Just a quick one, I’ve just updated the Known dev tools with a new script – plugin.php.

There’s currently only one function available enable-composer which, following my last post, provides a handy script for making your plugin composer installable.

Run the script, passing it the repository you’ve saved it as (so that the script can set the packagist headers correctly), and you’ll get an updated / new composer.json with all the appropriate values set.

You can optionally set whether the plugin is a straight plugin, theme or console plugin (known-plugin is default). You can also target directories other than the current directory, although realistically you’re never really going to run it from any other directory.


» Visit the project on Github...

Over the past few weeks and months I’ve had to cause to write, update and dust off a number of Elgg plugins that I’ve had kicking about. As a good open source citizen I’ve stuck them up on github so others can have a play.

Here they are, in no particular order:

» H5F 1.8

This is an Elgg wrapper around the H5F HTML5 form compatibility library written by Ryan Seddon.

This plugin lets you use handy HTML 5 form extensions like “required” and “placeholder”, as well as some of the new types like <input type=”email” /> in your forms and have them work in older browsers.

» Input Country

Input country is a wrapper around Ben Werdmuller’s phpCountryDropdown tool, and provides a handy dandy country selector input type.

Install this plugin to be able to take advantage of this in your forms.

» Profile Completeness

This plugin provides a view and a widget that displays the completeness of a profile based on the number of fields in the profile that are populated. This list of fields can be extended and modified based on a plugin hook.

I’ve used various incarnations of this plugin now for a number of clients, and since it keeps coming up I’ve tidied it up a bit and stuck it on github.

» Recaptcha

Lastly, here’s an Elgg 1.8 version of a recaptcha plugin I wrote some time ago.

It hooks into the Elgg captcha engine, providing captcha verification for registration and the “request new password” functionality out of the box. It also replaces the input/captcha view.

There are a couple of other recaptcha plugins, but I couldn’t find one which just provided the captcha and nothing else, so here’s mine.

That’s it for now, enjoy!

A new CAPTCHA approachOne thing we try and do when working on a new Elgg feature is – where we can – couple things together as loosely as possible and provide hooks for third party developers to extend Elgg and fill in any blanks.

A good example of where this has been done is the newly introduced Captcha functionality available in the latest nightly testing builds of Elgg.

The Captcha functionality is provided by a module which extends a view called “input/captcha“. This view is blank by default but is used in several places such as user registration and the lost password form.

This means two things; firstly that if a Captcha module isn’t installed or enabled then forms behave normally, and secondly it becomes a trivial matter for third party modules to provide their own Captcha functionality.

This same mechanism is how the URL shortener module works by the way.

Next, the Captcha module extends a number of actions to require a correctly validated Captcha code. This list itself is the product of a plugin hook which returns an array of actions which require Captcha validation:

$actions = array();
$actions = trigger_plugin_hook('actionlist', 'captcha', null, $actions);


function captcha_actionlist_hook($hook, $entity_type, $returnvalue, $params)
if (!is_array($returnvalue))
$returnvalue = array();

$returnvalue[] = 'register';
$returnvalue[] = 'user/requestnewpassword';

return $returnvalue;

The reason why the list of actions is provided this way is twofold, firstly it lets modules use Captcha functionality in their own code through a generic interface, and secondly it is harder to spoof than looking for some marker in the form code.

The Captcha itself injects a server generated token into the form, which together with the user’s response to the characters generated in an image are used to validate that the user is indeed human.

As we can see, Elgg asks to be provided with a Captcha if one is available by including a specific view, but is agnostic as to where (or indeed if) this functionality is supplied.

By using the techniques available to an Elgg programmer I was able to loosely couple the Captcha system to Elgg in such a way that a third party can easily use the same techniques to provide a more advanced module.

Happy coding!

Image “A new Captcha approach” by XKCD