Log in

Jeroen Dalsem

Owner of ColdTrick IT Solutions, developing social networking sites for the dutch market


  • Category: Spam
  • License: GNU General Public License (GPL) version 2
  • Updated: 2012-1-26
  • Downloads: 3267
  • Recommendations: 35


Previous releases:

Other Projects

View Jeroen Dalsem's plugins

Image CAPTCHA for Elgg 1.8

Just another CAPTCHA

Last updated 819 days ago

Provides a image based captcha (see screenshot).

Uses the s3capcha jQuery plugin

Release Notes:

2.0 (2012-01-26):

  • added: Dutch translation
  • added: plugin setting to switch between icon sets (General, Fruit)
  • changed: updated code to Elgg 1.8 standards



  • mpcourt 791 days ago

    Excellent Thank You

  • MikeK 764 days ago

    Works very nicely. Since adding this, foreign spammers have dropped to maybe 1 per month.

  • Leo66 760 days ago

    Coldtrick does it again! Thanks for the great plugin Jeroen, hopefully this keeps the spammers in check!

  • kxx4 734 days ago

    Thanks,This installed

  • SksLink 712 days ago

    Recommended! Works perfectly in: http://skslink.com/network/

    Bye Bye Spamers!~

  • İşöğüçı 708 days ago

    Tried it out with elgg 1.8.4. Works beautifully like everything else from coldtrick.

    The trouble with most captcha is that they do not translate well to non-English languages. That is, most captcha (e.g. used by LinkedIn, if I remember correctly) requires also "domain knowledge" to guess some words. Unless you are American or English, it is sometimes very difficult to guess the word.

    This image captcha resolves that issue (with the exception of RSS image, which is a bit nerdy:-) ). An apple is an apple everywhere.

    As for an improvement, would it make sense to have the option of configuring various image sizes?

    With my limited knowledge, I have one suspicion with this catcha: The answer set is pretty small (possibly it can be extended but by definition it can not be too many). Would it pose a risk to repeatative attemps? That is, could someone mimic UI clicks and go one by one over these images and after a few rejections find the correct one? Or is it not possible to do programmatically (automatically)?



  • kxx4 708 days ago

    The site logo for my site does not display on mobile view,instead it show on plain white font like the default view on site.how can i solve this

  • kxx4 704 days ago

    sorry for posting the wrong message ,I installed this plugin and it is ok.would this plugin solve the problem of spam groups.I have aot of Spam groups to delete and prevent.


  • Jeroen Dalsem 703 days ago

    @Burada if it is possible to do a lot of registrations within a short period then it is possible that eventually the right image is clicked. This could be prevent by blocking registration if it fails 5 times in 1 min from 1 ip or something like that.

    @kxx4 this plugin places captcha at every place that supports captcha on your site. Group creation is not one of those, but it would be better to block out unwanted users before they ever get into your site.

  • İşöğüçı 700 days ago

    @Jeroen Thanks.

  • Ve 671 days ago

    Spanish Translation:

    1- Crete file es.php in: image_captcha/languages/

    2- Copy and paste the following text:

        $spanish = array(
            'image_captcha' => "Imagen CAPTCHA",
            'image_captcha:settings:icons' => "Seleccione los iconos que desea utilizar para CAPTCHA",
            'image_captcha:settings:icons:general' => "General",
            'image_captcha:settings:icons:fruit' => "Fruta",
            'image_captcha:icon_types:fruit:apple' => "Manzana",
            'image_captcha:icon_types:fruit:cherry' => "Cereza",
            'image_captcha:icon_types:fruit:lemon' => "Limon",
            'image_captcha:icon_types:fruit:pear' => "Pera",
            'image_captcha:icon_types:fruit:strawberry' => "Fresa",
            'image_captcha:icon_types:general:folder' => "Carpeta",
            'image_captcha:icon_types:general:house' => "Casa",
            'image_captcha:icon_types:general:lock' => "Candado",
            'image_captcha:icon_types:general:man' => "Hombre",
            'image_captcha:icon_types:general:monitor' => "Monitor",
            'image_captcha:icon_types:general:rss' => "Rss",
            'image_captcha:icon_types:general:woman' => "Mujer",
            'image_captcha:label' => "MEDIDA ANTI SPAM. Por favor seleccione la imagen de <u>%s</u>",
            'image_captcha:verify:fail' => "Lo sentimos, la imagen seleccionada no es correcta.",
        add_translation("es", $spanish);

  • kxx4 635 days ago

    I just realised that this plugin prompts users to select an item if they are human but still rejects the request or form  submission e.g ' sorry the selection did not match.

