Make reCAPTCHA 2.6 produce valid HTML in Wordpress 2.x (patch enclosed)

48 views
Skip to first unread message

gron...@gmail.com

unread,
Oct 25, 2007, 5:59:16 PM10/25/07
to reCAPTCHA
I have done some small changes to recaptcha 2.6 in order to make it
generate valid HTML code in Wordpress (testet with WP 2.3). See also
validator.w3.org.

This is for recaptcha-wordpress-2.6.zip
Actually, I think I submitted the same code for the 2.5 version, but
that never got implemented.
Anyhow, here goes:


--- recaptcha.php.orig 2007-10-25 23:47:51.000000000 +0200
+++ recaptcha.php 2007-10-25 23:49:22.000000000 +0200
@@ -54,14 +54,17 @@
}
</script>
<noscript>
- <style type='text/css'>#submit {display:none;}</
style>
<input name="submit" type="submit" id="submit-alt"
tabindex="6" value="Submit Comment"/>
</noscript>
COMMENT_FORM;
echo $recaptcha_js_opts .
recaptcha_wp_get_html($_GET['rerror']) . $comment_string;
}

+function recaptcha_wp_head () {
+ echo "<style type='text/css'>#submit {display:none;}</style>";
+}

+add_action('wp_head', 'recaptcha_wp_head');
add_action( 'comment_form', 'recaptcha_comment_form' );


--- recaptchalib.php.orig 2007-10-25 23:47:58.000000000 +0200
+++ recaptchalib.php 2007-10-25 23:50:56.000000000 +0200
@@ -124,9 +124,9 @@
return '<script type="text/javascript" src="'. $server . '/
challenge?k=' . $pubkey . $errorpart . '"></script>

<noscript>
- <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></iframe><br>
+ <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></iframe><br/
>
<textarea name="recaptcha_challenge_field" rows="3"
cols="40"></textarea>
- <input type="hidden" name="recaptcha_response_field"
value="manual_challenge">
+ <input type="hidden" name="recaptcha_response_field"
value="manual_challenge"/>
</noscript>';
}

MegaZone

unread,
Nov 20, 2007, 8:00:46 PM11/20/07
to reCAPTCHA
Thank you! I came looking for any threads on the invalid (X)HTML and
this is the first thing I found, fantastic. I hope that this does get
incorporated into the main trunk, since these were the only XHTML
errors I had on my site. Well, in my code - now if Google and Amazon
would stop putting garbage in their iframes...

MegaZone

unread,
Nov 21, 2007, 11:48:04 PM11/21/07
to reCAPTCHA, gron...@gmail.com
Ah, I think I found an oversight. This patch makes the submit comment
button hidden all the time since the style is always in the header,
and not just displayed when there is no scripting. It seems this
would need a piece of script to dynamically un-hide the button so it
remains hidden when there is no scripting, but shows otherwise.

I did this in recaptcha.php, around line 51:
document.getElementById('recaptcha-submit-btn-area').appendChild
(sub);
document.getElementById('submit').tabIndex =
6;

document.getElementById('submit').style.display = 'inline';

Right after the existing tabIndex = 6 I added the line to toggle the
display on. That seems to behave like the default install, sans the
XHTML errors.

reCAPTCHA Support

unread,
Nov 21, 2007, 11:51:01 PM11/21/07
to reca...@googlegroups.com
It sounds like you need to patch the theme to make this version work. We've found that makes it much more difficult to install for users.
--
reCAPTCHA: stop spam, read books
http://recaptcha.net

MegaZone

unread,
Nov 27, 2007, 6:45:10 AM11/27/07
to reCAPTCHA
On Nov 21, 11:51 pm, "reCAPTCHA Support" <supp...@recaptcha.net>
wrote:
> It sounds like you need to patch the theme to make this version work. We've
> found that makes it much more difficult to install for users.

No, there is no patching in the theme - all the patches are in the
reCAPTCHA plugin. The plug-in produces invalid XHTML, with gronslet's
patch and my one additional change reCAPTCHA produces valid XHTML and
appears to function correctly. No patches to any other files are
required.

