OSOL Captcha



Aimed for non technical joomla site users who often find it hard making hacks in core code ,this plugin easily adds captcha to joomla forms for login,registration,contact us,reset passord and remind username.

Just have to follow 3 steps.

1.install the plugin

2.publish the plugin .

3.Check the 5 forms(login,registration,contact us,reset passord and remind username).


Though not required in most cases,we reccomend to go to admin page of the plugin and do the 2 addtional steps to enhance security against spam attacks ,they are


1.Set 'yes' for 'Enable second level security for Core forms' after making sure the captcha appears in all the above mentioned forms.If captcha doesnt appear in any of those forms,set 'No' to auto add feature for that particular form (otherwise that form wont work after enabling second level security check)


2.Further there is a layer of backend spam protection with the help of botscout api which could prevent even human spams to an extend.We reccomend you to enable this as well.


---Important step for Custom forms/Non core Joomla forms---

If you are familiar with regexp ,you could add OSOLCaptcha for any forms.For this you need to add a file in 'osolCaptcha/nonCoreForms' folder.you can check 'virtuemart.php' to see how to set regexp for any non core form.

PS: Inorder to have this plugin insert captcha ,the form should have an id or name and a submit button inside 'form' tag.Though by default it usually will have,I am explicitly mentioning it because I have seen users developing custom forms and template overrides without name or id attribute and compalining that the captcha oesnt work there.

It is recommended that this be done by coders or with their help though installing and publishing the plugin could be done by anyone(which in turn will add the captcha to the core forms mentioned above)



PHP version 5+,GD Library must be enabled.(Most servers now are having PHP5 with GD Library enabled.You just need to confirm with your systeem admin in case you are not finding this plugin working)


Currently there are 2 limitations for this plugin

1.If the html part is customized for com_user,mod_login or com_contact,it may not work.Since this is aimed for non techy joomla users it wont affect them as they dont edit any files.However if there is a template override with form id/name change and submit button tag change you should edit
and change the 2 variables for that form properly

'formId' =>
'tagToPlaceCaptchaBefore' =>

Enabling auto add for mod_login(not available from version 2.0 onwards) is subject to conditions and is disabled by default.if you enable it, make sure that it is in a unique position ,position must be any of these('left','right','top','user2','user3') .The position occupied by mod_login should not contain any other modules


How it looks

Below is how it will look when the plugin is active

Captcha Demo




March 16 2010 : On popular demand, option added in admin to change background and text color.Please be carefull while entering the values.The color values should be in 6 digit hex format

March 23 2010: Danish language is built in.Thanks to Villy Feltmann for providing the Danish translations

March 28 2010:V.1.0.1released.French lanuage is built in .Thanks to Pascal Racine for french translations.Added auto add in remind username and rest password forms.Admin options to enable/disable auto auto add in contact us,registration,login,reset password,remind username

April 5 2010:V.1.0.2 released,Spanish and Catalan language is built in.Thanks to Pep Aguilar;More native german language replaced previous one I intially packaged.Thanks to Joachim Schlosser,CSS of captcha elements is seperated.You can now edit them in plugins/system/osolCaptcha/captchaStyle.css(You need to have FTP and CSS basics for editing CSS)

April 12 2010:V1.0.3 released,Portugese translations added.Thanks to Kristof Horvath (supplied portugese portugal) and Rafael(supplied prtugese brazilian),Dutch language added Thanks to Gie Henrion.IP blocking based on http://botscout.com/ API added(this is in beta stage.more documentation on botscout.com protection will be added here soon)

April 13 2010:Arabic translations added.Thanks to Achour.Italian translation added.Thanks to Roberto Lenti

April 19 2010:V1.0.4 :fixed a small bug reported by some users

May 7 2010:V1.0.5:Polish language translations(by Pawel ),French translations typos corrected(by Marie-Laure LEGLISE and Thierry Vanneste),xhtml strict captcha source(by Matt Lewis-Garner),Admin login protection with pass phrase (Please note down the value you set for passphrase in admin ,because once you set it adminpanel will not be accessible with out it),Czech translations(by Martin Benes),Croatian translation (by Marko )

