Latest News: (loading..)

Demitry

Members
  • Content count

    160
  • Joined

  • Last visited

  • Days Won

    4

Demitry last won the day on October 28

Demitry had the most liked content!

About Demitry

Profile Information

  • Real Name
    Demitry
  • Gender
    Male
  • Location
    Seminole, FL
  • Website

Recent Profile Visitors

5,438 profile views
  1. Spam Bot Trap Ok, so there are a number of different solutions to use for blocking spam bots from submitting garbage emails to your opt-in form, but the one I decided on was the bait-trap type. That entails creating a couple of fields that spam bots cannot resist,.. then hiding these fields from the human user using CSS. I then set up a conditional statement to filter the human user submissions from those of bots. The human submissions are added to the Mailchimp list and the bot submissions end up in the abyss of the digital world of 0’s and 1’s. All that, and a fake success message to reinforce the bot that their spam submission was actually added to the site’s email list. Don’t think that today’s bots need a confirmation message? ..never underestimate technology. Today’s spiders & bots are much more sophisticated and can determine when their submission was rejected. And that, may initiate a more sophisticated attempt at submitting spam data. I chose to use two types of fields (though one would likely be enough) and some tasty keywords that spam bots cannot help but salivate over. This spam bot trap install includes my instructions from a prior post on this forum thread that differentiates the customer success message via the store owner selecting to automatically add that submitted email to the list OR requiring a 2nd tier approval opt-in emailed to the end user. If you choose “pending” for that 2nd tier approval opt-in emailed to the end user, then you likely don’t need this spam bot trap. However, the more hoops you have a customer jump through, the less opt-ins you’ll have. The install instructions here are for the BS Edge footer module, however, the code changes are made to support the BS Edge header module as well. To add this to the header module you will need to make additional changes to the header module template (similar to those of the footer module template). I only tested this on the footer module and chose that one because I prefer to have this email opt-in in the footer on my site. The following 5 files will require changes. Be sure to BACK-UP your site files before making ANY changes to your site. 1) /includes/languages/english/modules/header_tags/ht_mailchimp.php FIND this line: define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE', 'Success! Please click the confirmation link that will be emailed to you shortly.'); REPLACE it with this: define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_PENDING', 'Success! Please click the confirmation link that will be emailed to you shortly.'); define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_SUBSCRIBED', 'Success! Your information was submitted.'); define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE', 'Success! Your contact information was submitted.'); Note: To make testing easier, I made the success message slightly different for MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE than that of the .. _SUBSCRIBED message. 2) /includes /modules/header_tags/ht_mailchimp.php a) FIND this code: function execute() { global $oscTemplate; ADD just after it: $email_optin_success = (MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE == 'pending' ? MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_PENDING : MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_SUBSCRIBED); // fake success message for bot opt-ins if (isset($_POST['url']) && $_POST['url'] == '' && !isset($_POST['terms_of_use'])) { $alert_type = 'danger'; $alert_msg = MODULES_HEADER_TAGS_MAILCHIMP_ERROR_MESSAGE; } else { $alert_type = 'success'; $alert_msg = MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE; } b) FIND BOTH instances of this: MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE REPLACE them with this: $email_optin_success c) FIND BOTH instances of this: resultmessage = \'<div class="alert alert-danger alert-dismissible" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' . MODULES_HEADER_TAGS_MAILCHIMP_ERROR_MESSAGE . '</div>\'; // display the message REPLACE them with this: resultmessage = \'<div class="alert