-MZ

Brett

unread,
Dec 11, 2007, 1:10:28 PM12/11/07
to reCAPTCHA
On Nov 27, 6:45 am, MegaZone <megaz...@gmail.com> wrote:
> On Nov 21, 11:51 pm, "reCAPTCHA Support" <supp...@recaptcha.net>
> wrote:
>
> > It sounds like you need to patch the theme to make this version work. We've
> > found that makes it much more difficult to install for users.
>
> No, there is no patching in the theme - all the patches are in the
> reCAPTCHA plugin. The plug-in produces invalid XHTML, with gronslet's
> patch and my one additional change reCAPTCHA producesvalidXHTML and
> appears to function correctly. No patches to any other files are
> required.
>
> -MZ

I just downloaded and installed reCAPTCHA Plugin for WordPress - v2.7
(http://code.google.com/p/recaptcha/downloads/detail?name=recaptcha-
wordpress-2.7.zip&can=2&q=WP-Latest) which was uploaded 29 November
2007. The code seems to have changed, so it doesn't seem possible to
apply the above posted changes. Am I reading this correctly? Any
chance that it's possible to make 2.7 produce valid HTML?

reCAPTCHA Support

unread,
Dec 11, 2007, 1:33:38 PM12/11/07
to reca...@googlegroups.com
Hi,

The only issue now is that we have a <style> tag in the body. I'm a little bit skeptical about applying the patch as it has the potential to break some themes.

gron...@gmail.com

unread,
Jan 12, 2008, 3:54:20 PM1/12/08
to reCAPTCHA
On Dec 11 2007, 7:33 pm, "reCAPTCHA Support" <supp...@recaptcha.net>
wrote:
> The only issue now is that we have a <style> tag in the body. I'm a little
> bit skeptical about applying the patch as it has the potential to break some
> themes.

So regarding my initial comment on invalid XHTML code, should I
interpret this as a WONTFIX resolution?

You are in fact right - the patch by me and MegaZone does introduce
some strange behaviour in firefox and IE. For the moment, the
following page will only show the footer in firefox, while it shows
perfectly fine in Konqueror and Opera. (In firefox ctrl-u will show
the complete, valid source code):

http://eightflat.org/tracesofmartinsstate/2005/07/11/silva-atlas-gps-pinouts/

Turning off the reCaptcha plugin "solves" the problem.

Anything more I can do to solve this? I really want to have valid code
on my blog...

best regards,
MartinG

reCAPTCHA Support

unread,
Jan 12, 2008, 4:25:24 PM1/12/08
to reca...@googlegroups.com
The reCAPTCHA team is not going to be developing XHTML fixes. However, we'll happily take a patch if:

  • It's low risk
  • It doesn't require any additional work from users
About your blog, does it work if you use the non-modified version of the code? If it shows the bug with the unmodified version we'll be happy to take a look at it.

-Ben
On 1/12/08, gron...@gmail.com <gron...@gmail.com> wrote:

On Dec 11 2007, 7:33pm, "reCAPTCHA Support" < supp...@recaptcha.net>

gron...@gmail.com

unread,
Jan 12, 2008, 5:16:57 PM1/12/08
to reCAPTCHA
Ok, I just downloaded the latest version from here
http://recaptcha.googlecode.com/files/recaptcha-wordpress-2.7.zip and
installed it, deactivated/activated the plugin, but the problem
persists.

I also noted that the 2.7 version of the plugin claims to be version
2.6 (the header of recaptcha.php in the 2.7 zip file still says "26").

A quick check that the new code is in fact in place and working on my
page is that it now produces invalid xhtml:
http://validator.w3.org/check?uri=http%3A%2F%2Feightflat.org%2Ftracesofmartinsstate%2F2005%2F07%2F11%2Fsilva-atlas-gps-pinouts

On Jan 12, 10:25 pm, "reCAPTCHA Support" <supp...@recaptcha.net>
wrote:
> About your blog, does it work if you use the non-modified version of the
> code? If it shows the bug with the unmodified version we'll be happy to take
> a look at it.