    Please advice.This happens on 'user registeratioN and password recovery'

    My site is running v1.8.1

  • kxx4 634 days ago


  • [cim] 553 days ago

    so far this is the best plugin to prevent 99% of spam on my site. i was using the regular captcha with alpha/numeric values but still had getting spammers every single day! so far it's been a whole day without spammers registering on my site. i'd recommend this plugin for everyone to use against spammers

  • José Monteiro 472 days ago


    I have Crete a file pt.php and i put:


      $portugues = array(
        'image_captcha' => "Image CAPTCHA",
        'image_captcha:settings:icons' => ""Selecione os ícones que você gostaria de usar para o CAPTCHA,
        'image_captcha:settings:icons:general' => "Geral",
        'image_captcha:settings:icons:fruit' => "Fruta",
        'image_captcha:icon_types:fruit:apple' => "maçã",
        'image_captcha:icon_types:fruit:cherry' => "Cereja",
        'image_captcha:icon_types:fruit:lemon' => "Limão",
        'image_captcha:icon_types:fruit:pear' => "Pera",
        'image_captcha:icon_types:fruit:strawberry' => "Morango",
        'image_captcha:icon_types:general:folder' => "Pasta",
        'image_captcha:icon_types:general:house' => "Casa",
        'image_captcha:icon_types:general:lock' => "Cadeado",
        'image_captcha:icon_types:general:man' => "Homem",
        'image_captcha:icon_types:general:monitor' => "Monitor",
        'image_captcha:icon_types:general:rss' => "Rss",
        'image_captcha:icon_types:general:woman' => "Mulher",
        'image_captcha:label' => "Para verificar que você é um ser humano, por favor escolha <u>%s</u>",
        'image_captcha:verify:fail' => "Desculpe, a imagem selecionada não é correta.",
      add_translation("pt", $portugues);


    But after export to folder all i have is a blank page.

    Can someone help me??

    Tks in advance

  • Deiverson 428 days ago

    Very good, perfect in 1.8.5
    I really appreciate your work.
    Sorry for English

  • ase8038 395 days ago



      'image_captcha:settings:icons' => ""Selecione os ícones que você gostaria de usar para o CAPTCHA,


      'image_captcha:settings:icons' => "Selecione os ícones que você gostaria de usar para o CAPTCHA",

    this should work.

  • Juho Jaakkola 379 days ago

    Is it deliberate that the captcha doesn't make registration form sticky before forwarding the user?

    Clearing the form may of course slow down the bots but I think it's also bad UX. Few users realize that they also have to select the correct captcha image a second time if some other form value causes the registration to fail. And then the missing captcha answer causes the whole form to be cleared.

  • Team Webgalli 379 days ago

    @juho : captcha may be used in other instances like registration, forgot password, private messages also. A general solution like https://github.com/Elgg/Elgg/issues/4996 will be better.

  • Juho Jaakkola 378 days ago

    @webgalli It wouldn't be a problem for the capcha to use sticky form only when user is doing registration. It says exactly that in the issue:

    Then the captcha code can make the form sticky when rejecting a captcha.

    At the moment I use a customized 'action', 'register' hook handler that doesn't do anything else but makes the form sticky before captcha is validated:


    This could as well be done in the image_captcha plugin.

  • DhrupDeScoop 378 days ago

    doesn't elgg 1.8 already sticky the register form data for itself ? unless the captcha screws that up ;oO 

  • Juho Jaakkola 377 days ago

    @Dhrup Yes, Elgg core would make the form sticky in the register action but the request never get's that far because captcha intercepts the registration before it. That's why captchas should take care of making the form sticky before they deny access to the action.

  • Jeroen Dalsem 373 days ago

    Unfortunately this is currently the only way to prevent an action being done. I would suggest a change in core to be able to handle these issues. They should split the action handler in two seperate hooks. The first one should be the "prepare_action" hook and the next the "execute_action" hook. The first hook will be used for validation purposes, and the execute for the definitive handling of the action. This gives developers more control. For this plugin it would mean that in the prepare hooks the forms can be made sticky, so the last hook (CAPTCHA) could check for a valid CAPTCHA and forward back to the form with all sticky fields intact.

  • William Huang 340 days ago

    I'm so sad/disappointed/distressed to find that no one, not even a single developer/user of elgg, points out how vulnerable this plugin is:

    $('#image_captcha .img').each(function(){ if((/\/([^\/]*)\.jpg/i).exec($(this).attr("style"))[1]==$('#image_captcha label u').html().toLowerCase()){ $(this).click(); } });

  • Matt Beckett 332 days ago

    I just inhereted a project that has this installed, and I was just going to say the same thing.  Need to prevent the answer from being visible in the image urls.