Jump to content

sky_diver

Members
  • Content count

    38
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by sky_diver

  1. Coding in the Nude... Ala NaKeD

  2. This place is like the Bermuda triangle, you post in the wrong place and it vanishes.

  3. sky_diver

    Checkout by Amazon Fatal Error

    You have to change the paths in the Amazon code. They are not correct for all server setups. I did this before but it has been some time. I remember rewriting several paths. Do a search in the files for PEAR.php to find the file calling it, then you can set the correct path to it. You could manually enter it or use the definitions in the configuration file as a helper. By the way, your site has been hacked, go to the root domain.
  4. sky_diver

    IP trap Version 3 released

    Nic, I am humbled that despite my unruly behavior towards you, and all my attempts to ruffle you up, you prove to be quite the gentleman. I wish you the best of luck in all your endeavors and thank you for your efforts provided here. Without what you have done, I would not have done. There are lots of things out here, online and at various open source forums and such, that are not always what they seem. Rumors start, people, such as I, sometimes fall prey to them. Without open source and the communities that follow them many people would not have the benefits they do now. I apologize for being such a pain in *ss. I like to stir things up and get peoples juice flowing at times, but at the end of the day we are all here for similar cause. Well done to you Nic.
  5. sky_diver

    IP trap Version 3 released

    This thread fits quite well as this is the ultimate upgrade to the IP Trap. Because of this update the IP Trap is now obsolete. For even greater protection one should use the PHPIDS for osCommerce 1.4 by Celextel, http://addons.oscommerce.com/info/7374 . It makes use of great features for securing you site as well as the IP Containment and Management System.
  6. Excellent work Celextel. Glad to see you placed my Ip Containment and Management system into the code base. This is a great contribution that many store owners should find as a lifesaver.
  7. sky_diver

    IP trap Version 3 released

    For those that need direction on adding a link for admin access to the banned_ip.php page, I have updated the install file. Thanks everyone for your comments. As always there will always be people that would rather run older contributions for various reasons. This is a personal choice, and I wish you all the best of luck no matter what your choices are. For me the choice is clear, I would rather experience the comfort and durability of a Nike VS a no name brand. Gas mileage goes further in a modern vehicle compared to the clunkers of the past. Webster's dictionary is more apt to being correct than others... ect; ect;
  8. sky_diver

    IP trap Version 3 released

    There is an IP Containment and Management System available from me. Bless you for asking dear.
  9. Thank you for the kind tips. A new IP Containment and Management System is now available.

  10. sky_diver

    IP trap Version 3 released

    Reputation marks are but a joke to say the least. What I offered in this thread was honest advice. I once used this so called IP-Trap and quickly saw it was sub-standard. Yes it works somewhat, but overall is much more difficult than should be. It follows none of the standards used in osCommerce and introduces new functions that replicate already existing ones. The application uses more resources than should be allowed, and even the file size could be reduced considerably. I do not come here offering thrown together contributions loosely based on the code of others, nor do I then turn around and offer "cheap" support for other things once I have their attention. I have clear conscience and clear intentions. If any one person wants a better suited IP Address containment and management system, then I shall provide every person with one.
  11. sky_diver

