olsonsp4c Posted November 24, 2008 Author Share Posted November 24, 2008 (edited) no problem, glad it works. Scott Edited November 24, 2008 by olsonsp4c Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
olsonsp4c Posted November 27, 2008 Author Share Posted November 27, 2008 The new version is slightly delayed due to a project I'm working on coding for a client... sorry! Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
olsonsp4c Posted December 8, 2008 Author Share Posted December 8, 2008 I will be releasing the v1.4 of osC reCaptcha tomorrow. Check here for the announcement. I want to especially thank Glen for his great ideas. All of them will be implemented in this version and there are a few small errors that are corrected in the instructions. This new version will drastically change how this is implemented, making it more secure, flexible, and more easily integrated into your store. Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
olsonsp4c Posted December 8, 2008 Author Share Posted December 8, 2008 (edited) osC reCaptcha v1.4 is out: http://addons.oscommerce.com/info/6306 This is a major restructuring. Since v1.3 ---------- * Added reCaptcha box formatting options A (non-integrated color scheme and placement) and B (integrated color scheme and placement) * Added instructions to add SSL security to reCaptcha * Changed language define to main english file * Added multi-language functionality * Added database entries to secure reCaptcha keys for security purposes * Fixed Customer Testimonials missing line * Added update instructions * Added additional screenshot * Restructured instructions for changes Thanks to SteveDallas for his helpful suggestions and code Let me know if I missed anything! Scott Edited December 8, 2008 by olsonsp4c Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
olsonsp4c Posted December 8, 2008 Author Share Posted December 8, 2008 osC reCaptcha v1.4.1 is out with some fixes I missed, but intended for v1.4 Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
maxtors Posted December 22, 2008 Share Posted December 22, 2008 how do i change the width to the clean theme? Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted December 22, 2008 Author Share Posted December 22, 2008 unfortunately, i don't know. you could search the reCaptcha forums or wiki to see - I did briefly and couldn't find anything conclusive on how to do it... Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
umbra Posted December 23, 2008 Share Posted December 23, 2008 Is this hard to include in Guest book with Anti Robot v3.0 becourse i cant get the catchka to work as it is now. Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted December 23, 2008 Author Share Posted December 23, 2008 Is this hard to include in Guest book with Anti Robot v3.0 becourse i cant get the catchka to work as it is now. It wasn't made for that addon; however, I'm sure it could be adapted with some work. I don't use it personally, but you are welcome to give it a stab and let me know your progress. There would be 2 ways to figure it out. 1. Look where the current Captcha is and just replace it with the proper reCaptcha code 2. Remove all Captcha code you can find and then look through the file and compare with other addon inserts to determine where to put the reCaptcha code Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
medalta Posted January 7, 2009 Share Posted January 7, 2009 Scott, Thanks for your work on this, I have been dealing with some moron since just before Xmas through our contact page. I went with option "A" because of your notation about possible support issues in future recaptcha releases. I would have prefered the nice clean look of Option "B" but also would rather not have to worry if and when something changes. You done did a good thing and I really appreciate it. :D Larry Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted January 7, 2009 Author Share Posted January 7, 2009 Your welcome. Glad to serve... Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
GoAia Posted January 10, 2009 Share Posted January 10, 2009 Hi Just installed according to instructions in create_account.php and everything looks fine, but can register an account without filling in the form - what have I missed? Thanks Lollo Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted January 10, 2009 Author Share Posted January 10, 2009 HiJust installed according to instructions in create_account.php and everything looks fine, but can register an account without filling in the form - what have I missed? Thanks Lollo most likely you missed the error redirect - you should go and double check all entries in that file. Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
GoAia Posted January 10, 2009 Share Posted January 10, 2009 Thanks for fast reply. I found it. Thank you very much and have a good day! Lollo Quote Link to comment Share on other sites More sharing options...
gazza23 Posted January 11, 2009 Share Posted January 11, 2009 excellent contrib, got it working straight off no hassles - thanks Quote Link to comment Share on other sites More sharing options...