alert-' . $alert_type . ' alert-dismissible" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>' . $alert_msg . '</div>\'; // display the message d) FIND BOTH instances of this: $(\'#messagehd\').html(resultmessage); // display the message $(\'#fnamehd\').val(""); // reset input field $(\'#lnamehd\').val(""); // reset input field $(\'#emailhd\').val(""); // reset input field REPLACE them with this: $(\'#messageft\').html(resultmessage); // display the message $(\'#fnameft\').val(""); // reset input field $(\'#lnameft\').val(""); // reset input field $(\'#urlft\').val(""); // reset input field $(\'#emailft\').val(""); // reset input field 3) /includes /modules/content/footer/templates/footer_mailchimp.php FIND this code: <?php echo $form; if (!empty(MODULES_HEADER_TAGS_MAILCHIMP_LIST_CUSTOMERS) && (MODULE_FOOTER_MAILCHIMP_DISPLAY_NAME == 'True')) { echo tep_draw_input_field('firstname', NULL, 'id="fnamehd" placeholder="' . MODULE_FOOTER_MAILCHIMP_OPTIONAL . ENTRY_FIRST_NAME . '"') . ' '; echo tep_draw_input_field('lastname', NULL, 'id="lnamehd" placeholder="' . MODULE_FOOTER_MAILCHIMP_OPTIONAL . ENTRY_LAST_NAME . '"') . ' '; echo tep_draw_input_field('email', NULL, 'required aria-required="true" id="emailft" placeholder="' . ENTRY_EMAIL_ADDRESS . '"', 'email') . ' '; echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_SUBMIT, 'fa fa-pencil-square-o', null, null, array('params' => 'id="SendButtonft"'), 'btn-success btn-sm'); } elseif (!empty(MODULES_HEADER_TAGS_MAILCHIMP_LIST_ANONYMOUS)) { echo tep_draw_input_field('email', NULL, 'required aria-required="true" id="emailft" placeholder="' . ENTRY_EMAIL_ADDRESS . '"', 'email') . ' '; echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_SUBMIT, 'fa fa-pencil-square-o', null, null, array('params' => 'id="SendButtonft"'), 'btn-success btn-sm') . tep_draw_hidden_field('anonymous', 'anonymous'); } if (MODULE_FOOTER_MAILCHIMP_DISPLAY_PRIVACY == 'True') { echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_PRIVACY, 'fa fa-user', tep_href_link('privacy.php'), null, null, 'btn-info btn-xs pull-right'); } echo $endform; echo '<br><div class="message" id="messageft"></div>'; ?> REPLACE it with this: <?php echo $form; if ((MODULES_HEADER_TAGS_MAILCHIMP_LIST_CUSTOMERS != '') && (MODULE_FOOTER_MAILCHIMP_DISPLAY_NAME == 'True')) { echo '<span class="website-url">Website URL:<br /><input type="text" name="url" id="urlft" placeholder="Website URL" /></span>'; echo tep_draw_input_field('firstname', NULL, 'id="fnameft" placeholder="' . MODULE_FOOTER_MAILCHIMP_OPTIONAL . ENTRY_FIRST_NAME . '"') . ' '; echo tep_draw_input_field('lastname', NULL, 'id="lnameft" placeholder="' . MODULE_FOOTER_MAILCHIMP_OPTIONAL . ENTRY_LAST_NAME . '"') . ' '; echo tep_draw_input_field('email', NULL, 'required aria-required="true" id="emailft" placeholder="' . ENTRY_EMAIL_ADDRESS . '"', 'email') . ' '; echo '<div class="accept-email-optin-terms">I accept the <a href="' . tep_href_link('terms_conditions.php') . '">Terms &amp; Conditions</a>: <input type="checkbox" name="terms_of_use" id="termsft" /></div>'; echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_SUBMIT, 'fa fa-pencil-square-o', null, null, array('params' => 'id="SendButtonft"'), 'btn-success btn-sm'); } elseif ((MODULES_HEADER_TAGS_MAILCHIMP_LIST_ANONYMOUS != '')) { echo '<span class="website-url">Website URL:<br /><input type="text" name="url" id="urlft" placeholder="Website URL" /></span>'; echo tep_draw_input_field('email', NULL, 'required aria-required="true" id="emailft" placeholder="' . ENTRY_EMAIL_ADDRESS . '"', 'email') . ' '; echo '<div class="accept-optin-terms">I accept the <a href="' . tep_href_link('terms_conditions.php') . '">Terms &amp; Conditions</a>: <input type="checkbox" name="terms_of_use" id="termsft" /></div>'; echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_SUBMIT, 'fa fa-pencil-square-o', null, null, array('params' => 'id="SendButtonft"'), 'btn-success btn-sm') . tep_draw_hidden_field('anonymous', 'anonymous'); } if (MODULE_FOOTER_MAILCHIMP_DISPLAY_PRIVACY == 'True') { echo tep_draw_button(MODULE_FOOTER_MAILCHIMP_PRIVACY, 'fa fa-user', tep_href_link('privacy.php'), null, null, 'btn-info btn-xs pull-right'); } echo $endform; echo '<br><div class="message" id="messageft"></div>'; ?> Note: if your Term & Conditions (or Terms of Use) file is named differently than terms_conditions.php, change the name of that file to that of your own (2 instances in the code above). 