• com_securityimages

    I've done my homework today, in order to insured the
    release quality and avoid manual testing of SecurityImages
    at every release, I release Selenium testcases so anybody/
    any developer can run them against their homepage.



    • Extract this zip file in a new directory (link soon available)
    • Load the test suite (set of tests) named securityimages.testsuite
    • Take care at the Base URL, in test suite I use http://localhost/T1 put the right base of course, for example
    • The user login/password has to be changed to an existing user! 
    • SecurityImages has to be put in TEST mode. This is a new setting in administrator panel. This force SecurityImages in this mode to accept only the word "test123" as captcha response and nothing else. This is because I can not read, or find in the test case the word hidden in the picture without a lot of effort.
    • Testsuite is working only for HNcapctha at the moment.
    • You can run all test cases in the suite by clicking on seleniumSecurityImages2 or just one or two with seleniumSecurityImages3 but in that case don't forget to also always select the test InitializeTestcases.test (use ALT GR)


    seleniumSecurityImages4 Currently only 4 tests are not working, and this because selenium can not submit the contact and register form of Joomla! this has nothing to do with my code.


    The next step is to put everything in XINC...

    Read also

  • joomla_cms

    relatedArticles 1.5.0

    Created by Hien Cao 2005 and converted to Joomla 1.5 API by Cédric Walter 2008

    This plugin creates next 10 or more articles in bottom for the current article from the same same category. Useful for helping your reader finding new articles in the same category.

    • You can see it in action at my homepage.
    • Running in Joomla 1.5 native mode
    • Download this plugin in my Joomla 1.5 section
  • minify4joomla

    This is the version 1.0.0.

    What does this plugin do?

    More performances for Joomla! with com_minify

    It is working as described at

    Reduce HTTP requests with Minify4Joomla

    and in my WIKI:


    Please use the forum Minify4Joomla Bugtracker&160; for bugs and the WIKI if you find any error in the documentation. Thanks

    &160;The next version 1.1.0 will have a major new feature: I am currently patching (patch/un-patch through a button) the Joomla! HTML Head Renderer (JDocumentRendererHead) that output the HTML code.

    This will transparently minify all JavaScript URL's and CSS that are added by

    • Plugin,
    • Components,
    • Templates,

    As long as they use the Joomla! API's. This is more end users friendly and wont require hacking too much around&160; :-)

    Download HERE

  • I also see a lot of complains on forums (also here) about lack of documentation, this should be now also a thing of the past: the WIKI was put in good use, I did write a lot of entries on how to install, configure SecurityImages 5 

  • index.php

    Beta to be released before end of week!

    NEW: No HTML warning, XHTML compliant
    NEW:  GPL v3 The FSF Compliance Lab has published A Quick Guide to GPLv3, a developer-friendly article explaining the new features and benefits of GPLv3. Be sure to check it out.
    NEW: full translation now possible of static pages about.html, developer.html and troubles.html
    NEW: migration to Joomla! 1.5 API, security, database factory, logging, installer -> reduction of code
    NEW: unique language files following Joomla! 1.5 convention (ini files)
    NEW: utf8 support
    NEW: no PHP warning in logs

    Architectural changes
    NEW: a system plugin (to install separately) for generating captcha in any 3rd party component using events trigger

    NEW: MVC model for the public component part. Now all request creating images are going through the component controller for:

    • improved security
    • having access to Joomla! framework (no more session or database issues)

    Developer can now request to use a particular captcha plugin:

    This request give you the captcha defined in the administrator panel configuration of SecurityImages


    While this request, let you specify the plugin and version


    To check what the user has entered:

    onSecurityImagesCheck', array($securityImagesJoomlaContactUserTry &$return));

    If return is true, then the user / bots has solved the captcha correctly.

    Attention:SecurityImages is still WAY to intrusive toward Joomla! as core file has to be changed in order to use captcha.

    Moreover Joomla! 1.5 use now a kind of hashcash protection to avoid request forgeries (a crypto encrypted time/server dependent magic value in form)

    Insert in any HTML form with JHTML::_( 'form.token' )
    check in your controller with JRequest::checkToken() or die( 'Invalid Token' );

  • com_securityimages

    Security images are dynamically generated images containing hard to read text, it is using a combination of font colors, font size, fuzzy background, font angle in order to disallow computer to automate reading (and so limit spamming).
    The user (a human) has to reproduce all character correctly before being allowed to post.


    This BETA3 solve many issues..hope you will all like it. click read more for more details of what the BETA3 solve.


    BUG: In Edit General Settings - General, the very first option does not have any label.