GoAia Posted January 14, 2009 Share Posted January 14, 2009 Hi again Trying to get this working with the customer_testimonials_write, but how I try, I get the "The Security Code was not entered correctly: (reCAPTCHA output: incorrect-captcha-sol)". SSL is activated on my site, and I have tried both SSL and no SSL version, but same result - seems as something is not correct. What can I check? Thanks Lollo Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted January 14, 2009 Author Share Posted January 14, 2009 Hi againTrying to get this working with the customer_testimonials_write, but how I try, I get the "The Security Code was not entered correctly: (reCAPTCHA output: incorrect-captcha-sol)". SSL is activated on my site, and I have tried both SSL and no SSL version, but same result - seems as something is not correct. What can I check? Thanks Lollo are you using the integrated or non-integrated look? are you using Customer Testimonials 3.62? Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
GoAia Posted January 14, 2009 Share Posted January 14, 2009 are you using the integrated or non-integrated look? are you using Customer Testimonials 3.62? Scott Latest download, ver 3.62, non integrated look. I got it to work fine in the create_account + contact_us page. /Lollo Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted January 14, 2009 Author Share Posted January 14, 2009 Latest download, ver 3.62, non integrated look. I got it to work fine in the create_account + contact_us page. /Lollo have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
GoAia Posted January 19, 2009 Share Posted January 19, 2009 have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <!-- start modification for reCaptcha --> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- end modification for reCaptcha --> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo Quote Link to comment Share on other sites More sharing options...
GoAia Posted January 19, 2009 Share Posted January 19, 2009 have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <!-- start modification for reCaptcha --> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- end modification for reCaptcha --> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo Quote Link to comment Share on other sites More sharing options...
GoAia Posted January 19, 2009 Share Posted January 19, 2009 have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <!-- start modification for reCaptcha --> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- end modification for reCaptcha --> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo Quote Link to comment Share on other sites More sharing options...
GoAia Posted January 19, 2009 Share Posted January 19, 2009 have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <!-- start modification for reCaptcha --> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- end modification for reCaptcha --> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo Quote Link to comment Share on other sites More sharing options...
GoAia Posted January 19, 2009 Share Posted January 19, 2009 have you gone back through the steps for the customer testimonials reCaptcha to make sure it was installed correctly? It sounds like you are missing a part of the code. Scott Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <!-- start modification for reCaptcha --> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> <!-- end modification for reCaptcha --> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo Quote Link to comment Share on other sites More sharing options...
olsonsp4c Posted January 21, 2009 Author Share Posted January 21, 2009 Hi again, I have tried to re install this part (it works on create account and contact_us), with the same result. I do not understand, due to my limited skill here. Have tried with both "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td>" and "<td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY, null, ($request_type == 'SSL')); ?></td>" This is the present code: "<?php /* $Id: customer_testimonials.php 10/20/2008 Exp $ Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CUSTOMER_TESTIMONIALS); // start modification for reCaptcha require_once('includes/classes/recaptchalib.php'); // end modification for reCaptcha $testimonials_error = false; if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'insert')) { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); if (empty($testimonials_title)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_TITLE_REQUIRED); } if (empty($testimonials_name)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_NAME_REQUIRED); } if (empty($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_EMAIL_REQUIRED); } if (!tep_validate_email($testimonials_email)) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (empty($html_text)) { $testimonials_error = true; $messageStack->add('testimonials', ERROR_TESTIMONIALS_DESCRIPTION_REQUIRED); } // start modification for reCaptcha // the response from reCAPTCHA $resp = null; // was there a reCAPTCHA response? $resp = recaptcha_check_answer (RECAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $testimonials_error = true; $messageStack->add('testimonials', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")"); } // end modification for reCaptcha if (!