Sep 6 2010:V1.0.6:Added Romanian and few other languages supplied by users worldwide.Also applied fix for deprecated 'explode' function in php 5.3.The fix was sent by Gruz from Ukraine


Languages Available by default

You can setup this captcha for any language.See FAQs below for steps to set up your language texts for .Following languages are vailable by default

  1. English
  2. German
  3. Danish
  4. French
  5. Spanish
  6. Catalan
  7. Potugese
  8. Dutch
  9. Arabic
  10. Italian
  11. Polish
  12. Czech
  13. Croatian
  14. Romanian language translation(by Chetzu )
  15. Swedish language translation(by Qiuyue Sinovum)
  16. Hungarian translation(by Endre Czirbesz )
  17. Ukranian translation(by Gruz Electric )(Also sent the fix for e_notices on php 5.3 because of deprecated 'explode' function on 5th september 2010)
  18. Bulgarian Translation(by Todor Iliev)
  19. Russian translation(by Dimitry)
  20. Serbian Latin and Cyrillic translation (By Igor Lukic)
  21. Thai by Chawalit
  22. Turkish by Cop Adam( another set was offered by Yahya Erturian before we published it)


Download Version 3 with AJAX captcha verification from github

Joomla 3 Pugin
Joomla 2.5 Pugin

OSOLCaptcha version 2.x.x adds ajax verification of captcha and ease of adding captcha to non core forms .Though initially the plugin might appear more techie friendly,it actually is intended for ease of captcha insertion into non core forms by non coders.

The method of adding captcha in a non core form is very different from that of version 1.x.x.While in version 1.x.x you just have to add a code block in template file,with version 2.x.x you have to actually create a new file with appropriate settings and upload it to plugins/system/osolCaptcha/nonCoreForms/ ( for joomla 1.5) or plugins/system/osolcaptcha/osolCaptcha/nonCoreForms/(for joomla 2.5).As an example I have bundled file for virtuemart


  1. I installed the plugin,but i dont see any captcha in the 3 forms mentioned

    Ans:You need to publish the plugin

  2. I installed and published the plugin but it doesnt appear in login module


    I enabled osolcaptcha for mod login and the effect I get is replication! what needs to be done to avoid this?

    Ans:Enabling for mod_login is subject to conditions and is disabled by default.if you enable it, make sure that it is in a unique position ,position must be any of these('left','right','top','user2','user3') .The position occupied by mod_login should not contain any other modules,if 'Use in mod_login' is set to 'Yes'

    if you are a coder familiar with mod_login customizations,you can use the php code mentioned above in it without checking the enabe mod login check box in admin panel.

  3. I installed and published the plugin but the captcha is auto added only in contact us form

    Ans: Make sure default views of other 2 forms are not overridden.Some joomla templates usually come with there own views.(view files overridden by templates are saved like templates/{yourtemplate}/html/{component foder}/{concerned viewfile}.php )

    for example : contact us form overridden by your custom template will be in
    login module(which appears in side bars) : templates/<YOUR_CUSTOM_TEMPLATE>/html/mod_login/default.php

    To make sure the captcha is not shown becasue of template overrides,try renaming the concerned file in template and refresh the page in browser,the default joomla view will show most likely with the captcha

  4. I used the code JFactory::getApplication()->triggerEvent('onShowOSOLCaptcha', array(false)); in a different form.

    But it is only appearing partially


    the captcha cells are not properly aligned

    Ans:CSS issue,contact the person who is managing your template or the component handling the form

    Where can I change the Texts (labels and error message)

    Texts are set in language files.If you want to change text in english language, you can edit/set all texts pertaining to this plugin in the file administrator/language/en-GB/en-GB.plg_system_osolcaptcha.ini.If you are using a language other than those in the list above,follow the same step but replacing 'en-GB'(in folder and file names) with the language you are using.For this and FTP client like filezilla is required.

    Following example assumes that you have an FTP Client(eg:Filezilla) and have a basic idea of accessing your site via FTP.If you are not familar with it,please seek the help of someone who is familiar with it

    Example:If you are using russian in joomla you need to create a file administrator/language/ru-RU/ru-RU.plg_system_osolcaptcha.ini.You can use en-GB.plg_system_osolcaptcha.ini (if you are not seeing 'en-GB.plg_system_osolcaptcha.ini' in the server,look inside the plugin zip file where you can see it inside plugins/system/lang folder) and rename it ,change the texts and upload it to the folder mentioned before .Just to make sure the file is uploaded in the correct location,try to view the langusge file with browser inthe format
    "http://<your_russian_joomla_site>/administrator/language/ru-RU/ru-RU.plg_system_osolcaptcha.ini" .

