(2011-02-26, 12:50 AM)Yumi Wrote: [ -> ]I find it amusing that you think you can make it a user convenience over something that is entirely controlled by the forum administrator. One would assume that the forum administrator should be able to pick an appropriate question/answer which all the users they care about should be able to answer.
With forums having visitors from across the globe what might be a common sense question in one part of the world might not be in the other. Hence the change question option and also the option to give different acceptable answers to the same question.
(2011-02-26, 12:50 AM)Yumi Wrote: [ -> ]But oh well, let's take your assumption on board. Your plugin design is still questionable. Why are the questions randomised? If it's for user convenience, surely it would make more sense to allow the admin to select an order in which questions are displayed? The admin can choose a question they think most users will be able to answer, and order it first, then when the user chooses to try a different one, your AJAX script will select the next one. Surely this is simpler, and also fixes up issues such as your plugin potentially selecting duplicate questions, which is anything but user friendly.
I preferred randomization, this way the questions get recycled. Having a fixed sequence means the first question is always shown and the last one is almost never shown, not how I wanted it.
(2011-02-26, 12:50 AM)Yumi Wrote: [ -> ]BTW, does this code even work if there's only one question?
$query = $db->query("
SELECT q.*
FROM ".TABLE_PREFIX.$prefix."questions q
WHERE q.qid != {$regq_id}
ORDER BY RAND()
LIMIT 1
");
$q = $db->fetch_array($query);
$regsecureq_id = $q['qid'];
$regsecureq = $q['question'];
This code is from the ajax function called when someone clicks on "Change Question" on the registration page, if there is only one question in the database, the change button is not shown so that code will not even come in to play.
(2011-02-26, 12:50 AM)Yumi Wrote: [ -> ]No reprogramming necessary, the only thing that needs to be done is to add in a new question/answer combo. But if the bot has already been targeting your website, I don't think it would take much for the person running the bot to do this.
This is what I've been trying to say all this time, if the bot is already targeting your site it would not take much for the bot to overcome the dynamic ids
(2011-02-26, 12:50 AM)Yumi Wrote: [ -> ]Anyway, I'm wasting my time over something I don't even care about...
No, you are not wasting your time. I am always looking for feedback on my plugins learning how to do things better in order to put out a better product. Just because we disagreed on this point does not mean that I do not value your feedback.
hi guys, sorry to divert you guys for intellectual discussion, but i think i have an issue with the plugin!
the nature of the error is bit weird... in the security question box when i enter the RIGHT answer, i get an error message saying its INCORRECT. however, after refreshing the security question the answer is accepted, does not matter if a new question is loaded or the earlier one.
i hope you can
reproduce the error...
cheers
(2011-03-22, 04:19 AM)Aeolian Wrote: [ -> ]hi guys, sorry to divert you guys for intellectual discussion, but i think i have an issue with the plugin!
the nature of the error is bit weird... in the security question box when i enter the RIGHT answer, i get an error message saying its INCORRECT. however, after refreshing the security question the answer is accepted, does not matter if a new question is loaded or the earlier one.
i hope you can reproduce the error...
cheers
Did you edit the regsecureq in Global Templates. It seems you have some quotation in the wrong place. Can you post the template contents here or in PM so I can check it out.
hey, this is my regsecureq in Global Templates
i did edit it to make it appear better in IE, that could be it.
pls let me know.
thanks
<br />
<fieldset class="trow2">
<script type="text/javascript" src="jscripts/regsecureq.js?ver=100"></script>
<legend><strong>{$lang->regsecureq}</strong></legend>
<table cellspacing="0" cellpadding="{$theme['tablespace']}">
<tr>
<td colspan="2"><span class="smalltext">{$lang->regq_explain}</span></td>
</tr>
<tr>
<td colspan="2"><br /><span class="smalltext" id="regsecureq">{$regsecureq}</span></td>
</tr>
<tr>
<td width="254"><input type="text" class="textbox" name="regsecureans" value="" id="regsecureans" style="width: 100%";" /><input type="hidden" name="regsecureq_id" value="1" id="regsecureq_id" /></td>
<td width="253" align="right" valign="top">
<script type="text/javascript">
<!--
if(use_xmlhttprequest == "1")
{
document.write('<br \/><input type="button" class="button" tabindex="10000" name="refresh" value="{$lang->regq_change}" onclick="regsecureq.change();return false;" \/>');
}
// -->
</script>
</td>
</tr>
<tr>
<td id="regsecureans_status" style="display: none;" colspan="2"> </td>
</tr>
</table>
</fieldset>
(2011-03-22, 01:37 PM)Aeolian Wrote: [ -> ]hey, this is my regsecureq in Global Templates
i did edit it to make it appear better in IE, that could be it.
pls let me know.
thanks
<br />
<fieldset class="trow2">
<script type="text/javascript" src="jscripts/regsecureq.js?ver=100"></script>
<legend><strong>{$lang->regsecureq}</strong></legend>
<table cellspacing="0" cellpadding="{$theme['tablespace']}">
<tr>
<td colspan="2"><span class="smalltext">{$lang->regq_explain}</span></td>
</tr>
<tr>
<td colspan="2"><br /><span class="smalltext" id="regsecureq">{$regsecureq}</span></td>
</tr>
<tr>
<td width="254"><input type="text" class="textbox" name="regsecureans" value="" id="regsecureans" style="width: 100%";" /><input type="hidden" name="regsecureq_id" value="1" id="regsecureq_id" /></td>
<td width="253" align="right" valign="top">
<script type="text/javascript">
<!--
if(use_xmlhttprequest == "1")
{
document.write('<br \/><input type="button" class="button" tabindex="10000" name="refresh" value="{$lang->regq_change}" onclick="regsecureq.change();return false;" \/>');
}
// -->
</script>
</td>
</tr>
<tr>
<td id="regsecureans_status" style="display: none;" colspan="2"> </td>
</tr>
</table>
</fieldset>
This is your problem:
<td width="254"><input type="text" class="textbox" name="regsecureans" value="" id="regsecureans" style="width: 100%
";" />
It should be
<td width="254"><input type="text" class="textbox" name="regsecureans" value="" id="regsecureans" style="width: 100%;" />
I missed this earlier:
This:
<input type="hidden" name="regsecureq_id" value="1" id="regsecureq_id" />
Should be:
<input type="hidden" name="regsecureq_id" value="{$regsecureq_id}" id="regsecureq_id" />
thanks very much, worked like a charm
thanks for this plugin, it is just what I have been needing.
Absolutely wonderful plugin,and can you make a similar one for logging intonthe ACP
the admins have to answer a security challenge question,so that it improves the security