    BUG:The contact page (in the case of false entry) was showing errors

    Warning: import() [function.import]: Unable to access /../../../../../../components/com_contact/class/logUtils.phpin /../../../../../../libraries/loader.php on line 80


    NEW: More check in Check System page at administrator

    • Verifying that you have installed the system plugin to create CAPTCHA
    • Checking that you have publish the system plugin
    • If you did install Joomla! patches, check that you did activate Joomla patches in control panel and hit save
    • If you did install Joomla! patches, check for proper operation of patches

    securityimages 5.0.beta3.checksystem

    NEW: you can now give the size of the captcha for the core plugin. This feature was present in SecurityImages 4.0.X but was lost in translation to SecurityImages 5.0.X

    S = small = 150 x 30 pixels B = big = 200 x 35 pixels
    securityimages 5.0.beta3.small securityimages 5.0.beta3.big

    Note: You can drop any of your own picture in media\com_securityimages\backgrounds and in the administrator panel of core plugin define it as default.

    BUG: the reload button was not working properly, in fact only once, this is due to the cache of Joomla! 1.5, solved by adding a timestamp to images URL.



    System plugin

    NEW:you can limit the number of reload a user is allowed to do. This greatly reduce brute force attacks, default reload is 10, settings can be changed in system plugin parameter.

    Work for all plugin. Text can be changed in Language

    reload hit < 10 (default) reload hit > 10 (default)
     reloadOK reloadLimitExcedeed


    Joomla! Patches

    re download the correct version if needed and reapply FTP patches. Both patches for Joomla! 1.5.1 and 1.5.2 are available

    BUG:The placeholders: SECURITYIMAGES REJECT USER ENTRY and SECURITYIMAGES LABEL were missing in en-GB.com_contact.ini, so no localized text was displayed when entering a wrong captcha in contact page.

    BUG: move front end images to the front end part of the component so people using .htaccess to protect administrator area don't get any authentication dialog to enter a username and a password. so all views now use /components/com_securityimages/buttons/reload.gif instead of /administrator/components/com_securityimages/buttons/reload.gif

  • The beta is finally HERE!

    You'll have to install the component: AND the system plugin

    Don't forget to publish the component and the plugin!

    If everything goes right, by going to the menu "Check Your System", you'll see:


    That mean that SecurityImages 5.0.0 is working properly, since SecurityImages is a framework, it does nothing particular if it is not used :-) Adventurous people can now modify their Joomla! 1.5 contact section by following the documentation in menu "For Developer" (or by using the post from yesterday).

    I am now modifying the contact, register, login of Joomla! 1.5, akobookPlus,but don't expect a download patch before tomorrow ;-)

    Report all bugs in the forums in the new section

  • From a design point of view, SecurityImages do not come anymore with patches in his code, every 3rd party developer will have to develop and learn how to use SecurityImages 5.0. But coupling is greatly reduce because it use Joomla! events triggering system. 
    Joomla! patches are different, I have to maintain them because the core is not meant to be extended in every forms right now.

    ISSUE: Check for latest version causes a 500 internal server error. Wont be solved, in SecurityImages at least. A component is simply missing on my homepage: the version manager of soeren (Virtuemart) is not running with Joomla! 1.5 and is therefore  not installed on
    I will have to wait for Soeren new version or translate his component to Joomla! 1.5 myself
    ISSUE: reload button is not working, also not always ;-), I am investigating this issue!

    NEW: Core don't use the database anymore to store captcha but session.
    NEW: simplified API for checking captcha
    NEW: add reload button in Check Your System menu
    BUG: solving logging inclusion (logUtils.php). It was incorrect as soon as you use SecurityImages embedded in another component or module.
    NEW: development of Joomla! 1.5 patches and tests with Beta2, see next post

    Beta2 in my download section...

  • com_securityimages Thanks to the feedback from my forum, I am happy to offer you SecurityImages 5.0.0RC1, which I hope is now bug free.

    A big documenting effort is now starting in my WIKI ( in the new section

    Writing articles there has never been easier thank to a WYSIWYG editor. Feel free to extend the documentation there.


    BUG: white page report after check. was occurring because of not initialized parameter in system plugin.
    BUG: In administrator back-end, clicking in menu Components - SecurityImages instead of a submenu directly
    was showing a white page, this was because of a non default task in the controller class
    BUG: Some people report an error while using a language different than English. Since SecurityImages is not
    fully localized, fallback to English (en-GB.com_securityimages.ini) if there is no file available.
    BUG: fixed non existing static (about, manual) files and fallback to English instead of crashing
    NEW: add missing translations for file operations.
    NEW: sort languages files and remove duplicated entries
    BUG: Found thanks to regression testing
    Fatal error: Call to undefined function sendMailLogsToAdmin() in
    \administrator\components\com_securityimages\class\logUtils.php on line 82

    Note 1: A recaptcha ( integration is currently developed as a plugin for SecurityImages.