  6. I installed and published the plugin.But the captcha image doesnt show in my forms .Only its alt text,refresh link and text box are shown


    Once I moved to a new webhost, the captcha plugin stopped working

    Ans:Check with your host wether they have enabled GD library for PHP.You can check the php version by logging into admin panel and selecting.Help >>System Info and then clicking PHP Information Tab.You can also know if gd is enabled in the same page.

    In some sites where SEF is enabled its reported that the images are not seen even if GD library is enabled in PHP5.The actual issue is still not identified,but a workaround is to disable SEF first,call the page/form where captcha is added and then reactivate SEF.My special thanks to Joao Sarmento for letting me know about this workaround

  7. What is 'enable second level security' option for?

    Ans:As of v1.0.4 there are 3 levels of security for core joomla forms (2 levels for other forms)provided by the plugin.First level(default ) is enabled by default as soon as the plugin is installed and published.Second level is a bit more strict checking.Before enabling this you must make sure that the captcha is appearing (auto added) in the joomla forms login,registration,remind user and reset password forms.if it is not appearing in one or more of them,you need to check 'no' option of the auto add feature for those forms for which they are missing OR make the captcha appear using the above php block or the forms will not be submitted

  8. How does backend protection layer work with this plugin? OR What are the botscout.com options?

    Ans:botscout.com is a free spam filtering service which collects and keeps a database of spam attack. They provide and API to check wether the form submissions are suspected spam based on IP and email.Inorder to add backend spam protection we have decided to add options to make use of their service.Following options are added to OSOL Captcha v1.0.3.For those who are not familiar botscout.com and want to make use of their service to have added protection( backend spam protection) for your site, we would reccomend the following settings

    1.BotScout Protection:Stop Execution and Mail
    2.Botscout API key:get Key from http://botscout.com/getkey.htm and enter it in this field
    3.Report -ve results from botsout ip verification:Set it to an email address.Details of variables posted to the site form ips in the botscout database with a field 'email' will be mailed to the email.If you dont want reporting,leave it blank

    This options are in the beta stage now.Once testing is completed you could even use this plugin as invisible spam protection without even prompting the users to enter captcha codes!

  9. What are that options available(main options to note) in admin panel for this plugin

    Ans:Check the screenshot below
    admin options
  10. Where can I edit the layout of the captcha controls?

    Ans:the css could be edited in

    most likely your issue will be fixed if you set width:auto for the css class 'osolCaptchaBlock'

    if you want to edit the html of the captcha ,the html part of the captcha could be edited in

    function GetCapthcaHTML($vertical = false)

  11. When I installed this and tried out a form with incorrect letters typed in I expected an error alert/popup before the form is submitted. All it did was refresh the screen and clear all the boxes(data loss). Is this a bug or did I miss a step? When I try your contact form in this site I get a pop up box not allowing me to go ahead.

    Ans:Regarding the contact us form in our site,it is custom coded to check the captcha value via AJAX before posting it inorder to avoid data loss.Being a general purpose plugin its not possible to add this AJAX check functionality out of the box to the auto added forms out of box since different forms use different checks before submitting.We are looking into it so as to add this in a future version.

    Regarding data loss(texts going blank with wrong captcha submission) becasue of wrong submission is a joomla issue.you can check this by submitting a form with wrong or blank contents for other fields after disabling javascript in the browser.A solution for this is to alert the users that data loss may occur if they submit captcha code wrongly by changing ENTER CAPTCHA VALUE in the language file Please check http://www.outsource-online.net/#changeTexts for changing texts associated with the captcha

  12. When using the Contact Us form, the form works OK if captcha is correct. But there seems to be no warning if the incorrect captcha code has been entered. The form appears to have been sent but in fact has not.

