I tried twice or thrice and got the same error which terminated the SQL Server 2008 Installation Wizard. When I searched through forums I came to know that this error occurs when you change the installation path on x64 OS systems. Ovbiously I encountered the error as I was using Windows 7 Ultimate (x64). Then tried installing SQL Server 2008 on the default path and that was a success.But that didn’t satisfied me as I did not like to have the SQL Server installed on the System Drive.

I tried to peek the command line tool to see if I could set the parameter somewhere. And after an hour of struggle I found that there was so such parameter named “INSTANCESHAREDWOWDIR”. It was “INSTALLSHAREDWOWDIR” instead.

The microsoft guys had mistake on writing the error message where they have written INSTANCESHAREDWOWDIR instead of INSTALLSHAREDWOWDIR. Having known of the issue I tried to setup the SQL Server once again from the command line as -

>setup.exe /action=install /installsharedwowdir=”x:/program files/microsoft sql server/”

and waited for the result. This time again I changed the install directory to see that the wizard accepted the parameter and the SQL Server 2008 was installed successfully at my desired location.

Probably this has to be some minor bug at the installer and it became more pronounced due to the “wrong” error message thrown. Hopefully, I expect that the microsoft guys will have a fix for it ASAP.

A CAPTCHA or Captcha (pronounced /ˈkæptʃə/) is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. The process usually involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. Thus, it is sometimes described as a reverse Turing test, because it is administered by a machine and targeted to a human, in contrast to the standard Turing test that is typically administered by a human and targeted to a machine. A common type of CAPTCHA requires that the user type letters or digits from a distorted image that appears on the screen.

Applications of CAPTCHAs

CAPTCHAs have several applications for practical security, including (but not limited to):

• Preventing Comment Spam in Blogs.
• Protecting Website Registration.
• Online Polls.
• Preventing Dictionary Attacks.
• Search Engine Bots.
• Worms and Spam.

The general purpose of Captcha’s are to prevent the automation of form submission. For example, to protect a guestbook from filling up with spam-entries or to prevent hundreds of bogus users registering to a forum.

The ANIT-CAPTCHA Challange

Until recently, image-based Captcha’s have been a reasonable solution to combat this problem. However, with Object Character Recognition techniques getting better and better, Captcha’s too have to continuously increase in complexity.

Ironically, it’s come to the point that computers are better at deciphering Captcha’s than humans are, simply because computers have infinite patience.

To illustrate: evildoers trying to beat your Captcha are probably satisfied with a success ratio of 1/100 – because in just a few hours of repetition this can add up to hundreds of successful passes. A typical human user on the other hand probably throws in the towel after three consecutive failed attempts – at which point they’ll most likely leave your website altogether.

Who can blame them? The average user doesn’t understand why they should enter a random string of letters in the first place. It’s not their problem and they do not care what it is for. For them it’s some sort of annoying puzzle that stands in the way of doing what they want to do. Not being able to pass it, makes them feel inadequate and frustrated.

So to avoid repelling your visitors from your website, the new technique “Anti-Captcha” has rised.

The basic idea behind it is simple-“Create a captcha solution which does not require any end-user interaction”

How it works

Basically it is a manipulation of obfuscated javascript together with checksum validation of session. Ihe process includes-

1. Generation a random token
2. Store a checksum of this token in session
3. Generate some obfuscated javascript code which (when interpreted) adds a hidden input-field to every form element on the webpage using the token as a value
4. Verify the submitted checksum and the checksum stored in session.

As a bonus, this technique should also provide adequate protection against XSRF.

Requirements
The technique involves javascript and hence requires javascript enabled on the browser to successfully implement the anti-captcha technique. But the user does need to have javascript enabled for form submission to succeed.

Caveats
Obviously this technique isn’t perfect, at some point bots might gain the ability to interpret javascript or simply read-out the obfuscated code instead. At that time a different approach, with a similar concept, would be needed.

It should also be possible to fool the Anti-Captcha with the use of “automated mouse-clicking software”. However this should be very hard to combine with botnets – thus making additional security layers (for example: maximizing form-submission on a per-ip basis) more feasible.

Another major drawback is the need for javascript to allow form-submissions, which is something you should ponder over yourself. Personally I feel it outweighs the disadvantages image-based Captcha’s bring in, but this probably depends on the project at hand.

Then I worked on self and finally overcome the problem. I edited the .htaccess file in the root directory and here is the solution that worked for me:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /path/to/root/folder/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>

I tried the same with few other folders and it worked for all.

Note:

• Windows doesn’t allow to create a file starting the file name with a . (period). So either an existing .htaccess file has to be copied and edited OR the file has to be created from within other editors like dreamweaver or notepad++.
• Make sure to include the line: RewriteEngine On , if rewrite engine is not turned on in the .conf file.
• RewriteBase has to be identified properly
• Define a proper rewrite rule.

Hope this will be helpful for all, if you are trying to make use of friendly url.