When you do not see a CAPTCHA image in the frontend (and all the needed PHP extensions have been checked to be activated), then the issue is related to an unwriteable session save path. Fix below.
Why does MediaLibrary Shop need a session variable?
MediaLibrary 1.5.x Shop uses a session variable to keep the typed review on screen if a user accidentally types the CAPTCHA wrong, so that they don't loose everything they typed, but can try again. No one wants complaints from their users.
In order for CAPTCHA for Guest users to work (for submitting Media reviews and suggestions), we need to make sure that the session save path is writeable, so that the session variable for each user can be stored when working on screen.
Joomla and session save path Joomla in combination with a session save path which is not writeable can create many difficult problems related to security and also for admin access in the backend. See the many discussions on forum.joomla.org if you want to know more.
For example, the issue in Joomla 1.0.13 with Administrators being unable to get into the backend was related to this (session variable would be set after the headers were sent).
How to set the session save path and make it writeable .
Below are some options for setting that "session save path" in your installation.
These solutions were provided on forum.joomla.org by Dean Marshall.
Preferred solution is to do it in php.ini, but it can be done in .htaccess too if you don't have access to the bowels of your OS installation.
Best solution is to make the needed change in your php.ini file.
If you have a dedicated server, you can set the variable in the php configuration
Just uncomment (remove the ; ) from in front of the line
;session.save_path = "/tmp"
session.save_path = "/tmp"
If you do not have access to that file, the best solution is to ask your provider to make the session_save_path writable.
If they won't or cannot do that for you, you can still try the options below.
You will need to restart your Apache or other webserver for the changes to apply.
• Create a sub-folder called sessions in the same folder as the Joomla configuration.php file.
• Find out the location of your Joomla folder by reading the $mosConfig_absolute_path entry from your configuration.php file.
• Take the path from within the quotes on that line.
• Put that value between the quotes on this line:
and add a /sessions on the end of that entry - still inside the quotes.
It should look something like this:
but your actual path will of course be different. Place that line (with your path) with the other settings in configuration.php - on its own line.
there is no such line ordinarily. You will need to create it - and remember that any time you change global config options it will be wiped - and you will have to recreate it.
You can also solve the problem by adding a line to your .htaccess file (Apache only) that looks something like this:
php_value session.save_path /usr/local/www/Joomla/sessions
Adapt the path to suit your actual installation of course.
An added advantage of changing the session path instead of using the default /tmp is to keep all your session data out of public eyes.
After fixing the session save path and restarting your webserver, the CAPTCHA images will show as they should.
Media Review CAPTCHA for Guest Users
Media Suggestion CAPTCHA for Guest Users