ASP.NET CAPTCHA Troubleshooting VB.NET Code Example

The ASP.NET Captcha troubleshooting example project shows how to use BotDetect CAPTCHA built-in error logging and Captcha event tracing, using the BotDetect Troubleshooting utility based on log4net.

First Time Here?

Check the BotDetect Developer Crash Course for key integration steps.

The logging requires the <captchaLogging> element and BotDetectTroubleshooting Module registration in the web.config file, as well as the log4net.config file defining log4net settings (in this case, logging to simple text files).

Such logging techniques can be used as a foundation for effective diagnosis and resolution of any BotDetect issues you might encounter on your servers.

The example demonstrates the effects of following the How To Troubleshoot BotDetect ASP.NET CAPTCHA Issues guide.

Download the BotDetect ASP.NET CAPTCHA Generator archive to run this example
  • C#
  • VB.NET

Visual Studio 2005-2017 / .NET 2.0 and onwards

Within this page, the root folder of the extracted archive is referred as the <BDC-DIR>.

This example is in the <BDC-DIR>/lgcy-on-lgcy/examples/t_api-captcha~error-logging-log4net/vbnet/ folder; and contains the following files:

Default.aspx

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" 
Inherits="_Default" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
  <title>BotDetect ASP.NET CAPTCHA Options: Troubleshooting Helper Code Example</title>
  <link type="text/css" rel="Stylesheet" href="StyleSheet.css" />
</head>
<body>
  <form id="form1" class="column" runat="server">
    <h1>BotDetect ASP.NET CAPTCHA Options:<br />
      Troubleshooting Helper Code Example</h1>
    <fieldset id="TroubleshootingDebug">
      <legend>CAPTCHA Debug Logging</legend>
      <p class="prompt">
        <label for="CaptchaCodeTextBox">Retype the characters from the picture:</label></p>
      <BotDetect:WebFormsCaptcha runat="server" ID="ExampleCaptcha" 
      UserInputID="CaptchaCodeTextBox" />
      <div class="validationDiv">
        <asp:TextBox ID="CaptchaCodeTextBox" runat="server"></asp:TextBox>
        <asp:Button ID="ValidateCaptchaButton" runat="server" />
        <asp:Label ID="CaptchaCorrectLabel" runat="server" CssClass="correct"></asp:Label>
        <asp:Label ID="CaptchaIncorrectLabel" runat="server" 
        CssClass="incorrect"></asp:Label>
      </div>
      <p class="validationTroubleshooting">A detailed trace of all CAPTCHA 
      events will be logged to the <code>debug.txt</code> file in the example 
      folder.</p>
      <div class="troubleshooting">
        <asp:Label ID="DebugLabel" runat="server"></asp:Label>
      </div>
    </fieldset>
    <fieldset id="TroubleshootingError">
      <legend>CAPTCHA Error Logging</legend>
      <p class="troubleshooting">Clicking <em>Simulate Error</em> will throw a 
      fake BotDetect CAPTCHA exception and log it to the <code>error.txt</code> 
      file in the example folder.</p>
      <asp:Button ID="CauseErrorButton" runat="server" 
      OnClick="CauseErrorButton_Click" />
      <div class="troubleshooting">
        <asp:Label ID="ErrorLabel" runat="server"></asp:Label>
      </div>
    </fieldset>
  </form>
</body>
</html>

Default.aspx.vb

Partial Class _Default
  Inherits System.Web.UI.Page

  Protected Sub Page_PreRender(ByVal sender As Object, ByVal e As  _
  System.EventArgs) Handles Me.PreRender
    ' initial page setup
    If (Not IsPostBack) Then

      ' set control text
      ValidateCaptchaButton.Text = "Validate"
      CaptchaCorrectLabel.Text = "Correct!"
      CaptchaIncorrectLabel.Text = "Incorrect!"

      ' these messages are shown only after validation
      CaptchaCorrectLabel.Visible = False
      CaptchaIncorrectLabel.Visible = False

      CauseErrorButton.Text = "Simulate error"
      ErrorLabel.Text = "An error has been generated. Please check the 'error.txt' file."

      DebugLabel.Text = "A validation attempt has been logged. Please check the 'debug.txt' file."
      DebugLabel.Visible = False
    End If

    If (Not (Session("error") Is Nothing)) Then

      ErrorLabel.Visible = True
      CaptchaCorrectLabel.Visible = False
      CaptchaIncorrectLabel.Visible = False
      Session("error") = Nothing
      DebugLabel.Visible = False

    Else

      ErrorLabel.Visible = False
    End If

    If (IsPostBack) Then

      ' validate the Captcha to check we're not dealing with a bot
      Dim isHuman As Boolean = ExampleCaptcha.Validate()
      If (isHuman) Then

        CaptchaCorrectLabel.Visible = True
        CaptchaIncorrectLabel.Visible = False

      Else

        CaptchaCorrectLabel.Visible = False
        CaptchaIncorrectLabel.Visible = True
      End If

      DebugLabel.Visible = True
    End If
  End Sub

  Protected Sub CauseErrorButton_Click(ByVal sender As Object, ByVal e As  _
  System.EventArgs) Handles CauseErrorButton.Click

    Session("error") = True
    Throw New BotDetect.WebCaptchaException("Simulated exception")
  End Sub
End Class

Global.asax

<%@ Application Language="VB" %>

<script RunAt="server">

  Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
    ' Code that runs on application startup
  End Sub
    
  Sub Application_End(ByVal sender As Object, ByVal e As EventArgs)
    ' Code that runs on application shutdown
  End Sub
        
  Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)
    'Code that runs when an unhandled error occurs
        
