The latest 6.x versions of the Mollom module support the Pressflow lazy session handling, however it's not clear how that support works without looking through the code or issue #562374: Mollom incompatible with Pressflow's (and Drupal 7's) session handling -- causes CAPTCHAs to fail. The 'more help' link in the module settings contains the mode descriptions from the old module, which does mentioned captch cache effects, but not everyone will look here. When the comment form is configured to only use the Mollom captcha, anonymous comments are enabled, and the comment form is displayed on a node view, a session is started for ALL node views. Without looking in one of those places mentioned, most people would be confused about why they are seeing none of their content getting cached. Can the the captcha cache warning be made more prominent? It might also make sense to add a prominent warning based on the sites cache mode.

#8 0001-723422-by-sun-Clarify-protection-mode-options.patch4.28 KBsun
PASSED: [[SimpleTest]]: [MySQL] 5,809 pass(es). View
#7 admin-protection-modes.7.png11.35 KBsun
#7 mollom.admin-protection.7.patch3.95 KBsun
PASSED: [[SimpleTest]]: [MySQL] 6,477 pass(es). View


sun’s picture

Title: Captcha cache/session warning » Add note about sessions/caching of pages containing CAPTCHAs
Version: 6.x-1.12 » 6.x-1.x-dev

Hm. Not sure where to put this. Ideally, README.txt...

sun’s picture

Status: Active » Fixed

I think this is no longer the case, as we've made the module compatible with browsers/clients not supporting cookies over in #775398: Disabled cookies == no session data, impossible to submit a protected form

Dries’s picture

Status: Fixed » Needs work

This is not entirely fixed. The patch in #775398 makes it better but we still have a $GLOBALS['conf']['cache'] = 0; in the mollom_process_mollom() to prevent pages with CAPTCHAs from getting cached. The reason we can't cache those pages is because the URLs to the CAPTCHAs are session specific.

Maybe that is something to document on the form protection settings page? It can be a reason to choose 'text analysis mode' over 'CAPTCHA only mode'.

Either way, I'm going to set this to 'needs work'.

sun’s picture

Status: Needs work » Active
sun’s picture

Version: 6.x-1.x-dev » 7.x-1.x-dev
Category: feature » task
sun’s picture

Title: Add note about sessions/caching of pages containing CAPTCHAs » Improve note about page caching for CAPTCHA-only protection
Version: 7.x-1.x-dev » 7.x-2.x-dev

Due to another issue that got fixed recently, the latest stable release outputs a note for the CAPTCHA-only protection now:


Only choose CAPTCHA if text analysis is not suitable. Page caching is disabled on all pages containing CAPTCHA-only protected forms.

The wording of this note can definitely be improved.

sun’s picture

Title: Improve note about page caching for CAPTCHA-only protection » Clarify protection mode options
Component: Documentation » User interface
Issue summary: View changes
Status: Active » Needs review
3.95 KB
PASSED: [[SimpleTest]]: [MySQL] 6,477 pass(es). View
11.35 KB

Attached patch...

1. Clarifies the recommended option for all settings.
2. Clarifies the difference between text analysis and CAPTCHA-only.
3. Ensures that the recommended option always comes first.


Revised protection modes

sun’s picture

Version: 7.x-2.x-dev » 6.x-2.x-dev
4.28 KB
PASSED: [[SimpleTest]]: [MySQL] 5,809 pass(es). View
sun’s picture

Version: 6.x-2.x-dev » 7.x-2.x-dev
Status: Needs review » Fixed

Thanks for reporting, reviewing, and testing! Committed to all branches.

A new development snapshot will be available within the next 12 hours. This improvement will be available in the next official release.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

  • Commit 14b0edb on 7.x-2.x, 8.x-2.x, fbajs, actions by sun:
    - #723422 by sun: Clarify protection mode options.

  • Commit 14b0edb on 7.x-2.x, 8.x-2.x, fbajs, actions by sun:
    - #723422 by sun: Clarify protection mode options.