# Copyright (c) 2003, James Seng. (http://james.seng.cc/)
# This code is released under the Artistic License.
#
# scode-0.1.4a

+++++++++++++++++++++++++++++++++++
INTRODUCTION
+++++++++++++++++++++++++++++++++++

This package patches MT so it will verify if it is a human before allowing
comments to be posted. The idea is simple: Display an image with a Security
Code and demand the user to enter the Security Code manually. Hopefully,
this will stop a stop to the MT's comments spambots.

To see how this works, check out my blog at http://james.seng.cc/

You can contact me at jseng_at_pobox.org.sg if you have any questions or
comments.

+++++++++++++++++++++++++++++++++++
INSTALLATION
+++++++++++++++++++++++++++++++++++

1. Check if you have GD.pm installed (use the command perldoc GD). If not,
   download from www.cpan.org and install GD on your system.

2. Edit SCode.pm and define your temp directory (preferably in your own
   home directory) and the length of the security code you want (default 6).
   
   Make sure the temp directory is writable by your webengine, which may not
   be your userid. Generally, speaking a chmod 1755 <tmp> should do the trick
   but if not, you can try 1775 or 1777. I wouldn't recommend the later two
   though for security reasons.

3. Move SCode.pm to lib/MT/ directory (MT::SCode)

4. Move mt-scode.cgi to MT CGI directory. (Make sure it is executable, ie,
   chmod 755 mt-scode.cgi)

5. Move scode.pl to plugins/ directory

6. Patch lib/MT/App/Comments.pm (MT::App:Comments)

    ...
    if (!$q->param('text')) {
        return $app->handle_error($app->translate("Comment text is required."));
    }

    # 
    # SecurityCode hack start
    #
    require MT::SCode;
    my $code = $q->param('code');
    my $scode = $q->param('scode');
    my $sscode = MT::SCode::scode_get($code);
    if ($scode ne $sscode) {
        return $app->handle_error($app->translate(
           "Wrong or missing Security Code."));
    }
    MT::SCode::scode_delete($code);
    MT::SCode::scode_create($code);
    #
    # Security hack ends
    #

    my $comment = MT::Comment->new;
    $comment->ip($app->remote_ip);
    ...

7. Logon to MT, and edit the following templates:
   - Individual Entry Template
   - Comment Listing Template
   - Comment Preview Template
   - Comment Error Template

   add the following block:

   <!-- Security Code Check -->
   <input type="hidden" id="code" name="code" value="<$MTSecurityCode$>" />
   <img border="0" src="<$MTCGIPath$><$MTSecurityImage$>?code=<$MTSecurityCode$>"><br />
   <input tabindex=3 id="scode" name="scode" /><br /><br />
   <!-- end of Security Code Check -->

8. Try it out!

+++++++++++++++++++++++++++++++++++
MORE CONFIGURATION
+++++++++++++++++++++++++++++++++++

1. You may customized the color of the image generated. 
   Open mt-scode.cgi and edit the following variables
   $c_background, $c_border, $c_line and $c_code.

2. The current default is 50 temporary security code. If you have a lot 
   of commentors, you should consider increasing $scode_maxtmp (in SCode.pm).

+++++++++++++++++++++++++++++++++++
Can't get it to work?
+++++++++++++++++++++++++++++++++++

Okay, if you don't see any image been displayed, there is only one
and only one reason. 100%, without fail, everyone who fails to get
an image is because *they did not have GD and GD perl lib*.

I repeat: You need (a) GD installed *AND* (b) GD perl lib installed.
Having one of them is not good enough. You need both of them. Check
with your hosting company. And sorry, I can't help you with your
GD installation.

For all other problem, you can email me at james@seng.cc
