Jack_mcs Posted October 4, 2005 Share Posted October 4, 2005 This is the support thread for this contribution, which allows the shop owner to "Blacklist" certain customers. They can be banned completely from logging on. Or, if allowed to logon, or if they create a new account, all entries in their address book will be monitored for usage upon checkout. If an address is used, the shop owner is notified via email. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 13, 2005 Share Posted October 13, 2005 I've installed the blacklist contribution, great Contrib! But I have 2 little problems: 1. If a completly banned customer trys to login, it doesnt set the "attempted use" flag. But an empty email will be sent, with the infos in the title. 2. If a banned user do an order, no email with the informations will be sent, that a banned user has placed an order. (the normal email is sending) Im only a beginner, and I tried many things, but nothing works, I dont know what the problem could be. Maybe someone can help me... Many thanks, Lukas Havranek Shop: www.LED-Store.ch Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 13, 2005 Author Share Posted October 13, 2005 1 - There is an error in the code for login.php that is causing this behavior. Find this line in login.php tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Attempted login by blacklisted visitor', $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); and change to tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Attempted login by blacklisted visitor', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); 2 - I don't see a problem with this one. Try this: find $blacklisted['entry_state'] === $order->delivery['state']) { in checkout_process.php and place this after it echo 'found match<br>'; Please let me know the results. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 14, 2005 Share Posted October 14, 2005 Great Jack mcs, thank you very much, now everything seems to work. All mails will be sent, and with the body in it. :thumbsup: The only thing is that the "attemptet use" Flag is still not setting, but that isnt very important for me, I get the mail that a user has tried. Maybe there is an error too... (if I change in the database the 0 to 1, I can see the flag. Only automatic it doesnt work) greetz lukas Quote Link to comment Share on other sites More sharing options...
LED-Store Posted October 14, 2005 Share Posted October 14, 2005 Another thing: If you change in the checkout process the following: tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, STORE_NAME, STORE_OWNER_EMAIL_ADDRESS); to tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); you get the mails "from the user", not from the shop itself. I think this is better, so you can see immediately whos placed the order. lukas Quote Link to comment Share on other sites More sharing options...
LED-Store Posted October 14, 2005 Share Posted October 14, 2005 Where is the "command" to set the flag for attempted_use, when I search login.php or checkout-process.php, I cant find any word with attempted_use. I think it must be in the login.php, somewhere around, if ($blacklisted['ban_customer'] == true) { $error = true; $error_blacklisted = true; but I cant find anything, and I dont know the command to set the flag. (I never learned php or sql, everything learning by doing... ;o) Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 15, 2005 Author Share Posted October 15, 2005 I have the code in my files here but it somehow failed to make it into the zip. After $error_blacklisted = true; insert tep_db_query("update " . TABLE_BLACKLIST . " set attempted_use = '1' where customers_id = '" . $check_customer['customers_id'] . "'"); Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 15, 2005 Share Posted October 15, 2005 Hey, now I get this mail that a banned user has placed an order on every order! I dont know if Im the only one with this problem, but Im going to uninstall this contrib until I couldnt fix it. That problem with the "attempted_use" flag works now, maybe you can find the "last" problem with the email, i got this in my code: // send emails to other people if (SEND_EXTRA_ORDER_EMAILS_TO != '') { tep_mail('', SEND_EXTRA_ORDER_EMAILS_TO, EMAIL_TEXT_SUBJECT, $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); } //check for blacklisted address $blacklist_query = tep_db_query("SELECT b.customers_id, b.ban_customer, b.description, b.entry_street_address, b.entry_suburb, b.entry_postcode, b.entry_city, b.entry_state FROM " . TABLE_BLACKLIST . " b "); while($blacklisted = tep_db_fetch_array($blacklist_query)) { if ($blacklisted['entry_street_address'] === $order->delivery['street_address'] && $blacklisted['entry_suburb'] === $order->delivery['suburb'] && $blacklisted['entry_city'] === $order->delivery['city'] && $blacklisted['entry_postcode'] === $order->delivery['postcode'] && $blacklisted['entry_state'] === $order->delivery['state']) echo 