Jump to content
Sign in to follow this  
Rezolles_Net

Customer Testimonials v1.0

Recommended Posts

Nice wrapping up of this and recaptch with it, but how does one remove the email the author link in the customer testimonials. There are too many easy harvester software out there to have the customers emails so openly available on the customer testimonial page.

 

I HIGHLY ADVISE AGAINST ANYONE LEAVING THIS INTACT - YOU WILL LOSE FACE QUICKLY WITH CUSTOMERS WHO HAVE GIVEN TESTIMONIALS!!!

 

This has been addressed in version 3.61: http://addons.oscommerce.com/info/5477

 

Scott

Share this post


Link to post
Share on other sites
This has been addressed in version 3.61: http://addons.oscommerce.com/info/5477

 

Scott

 

 

WOW! Nice work Scott. I panicked after loading the upgrade to a live and very, very busy site. Knew of the harversters from years ago, had a bad seed working for us and it was quickly apparent what he was doing - we found some software from Atom Harvester I think it was - very nasty! Hope I didn't offend.

 

Regards and thanks again for the option!

 

C

Share this post


Link to post
Share on other sites
This has been addressed in version 3.61: http://addons.oscommerce.com/info/5477

 

Scott

Hello Scott,

 

Has anyone added an image upload option to this contribution? I have a shop owner interested in allowing the customer to upload a picture of the customer using his product. I am beginning to work on this but do not want to re-invent the wheel if it has already been accomplished.

 

Nice work by the way!


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

Thanks for the complements. For those of you who want the "Click to email the author" link to exist, I've updated my osC reCaptcha addon to include instructions to implement reCaptcha mailhide to conceal and protect your customer's email addresses from potential harvesters: http://addons.oscommerce.com/info/6306

 

I have not heard of such a mod (uploading pics); however, there might be a way to steal code from another uploading addon to integrate this. If you solve this issue, please post the code so everyone can benefit.

 

Scott

Share this post


Link to post
Share on other sites
WOW! Nice work Scott. I panicked after loading the upgrade to a live and very, very busy site. Knew of the harversters from years ago, had a bad seed working for us and it was quickly apparent what he was doing - we found some software from Atom Harvester I think it was - very nasty! Hope I didn't offend.

 

Regards and thanks again for the option!

 

C

 

I'm not offended. thanks for the heads up - it was because i read your post that i rewrote the code :rolleyes:

 

Scott

Share this post


Link to post
Share on other sites

I missed a define in catalog/includes/languages/english.php

 

Find this:

define('IMAGE_BUTTON_SUBMIT', 'Submit to ' . STORE_NAME);

 

Insert this AFTER:

define('IMAGE_BUTTON_INSERT', 'Write a Testimonial');

 

ALTERNATIVELY, you could go into catalog/customer_testimonials.php (like I did)

 

Find this:

IMAGE_BUTTON_INSERT

 

Replace with this:

IMAGE_BUTTON_WRITE

 

Then open catalog/includes/languages/english.php

 

Find this:

 define('IMAGE_BUTTON_SUBMIT', 'Submit to ' . STORE_NAME);

 

Insert this AFTER:

 define('IMAGE_BUTTON_WRITE', 'Write a Testimonial');

 

Scott

Share this post


Link to post
Share on other sites

i must be missing something - does this contrib work with OSCMax and BTS - what do i need to do to make it work

 

any pointers would be apprecuiated

 

i have version 3.62 of this contrib

Share this post


Link to post
Share on other sites

Hi guys,

 

I'm going through the fun of PCI Compliance and found I had to make the edits to my customer_testimonials.php file. I would like to add the following - but my file is quite modified and looks for testimonial_id and/or products_id (I've modified the customer testimonials quite a bit so we can show product specific testimonials). Would any of you know how to add the hacker code below into the file below?

 

Here's a one liner ..

