272985780.png
  That url trying i get:
  HTTP Error 404.0 - Not Found
  Does anyone has any experience setting this up correctly?

  I know that this is old, but I ran into a similar problem.
  Turned out that there was a URL Rewrite rule in place for SEO that was supposed to set the URL to lower case characters.  This broke "/CFFileServlet" the ColdFusion settings.  Apparently it is case specific.
  Some navigation systems also use !File or !Directory evaluations that will break cfimage.  This page has info regarding that problem:
  URL Rewriting And ColdFusion's WriteToBrowser Image Functionality (CFFileServlet)
  Check your SEO URL Rewrites.  It may be causing the problem.

• Error 'Timer already cancelled' when using CFIMAGE - captcha

  I've implemented captcha image using cfimage. Works fine on
  our development system however, I'm getting a
  'java.lang.IllegalStateException: Timer already cancelled' in our
  production environment.
  The first time I requested the page containing the captcha
  image it took forever to load but eventially did. Susequent
  requests to this page now produces the above error. Production
  enviroment is running Coldfusion 8.01 in multiserver configuration
  with latest hotfix applied, IIS 6.

  Fixed the problem! Turns out simple restarting of the cf
  service resolved the issue.

• Cfimage CAPTCHA Not Displaying

  Hi All,
  I am creating the captcha using cfimage. In my project we have three different environment dev, stage , production. However I am getting the the captcha image for production and dev but in stagging I am not getting the captcha image. When I am checking captcha in firebug I am getting the image "src" attribute as, "/CFFileServlet/_cf_captcha/_captcha_img2787831475697289656.png" for all three environments but the image not displaying only for stage.
  Please help me.
  Thanks
  Saurav

  I know that this is old, but I ran into a similar problem.
  Turned out that there was a URL Rewrite rule in place for SEO that was supposed to set the URL to lower case characters.  This broke "/CFFileServlet" the ColdFusion settings.  Apparently it is case specific.
  Some navigation systems also use !File or !Directory evaluations that will break cfimage.  This page has info regarding that problem:
  URL Rewriting And ColdFusion's WriteToBrowser Image Functionality (CFFileServlet)
  Check your SEO URL Rewrites.  It may be causing the problem.

• Cfimage, captcha and partitions

  Forgive me if I am overlooking something blindingly obvious,
  but we are having a problem using the captcha attribute of cfimage
  action. With our installation of CF8 running on a separate
  partition from our web root, the folder where the image is created,
  under tmpCache below the CF8 folder, is apparently unreachable by
  the servlet (?). Has anyone run in to this? Is there a simple
  mapping solution? Or an xml file containing a path to edit? Any
  help or pointers would be greatly appreciated.
  Thanks.

  May want to check your web server to be sure it's not Denying access to that folder based URL Request filtering.  Part of the ColdFusion lockdown guide recommends to Deny access to this folder unless you use CFImage, CFChart, CFPresentation, or CFReport.
  Page 30 here:
  http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf11/cf11-lockdown-guid e.pdf

• Cfimage captcha java error

  Using cfimage to generate a captcha image. Works locally, but
  on live server I get this error:
  java.lang.IllegalStateException: Timer already cancelled.

  idesdema wrote:
  > Morning. I am trying to run a simple captcha script on a
  shared host and most
  > of the time it works well, however, sometimes it decides
  to crash.
  >
  > Here is the error I'm getting:
  >
  > An exception occured while performing the captcha
  cfimage action.
  > java.lang.IllegalStateException: Timer already
  cancelled.
  >
  > The error occurred in
  C:\Websites\168219qa6\scribble.cfm: line 1
  >
  > 1 : <CFIMAGE action="captcha" fontsize="20"
  text="Hello" difficulty="high"
  > fonts="verdana" width="200" height="50" />
  >
  >
  > I have logged many a ticket with the hosting company and
  they keep saying
  > "sorry, nothing we can do" which seems like a really bad
  answer to me. Is
  > there anyone that can perhaps guide me/them in the right
  direction so they can
  > tell customers the correct answer?
  I remember that I got this error some time ago. A CF restart
  solved it.
  Mack

• CFImage Captcha error.