    Note 2: Use of SecurityImages for Joomla!1.0 have not seen any update since a while. I will now back port some
    changes and solve issues in the new version 4.3.3 to be available soon.

    Note 3: install the latest component ( and
    system plugin (


    Some Words on regression testing

    NEW: regression testing with Selenium ( is now possible thanks to a
    new switch in administrator panel.
    This put SecurityImages in such a state that it will accept all user submissions if they enter 'test123'.
    This mode is only useful for regression testing using automated tools. This mode is required because
    there is otherwise no way to recognize the captcha without huge CPU cost.
    DONT USE FOR PRODUCTION SITE. This is only useful for developer or person wanting to judge the
    quality of the version. Selenium tests are located in a zip file name located in

    To start Selenium Test cases, there is currently many ways (PHP, Java, HTML). The most easiest for End-user
    or amateur is to use Selenium IDE (a Firefox plugins),


    • All tests are trying to log to admin panel if needed using the login/password admin, will avoid that in a future version
    • All tests are made for testing hncaptcha, but still try to create images using all other plugins
    • Currently 26 tests are available.

    How to start TestCases

    1. Install the plugin for Firefox download now
    2. Un compress all testcases from zip 
    3. Start the plugin by going to Firefox menu Tools - Selenium IDE
    4. A floating windows open, go to Menu File - Open Testsuite
    5. Open the file securityimages.testsuite
    6. Adapt the Base URL to point to the root of your Joomla installation
    7. Run all tests  or only a bunch
  • Starting with SecurityImages 5.1.0, the system plugin is now part of the component, it is installed and published automatically when you install my component. It is also remove automatically when you remove the component.
    See list of changes HERE

    Upgrade path

    Joomla! 1.5 Never use SecurityImages 5? Already using
    SecurityImages 5RC1!

    Basic usage

    • remove previous component SecurityImages
    • remove system plugin SecurityImages
    • install using installer

    Protect Joomla! forms:

    login, register, contact, password...

    Unpack and FTP the patch Joomla patches

    In the admin panel of SecurityImages 5, there is now a direct link to the Joomla Patches

    Read also the online documentation from the WIKI

  • compat_15_nativeext_com Component - ext_mod Module - ext_plugin Plugin

    The focus on this release is to make the install more easier, as it is one major source of complains. I did also set up new release management tools so you should never search again for a file on my homepage...


    NEW: plugin is now part of the component, it is installed and published automatically when you install my component. It is also remove automatically when you remove the component.
    NEW: German translations thanks to Simon Grazioli from Switzerland
    NEW:Italian translations thanks to
    NEW: icons are back in menu for more clarity
    BUG: one variable not set in /components/com_user/controller.php; line 48 :  captcha not displayed as a result.
    BUG: Reload limit not taken into account. Reload limit is configured in the SecurityImages system plugin Extensions->Plugin Manager->System - SecurityImages->Plugin Parameters->Reload captcha count
    BUG: Several subtle bugs discovered by svert (forum HERE)

    NEW: Better check you system page checking now permissions. Remark, securityimages5 just require read permissions, so for 99% of your php files r--r--r-- (chmod 444) is more than enough! configuration file must have rw-r--r-- (chmod 644) or you wont be able to change configuration file with the Joomla GUI. NEVER NEVER use chmod 777 on any directory or file!

    NEW: Joomla! Patches are now fully configurable -> you can decide to activate captcha on some area or not
    (require to install new patches )

    Note the version PackageForSecurityImages5.1.0

    These patches are still way too intrusive toward Joomla! I am looking for an alternative for the next versions...

    Contact me if you have an idea how it should be made in Joomla!



    TODO: recaptcha plugin is not available for legacy 3rd party application, as SecurityImages send only an image back. This is clearly not the most flexible way to get an HTML back instead (sic). So at the moment, I need to change API's, SecurityImages should return a HTML block with everything inside (image, field, JavaScript, links). The change is trivial but not for all 3rd party application around that get suddenly broken...

    NEW: XHTML 1.0 compliant for all Joomla! patches.

    NEW: Better documentation on how to add SecurityImages in contact, login, register


    Download files for your right version of Joomla HERE (33kB) and EXTRACT ARCHIVE!
    overwrite file on your server VIA FTP/SCP
    Go to Joomla! control panel and HIT at least SAVE config once, this will add a new boolean value
    (true or false) in Joomla! configuration for using SecurityImages.


