Jump to content

Archived

This topic is now archived and is closed to further replies.

grandpaj

Anti spam

Recommended Posts

Hi

 

We are getting a lot of spam and am wondering what is the best and easist way to combat this. Something which is simple and easy to read. Some Captcha are so hard to read. Using BS234

 

Any thoughts would be appreciated.

 

Grandpa

BS234

Share this post


Link to post
Share on other sites

Hi

 

If you Google hidden field captcha (or honeypot captcha) - worth a try as it reduces spam without adding a hard to read captcha image (I don't know an osC addon though)

Share this post


Link to post
Share on other sites

@@grandpaj

 

I don't know how many Spam Mails you get but osC should have Action Recorder running which prevents part of the Spam and then you can add as Nick and Dave mentioned additional Security Checks if you like.

I myself use the math method it won't take more then 2 min to implement this.

 

Look here:

 

http://pastebin.com/L7zaX7Tr

 

http://pastebin.com/Wz5LmjJ9

 

Adding reCaptcha is also an alternative but bear in mind that some people have difficulties to read them.

Share this post


Link to post
Share on other sites

@@Tsimi

 

Hi Lambros

 

I did try this, but gave up as I haven't a clue about most of the code as it looked to me like Ver2.3

I do like the idea of a simple math question as the Google reCaptcha and others. as you have said are hard to read, and can be of putting.

 

I did check action recorder but that didn't show anything,

 

Will keep an eye on your new site in the next day or so.

 

All the best

 

John

Share this post


Link to post
Share on other sites

@@grandpaj

 

I just installed it into a clean BS shop and it took me roughly 5 min incl. the changes to BS style.

 

open your contact_us.php

 

look for this code

$enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']);

and add this AFTER it

// BOF MATH SECURITY
$protect = tep_db_prepare_input($HTTP_POST_VARS['protect']);
$lock = tep_db_prepare_input(base64_decode($HTTP_POST_VARS['lock'])); 

if ($protect != $lock) {
  $error = true;

  $messageStack->add('contact', ENTRY_EMAIL_HUMAN_CHECK_ERROR);
}
// EOF MATH SECURITY

then look for this code

<?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send'), 'post', 'class="form-horizontal"', true); ?>

and add this AFTER it

<!-- BOF MATH SECURITY //-->
<?php
$a = rand(1, 9);
$b = rand(1, 9);
echo tep_draw_hidden_field('lock', base64_encode(($a + $b)));
?>
<!-- EOF MATH SECURITY //-->

then look for this code

    <div class="form-group has-feedback">
      <label for="inputEnquiry" class="control-label col-sm-3"><?php echo ENTRY_ENQUIRY; ?></label>
      <div class="col-sm-9">
        <?php
        echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, NULL, 'required aria-required="true" id="inputEnquiry" placeholder="' . ENTRY_ENQUIRY . '"');
        echo FORM_REQUIRED_INPUT;
        ?>
      </div>
    </div>

and add this right AFTER it

<!-- BOF MATH SECURITY //-->	
	<div class="form-group has-feedback">
      <label for="inputHuman" class="control-label col-sm-3"><?php echo sprintf(ENTRY_HUMAN, $a, $b); ?></label>
      <div class="col-sm-9">
        <?php
		echo tep_draw_input_field('protect', NULL, 'required autofocus="autofocus" aria-required="true" id="inputHuman" placeholder="' . sprintf(ENTRY_HUMAN, $a, $b) . '"');
        echo FORM_REQUIRED_INPUT;
        ?>
      </div>
    </div>
<!-- EOF MATH SECURITY //-->	

then open your includes/languages/english/contact_us.php and add this

(change the text to what ever you like)

define('ENTRY_HUMAN', 'What is the sum of %s and %s ?');
define('ENTRY_EMAIL_HUMAN_CHECK_ERROR', 'You are a robot or you think 2+2=5.  Please go away.');

And that's all there is.

Share this post


Link to post
Share on other sites

okay I also installed this but how do I get rid of this line of text next to the field???

 

 

 

ps is there also something simple like this for the tell a friend page? cause \i have looked at many scripts but each time I want to edit something and i need to find certain text ,I either don't have it in my files or it's totally different, it's driving me nuts  ps I have os 2.3.4

post-337115-0-03981200-1442406016_thumb.jpg

Share this post


Link to post
Share on other sites

That FORM_REQUIRED_INPUT is a typo I've seen in a number of add-ons. I think it should be FORM_REQUIRED_INFORMATION, which is defined as "Required" (in English).

Share this post


Link to post
Share on other sites

×