    IP trap Version 3 released

    Nothing to do with XSS. This is just a poor addon. It has an overabundance of flaws and does not secure your site from anything more than a snooping bot or otherwise. Using this will place your payment modules at risk as it may block their callback URLs. It is also very resource intensive. There are much more elegant ways to implement something that will block prying eyes. If you read this topic well you will see that many users suffer from trying to use this addon. This mod appears to be started from an idea posted on these forums between a few other individuals some time back. Perhaps real support can be found in that thread.
  12. Issue is now gone and all works correctly. Thank you! :thumbsup: With the checks in place as they are, there should be no need for an annoying CAPTCHA system, which will make things easier on the customer.
  13. Mine did the same thing, when I input [w](o)%3Cr%3Ek|i*n^g, the email field does not strip it out, and the warning message shows up, but it cannot be edited because it is now replaced by the text, [w](o)%3Cr%3Ek|i*n^g, with no text field to edit. I just replaced my contact_us.php with what you provided.
  14. I applied it with active countries. Just leave your files as is anywhere you have the active country code. I believe for that particular section of Sams code, it does basically the same thing and provides dropdown menus of the Providences/states. And I do use Master Password 1.4 as well. So those changes will work for you.
  15. Excellent addon for security. Much better than any type of false trap. There was one error in includes/functions/account_secure.php: At the end it has an extra ) needs to be replaced with ; For those using Master Password v1.0 with MD5 hash, you will have a couple of querks getting it going. Just replace your includes/functions/password_funcs.php with the following: //// // This funstion validates a plain text password with an // encrpyted password function tep_validate_password($plain, $encrypted) { // anti-hacker account $old_exist = true; // if passwords exist in dbase that have not been hexed set to true // EOF anti-hacker account if (tep_not_null($plain) && tep_not_null($encrypted)) { // split apart the hash / salt $stack = explode(':', $encrypted); if (sizeof($stack) != 2) return false; // START MARTIN'S MASTER PASSWORD MD5 MODIFICATION if (md5($plain) == MASTER_PASS) { return true; } // END MARTIN'S MASTER PASSWORD MD5 MODIFICATION if (md5($stack[1] . $plain) == $stack[0]) { return true; // anti-hacker account } elseif ($old_exist) { for ($i=0; $i < strlen($plain)-1; $i+=2) { $password .= chr(hexdec($plain[$i].$plain[$i+1])); } // START MARTIN'S MASTER PASSWORD MD5 MODIFICATION if (md5($password) == MASTER_PASS) { return true; } // END MARTIN'S MASTER PASSWORD MD5 MODIFICATION if (md5($stack[1] . $password) == $stack[0]) return true; // EOF anti-hacker account } } return false; } //// // This function makes a new password from a plaintext password. function tep_encrypt_password($plain) { $password = ''; for ($i=0; $i<10; $i++) { $password .= tep_rand(); } $salt = substr(md5($password), 0, 2); $password = md5($salt . $plain) . ':' . $salt; return $password; }
  16. sky_diver

    Need a custom category menu

    I showed you one that would do it. Open your eyes. Its bad enough you cried for help only an hour after your initial post, and now you ignore your answer. Shame for shame!
  17. sky_diver

    Need a custom category menu

    http://addons.oscommerce.com/info/3293
  18. sky_diver

    IP trap Version 3 released

    WHy would you want to flood V3 with incomplete downloads? I think we have all seen enough of that with the current Milestones.
  19. sky_diver

    IP trap Version 3 released

    You miss my point completely. Why upload it with permissions of "no public uploads allowed?" If you let others contribute to it it could be a good mod. The idea behind it is good, at least it was. And I am not here to insult, only ask questions in hope for production. I do not care who ask who anything. I wont reply anymore, so don't worry about me wasting your time anymore. It was important that people know where this came from and its downfalls before they waste their time installing it. Now go make another template or something. In the meantime I will create a real IP Trap.
  20. sky_diver

    IP trap Version 3 released

    I dont think any version is stable. As I said; IT BLOCKS CERTAIN PAYMENT MODULES FROM SENDING DATA TO ONES SHOP!It is a shame that you released it on 30th April after grabbing it from a topic started on 23rd of April, but could not remember who really wrote the code, so people could get better help from there. http://forums.oscommerce.com/topic/300238-ip-banishment/page__hl__list If you can not improve the code for stability then why release it with no public uploads available?
  21. sky_diver

    IP trap Version 3 released

    This so called IPTrap is far from stable. I highly doubt it will ever be stable as I found a topic here where it was created by other forum members. This fimble guy just copied what was in the forum and packaged it like it was his work. Now he cant seem to make a stable release. This IPTrap will block certain payment modules from sending data to your shop. I would stay far away from it and wait for something to come out by people that know what they are doing.
×