Jump to content

Gosub

Members
  • Content count

    4
  • Joined

  • Last visited

Posts posted by Gosub


  1. Was hoping that there would be an answer to this.

     

    Perhaps I should put my one of daughters photo in my profile.

     

    Hi, I had the same problem, but when I checked the logic in the "if (tep_validate_email($email_address)) {" I found that as long as the e-mal address was ok the form was sent before the security cod was checked. So I moved the e-mail function and the redirect. Here is the hole "if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {" statement:

     

    if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
       $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
       $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
       $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);
    
       if (tep_validate_email($email_address)) {
    
       } else {
         $error = true;	  
         $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
       }
    //VISUAL VERIFY CODE start
     require(DIR_WS_FUNCTIONS . 'visual_verify_code.php');
    
       $code_query = tep_db_query("select code from visual_verify_code where oscsid = '" . tep_session_id($HTTP_GET_VARS[tep_session_name()]) . "'");
       $code_array = tep_db_fetch_array($code_query);
       $code = $code_array['code'];
    
       tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results
    
       $user_entered_code = $HTTP_POST_VARS['visual_verify_code'];
       if (!(strcasecmp($user_entered_code, $code) == 0)) {    //make the check case insensitive
           $error = true;
           $messageStack->add('contact', VISUAL_VERIFY_CODE_ENTRY_ERROR);
       }
    //VISUAL VERIFY CODE stop
    
    if (!$error){
    	tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address);
    	tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
     	}
     }

     

    I hope this is the solution fore you to!

    Regards

    Ivan


  2. Hi all,

    I found a bug, it accures when there is no country zones in the database. It cases a javascript error and screws up the javscript functions. Here is the solution:

     

    In order_editor/funktions.php and function oe_js_zone_list()

    Do a row check before while ($countries = tep_db_fetch_array($countries_query)) {

    Like this if (tep_db_num_rows($countries_query) > 0){

     

    I only post it here be cus it is such a small bug. Maybe someone can include the fix in coming versions.

     

    Regards

    Ivan

×