Captchas for comments on password-protected sites/galleries unnecessary?
darryl
Registered Users Posts: 997 Major grins
Does anybody else think that it makes no sense to force somebody to validate that they're not a spammer [by forcing you to enter the random "YX5A" text] when they've already got a password to view your private gallery or site?
I understand the need to put them on publicly accessible galleries, and even hidden galleries w/o a password, to prevent comment spam.
But if I am giving a password to somebody to one of my galleries, or to my entire site, then there is an implicit trust that they will not spam my comments.
Or if they do, there is some level of accountability.
Does anybody else think this should be changed?
I understand the need to put them on publicly accessible galleries, and even hidden galleries w/o a password, to prevent comment spam.
But if I am giving a password to somebody to one of my galleries, or to my entire site, then there is an implicit trust that they will not spam my comments.
Or if they do, there is some level of accountability.
Does anybody else think this should be changed?
0
Comments
I agree. If gallery or site is password protected, captcha is not needed.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
Please all, keep in mind that features get prioritized. Thanks!
Portfolio • Workshops • Facebook • Twitter
Well, duh, yeah, not if you're logged into your own site, but *ALSO* if somebody else is logged into their SM site and comments on one of your photos. Huh, that's cool, and exactly how it should work for password-protected galleries/sites that a non-SM user logs into.
Oh, sweet, it's in the release notes from the last set of Feature Requests:
http://www.dgrin.com/showthread.php?t=71342
- Remove captcha for comments for logged in user
OOOOOH, I see Andy. You reset the thread with every release. Stupid me, I thought it was the same thread going back to the beginning of time. :-}
(Hey, that's funny -- the first "bugs and feature requests" thread was the one I started back in 2004!)
Anyways, would love to see:
- Remove captcha for users logged into password-protected sites/galleries
:-}
Portfolio • Workshops • Facebook • Twitter
As I anticipate more parents in my son's nursery school using my convoluted [post=659999]"Comments -> Keywords"[/post] hack to "tag" their kids' photos, I *really* would like to see comment Captchas go away for password-protected sites/galleries.
Oh, also, it would be nice to disable them for Sharing too, because again, if somebody has a password to your private site/gallery, it's unlikely they're going to be spammers.
Portfolio • Workshops • Facebook • Twitter
Portfolio • Workshops • Facebook • Twitter
If I have someone who wants to tag several dozen photos asking them to enter a code each time would be similar to a person having to enter a code for every word they want to post in this forum.
Ridiculous.
Again, I would like users who have logged in with the site-wide password (and therefore are *not* spammers) to be able to add comments without requiring a Captcha.
(Since SmugMug still does not allow keyword editing for non-owners/guest passwords [thread=74036]including people logged in with site-passwords[/thread], I'm still using my moldy old [thread=74036]Perl script[/thread] that periodically reads the comments RSS feed and converts specifically tagged comments to keywords.)
So hey, I know you guys had to futz with the commenting code for the Facebook Connect debacle, and if somebody uses Facebook, they don't have to use the Captcha.
Couldn't you do a simple check for a cookie named UP-$userid *OR* Gallery$galleryid and if the password matches for the site or the gallery, you could *not* require a Captcha for those folks either?
I suppose there's the problem that you're doing this all in Javascript and the password is *gack* stored in the cookie in plaintext, so maybe you'd have to generate hashes of all the passwords on the database side? Yuck.
Still though, Captchas really seem unnecessary for people you've explicitly given permission to view your albums to via a password.
As one who uses gallery passwords for kid's sports galleries, this is a great idea! If the site or gallery is password protected, there is no need for captcha. Smugmug, please don't require it in those cases.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
We just improved commenting, by adding Facebook connect. Thanks for this suggestion, can't promise if or when, but I can promise that our team will see it
Portfolio • Workshops • Facebook • Twitter
They've already entered a password. They aren't a spammer. I know that most of your at Smugmug don't use password protected galleries much, but for those of us who have to use them, this would be a nice enhancement and probably not very difficult (way less work than the facebook stuff). Also, my password audience is parents of young kids who are not yet on facebook so that stuff isn't helping me yet.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
If I didn't get it, I'd have asked for clarification, I promise you.
I've made sure that our team has seen this.
Portfolio • Workshops • Facebook • Twitter
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
You can bet your last nickel that if I say "I'm passing it to the team" that I am - and that I/we get your request, we understand it
Thanks!
Portfolio • Workshops • Facebook • Twitter
Actually, they went a step further. They have a Friends/Family system, (a la Facebook, although more like SmugMug's Friends/Family, since there are no free memberships), but even if you are logged in and a Friend or Family of the person whose gallery you are browsing, you are still required to enter a CAPTCHA.
IDIOTIC!
(SmugMug fixed this long ago. Or maybe it was always fixed.)
But the site/gallery-password thing is still an issue here on SmugMug. Hooray, less than 2 months away from the 2-year old "anniversary" of this bug. :-P
Please vote away.
BTW, if you don't want to link Uservoice to your Google/Facebook account (or create yet another account somewhere), you can link it to your SmugMug account/password. Details here: http://www.dgrin.com/showthread.php?p=1196750#post1196750
Well, it's been a good two years, stupid "CAPTCHA on Password-Protected Sites/Galleries". I remember when you were such a cute little bug. So new, so young.
I remember when CAPTCHAs hadn't been cracked by teams of slave laborers, or Russian hackers. I remember when I first realized it didn't even make sense to *HAVE* CAPTCHAs if you're giving somebody the password to your site or gallery.
We were both so young, naive, innocent, back then, TWO YEARS AGO. Well, I hope you understand that it's now time for you to grow up, little bug. To grow up and die at the hands of the SmugMug sorcerer who notices that you're still here, still very annoying, and still probably stupid simple to fix: if ($gallery.password != '' || $site.password != '') { $captcha.required = 0; }
Happy belated birthday. And hopefully we'll be holding a nice funeral for you soon as well.
[Seriously guys. Two years and counting on this one?]
[edit: typo in my pseudo-code]
Thanks again for the feature request.
I'll make sure Scott sees this.
Portfolio • Workshops • Facebook • Twitter
And take it a step further...
Not only are captchas in password protected sites unnecessary, but why not allow the ability to toggle this option in the control panel? Let the photographer choose if they want captchas to avoid spam comments.
It would be lovely if captchas were SmugMug user controlled and optional. If a SmugMug user would like to disable captchas for the enjoyment of their viewers, they should be able to do so.
I would prefer the option of no captchas. I can prevent spammers by selecting "require comment approval" in my Control Panel.
(i have to say at least SmugMug's captchas aren't as cryptic and impossible as i've seen on other sites)