'found match<br>'; { tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); break; } } This mail is now sending on every order to me, also when its a "free" user... thanks, lukas Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 15, 2005 Author Share Posted October 15, 2005 (edited) The reason you are getting the extra emails is becuase of this line echo 'found match<br>'; You should either remove it or place it after the { so that it is { echo 'found match<br>'; Jack Edited October 15, 2005 by Jack_mcs Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 15, 2005 Share Posted October 15, 2005 Doesnt work. When I place it after the { I dont get any email that a banned user etc... The normal email is sending, and if I remove the line completly, I get no mail too. Everythings else works now. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 15, 2005 Author Share Posted October 15, 2005 Please post your edited code so I can see what changes were made. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 15, 2005 Share Posted October 15, 2005 The same like before, with your changes: 1.) //check for blacklisted address$blacklist_query = tep_db_query("SELECT b.customers_id, b.ban_customer, b.description, b.entry_street_address, b.entry_suburb, b.entry_postcode, b.entry_city, b.entry_state FROM " . TABLE_BLACKLIST . " b "); while($blacklisted = tep_db_fetch_array($blacklist_query)) { if ($blacklisted['entry_street_address'] === $order->delivery['street_address'] && $blacklisted['entry_suburb'] === $order->delivery['suburb'] && $blacklisted['entry_city'] === $order->delivery['city'] && $blacklisted['entry_postcode'] === $order->delivery['postcode'] && $blacklisted['entry_state'] === $order->delivery['state']) { echo 'found match<br>'; tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); break; } } 2.) //check for blacklisted address$blacklist_query = tep_db_query("SELECT b.customers_id, b.ban_customer, b.description, b.entry_street_address, b.entry_suburb, b.entry_postcode, b.entry_city, b.entry_state FROM " . TABLE_BLACKLIST . " b "); while($blacklisted = tep_db_fetch_array($blacklist_query)) { if ($blacklisted['entry_street_address'] === $order->delivery['street_address'] && $blacklisted['entry_suburb'] === $order->delivery['suburb'] && $blacklisted['entry_city'] === $order->delivery['city'] && $blacklisted['entry_postcode'] === $order->delivery['postcode'] && $blacklisted['entry_state'] === $order->delivery['state']) { tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); break; } } The second option is like after installing this contrib. Should I post the hole code? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 15, 2005 Author Share Posted October 15, 2005 When a banned user places and order, is Found Match printed on the screen? Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 15, 2005 Share Posted October 15, 2005 No, there is no Found Match printed on the screen, in no of all cases... Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 16, 2005 Author Share Posted October 16, 2005 (edited) First, be sure the person you are using to test with is actually blacklisted. If so, try this: after the following (note the { ) while($blacklisted = tep_db_fetch_array($blacklist_query)) { add this: echo 'Customer '.$order->customer['lastname'] . '<br>'; if ($order->customer['lastname'] == 'test') if ($blacklisted['entry_street_address'] === $order->delivery['street_address']) { echo 'Matched street '. $blacklisted['entry_street_address'] .'<br>'; if ($blacklisted['entry_suburb'] === $order->delivery['suburb']) { echo 'Matched surburb '.$blacklisted['entry_suburb'].'<br>'; if ($blacklisted['entry_city'] === $order->delivery['city']) { echo 'Matched city '.$blacklisted['entry_city'] .'<br>'; if ($blacklisted['entry_postcode'] === $order->delivery['postcode']) { echo 'Matched post code '.$blacklisted['entry_postcode'].'<br>'; if ($blacklisted['entry_state'] === $order->delivery['state']) { echo 'Matched state '.$blacklisted['entry_state'].'<br><br>'; } else echo 'Failed match - state<br>'; } else echo 'Failed match - post code<br>'; } else echo 'Failed match - city<br>'; } else echo 'Failed match - suburb<br>'; } else echo 'Failed match - street<br>'; Replace test in the aobve with the last name of the customer that is blacklisted. Case is important. This will print out the results of the compares for each customer. What does it indicate? You may not want to do this on a live shop since it will hang up that page until refresh is pressed. If you do try it on a live shop, don't leave the code it there. Jack Edited October 16, 2005 by Jack_mcs Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 17, 2005 Share Posted October 17, 2005 Nothing else happens with this modifications, the user is a blacklisted user (only on the right list, not completly banned), and the code looks like this: //check for blacklisted address $blacklist_query = tep_db_query("SELECT b.customers_id, b.ban_customer, b.description, b.entry_street_address, b.entry_suburb, b.entry_postcode, b.entry_city, b.entry_state FROM " . TABLE_BLACKLIST . " b "); while($blacklisted = tep_db_fetch_array($blacklist_query)) { echo 'Customer '.