    ' since we log the errors using our handler, 
    ' they don't need to be shown to the client
        
    Response.Redirect("Default.aspx")
  End Sub

  Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
    ' Code that runs when a new session is started
  End Sub

  Sub Session_End(ByVal sender As Object, ByVal e As EventArgs)
    ' Code that runs when a session ends. 
    ' Note: The Session_End event is raised only when the sessionstate mode
    ' is set to InProc in the Web.config file. If session mode is set to 
    ' StateServer 
    ' or SQLServer, the event is not raised.
  End Sub
       
</script>

log4net.config

<?xml version="1.0"?>

<!-- This section contains the log4net configuration settings -->
<log4net debug="false">

  <!-- Errors are logged to a 'error.txt' file -->
  <appender name="ErrorFileAppender" type="log4net.Appender.FileAppender">
  <file value="error.txt" />
  <appendToFile value="true" />
  <lockingModel type="log4net.Appender.FileAppender+MinimalLock" />
  <layout type="log4net.Layout.PatternLayout,log4net">
    <conversionPattern value="%date [%thread] %type - %n%n%message%n%n" />
  </layout>
  </appender>

  <!-- Error logging is enabled, comment-out to disable -->
  <logger name="ErrorLogger">
  <level value="ERROR" />
  <appender-ref ref="ErrorFileAppender" />
  </logger>


  <!-- Debug info is logged to a 'debug.txt' file -->
  <appender name="DebugFileAppender" type="log4net.Appender.FileAppender">
  <file value="debug.txt" />
  <appendToFile value="true" />
  <lockingModel type="log4net.Appender.FileAppender+MinimalLock" />
  <layout type="log4net.Layout.PatternLayout,log4net">
    <conversionPattern value="%date [%thread] %type - %n%n%message%n%n" />
  </layout>
  </appender>

  <!-- Debug logging is enabled, comment-out to disable -->
  <logger name="DebugLogger">
  <level value="DEBUG" />
  <appender-ref ref="DebugFileAppender" />
  </logger>

</log4net>

Web.config

<?xml version="1.0"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <configSections>
    <!-- Register the log4net configuration section -->
    <section name="log4net" requirePermission="false"
      type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
    <!-- Register the BotDetect configuration section -->
    <section name="botDetect" requirePermission="false" 
      type="BotDetect.Configuration.BotDetectConfigurationSection, BotDetect" />
  </configSections>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
  </appSettings>
  <!-- log4net settings are loaded from a separate config file -->
  <log4net configSource="log4net.config"/>
  <!-- BotDetect Captcha settings can be configured in this section -->
  <botDetect>
    <!-- Register the log4net BotDetect logging provider -->
    <captchaLogging errorLoggingEnabled="true" traceEnabled="true" eventFilter=".*" 
      loggingProvider="BotDetect.Logging.Log4NetLoggingProvider, BotDetect.Troubleshooting"/>
    <captchaImage>
      <helpLink enabled="true" mode="image" />
    </captchaImage>
  </botDetect>
  <system.web>
    <httpHandlers>
      <!-- Register the HttpHandler used for BotDetect Captcha requests -->
      <add verb="GET" path="BotDetectCaptcha.ashx" 
        type="BotDetect.Web.CaptchaHandler,  BotDetect"/>
    </httpHandlers>
    <httpModules>
      <!-- Register the HttpModule used for BotDetect error logging (IIS 5.0, 5.1, 6.0)
      -->
      <add name="BotDetectTroubleshootingModule" 
        type="BotDetect.Web.CaptchaTroubleshootingModule, BotDetect"/>
    </httpModules>
    <!-- Register a custom SessionIDManager for BotDetect Captcha requests -->
    <sessionState mode="InProc" cookieless="AutoDetect" timeout="20" 
      sessionIDManagerType="BotDetect.Web.CustomSessionIdManager, BotDetect"/>
    <!-- Session state is required for BotDetect storage; you can also turn if off 
      globally and only enable for BotDetect-protected pages if you prefer -->
    <pages enableSessionState="true" controlRenderingCompatibilityVersion="4.5">
      <controls>
        <!-- Register the BotDetect tag prefix for easier use in all pages -->
        <add assembly="BotDetect" namespace="BotDetect.Web.UI" tagPrefix="BotDetect"/>
      </controls>
    </pages>
    <compilation debug="false" targetFramework="4.5" />
    <httpRuntime requestValidationMode="4.5" targetFramework="4.5" 
      encoderType="System.Web.Security.AntiXss.AntiXssEncoder, System.Web, 
        Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
    <machineKey compatibilityMode="Framework45" />
    <trace enabled="false" localOnly="true"/>
    <httpCookies httpOnlyCookies="true"/>
    <trust level="Medium" originUrl=""/>
    <authentication mode="None"/>
    <customErrors mode="RemoteOnly"/>
  </system.web>
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <handlers>
      <!-- Register the HttpHandler used for BotDetect Captcha requests (IIS 7.0+) -->
      <remove name="BotDetectCaptchaHandler"/>
      <add name="BotDetectCaptchaHandler" preCondition="integratedMode" verb="GET" 
        path="BotDetectCaptcha.ashx" type="BotDetect.Web.CaptchaHandler, BotDetect"/>
    </handlers>
    <modules>
      <!-- Register the HttpModule used for BotDetect error logging (IIS 7.0+) -->
      <remove name="BotDetectTroubleshootingModule"/>
      <add name="BotDetectTroubleshootingModule" preCondition="integratedMode" 
        type="BotDetect.Web.CaptchaTroubleshootingModule, BotDetect"/>
    </modules>
  </system.webServer>
</configuration>