 

( (isset($HTTP_GET_VARS['testimonial_id']) && !is_numeric($HTTP_GET_VARS['testimonial_id']) === true)  ? die('<h1 style="color: red;">HACKING ATTEMPT!!</h1>') : NULL );

 

 

My customer_testimonials.php file:

  require('includes/application_top.php');

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS);

 $location = ' » <a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS, '', 'NONSSL') . '" class="headerNavigation">' . NAVBAR_TITLE . '</a>';
?>
</head>
<body>
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="3" cellpadding="3">
 <tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top">
<table border="0" width="100%" cellspacing="0" cellpadding="0">
  <tr>
	<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
	  <tr>
		<td class="pageHeading" colspan="2"><?php echo HEADING_TITLE; ?></td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
  <tr>
	<td><br><table border="0" width="100%" cellspacing="0" cellpadding="2">
	  <tr>
		<td class="main">
		<?php
		if ($testimonial_id != '') {
		$testimonial_id = ct_sanitise($testimonial_id);
			$full_testimonial = tep_db_query("select * FROM " . TABLE_CUSTOMER_TESTIMONIALS . " WHERE testimonials_id = " . ((int)$testimonial_id) . " and status = '1'");
		}
		else if ($products_id != '') {
		$products_id = ct_sanitise($products_id);
			$full_testimonial = tep_db_query("select * FROM " . TABLE_CUSTOMER_TESTIMONIALS . " WHERE products_id = " . ((int)$products_id) . " and status = '1'");
		} else {
			$full_testimonial = tep_db_query("select * FROM " . TABLE_CUSTOMER_TESTIMONIALS . " WHERE status = '1'");
		}
		while ($testimonials = tep_db_fetch_array($full_testimonial)) {
			$testimonial_array[] = array('id' => $testimonials['testimonials_id'],
										 'products_id' => $testimonials['products_id'],
										 'title' => $testimonials['testimonials_title'],
										 'author' => $testimonials['testimonials_last_name'],
										 'testimonial' => embedded_href_replace($testimonials['testimonials_html_text']),
										 'word_count' => tep_word_count($testimonials['testimonials_html_text'], ' '),
										 'url' => $testimonials['testimonials_url'],
										 'url_title' => $testimonials['testimonials_url_title']);
			}
		require(DIR_WS_MODULES  . 'customer_testimonials.php');
		?>
		</td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><table align="center" border="0" width="100%" cellspacing="0" cellpadding="2">
	  <tr>
		<td align="center" class="main"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS2, '', 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'myimages/testimonials.gif', TEXT_SUBMIT_TESTIMONIAL, 300, 56) . '</a>'; ?></td>		  
	  </tr>
	  <tr>
		  <td align="right"><?php echo tep_image_button('button_back.gif', IMAGE_BUTTON_BACK, 'style="cursor:pointer;" onClick="history.go(-1)"'); ?></td>
	  </tr>
	</table></td>
  </tr>
</table></form>
 </td>
<!-- body_text_eof //-->
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
</table></td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
<?php
function ct_sanitise($vartosanitise) {
$vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise);
return $vartosanitise;
}
?>
</body>
</html>


~Tracy
 

Share this post


Link to post
Share on other sites
i must be missing something - does this contrib work with OSCMax and BTS - what do i need to do to make it work

 

any pointers would be apprecuiated

 

i have version 3.62 of this contrib

 

I don't know if this is possible easily, for sure it would take some serious hacking and I am not very familiar with either. I just installed a bunch of mods on CRE loaded for a client and it was a nightmare searching through the maze of code. Sorry I can't help...

 

Scott

Share this post


Link to post
Share on other sites

Hi,

 

I installed the contribution 3.62 full package by Dear Scott and I am sure I missed something..

 

I checked again and again and it looks like I installed it correct.

 

My problem is that I don't see the "Testimonial box" on the index page !

 

I have mysql MySQL 4.1.22 and php 5.

 

Could someone advise please how to solve this mystery ?

 

Thanks & regards,

Nathali


Best Regards,

Nathali

Share this post


Link to post
Share on other sites
Hi,

 

I installed the contribution 3.62 full package by Dear Scott and I am sure I missed something..

 

I checked again and again and it looks like I installed it correct.

 

My problem is that I don't see the "Testimonial box" on the index page !

 

I have mysql MySQL 4.1.22 and php 5.

 

Could someone advise please how to solve this mystery ?

 

Thanks & regards,

Nathali

 

I found the "problem"...

 

I had to enter the first Testimonial that the box will appear.

 

Great contribution thanks to the authors !

 

Regards,

Nathali


Best Regards,

Nathali

Share this post


Link to post
Share on other sites
I have not heard of such a mod (uploading pics); however, there might be a way to steal code from another uploading addon to integrate this. If you solve this issue, please post the code so everyone can benefit.

