Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. Nothing is working. The problem derives, I believe, from the mixture of bootstrap components. I think it is going to be more time efficient and ultimately more reliable to join you all in Bootstrap 4. Yuck. Thanks for your help.
  3. Jack_mcs

    HoneyPot Captcha

    @tonymazzRegarding the account details you posted, unfortunately, there isn't anything shown there that would allow the code to identify it as a fake account. While a person can look at it and see that it is fake, from a coding point of view, it is legitimate since it has valid entries for an account. I suppose a check could be added to see if the street address contained number and letters, or if just letters (which can happen) that it be at least two words. But that might be chasing a never ending list of possibilities. Another check could be to see if the state and country match. Those details are in the database so it would not be difficult to check them. I will plan on adding this as an option. Another check could be the post code. According to Wikipedia, the postal code of all countries that use one has at least one number in it. I will plan on adding this as an option. You don't mention if you are using the IP List option. If not, you should be. And make sure to set up a cron job for it or the list won't be useful. If you can identify some common letters that are not normally used, you can include those in the bad words option. For example, the suburb has an entry ending in "vxqd". I can't imagine word from any country using that. The entries in the fields are probably just randomly created so adding words like this may not help, or only a little, unless you are seeing them used over and over. As for sending emails, be sure you have the options set to block email addresses and url's in the forms. Depending on your version of oscommerce, there might be a setting to limit how often emails can be sent. By raising that number to something higher, like 30 minutes, it might make it difficult for the spammers to send out large numbers of emails. That's all I can offer on this sort of problem. If you, anyone, can see something else that should be checked, please post it here.
  4. Add role="button" after href="#" will make the click to do nothing.
  5. Yesterday
  6. cables24h

    HoneyPot Captcha

    Anyway.............. for me it does not matter. There are authentication systems available. It is UP to the shop-owner if want to implement them or not. for me it is all a bias........... a CRAP. There is nothing against it. No reCaptcha No HoneyPot Just an attempt. And all fall back to trustworthy customers/clients. Kind of an old grocery shop in the old day's. Stupid to think the internet can cover criminals.
  7. cables24h

    HoneyPot Captcha

    No need to Noodle. What is say is right. Your DB MIGHT be flood. Who cares if it is a legit user or not. He never buy anything. Remove them from DB, no need of them. Even the "legit ones"............. they not buy. Useless. Drop them. A serious problem is the "contact_us.php" for a SHOP OWNER. That is kind of pages should be somehow be protected.
  8. tonymazz

    HoneyPot Captcha

    My screenshot was from the admin side. We automatically send random generated passwords to the client via welcome email and try to collect minimal info at the time of checkout. I thought about the email confirmation email, however over 75% of our clients want to just check out. Any delay in the checkout process can result in a lost sale. So that would not work. I agree with you on this. Should any visitor even be creating an account without an actual purchase to start with? An option in admin could toggle that as an option for those that would. In our case we are not interested in people signing up for a subscription or discounts as some commerce sites do. Perhaps, on the confirmation page the client is offered the opportunity to create an account at the end of the checkout confirmation (admin can set default). So, create_account would not be offered as a standalone, automatic account creation would only occur after a bonafide purchase. And of course the admin would need to be able to create an account from admin side. I will noodle this more.
  9. cables24h

    HoneyPot Captcha

    to much effort into something not important. Just let it go.............. No POT can stop it.
  10. cables24h

    HoneyPot Captcha

    Better to login with just an E-mail and Password to osCommerce. All the rest is detail. And as a shop-owner............. it all comes down to a live purchase. That is what matter to a shop-owner.
  11. cables24h

    HoneyPot Captcha

    it is a fight with no ending.
  12. cables24h

    HoneyPot Captcha

    The obvious here is you let spammers access your domain. the good guys have access to whatever you allow them to. Why allow someone who NEVER bought anything from you, gain access to anything that refers to a posting.. - reviews? That is first check mark. For the "contact_us" section.................. i think that is something you have to live with it as a shop-owner. Funny thing is............. Nothing of it affect your customer........ just you. Nothing came in your mind................ that it is kind of part of the deal and you have to handle it? I just try to figure............... sure if can prevent. Just seems there is no absolution in it.
  13. MITCH70