The problem is still here, with the unmodified code (recaptcha.php and
recaptchalib.php).
I'll be happy to provide more info if needed.
Thanks for the great work so far :)

best regards,
MartinG

reCAPTCHA Support

unread,
Jan 12, 2008, 5:31:50 PM1/12/08
to reca...@googlegroups.com
I think this is causing the problem:

<script type="text/javascript" 
src="http://eightflat.org/tracesofmartinsstate/wp-content/plugins/wp-dokuwiki/lib/exe/js.php
" />
Try adding a </script> as is required in HTML.

-b


Ok, I just downloaded the latest version from here
http://recaptcha.googlecode.com/files/recaptcha-wordpress-2.7.zip and
installed it, deactivated/activated the plugin, but the problem
persists.

I also noted that the 2.7 version of the plugin claims to be version
2.6 (the header of recaptcha.php in the 2.7 zip file still says "26").

A quick check that the new code is in fact in place and working on my
page is that it now produces invalid xhtml:
http://validator.w3.org/check?uri=http%3A%2F%2Feightflat.org%2Ftracesofmartinsstate%2F2005%2F07%2F11%2Fsilva-atlas-gps-pinouts

On Jan 12, 10:25pm, "reCAPTCHA Support" <supp...@recaptcha.net>

wrote:
> About your blog, does it work if you use the non-modified version of the
> code? If it shows the bug with the unmodified version we'll be happy to take
> a look at it.

The problem is still here, with the unmodified code (recaptcha.php and
recaptchalib.php).
I'll be happy to provide more info if needed.
Thanks for the great work so far :)

best regards,
MartinG



gron...@gmail.com

unread,
Jan 12, 2008, 5:45:47 PM1/12/08
to reCAPTCHA
On Jan 12, 11:31 pm, "reCAPTCHA Support" <supp...@recaptcha.net>
wrote:
> I think this is causing the problem:
>
> <script type="text/javascript"
> src="http://eightflat.org/tracesofmartinsstate/wp-content/plugins/wp-dokuw..."/>
>
> Try adding a </script> as is required in HTML.

Wow! Thanks - that solved the problem with firefox!
(What I did was to edit wp-dokuwiki.php and change "/>" to "></
script>")
So the problem with firefox was because recaptcha and wp-dokuwiki
didn't work that well togheter I assume.

Still invalid xhtml generated by recaptcha though. Any suggestions
from anyone is appreciated.

Thanks to the recaptcha team for the great work!
best regards,
MartinG

MegaZone

unread,
Feb 5, 2008, 8:08:05 PM2/5/08
to reCAPTCHA
On Dec 11 2007, 1:10 pm, Brett <pace...@gmail.com> wrote:
> I just downloaded and installed reCAPTCHA Plugin for WordPress - v2.7
> (http://code.google.com/p/recaptcha/downloads/detail?name=recaptcha-
> wordpress-2.7.zip&can=2&q=WP-Latest) which was uploaded 29 November
> 2007. The code seems to have changed, so it doesn't seem possible to
> apply the above posted changes. Am I reading this correctly? Any
> chance that it's possible to make 2.7 producevalidHTML?

I've redone the fixes for 2.7:
---START---
--- old-recaptcha.php-2.7 Tue Feb 5 19:40:41 2008
+++ recaptcha.php Tue Feb 5 20:03:00 2008
@@ -3,7 +3,7 @@
Plugin Name: reCAPTCHA
Plugin URI: http://recaptcha.net/plugins/wordpress
Description: Integrates a reCAPTCHA with wordpress
-Version: 2.6
+Version: 2.7
Author: Ben Maurer & Mike Crawford
Email: sup...@recaptcha.net
Author URI: http://bmaurer.blogspot.com
@@ -49,21 +49,32 @@
sub.parentNode.removeChild(sub);
document.getElementById('recaptcha-submit-btn-
area').appendChild (sub);
document.getElementById('submit').tabIndex =
6;
+
document.getElementById('submit').style.display = 'inline'; //
MegaZone added
if ( typeof _recaptcha_wordpress_savedcomment !
= 'undefined') {

document.getElementById('comment').value =
_recaptcha_wordpress_savedcomment;
}
</script>
<noscript>
- <style type='text/css'>#submit {display:none;}</
style>
- <input name="submit" type="submit" id="submit-alt"
tabindex="6" value="Submit Comment"/>
+ <!-- MegaZone removed style element -->
+ <input name="submit" type="submit" id="submit-alt"
tabindex="6" value="Submit Comment" />
</noscript>
COMMENT_FORM;
echo $recaptcha_js_opts .
recaptcha_wp_get_html($_GET['rerror']) . $comment_string;
}

