So I wanted to write an article about an issue tracker I have been using called FlySpray. When I created UltimateBackpacks I wanted people to easily be able to post suggestions and bugs in a single place without having to create an account. FlySpray is awesome for this, it is a simple PHP application that is easy to setup and allows for the posting of issues and bugs anonymously. It also has a really easy to use templating system, so I was able to add a Project Wonderful ad spot on the page. You can also configure it to only have one project on it (but it can keep track of more than one project) and make those issues on the front page. This just gives a simpler experience for people looking to use it to track only one project.
However, there is one big problem people should be aware of before they use it. It doesn’t have a CAPTCHA system!
No CAPTCHA system?
That’s right there is no CAPTCHA system and if you want anyone to be able to post an issue without an account this is a big issue. I remember trying to load the UltimateBackpacks tracker after not looking at it for a few months and the request eventually just timed out. I decided to check the database and to my surprise there was over 50,000 issues in the database. All of them had links in them and looked like they had been posted SEO bots. After I cleaned out the database within a day there were over a 100 more and I realized I had to find a real solution to this.
So the solution here is to implement reCAPTCHA. Google’s reCAPTCHA is extremely easy to signup for and implement into your FlySpray site. Once you signup for it they will give you some code to add to the front-end of the site that will display the CAPTCHA.
Integrating reCAPTCHA into FlySpray (Frontend)
Add the script tag to the header.tpl file and the div to newtask.tpl. Make sure you modify the template files within your theme. The default theme is CleanFS so by default the path is themes/CleanFS/templates. Now you need to implement the backend.
Integrating reCAPTCHA into FlySpray (Backend)
I wrote a very simple PHP code snippet that checks with reCAPTCHA a while back. I recommend you use this if you are new to PHP or want to save time. Now you are going to need to put that check in the “includes/modify.inc.php” file underneath case “‘newtask.newtask’:”. And rather than wrap all the code to add a task in an if statement I simply added a check if the CAPTCHA was incorrect that gave them an error message and kicked them.
Unfortunately the blockquote messes up the formatting, but hopefully you get the idea.
Hopefully this helped you protect your issue tracker against spam, if you have questions feel free to leave a comment.