  I am getting error when i am trying to display the captcha i
  am getting the below error.
  java.security.AccessControlException: access denied
  (java.io.FilePermission
  C:\Coldfusion8\tmpCache\CFFileServlet\_cf_captcha read)
  In my local system its working fine. but after uploading the
  file to the server, then i am getting that error. This be because
  the CF server is trying to create a temp captacha file in the
  folder which I dont have access to that shared folder.
  But i could able to give the destination to the captcha. If i
  am giving the destination, its not at all displaying anything.
  how to overcome this issue?.
  Srinivas.

  Fixed the problem! Turns out simple restarting of the cf
  service resolved the issue.

• Register page problem.

  I am so confused, I want to add some anti-spam security to my upcoming register page but something is really wrong.
  Note that my server is Coldfusion MX7 (i can not afford better) and because of that i can not use
  cfimage(captcha).
  This is what i have:
  <cfset strLowerCaseAlpha = "abcdefghijklmnopqrstuvwxyz">
  <cfset strUpperCaseAlpha = UCase( strLowerCaseAlpha )>
  <cfset strNumbers = "0123456789">
  <cfset strAllValidChars = (
      strLowerCaseAlpha &
      strUpperCaseAlpha &
      strNumbers
      )>
  <cfset arrPassword = ArrayNew( 1 )>
  <cfset arrPassword[ 1 ] = Mid(
      strNumbers,
      RandRange( 1, Len( strNumbers ) ),
      1
      )>
  <cfset arrPassword[ 2 ] = Mid(
      strLowerCaseAlpha,
      RandRange( 1, Len( strLowerCaseAlpha ) ),
      1
      )>
  <cfset arrPassword[ 3 ] = Mid(
      strUpperCaseAlpha,
      RandRange( 1, Len( strUpperCaseAlpha ) ),
      1
      )>
  <cfloop
      index="intChar"
      from="#(ArrayLen( arrPassword ) + 1)#"
      to="8"
      step="1">
      <cfset arrPassword[ intChar ] = Mid(
          strAllValidChars,
          RandRange( 1, Len( strAllValidChars ) ),
          1
          )>
  </cfloop>
  <cfset strPassword = ArrayToList(
      arrPassword,
      )>
  <cfif IsDefined("FORM.spamcode")>
      <cfif form.spamcode neq strPassword >
      not equal
      <cfelse>
     finally working
  </cfif>
  </cfif>
                   <cfif isdefined ("strPassword")>
                   <cfoutput>#strPassword#</cfoutput>
                   </cfif>
  <form action="" method="post">
    <label>
      <input type="text" name="spamcode" id="spamcode" />
    </label>
  </form>
  this is just testing code but it is somehow messed up.
  every time when i click on the submit button i get not equal!
  I also need to add when i set up strPassword manualy instead of ArrayToList, for example
  <cfset strPassword=test413> and then insert in form test413 and compare it everything is fine. You can copy/paste this code to test it. Any ideas please?