    Ans:The custom template you are using doesnt have the block <jdoc:include type="message" />.Check index.php of your template,search for <jdoc:include type="component" /> , add <jdoc:include type="message" /> just before it.Check submitting the form with incorrect value for captcha
  13. Some users complain that they are getting the 'incorrect captcha code' even if they enter the captcha code correctly.Is there something worng?for example they are able to login if they call http://www.mysite but not when they call http://mysite/

    The explanation is a bit technical but the soultion is non technical.This plugin set coookies based on JURI::base() call of joomla.A live site could be called wither as http://yourlivesite/ or http://www.yourlivesite. JURI::base() is set upon the installation of joomla which can be either of them,which will render the other way of calling problematic and gives 'incorrect captcha' error.
    Try installing http://extensions.joomla.org/extensions/site-management/seo-a-metadata/5355 ,publish it and set plugin parameter 'Correct Host' to the url where you are able to login without the 'incorrect captcha' error.
  14. If someone enters an incorrect CAPTCHA when signing up as a Candidate to the website,It redirects them to the homepage and displays the error message.Is there a line of code that I can replace to redirect to the same page, instead of Home?

    Ans:Only meant for those who are fmailiar with editing plugin code safely.
    try replacing $mainframe->redirect(JURI::base());
    in plugins\system\osolCaptcha.php
    $mainframe->redirect('your chosen url ' or $_SERVER['REQUEST_URI']));
  15. I've installed your plugin and changed some settings and the plugin kills my access to the administrator folder, I just keep getting a redirect to the main site... have you experienced anything like this before?

    Ans:You changed "Administrator Pass Phrase".If you set a value for 'Administrator Pass Phrase' ,admin login page will be accessible only like 'http://yourjoomlasite/administrator/?osolPP=pass phrase you set for Administrator Pass Phrase'


Like most joomla extension providers suggest,we also reccomend you to keep a backup of your site(files and db) before installing this plugin

The auto add feature of captcha for the 3 forms are tested in joomla 1.5.14 and 1.5.15 versions.If it is not working in a different version,please inform us and we will find a remedy asap

Feel free to post your doubts,suggestions,reccomendations and any issues with this plugin and we will reply here asap.
For queries on other joomla issues,enquiries on hiring joomla programmers,request for quote on joomla customizations,creating joomla custom extensions(components,modules,plugins) or outsourcing a joomla project as a whole, kindly use our Contact Us form

What's in the next version?

IP blacklisting


OSOLCaptcha version 2 is launched incorporating solutions to 2 most popular feature requests viz,



  1. If you wanted to add OSOLCaptcha version 1.x.x in non core joomla forms,you had to edit the template files is there a simpler way to do this as it is hard for a non coder to identify the template files?
  2. If the user submitted a wrong captcha value,the forms were all reset compelling the user to re enter all values again.Is there any solution to avoid data loss?



OSOLCaptcha version 2 and above adds ajax captcha verification and regexp method to add captcha to non core forms .Though initially the plugin might appear more techie friendly,it actually is intended for ease of captcha insertion into non core forms by non coders.

The method of adding captcha in a non core form is very different from that of version 1.x.x.While in version 1.x.x you just have to add a code block in template file,with version 2.x.x you have to actually create a new file with appropriate settings and upload it to plugins/system/osolCaptcha/nonCoreForms/ ( for joomla 1.5) or plugins/system/osolcaptcha/osolCaptcha/nonCoreForms/(for joomla 2.5).As an example I have included a file for virtuemart


If captcha doesnt appear in core forms correct regep for submit button in 'osolCaptcha/coreForms.php' for the concerened form after checking the html source in browser.The value you will have to change in case of a template override is 'tagToPlaceCaptchaBefore' =>

$this->enabledForms['Virtuemart Registration Form'] = array('requestVars' => 'option=com_virtuemart&page=checkout.index',
												 'formName' =>"adminForm",
												 'ignore_condition' => 'task=logout',
												 'tagToPlaceCaptchaBefore' =>'<input type="submit"',
												 'verifyOnVars' =>'option=com_virtuemart&func=shopperadd',
												 'redirectOnfailure' =>JURI::base()."?page=checkout.index&option=com_virtuemart" ,
												 'skipAJAXVerification' => false,
												 'isVertical' =>  false,
												) ;