"Invalid CAPTCHA token" message since upgrade to new token version

CAPTCHA does not depend or even use the token module. and there should be no interference between the two modules (as far as I know, I've never used the token module)

"Invalid CAPTCHA token" refers to an internal generated token (just a random integer actually) and does not use any external functionality (apart from the PHP builtin random generator functions of course).

I get well past the CAPTCHA check with the admin account as well as with a non-admin account

What do you mean with this? that CAPTCHA is working correctly or that is not working (not correctly validating responses)?

Also note that HEAD now contains an experimental version of CAPTCHA which will not require cookies or sessions (and should get rid of all those bug reports about "invalid CAPTCHA token"). It's not meant for general use, only for development. This issue should be tagged 6.x-1.x-dev, not HEAD.

i'm getting a similar problem – ever since the last captcha module update, all my captchas have returned "invalid token" messages. this is across 5 different drupal 6 sites, and is true with all captcha types.

anyway, i'll check out HEAD. thanks for all your work, maintainers!

Yesterday, I released a first beta of CAPTCHA 6.x-2.x, which should solve a lot of problems with the 6.x-1.x branch (related to sessions and cookies).
Can you try if this version solves your problem?

Hey, I'm having this same "Invalid CAPTCHA token" issue.
I've drupal 6.10 installed with captcha-6.x-1.0-rc2.

When I print out the captcha session, it's NULL. Not sure what's causing that.

Oh yes, I also tried the latest beta, and that creates lots of error messages.

Thanks for helping.
Teguh

at #4: what do you mean with "CAPTCHA session"? In the 6.x-1.x branch, there is no concept of CAPTCHA sesssions, it only uses the general session functionality.
Also provide enough information: which browsers? cookies enabled? etc

Hey soxofaan,

Thanks for replying. What I mean with "CAPTCHA session" is the value of $_SESSION['captcha'] is NULL.

Somehow that's giving a NULL all the time, that's why every time we submit it always fails because the comparison never match.
I'm on IE 7, FF 2,3 and Safari 3 with cookies turned on.

Also, if I put an image captcha, image doesn't even show up (just empty image). I think it's also related to the fact that $_SESSION['captcha'] is always NULL.

Oh and I also have a newly installed Drupal with other some basic modules such as CCK, Voting Api, AutoPath, Wysiwyg and Views.

Thanks for helping.

Teguh

do you have Drupal's page caching on. Or other caching mechanisms?

Hey soxofaan, yes my Drupal page caching is on. Cookies is also on.
Most of my settings are the default from a clean install except for some of the popular modules I installed that I mentioned before.

Thanks for helping out.

Teguh

I assume you only tried with anonymous users.
Can you try with an authenticated user, but one without the "skip CAPTCHA" permission?

Hey soxofaan,

Turn out that captcha only does NOT work if a user is not logged in. (e.g register user)
When I tried captcha with an authenticated user as you mentioned (e.g comment form), it works.

What could possibly cause that?

Thanks & happy easter.

Teguh

A common cause is that you have no entry for uid=0 in your users table

see for example #293508: CAPTCHA doesn't work: no uid=0 in users table #243285: Captcha not working when no sessions for anonymous #179915: Resolved: Captchas don't work on second site (was missing user UID 0 in database) #204095: Error: 'Cookies should be enabled in your browser for CAPTCHA validation.'

Thx saxofaan.
Ahaha... That was it.

Just in case anyone else if wondering what needs to be done, all you need is to add a user with uid 0

Thank you, beta5 solves problem.

tagging

I'm using recaptcha 1.2 with Captcha 2.0-rc2 and this causes each page with recaptcha to go blank (says "read api.recaptcha.net").

I install Captcha 1.0-rc2 and this causes each comment post with recaptcha to be "Invalid captcha token". It refuses to post.

Bear in mind, I am also using AJAX Comments module (so perhaps this has been a cause).

IF I install CAPTCHA 2.0-dev... Then I get "recaptcha code you entered is incorrect".

Basically, I'm screwed, none of the captcha's work, I can't believe anyone is even able to use this module with recaptcha, I've already tried every single version!

@executex: I think your problem are related to AJAX Comments and are discussed in #463812: CAPTCHA 6.x-2.x doesn't work with AJAX comments and #525586: AJAX API, so please let's use those threads to address you problem.

Using captcha version "6.x-1.0-rc2":
"Invalid CAPTCHA token".

Using captcha version "6.x-2.0-beta1":

# user warning: Table 'XXX.dp_captcha_sessions' doesn't exist query: SELECT status FROM dp_captcha_sessions WHERE csid = 0 in /var/www/XXX/sites/default/modules/captcha/captcha.pages.inc on line 108.
# user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' status = 0' at line 1 query: SELECT solution FROM dp_captcha_sessions WHERE csid = 0, status = 0 in /var/www/XXX/sites/default/modules/captcha/captcha.pages.inc on line 143.
# CAPTCHA test failed (unknown csid).
# user warning: Table 'XXX.dp_captcha_sessions' doesn't exist query: SELECT status FROM dp_captcha_sessions WHERE csid = 0 in /var/www/XXX/sites/default/modules/captcha/captcha.pages.inc on line 108.
# user warning: Table 'XXX.dp_captcha_sessions' doesn't exist query: UPDATE dp_captcha_sessions SET timestamp=1254244099, solution='11' WHERE csid=0 in /var/www/XXX/sites/default/modules/captcha/captcha.module on line 229.

@Zerial: Why do you use CAPTCHA 6.x-2.0-beta1 when 6.x-2.0 final is available?
also, do not to forget to run the update script (example.com/update.php) after upgrading from 6.x-1.x to 6.x-2.x
CAPTCHA 6.x-2.x requires a database updae, which is why you get the database error message.