$order->customer['lastname'] . '<br>'; if ($order->customer['lastname'] == 'Burkhalter') if ($blacklisted['entry_street_address'] === $order->delivery['street_address']) { echo 'Matched street '. $blacklisted['entry_street_address'] .'<br>'; if ($blacklisted['entry_suburb'] === $order->delivery['suburb']) { echo 'Matched surburb '.$blacklisted['entry_suburb'].'<br>'; if ($blacklisted['entry_city'] === $order->delivery['city']) { echo 'Matched city '.$blacklisted['entry_city'] .'<br>'; if ($blacklisted['entry_postcode'] === $order->delivery['postcode']) { echo 'Matched post code '.$blacklisted['entry_postcode'].'<br>'; if ($blacklisted['entry_state'] === $order->delivery['state']) { echo 'Matched state '.$blacklisted['entry_state'].'<br><br>'; } else echo 'Failed match - state<br>'; } else echo 'Failed match - post code<br>'; } else echo 'Failed match - city<br>'; } else echo 'Failed match - suburb<br>'; } else echo 'Failed match - street<br>'; if ($blacklisted['entry_street_address'] === $order->delivery['street_address'] && $blacklisted['entry_suburb'] === $order->delivery['suburb'] && $blacklisted['entry_city'] === $order->delivery['city'] && $blacklisted['entry_postcode'] === $order->delivery['postcode'] && $blacklisted['entry_state'] === $order->delivery['state']) echo 'found match<br>'; (tested with or without this sentence) { tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); break; } } There are no "print-outs" or something like this, I just receive the mails like posted above... Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 17, 2005 Author Share Posted October 17, 2005 Your database doesn't appear to have any entries. Please try this. Change this: while($blacklisted = tep_db_fetch_array($blacklist_query)) to this echo 'Total entries = '.tep_db_num_rows($blacklist_query).'<br>'; while($blacklisted = tep_db_fetch_array($blacklist_query)) Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 18, 2005 Share Posted October 18, 2005 What do you mean with my database seems to have no entries?? This I copied from my phpMyAdmin: customers_id ban_customer attempted_use description entry_street_address entry_suburb entry_postcode entry_city entry_state date_added Bearbeiten 216370 1 0 No entry!! Scalottas 13 7421 Summaprada 2005-10-12 13:25:24 Bearbeiten 216626 0 0 Seestrasse 193 Postfach 3 8802 Kilchberg 2005-10-15 16:32:57 Bearbeiten 216416 1 0 Nie bezahlt! Himmelrichstrasse 20 6283 Baldegg 2005-10-14 20:0 The second one is the customer I try... The additional changes shows no effects, the same thing like before, the code is the following now: //check for blacklisted address $blacklist_query = tep_db_query("SELECT b.customers_id, b.ban_customer, b.description, b.entry_street_address, b.entry_suburb, b.entry_postcode, b.entry_city, b.entry_state FROM " . TABLE_BLACKLIST . " b "); echo 'Total entries = '.tep_db_num_rows($blacklist_query).'<br>'; while($blacklisted = tep_db_fetch_array($blacklist_query)) { if ($blacklisted['entry_street_address'] === $order->delivery['street_address'] && $blacklisted['entry_suburb'] === $order->delivery['suburb'] && $blacklisted['entry_city'] === $order->delivery['city'] && $blacklisted['entry_postcode'] === $order->delivery['postcode'] && $blacklisted['entry_state'] === $order->delivery['state']) { tep_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Bestellung eines Blacklisted-Kunden', $email_order, $order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address']); break; } } Am I the only one with this problem, do you get the mail only if the user is banned?? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 18, 2005 Author Share Posted October 18, 2005 There is a mistake in your code or the entries are not in the blacklist table. When you access the checkout_process.php file, the minimum that should happen is that Total entries = is printed on the screen. Since that is not happening, the file on your server may not have received the updates. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
LED-Store Posted October 21, 2005 Share Posted October 21, 2005 Thank you for your support anyway, the files on the server ared updated of course... Now I use this contrib only to ban users completly, the other option doesnt work. (for me) Regards lucas Quote Link to comment Share on other sites More sharing options...