    Updating, security

    NEW: Menu "Check for latest version" drive you to Securityimages5, it has now its own category (10) in my version manager, so users of SecurityImages 4.x.x (Joomla! 1.0.x only) do not get confuse. You may also want to register the RSS of that category Feed Icon for never missing any new release :-)

    NEW: Joomla! 1.5 patches have now their own category in my version manager, You may also want to register the RSS of that category Feed Icon, you'll never search for the right patch again as everything is resume there.

    The same apply for all previous users of SecurityImages4/Joomla1.0.X, this page will keep you informed, RSS also available Feed Icon

    Both are available using the menu as seen below:


  • compat_15_native -&160;ext_com Component - ext_mod Module - ext_plugin Plugin

    com_securityimages This is an intermediate release before the new version 5.2.0

    It solved the following major issues in version

    BUG: logs table were not properly deleted after removing the component

    BUG: securityimages was not installing at all in Joomla! 1.5.8 but properly in previous&160; version.

    The error has been found, it was my fault, I was incorrectly having 2 xml installer with the same name!

    So it seems that Joomla! previous to 1.5.8 was searching or ordering zip file entries differently...
    In previous versions (before 1.5.8), Joomla! found the file A, and install was a success, while in Joomla! 1.5.8 it just found file B and failed to install the main component part.

    Now my solution has been to zip the system plugin in an additional zip file that will get unpacked at install time in /plugins/system/

    I've tested the install with the following version of Joomla! 1.5.5, 1.5.6, 1.5.7 and 1.5.8

    This page will keep you informed, RSS also available Feed Icon

  • smallbox_securityimages

    This version should improve installations on some host, where the plugin securityimages.php did not always install properly. The reason behind is that I did add falsely an additional file index.html in This may lead to permissions issues during installation. SecurityImages 5.1.2 do not contains any other changes, so If you’re happily running SecurityImages 5.1.1, no need to upgrade!


  • Following the Preview of SecurityImages 5.2.0, I am currently developing a proof of concept using the Ajax library JQUERY 

    jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event handling, animating, and Ajax interactions for rapid web development. jQuery is designed to change the way that you write JavaScript.


    I want to allow generated captcha to be checked asynchronously without needing submit of whole page. This is a major complain since the beginning of SecurityImages, as currently users lost their entries in the form in case the captcha challenge get refused.

    A lot more check are also done NOW in the Diagnostics page:

    • Checking existence of system plugin,
    • Ability to display the error message if any of each plugin in one click
    • Reload count configured will be displayed,
    • A way to create automated error reporting (cut and paste) for better support in my forums


    A new API inspired from that will allow me to integrate new system in future without being limited to an image (why not having a flash or video in future?). This API fully use the Joomla! event system so less code to write for all 3rd party developers and less dependencies.

    Stay tuned!

  • Smugmug badge has been approved at Joomla Extension directory

    7383 7382

    Documentation is available in my WIKI, download it HERE or HERE and keep up to date with the RSS feed

  • happybirthday

    Today is Joomla!'s 5th birthday. On September 1st, 2005 the joomla. org sites were launched. Until that day, the Joomla! name was completely unknown to the world.

    It is used by organizations as large as Apple, McDonald’s and the United Nations and by millions of people for their companies, hobbies and charities.

    It is translated into 64 languages!

    Approximately 2. 5% of the web now runs on Joomla! 

    After 10 Millions Downloads, more than 5600 extensions at JED, Joomla! can now be proud of it success!

    My download sections has served in the Joomla! 1.5 era more than 334’681 downloads of my Joomla! extensions :-)


    For all those that still don’t know the translation of Joomla!  , it is the English spelling of the Swahili word jumla meaning “all together” or “as a whole.”

    see also Joomla! at Wikipedia

  • header_logo love com_securityimages
    Someone has reported in my forum that the latest VirtueMart is not working with SecurityImages 5.x (see thread here)
    VirtueMart is an Open Source E-Commerce solution (a Component or Plug-in) for the Joomla! and
    Mambo Content Management Systems. It can be run as a Shopping Cart, or in Catalog mode.

    I've patched the code for VirtueMart 1.1.2 to support both SecurityImages (4.x and 5.X)

    compatibility Joomla! 1.0.X Joomla! 1.5.X
    SecurityImages 4.X x NO
    SecurityImages 5.X NO x
    VirtueMart x x

    So the equation: VirtueMart 1.2 + SecurityImages  5.x/4.x is working $.

    @Soeren, if you read this, please include it in your next version :-) I have your mail somewhere, will contact you shortly..

    @Users: Apply this patch on a running VirtueMart install with FTP

    virtuemart1.2.patch.securityimages Download

    Only 3 files altered:

    • admin.user_field_form.php
    • ps_shopper.php
    • ps_shopper.php