  I get the feeling you could create the password more efficiently. But that's another matter. Your code does work.
  I would generate the captcha word in a function. Then  it will be run only when necessary. Something like this:
  <cffunction name="getPassword" returntype="string">
  <cfset var strPassword = "">
  <cfset var strLowerCaseAlpha = "abcdefghijklmnopqrstuvwxyz">
  <cfset var strUpperCaseAlpha = UCase( strLowerCaseAlpha )>
  <cfset var strNumbers = "0123456789">
  <cfset var strAllValidChars = (
      strLowerCaseAlpha &
      strUpperCaseAlpha &
      strNumbers
      )>
  <cfset var arrPassword = ArrayNew( 1 )>
  <cfset arrPassword[ 1 ] = Mid(
      strNumbers,
      RandRange( 1, Len( strNumbers ) ),
      1
      )>
  <cfset arrPassword[ 2 ] = Mid(
      strLowerCaseAlpha,
      RandRange( 1, Len( strLowerCaseAlpha ) ),
      1
      )>
  <cfset arrPassword[ 3 ] = Mid(
      strUpperCaseAlpha,
      RandRange( 1, Len( strUpperCaseAlpha ) ),
      1
      )>
  <cfloop index="intChar" from="#(ArrayLen( arrPassword ) + 1)#" to="8"  step="1">
      <cfset arrPassword[ intChar ] = Mid(
          strAllValidChars,
          RandRange( 1, Len( strAllValidChars ) ),
          1
          )>
  </cfloop>
  <cfset strPassword = ArrayToList(arrPassword,"")>
  <cfreturn strPassword>
  </cffunction>
  <!--- Set the default captcha string, if none yet exists --->
  <cfparam name="session.current_captcha" default="#getPassword()#" type="string">
  <cfif IsDefined("FORM.spamcode")>
      <!--- compare() makes case-sensitive comparison of two strings, character for character --->
      <cfif compare(form.spamcode, session.current_captcha) eq 0>
           proceed: user entered the correct code
      <cfelse>
             stop spam: user entered the wrong code
      </cfif>
      <!--- Create new captcha every time user submits form --->
      <cfset session.current_captcha = getPassword()>
  </cfif>
  <cfoutput>
  <form action="#cgi.SCRIPT_NAME#" method="post">
      <input type="text" name="spamcode" id="spamcode"><span><em>enter this exact code:</em> <strong>#session.current_captcha#</strong></span>
      <br>
      <input type="submit" name="sbmt" id="sbmt" value="Test it!">
  </form>
  </cfoutput>

• Style a Captcha that was made with CFIMAGE

  I have created a captcha using CFIMAGE that works as
  expected. Yet the background that it randomly generates is not the
  most appealing.
  It would be cool if we could have it use an image that we
  define for the background, or even specifiy a background color,
  perhaps to match the sites theme or what not.
  Has anyone had any luck doing this kind of styling? or is it
  not even possible? If so, code examples would be nice :)

  I never tried it with cfimage, but i am using this and it
  works great.
  http://securitycode.riaforge.org/

• CF Flash Forms/CAPTCHA

  I am working on using a flash form for a contact form and in
  the past I have always used captcha images in this situation to
  prevent spam...
  I have tried using the cfimage tag within my form and it
  doesn't seem to be working.
  Does anyone have any ideas on how to get this working or if
  captchas are needed? Can bots fill out flash forms??
  Thanks!

  You are doing exactly what you will need to do to convert...
  It is time consuming...your best bet is to start from
  scratch. I have tried and I found it more difficult to correct the
  syntax errors...plus I need the code time in Flex Builder to
  understand the IDE and what it does...

• CF9, IIS7.5, CFImage, /CFFileservlet/, Handler Mapping, URL Rewrite

  I am trying to figure out how to enable the default handler in II7 like it was done in IIS6, with the "Verify file exisits" option turned off.
  In IIS7 I have been lead to "Invoke handler only if request is mapped to:" however if that is unchecked, no static files (css, js, etc)  are served.

  Are you sure that your tag meets all of the requirements?  Check out the documentation here: http://help.adobe.com/en_US/ColdFusion/9.0/CFMLRef/WSc3ff6d0ea77859461172e0811cbec22c24-79 45.html
  Specifically for captcha that article mentions:
  For the CAPTCHA image to display, the width value must be greater than: fontSize times the number of characters specified in text times 1.08.
  ColdFusion supports CAPTCHA images in PNG format only.
  I believe the images generated from the cfimage tag are also served up from a differently location than your web-root.
  Is your server allowing the PNG file extension?  With your URL rewrite rule are you still seeing the request reach IIS (iis log)?  Is it reaching ColdFusion (coldfusion log)?  Is your server allowing access to the directory where the generated image is stored (view the browser source code when it works to see where the image is actually stored)?