    [CONTRIBUTION] Sloppy Words Cleaner

    @raiwa Changed in swc_hooks.php if (isset($postcode)) $postcode = $this->RemoveShouting($postcode); to if (isset($postcode)) $postcode = strtoupper($postcode); and works correctly now.
  14. cables24h

    HoneyPot Captcha

    As a shop owner ........... you DO NOT NEED all the stuff inserted when a shop-user register. You ONLY need it when that person makes a REAL purchase. You SHOULD NOT CARE for the ones who register. CARE FOR THE ONE WHO BUY!!!!!!!!!!!!!!!!!!!! They put $$$$$$$$$$$$ income. The hell who flood your DB................. easy to remove them based on criteria.
  15. cables24h

    HoneyPot Captcha

    Funny stuff here is................... In the end you only require: Email: "put your email here" Password: "put you password here" As an addition: Password confirmation: "Re-type your password here" That is ALL what THIS form SAY. All the rest is CRAP, oscommerce NOT need it................. yeah it does..................... when checkout. Why it not ASK WHEN............. yet osCommerce prefer the "pre-fill" the forms given on registration. Let us open the discussion for it. It give so much room/space for so much. - registation procedure - spam/honypot/reCpatcha options. This is SERIOUS TALKS.
  16. cables24h

    HoneyPot Captcha

    Is it not here where it all starts from? As soon when fill the form, osCommerce instantly log you IN. Right? you can put anything you want in the registation and it it is accepted. WORSE........... you are instantly logged.......... right? Do not blame me here as the MESSENGER.
  17. cables24h

    HoneyPot Captcha

    Stupid argumentation You not VERIFY anything. The address of the user is not verified. for THAT NO legitimacy is conserved during the register process. ( this could be blamed to osCommerce itself or to module makers who chosen to cover this kind of failure) Not a legit resource to start with.
  18. Sorry it's not clear what you're trying to do. a link to your site so that we can see what you're trying to do ?
  19. Thanks. With href="javascript:void(0)" the pulldown doesn't function. Neither with it removed.
  20. cables24h

    HoneyPot Captcha

    Here there is a compromise. Now it is the job to put it in oscommerce with a click and GO. reCaptcha is there. HoneyPot is there. How can put in in osCommerce without change a single line of core code? What is need to allow BOTH kind of protection into osCommerce and keep EACH as an individual module, still............ somehow..... ( not osCommerces problem), work together. All the others seem to manage THAT. Just NOT osCommerce.................. how is that?
  21. you can also try replacing href="#" with href="javascript:void(0)", or remove the href all together.
  22. MITCH70

    [CONTRIBUTION] Sloppy Words Cleaner

    @raiwa Noticed that the postcode not working correctly. For example must be 4545BE and swc changed it to 4545Be. All letters must stay capital. Could you check.
  23. If you specify href="#" then that is where you will go when clicked. You need to put the correct URL into href.
  24. Thank you. Raiwa posted the code reference, which shows how to properly construct these elements. I appreciate that. However, I believe the dropdowns are properly constructed. They have been working properly for years within the presentation layer that we have had running on top of osCommerce 2.2. The basic usage of 'href="#"' within anchor tags is being prevented. It happens if I use it in a simple anchor in plain HTML text. The problem is not at the level of the bootstrap, but how the null hashtag destination is interpreted. It is supposed to be interpreted as nothing, yet serve as a clickable element which can be styled as a dropdown or for other purposes. It's essential within bootstrap to be able to do this. Somehow the hashtag is being appended as a relative link, appended to the parent URL of the page it is within. I have never been this stuck on a bug honestly. Any suggestions would be greatly appreciated.
  25. @wetzel Did you look at the answer that @raiwa posted above? Mind you, his answer is for Bootstrap v3, where as Phoenix uses Bootstrap v4. M
  26. Alright. I have Phoenix running. I have a lot of work ahead of me, but for now I've installed my presentation layer onto the home page. The problem continues. For a typical dropdown such as this, instead of behaving properly, clicking sends me to 'mydomain.com#' <li class="dropdown"> <a href="#" class="dropdown-toggle btn btn-danger" data-toggle="dropdown" style="color:#fff;">Syllabus<strong class="caret"></strong></a> Any suggestions would be most helpful.
  1. Load more activity
×