 

Scott

 

:lol:

 

I have just uploaded a new version.

 

Customer Testimonials v4.0 is available at:

http://addons.oscommerce.com/info/5477

 

What's New?

 

This contribution allows your customer to post a testimonial about your site or your products with the option of uploading an image of them using your products.

 

As the administrator, you will be notified via email that a customer has posted a testimonial and you must allow it in the admin before it will be visiable to the public.

 

As the administrator, you will be able to view the text and the image (if an image was uploaded) and have the option to allow the text, image or both.

 

As the administrator, you will be able to edit both the text and the image.

 

A new image setting has been established in the Configuration | Images section of your admin to allow you to set the size of the images that are uploaded by your customers.

 

New installation instructions as well as upgrade instructions included with this download.

 

Screenshots included.

 

I hope you find it useful. :rolleyes:

 

Enjoy,

Bill Kellum


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

Hello Bill,

 

When submitting without filling in any field i have a error:

Catchable fatal error: Object of class upload could not be converted to string in /home/xxx/domains/xxx.be/public_html/includes/functions/html_output.php on line 188

 

On line 188 I have:

function tep_draw_input_field($name, $value = '', $parameters = '', $type = 'text', $reinsert_value = true) {

$field = '<input type="' . tep_output_string($type) . '" name="' . tep_output_string($name) . '"';

 

if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {

$field .= ' value="' . tep_output_string(stripslashes($GLOBALS[$name])) . '"'; <<<<--- line 188

} elseif (tep_not_null($value)) {

$field .= ' value="' . tep_output_string($value) . '"';

}

 

When i delete " tep_draw_file_field('testimonial_image');" in customers_testimonials_write.php the error does not shows up, so there must be the problem.

 

 

Regards, Steven

 

 

:lol:

 

I have just uploaded a new version.

 

Customer Testimonials v4.0 is available at:

http://addons.oscommerce.com/info/5477

 

What's New?

 

This contribution allows your customer to post a testimonial about your site or your products with the option of uploading an image of them using your products.

 

As the administrator, you will be notified via email that a customer has posted a testimonial and you must allow it in the admin before it will be visiable to the public.

 

As the administrator, you will be able to view the text and the image (if an image was uploaded) and have the option to allow the text, image or both.

 

As the administrator, you will be able to edit both the text and the image.

 

A new image setting has been established in the Configuration | Images section of your admin to allow you to set the size of the images that are uploaded by your customers.

 

New installation instructions as well as upgrade instructions included with this download.

 

Screenshots included.

 

I hope you find it useful. :rolleyes:

 

Enjoy,

Bill Kellum

Share this post


Link to post
Share on other sites
Hello Bill,

 

When submitting without filling in any field i have a error:

Catchable fatal error: Object of class upload could not be converted to string in /home/xxx/domains/xxx.be/public_html/includes/functions/html_output.php on line 188

 

On line 188 I have:

function tep_draw_input_field($name, $value = '', $parameters = '', $type = 'text', $reinsert_value = true) {

$field = '<input type="' . tep_output_string($type) . '" name="' . tep_output_string($name) . '"';

 

if ( (isset($GLOBALS[$name])) && ($reinsert_value == true) ) {

$field .= ' value="' . tep_output_string(stripslashes($GLOBALS[$name])) . '"'; <<<<--- line 188

} elseif (tep_not_null($value)) {

$field .= ' value="' . tep_output_string($value) . '"';

}

 

When i delete " tep_draw_file_field('testimonial_image');" in customers_testimonials_write.php the error does not shows up, so there must be the problem.

 

 

Regards, Steven

 

Steven,

 

When I submit a testimonial with all of the fields blank I get the required error messages such as:

 

error.gif A title is required in order to submit your testimonialerror.gif A name is required in order to submit your testimonial

error.gif A valid email address is required in order to submit your testimonial

error.gif Your E-Mail Address does not appear to be valid - please make any necessary corrections.

error.gif A description is required in order to submit your testimonial

 

 

Check your installation by comparing all of your files with those files included in the download.

Edited by bkellum

Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

Bill,

 

I do have the same error messages, but on the bottom of the page i have mine too.

Maybe you overlooked it?