• CAPTCHA background and text colours

  Hi
  A client of mine has complained a few times that the CAPTCHA background colour and text colour are too similar and the alphanumerals cannot be read.
  How can i manipilate text and background colour?
  Here is my code:
  <cfimage action="captcha" height="50" width="180" text="#strCaptcha#" difficulty="low" fonts="verdana,arial,times new roman,courier" fontsize="20">
  thank you
  Delon

  Been having the same issues with a couple of my clients...They are getting fairly irritated just trying to read the CAPTCHA, so I did some digging and came across this company located in Cali..Confident Technologies and they look like they are just getting started but seem to have a pretty good solution..I tried it and was impressed.

• Captcha and cfform preservedata

  I've got a page with a captcha that was working fine.  I enabled preservedata on the form and now the cfimage text attribute is not updating, apparently is preserving the data from the previous post.  I need to preserve the user's data but not the cfimage.  Anyone have this problem before?
  Here's some code:
  <cfset postPage = false>
  <cfset errors = "">
  <cfif isDefined("form.btnSubmit")>
      <cfif hash(ucase(form.captcha)) neq form.captchaHash>
        <cfset errors = errors & "The text you entered did not match the text in the box.<br />">
      </cfif>
      <cfif errors is "">
        <cfset postPage = true>
      </cfif>
  </cfif>
  <cfset captcha = makeRandomString()>
  <cfset captchaHash = hash(captcha)>
  <cfform name="form1" action = "#cgi.script_name#" method="post" preservedata="yes">
    <cfimage action="captcha" width="285" height="75" text="#captcha#" fonts="arial,times roman,tahoma" >
    <cfinput type="hidden" name="captchaHash" id="captchaHash" value="#captchaHash#">
    <br>Enter the above text:
    <cfinput name="captcha" type="text">
  </cfform>

  I ran a quick test of the code with CF8. For me, the image changes every time.

• After upgrade to CF9, CFIMAGE "Unable to create temporary file" error

  We recently upgraded from CF8 to CF9 Enterprise.  I'm getting an "Unable to create temporary file" error on
  my CFIMAGE resize calls.  We use sandbox security.  I assume I need to grant write access to whatever folder CF uses for temp files, but which folder is it?   The same code (and sandbox settings) ran fine in CF8....
  Note, if I attempt to add C:\JRun4\servers\cfusion\SERVER-INF\temp to the sandbox for this particular app, CF crashes on all requests across all apps on the server with a:
  Security: The requested template has been denied access to C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfclasses\cfapp2ecfc1510154633.c lass.
  The following is the internal exception message: access denied (java.io.FilePermission C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfclasses\cfapp2ecfc1510154633.c lass read)
  ColdFusion cannot determine the line of the template that caused this error. This is often caused by an error in the exception handling subsystem.
  I need to restart CF to get everything working again.

  Another update.   Had a problem with a sandboxed CF9 site doing a simple CFIMAGE READ to a memory variable.  Got an "Unable to create temporary file" error.
  Inserted the following code in the file upload page:
  <cfscript>
  writeoutput("Temp Dir : " & createobject("java","java.lang.System").getProperty("java.io.tmpdir") );
  </cfscript>
  ... and it reveals the temp directory as C:\WINDOWS\TEMP.  Added that to the sandbox, and the CFIMAGE READ is working properly now.
  Note this seems inconsistent with CFIMAGE RESIZE behavior which appears to use the CF GetTempDirectory() value, which in my case is C:\JRun4\servers\cfusion\SERVER-INF\temp\cfusion-war-tmp\
  For reference, see the section "Sandbox Considerations" at this link:
  http://help.adobe.com/en_US/ColdFusion/9.0/Admin/WSc3ff6d0ea77859461172e0811cbf364104-7fc8 .html#WSc3ff6d0ea77859461172e0811cbf364104-7fcc