+/*
+MegaZone added this function. This will insert the style to hide
the
+reCAPTCHA submit button in the header instead of the body, where it
is
+invalid XHTML. Since this disables the button even when scripting is
+turned on, there is a line of JavaScript inserted above which makes
the
+button visible when scripting is on.
+*/
+function recaptcha_wp_head () {
+ echo "<style type='text/css'>#submit { display: none; }</style>\n";
+}

+add_action( 'wp_head', 'recaptcha_wp_head' ); // MegaZone added
add_action( 'comment_form', 'recaptcha_comment_form' );
-

function recaptcha_wp_show_captcha_for_comment () {
global $user_ID;
---END---

---START---
--- old-recaptchalib.php-2.7 Tue Feb 5 19:40:58 2008
+++ recaptchalib.php Tue Feb 5 19:53:57 2008
@@ -122,9 +122,9 @@
return '<script type="text/javascript" src="'. $server . '/
challenge?k=' . $pubkey . $errorpart . '"></script>

<noscript>
- <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></ifra
me><br/>
+ <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></ifra
me><br />
<textarea name="recaptcha_challenge_field" rows="3"
cols="40"></textarea>
- <input type="hidden" name="recaptcha_response_field"
value="manual_challenge"/>
+ <input type="hidden" name="recaptcha_response_field"
value="manual_challenge" />
</noscript>';
}
---END---

I fixed the version number to be 2.7, as it should be. I also added a
space before the closing '/>' on some elements, as recommended for
browser compatibility. The main XHTML fix is moving the style to the
head instead of the body, and adding the associated JavaScript, et al,
to keep things working.

MegaZone

unread,
Feb 5, 2008, 8:15:35 PM2/5/08
to reCAPTCHA
On Feb 5, 8:08 pm, MegaZone <megaz...@gmail.com> wrote:
> $errorpart . '" height="300" width="500" frameborder="0"></ifra
> me><br/>
> + <iframe src="'. $server . '/noscript?k=' . $pubkey .
> $errorpart . '" height="300" width="500" frameborder="0"></ifra
> me><br />

Whoops - cut & paste line-break issue:

---START---
--- old-recaptchalib.php-2.7 Tue Feb 5 19:40:58 2008
+++ recaptchalib.php Tue Feb 5 19:53:57 2008
@@ -122,9 +122,9 @@
return '<script type="text/javascript" src="'. $server . '/
challenge?k=' . $pubkey . $errorpart . '"></script>

<noscript>
- <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></iframe><br/
>
+ <iframe src="'. $server . '/noscript?k=' . $pubkey .
$errorpart . '" height="300" width="500" frameborder="0"></iframe><br /

reCAPTCHA Support

unread,
Feb 5, 2008, 8:19:36 PM2/5/08
to reca...@googlegroups.com
Thanks for contributing this patch. I'm still worried about the risk for JS errors, so I think I'm going to hold off committing this for now.

- Ben

MegaZone

unread,
Feb 5, 2008, 10:19:37 PM2/5/08
to reCAPTCHA
On Feb 5, 8:19 pm, "reCAPTCHA Support" <supp...@recaptcha.net> wrote:
> Thanks for contributing this patch. I'm still worried about the risk for JS
> errors, so I think I'm going to hold off committing this for now.

Why not make it configurable - a config option to do it one way or the
other.

If I can find some time I'll see if I can do that.

-MZ

reCAPTCHA Support

unread,
Feb 5, 2008, 10:49:07 PM2/5/08
to reca...@googlegroups.com
Honestly, I don't think that it's really worth going to the trouble of having a configurable option for this. This would mean we need to document it, etc -- all for the sole purpose of satisfying the w3c validator.

I'd be more willing to consider a patch that we could put in by default.

- Ben

On 2/5/08, MegaZone <mega...@gmail.com> wrote:
Reply all
Reply to author
Forward
0 new messages