If i fill in all fields except image, eveything works fine.

 

Regards

 

 

 

 

Steven,

 

When I submit a testimonial with all of the fields blank I get the required error messages such as:

 

error.gif A title is required in order to submit your testimonialerror.gif A name is required in order to submit your testimonial

error.gif A valid email address is required in order to submit your testimonial

error.gif Your E-Mail Address does not appear to be valid - please make any necessary corrections.

error.gif A description is required in order to submit your testimonial

 

 

Check your installation by comparing all of your files with those files included in the download.

Edited by Steven B

Share this post


Link to post
Share on other sites
Bill,

 

I do have the same error massages, but on the bottom i have mine too.

Maybe you overlooked it?

 

Nope, no error messages here. My test is based on a stock osC RC2a shop with Customer Testimonials v4.0 installed.

 

Did you do as I suggested regarding the file comparison?

 

Here is the link to the test site (It won't be up for long).


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

Yes, yours is doing right.

My error comes in place if the upload input field.

I will look at my code later.

Thanks

 

 

 

Nope, no error messages here. My test is based on a stock osC RC2a shop with Customer Testimonials v4.0 installed.

 

Did you do as I suggested regarding the file comparison?

 

Here is the link to the test site (It won't be up for long).

Edited by Steven B

Share this post


Link to post
Share on other sites
Im not sure if this is related to the mod, but im having an issue with the box header, is not grabbing the default from osc.

http://spygeardepot.com/

 

as you can see the pictures nor the font are correct, anyone know how to fix this.

 

 

I just went to your site and the header looked just like the other infoboxes on your site.


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

I receved the error on the page that the costumers can write a testimonial.

 

This is right above the "UPLOD AN IMAGE" text:

Fatal error: Call to undefined function tep_draw_file_field() in /home/faimports/www/loja/customer_testimonials_write.php on line 248

 

 

 

Another thing:

 

When I try to activate and testiomonial on the admin page by clicking on the the green ball i receive this error:

 

Fatal error: Call to undefined function tep_set_TESTIMONIALS_status() in /home/faimports/www/loja/admin/testimonials_manager.php on line 14

 

 

any ideas ?!

Edited by darkman69

Share this post


Link to post
Share on other sites
I receved the error on the page that the costumers can write a testimonial.

 

This is right above the "UPLOD AN IMAGE" text:

Fatal error: Call to undefined function tep_draw_file_field() in /home/faimports/www/loja/customer_testimonials_write.php on line 248

 

 

 

Another thing:

 

When I try to activate and testiomonial on the admin page by clicking on the the green ball i receive this error:

 

Fatal error: Call to undefined function tep_set_TESTIMONIALS_status() in /home/faimports/www/loja/admin/testimonials_manager.php on line 14

 

 

any ideas ?!

 

 

Have you tried comparing your files with the files from the contribution? It appears you are missing some of the code.


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites
Have you tried comparing your files with the files from the contribution? It appears you are missing some of the code.

 

 

I did not refresh this page so I did not see your ignore message above. It would be good for others if you posted what you did wrong and then what you did to correct it rather than just say it is fixed. ;)


Bill Kellum

 

Sounds Good Productions

STS Tutorials & more: STSv4.6, STS Add-ons (STS Power Pack), STS V4 Forum STS Forum FREE TEMPLATE

Share this post


Link to post
Share on other sites

I have installed: Version 3.62 by olsonsp4c

Scott:

I have noticed two things. On the catalog index.html page there is no title showing for testimonials. In the admin portion what shout be a link for "more" is not.

I believe in this file /includes/boxes/customer_testimonials.php the following line is not correct. Not the misspelled "$testimonial_titulo". However, even if I correct the spelling to "$testimonial_title" it doesn't work.

 

Would you help me correct these little irratations?

 

'text' => '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS, tep_get_all_get_params(array('language', 'currency')) .'&testimonial_id=' . $random_testimonial['testimonials_id']) . '"><b><center>' . $testimonial_titulo . '</center></b><br>' . strip_tags($testimonial) . '...' . TEXT_READ_MORE . '</a><br><br><table border="0" cellspacing="0" cellpadding="0" align="center"><tr align="center"><td align="center" class="infoBoxContents">' . '<b>'.$random_testimonial['testimonials_name'].'</b></td></tr></table>'

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×