mr_absinthe Posted November 6, 2005 Share Posted November 6, 2005 Jack, I was so pleased to see your contribution, however my login.php has been heavily modified by PWA, master password and other contributions, therefore I'm not quite sure how to complete your install instructions. Would you be so kind as to tell me where exactly I need to modify the file? Thanks a lot, Alex Quote Absinthe Original Liquor Store Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 6, 2005 Author Share Posted November 6, 2005 Where the code is not that critical. I'll run through the instructions for the login.php file - maybe that will help. Find: $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");This, or something similar, should exist in your file. You may not be able to do a replacement though. Just cimpare the two lines. All that is being changed is the addition of the customers_lastname, field. Find $error = false;Insert the code for this line anywhere near the top of the file. Check that password is goodYou can insert the included code without the else { at the end anywhere around that area as long as you don't break one of the blocks of code. So just find a section outseide of {} and insert $blacklist_query = tep_db_query("SELECT c.customers_id, b.customers_id, b.ban_customer, b.description FROM " . TABLE_CUSTOMERS . " c, " . TABLE_BLACKLIST . " b WHERE b.customers_id = '" . $check_customer['customers_id'] ."'"); $blacklisted = tep_db_fetch_array($blacklist_query); if ($blacklisted['ban_customer'] == true) { $error = true; $error_blacklisted = true; tep_db_query("update " . TABLE_BLACKLIST . " set attempted_use = '1' where customers_id = '" . $check_customer['customers_id'] . "'"); $email_body = 'The following blacklisted person tried to login:' . "\n\n\t" . $check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname']; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Attempted login by blacklisted visitor', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } The last step just adds the trailing } to the above code but it is not needed if you did the above. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
mr_absinthe Posted November 6, 2005 Share Posted November 6, 2005 Jack, thank you for your reply. I managed to make some of those changes, so the parts of login.php look like this(line 22): require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN); $error_blacklisted = false; // PWA 0.70 : if($HTTP_GET_VARS['login'] == 'fail') { $fail_reason = (!empty($HTTP_GET_VARS['reason'])) ? urldecode($HTTP_GET_VARS['reason']): TEXT_LOGIN_ERROR; $messageStack->add('login', $fail_reason); } and this(line 35): // Check if email exists $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); and finally on line 95: if ($error == true) { if ($error_blacklisted == true) $messageStack->add('login', 'You have been banned from this site. Please contact the shop owner for further details.'); else $messageStack->add('login', TEXT_LOGIN_ERROR); } However the part with master pasword doesn't seem to work, could you please tell me where is safe to insert the code without breaking eithe of those contributions? That part is: // Check that password is good - edited for Master Password $mastpw_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MAST_PW'"); $mastpw = tep_db_fetch_array($mastpw_query); $mastpw_pwd = $mastpw["configuration_value"]; $passwordgood = tep_validate_password($password, $check_customer['customers_password']); if ($password == $mastpw_pwd) { // if ($password == "beconvinced4life" || $password == "beconvincednow4life") { // end admin control alteration $passwordgood = 1; } else { $passwordgood = $passwordgood; } if (!$passwordgood) { $error = true; } else { if (SESSION_RECREATE == 'True') { tep_session_recreate(); } Thank you very much, Alex Quote Absinthe Original Liquor Store Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 6, 2005 Author Share Posted November 6, 2005 Add this $blacklist_query = tep_db_query("SELECT c.customers_id, b.customers_id, b.ban_customer, b.description FROM " . TABLE_CUSTOMERS . " c, " . TABLE_BLACKLIST . " b WHERE b.customers_id = '" . $check_customer['customers_id'] ."'"); $blacklisted = tep_db_fetch_array($blacklist_query); if ($blacklisted['ban_customer'] == true) { $error = true; $error_blacklisted = true; tep_db_query("update " . TABLE_BLACKLIST . " set attempted_use = '1' where customers_id = '" . $check_customer['customers_id'] . "'"); $email_body = 'The following blacklisted person tried to login:' . "\n\n\t" . $check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname']; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Attempted login by blacklisted visitor', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } before this if (SESSION_RECREATE == 'True') { It's is difficult to tell without seeing it in context but I think the above will work. Jack Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
mr_absinthe Posted November 6, 2005 Share Posted November 6, 2005 (edited) Thank you, I don't get any errors now and it looks like I can do some testing. I do have small problem in admin, I select customer, tick ban completely, write comments and hit update, customer is moved to right hand side but no comments appear and no box is ticked. Comments are written in database but don't appear in admin. And it looks like it may not be working because if I ban my test account, I'm still able to login... Alex Edited November 6, 2005 by mr_absinthe Quote Absinthe Original Liquor Store Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.