$testimonials_error) { $sql_data_array = array('testimonials_title' => $testimonials_title, 'testimonials_location' => $testimonials_location, 'testimonials_name' => $testimonials_name, 'testimonials_email' => $testimonials_email, 'testimonials_html_text' => $html_text); if ($HTTP_GET_VARS['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '0'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CUSTOMER_TESTIMONIALS, $sql_data_array); $testimonials_id = tep_db_insert_id(); // email notification added by maestro $email_text = TESTIMONIAL_NOTIFICATION_TEXT . $testimonials_name . TESTIMONIAL_CONJ . $testimonials_location . '.' . "\n\n" . TESTIMONIAL_NOTIFICATION_TITLE . $testimonials_title . "\n\n" . TESTIMONIAL_NOTIFICATION_HTML_TEXT . $html_text . "\n\n" . TESTIMONIAL_NOTIFICATION_APPROVE; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, TESTIMONIAL_NOTIFICATION_SUBJECT, $email_text, $testimonials_name, $testimonials_email); } $testimonials_id = ''; $testimonials_title = ''; $testimonials_location = ''; $testimonials_name = ''; $testimonials_email = ''; $html_text = ''; tep_redirect(tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=success')); } else { $testimonials_id = tep_db_prepare_input($HTTP_POST_VARS['testimonials_id']); $testimonials_title = tep_db_prepare_input($HTTP_POST_VARS['testimonials_title']); $testimonials_location = tep_db_prepare_input($HTTP_POST_VARS['testimonials_location']); $testimonials_name = tep_db_prepare_input($HTTP_POST_VARS['testimonials_name']); $testimonials_email = tep_db_prepare_input($HTTP_POST_VARS['testimonials_email']); $html_text = tep_db_prepare_input($HTTP_POST_VARS['html_text']); } } $breadcrumb->add(NAVBAR_TITLE2, tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <table width="100%"> <tr> <td width="2%" class="col_left"><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?></td> <td width="96%"><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="100%" valign="top"> <form name="customer_testimonial" method="post" action="<?php echo tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS_WRITE, 'action=insert', 'SSL'); ?>"> <tr> <td width="100%" class="col_center"> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading" colspan="2"><?php echo HEADING_TITLE2; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('testimonials') > 0) { ?> <tr> <td><?php echo $messageStack->output('testimonials'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo TEXT_TESTIMONIALS_SUCCESSFUL; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $testimonials_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $testimonials_email = $account['customers_email_address']; } ?> <tr> <td> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_INTRO; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table align="center" width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TEXT_TESTIMONIALS_WRITE; ?></b></td> <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> </tr> <tr> <td class="infoBox"><table width="100%" border="0" cellspacing="0" cellpadding="7" class="infoBoxContents"> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_TITLE; ?><br> <?php echo tep_draw_input_field('testimonials_title', $testimonials_title, '', true); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_NAME; ?><br> <?php echo tep_draw_input_field('testimonials_name', $testimonials_name, '', true); ?> <span class="inputRequirement">*</span></td> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_EMAIL; ?><br> <?php echo tep_draw_input_field('testimonials_email'); ?> <span class="inputRequirement">*</span></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo TEXT_TESTIMONIALS_LOCATION; ?><br> <?php echo tep_draw_input_field('testimonials_location', $testimonials_location); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td valign="top" class="main"><?php echo TEXT_BANNERS_HTML_TEXT; ?> <span class="inputRequirement">*</span><br> <?php echo tep_draw_textarea_field('html_text', 'soft', '130', '10', $html_text); ?></td> </tr> </table></td> </tr> </table></td> </tr></table> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr><td class="main"><b><?php echo ENTRY_SECURITY_CHECK1; ?></b></td></tr></table> <?php echo tep_draw_infoBox_top(); ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" cellspacing="2" cellpadding="2"> <tr> <?php $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'"); $language_id = tep_db_fetch_array($languages_query); ?> <script> var RecaptchaOptions = { theme : 'clean', tabindex : 3, lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>', }; </script> <td><?php echo recaptcha_get_html(RECAPTCHA_PUBLIC_KEY); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table> <?php echo tep_draw_infoBox_bottom(); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" align="left" valign="middle"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td class="main" align="right" valign="middle"><?php echo tep_image_submit('button_submit.gif', IMAGE_BUTTON_SUBMIT); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> </form></td> </tr> <?php } ?> </table> </td> <td width="2%" class="col_right"><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?></td> </tr> </table> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>" If I do not use this tool on this page, will the "function ct_sanitise($vartosanitise) { $vartosanitise = preg_replace("/[^0-9]/i", "", $vartosanitise); return $vartosanitise; }" which is implemented on the customer_testimonials protect the page? Maybe it has something to do with the "SSL" function. Has tried to switch on and off in OsCommerce, but same result. Maybe you see what is wrong right away. Thanks Lollo It could be that the form tag has not been moved into proper placement, that is my guess - i looked at the rest of the code and it looks good - I have it working on three different sites currently for customer_testimonials and have installed for many other clients and it dropped in just fine... wish I could help more. Scott Quote Addons I've crafted: osC reCaptcha | Live Support phpOnline | Store Mode | Simple Categories Header | Authorize.Net Infobox Package Tracking Plus | USPS Flat Rate Shipping | USPS Shipping Insurance | RapidSSL Infobox Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.