Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

NEW: Anti Robot Registration Validation


Druide

Recommended Posts

That query is not part of this, where do you get it exactly, what osC version & is it a template?

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

I'm using the latest verson of OsCommerce (2.2 RC2). No template. I just imported the SQL file in the MySQL admin page.

 

By the way, I finished the installation and it seems to be working fine.

 

I did notice one thing though. If you refresh the image you get a new one, but it seems that you can only refresh once. Is that by design?

 

Thanks again for this great feature!

 

 

 

 

That query is not part of this, where do you get it exactly, what osC version & is it a template?
Link to comment
Share on other sites

Must have been some querk in you sql admin

 

Yes, in the current version there is only one refresh

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

In reply to Zag from other thread.

 

The sql files are given self explanitory titles, so no need to refer to them further.

 

If you installed after version 2.8 just run the 2.8 to 3.0 sql

 

3.0 is a re-write & most things are altered or moved, your best bet it to uninstall then install 3.0

 

3.0 is modular, so the edits to files are much reduced, ie much of the code you had to add b4 is now redundant

 

As mentioned in install some files are optional like link_submit.php it belongs with links_manager II, so if you don`t have that don`t bother with it.

 

Thanks Sam!

 

How can I delete the old SQL installation (I used the 2.9.1) ?

I mean, how to delete tables it did ?

Link to comment
Share on other sites

Using tep_href_link for all links

 

If your not then only using cookies can prevent problems

 

Have you tried testing after clearing cache & cookies?

 

I've tried on 2 computers and its still the same. I updated from 2.9.1, because that wasn't working. Although, I'm sure it was when I first installed it..

 

How do I go about changing the links in my HTML file from, a href to tep_href_link..?

 

Also how would I prove using 3.0?

Link to comment
Share on other sites

OK. Thanks.

 

Would it be hard to get it to do multiple refreshes?

 

The refresh actually just provides an alternative view of the original code, to have multiple refresh would mean re-writing validation code in javascript or having a full page refresh (1.9.1 did that but lost data in the process)

 

As javascript operates client side its possible that going that route would allows hackers to put there own code, so I don`t think its worth the hastle.

 

On the next release the button will remain & image will swap view on each press, I think thats sufficient to allay any 'reading' problems.

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Good Morning Sam

 

I have been following the discussion on here with interest as I am also having problems. I have installed your contribution version 3.0 on a vanilla oscommerce 2.2rc2a install (PHP 5.2.6)

 

The reg code works on create account and p/w forgotten but provokes invalid code errors on edit a/c, change p/w and contact us. Like you say I can't see why it works for some files and not for others

 

I have checked your thread re losing SID and can't see any problems there. I have created a user (no probs) and logged out. I log back in and note the oscSID, navigate to contact us (oscSID unchanged) fill in the form (oscSID unchanged) enter the code (correctly) and get a validation code error ... throughout all this the oscSID as displayed in the URL remains unchanged

 

Force cookie usage set to false (did try setting to true to check difference and got the red warning session ID lost message ... think this is down to how I treat cookies)

 

Installation is on my local disk (win XP) running under a local host config set up via XAMPP for Windows 1.6.8

 

I believe I did see some comment somewhere that implied there could be a prob running as a localhost under Windows. Did I dream that and/or could you give me any other pointers .... many thanks

Link to comment
Share on other sites

Oops, I spottted an error that could cause an issue for some sites. :blush:

 

replace the contents of includes/modules/validation_check.php with:

 

<?php /*
 $Id: validation_check.php v1.1 2009-03-16 12:52:16Z hpdl $

 osCommerce, Open Source E-Commerce Solutions
 [url="http://www.oscommerce.com/"]http://www.oscommerce.com[/url]

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/ 
 $validated = $_POST['validated'];
 $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1";
  if( !$result = tep_db_query($sql) ) {
	$error = true;
	$entry_antirobotreg_error = true;
	$text_antirobotreg_error = ERROR_VALIDATION_1;
  } else {
	$entry_antirobotreg_error = false;
	$anti_robot_row = tep_db_fetch_array($result);
	if ((( strtoupper($_POST['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($_POST['antirobotreg']) != ENTRY_VALIDATION_LENGTH)) && ($validated != CODE_CHECKED || strlen($validated) == 0)) {
	  $error = true;
	  $entry_antirobotreg_error = true;
	  $text_antirobotreg_error = ERROR_VALIDATION_2;
	} else {
	  $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'";
	  if( !$result = tep_db_query($sql) ) {
		$error = true;
		$entry_antirobotreg_error = true;
		$text_antirobotreg_error = ERROR_VALIDATION_3;
	  } else {
		$sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . "";
		if( !$result = tep_db_query($sql) ) {
		  $error = true;
		  $entry_antirobotreg_error = true;
		  $text_antirobotreg_error = ERROR_VALIDATION_4;
		} else {
		  $entry_antirobotreg_error = false;; if (str_replace(array(FILENAME_CREATE_ACCOUNT,FILENAME_LINKS_SUBMIT,FILENAME_CONTACT_US,FILENAME_A
CCOUNT_EDIT,FILENAME_PASSWORD_FORGOTTEN), '', $PHP_SELF) != $PHP_SELF) $validated = CODE_CHECKED;
		}
	  }
	}
  } 
?>