4) /ext/api/mailchimp_v3/subscribe.php FIND this code: if ( isset($_POST['anonymous'])) { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_ANONYMOUS; $merge_vars = [ 'FNAME' => '', 'LNAME' => '' ]; } else { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_CUSTOMERS; $merge_vars = [ 'FNAME' => $_POST['firstname'], 'LNAME' => $_POST['lastname'] ]; } $array = [ 'email_address' => $_POST['email'], 'merge_fields' => $merge_vars, 'status' => MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE ]; if (MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE == 'pending') { $status = 'pending'; } else { $status = 'subscribed'; } $MailChimp = new \MailChimp($key); // add the email to your list $result = $MailChimp->post('/lists/' . $list_id . '/members', $array); REPLACE it with this: if (isset($_POST['anonymous'])) { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_ANONYMOUS; $merge_vars = array('FNAME' => '', 'LNAME' => ''); } else { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_CUSTOMERS; $merge_vars = array('FNAME' => $_POST['firstname'], 'LNAME' => $_POST['lastname']); } $array = array('email_address' => $_POST['email'], 'merge_fields' => $merge_vars, 'status' => MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE); if (MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE == 'pending') { $status = 'pending'; } else { $status = 'subscribed'; } $MailChimp = new \MailChimp($key); // add the email to your list if (isset($_POST['url']) && $_POST['url'] == '' && !isset($_POST['terms_of_use'])) { // submit contact info when it is not a bot $result = $MailChimp->post('/lists/' . $list_id . '/members', $array); } else { // when it's a bot, leave out the path and list id $result = $MailChimp->post('', $array); } 5) /user.css ADD to the end of this file: .website-url, .accept-email-optin-terms { position:absolute; left:-20000px; } .accept-email-optin-terms { z-index:-100; } Note: You could add this code contained within the <style></style> tags at the top of the template file (file via #3 above), however, I believe it’s better to keep that CSS code outside of that template file. To test this feature, you will need to comment-out the CSS code in /user.css file OR, you could hold off adding that code in #5 (which will hide these two fields) until you complete testing the added spam bot-trap feature. The footer template form code also has a couple of error fixes same as the subscribed.php file. And I corrected the fields ID’s so that they clear upon submission. I tried using the tep_draw_input_field() for the Website URL field, but for some reason, it was not working for me. I have an idea as to why, but just did not want to waste more time fiddling with it. If anyone can find a way to improve this, please do so and share it. Demitry
  2. Hey,.. just to follow up... From my prior post, ..those were arrays and though the module works with the current /exe/api/mailchimp_v3/subscribe.php file, this is the way this file should look. <?php /** * Gyakutsuki * subscribe.php * @copyright Copyright 2016 * @copyright Portions Copyright osCommerce * @license GNU Public License V2.0 * @version $Id: */ chdir('../../../'); require('includes/application_top.php'); include('ext/api/mailchimp_v3/MailChimp.php'); $key = MODULES_HEADER_TAGS_MAILCHIMP_API; if (isset($_POST['anonymous'])) { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_ANONYMOUS; $merge_vars = array('FNAME' => '', 'LNAME' => ''); } else { $list_id = MODULES_HEADER_TAGS_MAILCHIMP_LIST_CUSTOMERS; $merge_vars = array('FNAME' => $_POST['firstname'], 'LNAME' => $_POST['lastname']); } $array = array('email_address' => $_POST['email'], 'merge_fields' => $merge_vars, 'status' => MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE); if (MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE == 'pending') { $status = 'pending'; } else { $status = 'subscribed'; } $MailChimp = new \MailChimp($key); // add the email to your list $result = $MailChimp->post('/lists/' . $list_id . '/members', $array); //send $result = json_encode($result); // If being called via ajax, run the function, else fail - console if ( MODULES_HEADER_TAGS_MAILCHIMP_DEBUG == 'True') { if ($_POST['ajax']) { var_dump($result); // send the response back } else { var_dump('Method not allowed - please ensure JavaScript is enabled in this browser'); } } else { echo $result; } I added spam bot-trap with my version and it works great!! Love this module! Demitry
  3. I found another minor error. The footer template id names are ending with "hd" for header instead of "ft" for footer. All except the email field. What this does is, ...it does not clear the text fields after the contact info was submitted.
  4. @Gyakutsuki Loic, The add-on works with PHP 7.1.7 ...that's what I am running the BS Edge on. The fix for the message issue is: 1) /includes/languages/english/modules/header_tags/ht_mailchimp.php ADD the following two definitions: define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_PENDING', 'Success! Please click the confirmation link that will be emailed to you shortly.'); define('MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_SUBSCRIBED', 'Success! Your information was submitted.'); 2a) /includes/modules/header_tags/ht_mailchimp.php FIND the following code (on line 57): function execute() { global $oscTemplate; ADD just below it: $email_optin_success = (MODULES_HEADER_TAGS_MAILCHIMP_STATUS_CHOICE == 'pending' ? MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_PENDING : MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE_SUBSCRIBED); 2b) in the same file FIND both instances of: MODULES_HEADER_TAGS_MAILCHIMP_SUCCESS_MESSAGE and REPLACE them with: $email_optin_success
  5. @Gyakutsuki ok, I will, thanks. In testing the features of this addon, I found a minor issue that's an easy fix. When the option for "subscribed" is selected in Admin > Modules > Header Tags > Newsletter Mailchimp V3, and an email is submitted, the success message is the same as for "pending" which says that the customer is to "..click the confirmation link that will be emailed to you shortly." However with that "subscribed" option there is nothing emailed to the customer to verify their opt-in. I've only installed and am testing on the footer module.
  6. @raiwa@Gyakutsuki Rainer: thank you for following-up to clarify that,.. though I’m not sure why there needs to be two input-fields for the same list number, but that’s really not an issue. Loic: thank you for the API update and the development SW recommendations. I’m not a developer by trade and got quite comfortable with Dreamweaver over the years. I just downloaded the VS Code for Windows and will install and check it out. I was a bit surprised that it’s free. I always appreciate a good recommendation from an expert in the field. Demitry
  7. btw, there's a newer version (v2.4) of the MailChimp API integration available. The one that is included in the osC addon is v2.2 https://github.com/drewm/mailchimp-api
  8. hi Rainer, @raiwa Thank you for the reply and the explanation. That makes sense, but how does the system determine what list to add the opt-in email to? Is there a script that identifies a registered customer vs. an unregistered customer and adds them to the right list? Also, I found some errors via Dreamweaver. I'm not sure if these affect the performance of the addon, as I have not tested it yet. For the BS version: in /ext/api/mailchimp_v3/MailChimp.php line 88 (see attached screenshot) in /ext/api/mailchimp_v3/subscribe.php lines 21-24, 29-32, 35-39 (see attached screenshot) In that subscribe.php file, I assume all three of these are supposed to be arrays with different style brackets?
  9. hi, I installed the latest version of this addon on BS Edge and have not tested it just yet. Before I do, I have a question regarding the Anonymous List number and Customer List number by Mailchimp,.. from the installation document. I found the Unique ID number for the list I created, but other than that and the API number there seems to be no other list number. I googled for it and search the mailchimp site for it but cannot find it. I used that unique ID number for both fields (Anonymous List number and Customer List number) in the osC admin panel, however, I am not sure if that is the right way to do this. Any help would be greatly appreciated. Thanks.
  10. hi, I'm working on a new reCAPTCHA module for the latest BS Edge version and have a couple of coding challenges that I'm having some difficulty with. If anyone could help out or do a joint effort, I'd love to hear from you. Demitry
  11. strange! i moved with my bootstrapped oscommerce to a new server (debian9, php7, mariadb) and mysql session timeout does not work again. even with the modifications from your addon. but only in admin. catalog user sessions timout as expected. any idea where to look?