Edited by spooks

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

You don`t need to as I said just run the 2.8 to 3.0 sql

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Oops, I spottted an error that could cause an issue for some sites. :blush:

 

replace the contents of includes/modules/validation_check.php with:

 

<?php /*
 $Id: validation_check.php v1.1 2009-03-16 12:52:16Z hpdl $

 osCommerce, Open Source E-Commerce Solutions
 [url="http://www.oscommerce.com/"]http://www.oscommerce.com[/url]

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/ 
 $validated = $_POST['validated'];
 $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1";
  if( !$result = tep_db_query($sql) ) {
	$error = true;
	$entry_antirobotreg_error = true;
	$text_antirobotreg_error = ERROR_VALIDATION_1;
  } else {
	$entry_antirobotreg_error = false;
	$anti_robot_row = tep_db_fetch_array($result);
	if ((( strtoupper($_POST['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($_POST['antirobotreg']) != ENTRY_VALIDATION_LENGTH)) && ($validated != CODE_CHECKED || strlen($validated) == 0)) {
	  $error = true;
	  $entry_antirobotreg_error = true;
	  $text_antirobotreg_error = ERROR_VALIDATION_2;
	} else {
	  $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'";
	  if( !$result = tep_db_query($sql) ) {
		$error = true;
		$entry_antirobotreg_error = true;
		$text_antirobotreg_error = ERROR_VALIDATION_3;
	  } else {
		$sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . "";
		if( !$result = tep_db_query($sql) ) {
		  $error = true;
		  $entry_antirobotreg_error = true;
		  $text_antirobotreg_error = ERROR_VALIDATION_4;
		} else {
		  $entry_antirobotreg_error = false;; if (str_replace(array(FILENAME_CREATE_ACCOUNT,FILENAME_LINKS_SUBMIT,FILENAME_CONTACT_US,FILENAME_A
CCOUNT_EDIT,FILENAME_PASSWORD_FORGOTTEN), '', $PHP_SELF) != $PHP_SELF) $validated = CODE_CHECKED;
		}
	  }
	}
  } 
?>

 

 

Thanks Sam ... this mod has sorted out my problems and all files now work as expected ... great job

Link to comment
Share on other sites

Uploaded V3.1

 

Update Detail

 

  • Fixed bug in includes/modules/validation_check.php that may cause issues for some sites.
  • Modified so Alternate View button will remain & image will swap view on each press.
  • The only changed files effected in this are catalog/includes/modules/validation.php and catalog/includes/modules/validation_check.php

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Using tep_href_link for all links

 

If your not then only using cookies can prevent problems

 

Have you tried testing after clearing cache & cookies?

 

 

Sam, please, I did all installing 3.0

Nothing... I still have the red alert and the SID problem.

 

How can I try to clearing cache & cookies ?

Or do you mean in my browser ?

 

Any other idea ?

... I need to cry a little...

Link to comment
Share on other sites

Most likely you have SID issues: http://www.oscommerce.com/forums/index.php?sho...c=330479&hl

 

Its just possible you have an isssue with the 'empty' function, try this:

 

in validation_png.php replace

 

if(empty($HTTP_GET_VARS['rsid']))

 

with:

 

$rsid = $_GET['rsid'];
if (($rsid == '') || (strtolower($rsid) == 'null') || (strlen(trim($rsid)) == 0))

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Does this contribution works ONLY for english site versions ??? :huh:

 

Many error messages are in english only yes, it takes extra effort to make contribs fully multi-lingual, so its always something that gets left till there's the time & inclination to do it.

 

If thats a problem just go through the files & translate any text you find.

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

SID killer won`t prevent SID issues, it still appears your loosing the SID

 

You could try changing:

 

Configuration -> Images -> Image Required set to true

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Many error messages are in english only yes, it takes extra effort to make contribs fully multi-lingual, so its always something that gets left till there's the time & inclination to do it.

 

If thats a problem just go through the files & translate any text you find.

 

Sam... That was something like a joke...

As it seems the contribution works for everybody but not me...

 

I still have the red alert and the button to refresh is freezed.

Any idea ?

Link to comment
Share on other sites

SID killer won`t prevent SID issues, it still appears your loosing the SID

 

You could try changing:

 

Configuration -> Images -> Image Required set to true

 

it is already true. i have used oscommerce rc2a new. same problem.

Generation Error:

Missing SID

Please Refresh your browser

i have

in validation_png.php replace

 

CODE

if(empty($HTTP_GET_VARS['rsid']))

 

with:

 

CODE

$rsid = $_GET['rsid'];

if (($rsid == '') || (strtolower($rsid) == 'null') || (strlen(trim($rsid)) == 0))

 

 

after again no bild. this is big problem. have u got another idea? or sent me your worked shop.

Link to comment
Share on other sites

Then its SID problems: http://www.oscommerce.com/forums/index.php?sho...c=330479&hl

 

Do all your links use tep_href_link ?

 

PS are you using a template?

Edited by spooks

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

i don`t understand. i have lock for exam: product info is so link

tep_href_link(DIR_WS_IMAGES . $product_info['products_image']) . '" target="_blank">'

 

i wrote a private message written. can you send me a new RC2a mit worked antirobot PLEASE.because I have tried so much. i want only RC2a (http://www.oscommerce.com/about/news,130) with antirobot

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...