    Regards,

    Stephan

    1. Show previous comments  3 more
    2. Demitry

      Demitry

      In theory, it should work fine. I mean the only thing that admin panel session time entry is doing is being stored in the database table to be applied to the conditional statement in /admin/includes/functions/sessions.php to evaluate the time passed since the last page load.

      And, it's the exact same script for the catalog side.

      Let me know if you find out. I'm semi-technical and not that great with sessions. I'd be curious to know. Thanks.

    3. Stephan Gebbers

      Stephan Gebbers

      good to waste some time :/

      so, after forever trying to find whats wrong, i took a closer look into the application_top and login.php

      check that. 

      application_top.php

      // try to automatically login with the HTTP Authentication values if it exists
            if (!tep_session_is_registered('auth_ignore')) {
              if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) {
                $redirect_origin['auth_user'] = $_SERVER['PHP_AUTH_USER'];
                $redirect_origin['auth_pw'] = $_SERVER['PHP_AUTH_PW'];
              }
            }

      and login.php

              if (tep_session_is_registered('redirect_origin') && isset($redirect_origin['auth_user']) && !isset($HTTP_POST_VARS['username'])) {
                $username = tep_db_prepare_input($redirect_origin['auth_user']);
                $password = tep_db_prepare_input($redirect_origin['auth_pw']);
              } else {
                $username = tep_db_prepare_input($HTTP_POST_VARS['username']);
                $password = tep_db_prepare_input($HTTP_POST_VARS['password']);
              }

      so, it is made by design not to expire when you use htaccess/htpassword function build in with administrators manager within oscommerce. you are getting logged in again and again until you press logoff or restart your browser where you would have to login by httpauth again.

      good to know :/ so now, without the build in htaccess/htpasswd function it works as expected. the session runs out and i have to relogin. 

      but one question lasts.. why did it not work as supposed to on my old server? :D

    4. Demitry

      Demitry

      yeah, that's good to know, ...I have not set up the htpassword protection on the new BS Edge development site for the admin login yet. So, I did not test that piece of it with the modified contribution, though I thought it should not make a difference.

      I'm not sure as to why it did not work on the other server. 

      I'll try and test it on my set-up at some point. Thank you for the follow-up.

      Demitry

       

  12. @BrockleyJohn, @burt John, Burt, thank you for the replies. John, The latest BS Edge does have this code in the product_info.php, page reviews, and others. The screenshot below is from the latest download of BS Edge in the product_info.php page. Burt, with all due respect, I'm not sure how the osC community is supposed to help improve on this software when we cannot address issues, ..which are both present in the latest release of BS Edge. If adding of slashes to alt tags is also true in all version of historical oscommerce, and this is an issue that had never been corrected, ..and it currently exists in BS Edge, ..then how is this not the place to address it? Demitry
  13. another question... I installed a threat scanner and ran it. One of the things it identified was the /admin/define_language.php file. I know that this file had some security vulnerabilities in the older versions of osC. I assume that those vulnerabilities are now secured in that file. With what version of osC were these changes made to resolve the security issues? Thanks.
  14. hi, I noticed that product_info.php page and product_reviews.php (and likely some others) have addslashes($product_info['products_name']), which displays a backslash before an apostrophe in the alt tags for the product image. I changed it to stripslashes(),.. but was wondering if there is any significant purpose to keeping the addslashes() alt tags?
  15. @raiwa Hi Rainer, I solved it! ..and it was not a bug in the code. It was completely my fault. I apologize to you and everyone else following this thread. After spending a lot of time trying to find the coding issue in tep_destroy_thumbs_dir(), I looked at tep_cfg_reset_thumbs_cache() and noticed that the $dir value of DIR_FS_CATALOG_IMAGES is for the admin image folder definition. After that, I looked at the BootStrap installation document in the addon package and realized that I added those two functions to the /includes/functions/general.php instead of the /admin/includes/functions/general.php file. After making this correction I tested and it solved all the issues I was having. ..really sorry, and thank you for your time. Demitry