Jump to content
Sign in to follow this  
Druide

NEW: Anti Robot Registration Validation

Recommended Posts

That query is not part of this, where do you get it exactly, what osC version & is it a template?


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

I'm using the latest verson of OsCommerce (2.2 RC2). No template. I just imported the SQL file in the MySQL admin page.

 

By the way, I finished the installation and it seems to be working fine.

 

I did notice one thing though. If you refresh the image you get a new one, but it seems that you can only refresh once. Is that by design?

 

Thanks again for this great feature!

 

 

 

 

That query is not part of this, where do you get it exactly, what osC version & is it a template?

Share this post


Link to post
Share on other sites

Must have been some querk in you sql admin

 

Yes, in the current version there is only one refresh


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

OK. Thanks.

 

Would it be hard to get it to do multiple refreshes?

 

 

 

Must have been some querk in you sql admin

 

Yes, in the current version there is only one refresh

Share this post


Link to post
Share on other sites
In reply to Zag from other thread.

 

The sql files are given self explanitory titles, so no need to refer to them further.

 

If you installed after version 2.8 just run the 2.8 to 3.0 sql

 

3.0 is a re-write & most things are altered or moved, your best bet it to uninstall then install 3.0

 

3.0 is modular, so the edits to files are much reduced, ie much of the code you had to add b4 is now redundant

 

As mentioned in install some files are optional like link_submit.php it belongs with links_manager II, so if you don`t have that don`t bother with it.

 

Thanks Sam!

 

How can I delete the old SQL installation (I used the 2.9.1) ?

I mean, how to delete tables it did ?

Share this post


Link to post
Share on other sites
Using tep_href_link for all links

 

If your not then only using cookies can prevent problems

 

Have you tried testing after clearing cache & cookies?

 

I've tried on 2 computers and its still the same. I updated from 2.9.1, because that wasn't working. Although, I'm sure it was when I first installed it..

 

How do I go about changing the links in my HTML file from, a href to tep_href_link..?

 

Also how would I prove using 3.0?

Share this post


Link to post
Share on other sites
OK. Thanks.

 

Would it be hard to get it to do multiple refreshes?

 

The refresh actually just provides an alternative view of the original code, to have multiple refresh would mean re-writing validation code in javascript or having a full page refresh (1.9.1 did that but lost data in the process)

 

As javascript operates client side its possible that going that route would allows hackers to put there own code, so I don`t think its worth the hastle.

 

On the next release the button will remain & image will swap view on each press, I think thats sufficient to allay any 'reading' problems.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Good Morning Sam

 

I have been following the discussion on here with interest as I am also having problems. I have installed your contribution version 3.0 on a vanilla oscommerce 2.2rc2a install (PHP 5.2.6)

 

The reg code works on create account and p/w forgotten but provokes invalid code errors on edit a/c, change p/w and contact us. Like you say I can't see why it works for some files and not for others

 

I have checked your thread re losing SID and can't see any problems there. I have created a user (no probs) and logged out. I log back in and note the oscSID, navigate to contact us (oscSID unchanged) fill in the form (oscSID unchanged) enter the code (correctly) and get a validation code error ... throughout all this the oscSID as displayed in the URL remains unchanged

 

Force cookie usage set to false (did try setting to true to check difference and got the red warning session ID lost message ... think this is down to how I treat cookies)

 

Installation is on my local disk (win XP) running under a local host config set up via XAMPP for Windows 1.6.8

 

I believe I did see some comment somewhere that implied there could be a prob running as a localhost under Windows. Did I dream that and/or could you give me any other pointers .... many thanks

Share this post


Link to post
Share on other sites

Oops, I spottted an error that could cause an issue for some sites. :blush:

 

replace the contents of includes/modules/validation_check.php with:

 

<?php /*
 $Id: validation_check.php v1.1 2009-03-16 12:52:16Z hpdl $

 osCommerce, Open Source E-Commerce Solutions
 [url="http://www.oscommerce.com/"]http://www.oscommerce.com[/url]

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/ 
 $validated = $_POST['validated'];
 $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1";
  if( !$result = tep_db_query($sql) ) {
	$error = true;
	$entry_antirobotreg_error = true;
	$text_antirobotreg_error = ERROR_VALIDATION_1;
  } else {
	$entry_antirobotreg_error = false;
	$anti_robot_row = tep_db_fetch_array($result);
	if ((( strtoupper($_POST['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($_POST['antirobotreg']) != ENTRY_VALIDATION_LENGTH)) && ($validated != CODE_CHECKED || strlen($validated) == 0)) {
	  $error = true;
	  $entry_antirobotreg_error = true;
	  $text_antirobotreg_error = ERROR_VALIDATION_2;
	} else {
	  $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'";
	  if( !$result = tep_db_query($sql) ) {
		$error = true;
		$entry_antirobotreg_error = true;
		$text_antirobotreg_error = ERROR_VALIDATION_3;
	  } else {
		$sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . "";
		if( !$result = tep_db_query($sql) ) {
		  $error = true;
		  $entry_antirobotreg_error = true;
		  $text_antirobotreg_error = ERROR_VALIDATION_4;
		} else {
		  $entry_antirobotreg_error = false;; if (str_replace(array(FILENAME_CREATE_ACCOUNT,FILENAME_LINKS_SUBMIT,FILENAME_CONTACT_US,FILENAME_A
CCOUNT_EDIT,FILENAME_PASSWORD_FORGOTTEN), '', $PHP_SELF) != $PHP_SELF) $validated = CODE_CHECKED;
		}
	  }
	}
  } 
?>

Edited by spooks

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

You don`t need to as I said just run the 2.8 to 3.0 sql


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites
Oops, I spottted an error that could cause an issue for some sites. :blush:

 

replace the contents of includes/modules/validation_check.php with:

 

<?php /*
 $Id: validation_check.php v1.1 2009-03-16 12:52:16Z hpdl $

 osCommerce, Open Source E-Commerce Solutions
 [url="http://www.oscommerce.com/"]http://www.oscommerce.com[/url]

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/ 
 $validated = $_POST['validated'];
 $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1";
  if( !$result = tep_db_query($sql) ) {
	$error = true;
	$entry_antirobotreg_error = true;
	$text_antirobotreg_error = ERROR_VALIDATION_1;
  } else {
	$entry_antirobotreg_error = false;
	$anti_robot_row = tep_db_fetch_array($result);
	if ((( strtoupper($_POST['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($_POST['antirobotreg']) != ENTRY_VALIDATION_LENGTH)) && ($validated != CODE_CHECKED || strlen($validated) == 0)) {
	  $error = true;
	  $entry_antirobotreg_error = true;
	  $text_antirobotreg_error = ERROR_VALIDATION_2;
	} else {
	  $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'";
	  if( !$result = tep_db_query($sql) ) {
		$error = true;
		$entry_antirobotreg_error = true;
		$text_antirobotreg_error = ERROR_VALIDATION_3;
	  } else {
		$sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . "";
		if( !$result = tep_db_query($sql) ) {
		  $error = true;
		  $entry_antirobotreg_error = true;
		  $text_antirobotreg_error = ERROR_VALIDATION_4;
		} else {
		  $entry_antirobotreg_error = false;; if (str_replace(array(FILENAME_CREATE_ACCOUNT,FILENAME_LINKS_SUBMIT,FILENAME_CONTACT_US,FILENAME_A
CCOUNT_EDIT,FILENAME_PASSWORD_FORGOTTEN), '', $PHP_SELF) != $PHP_SELF) $validated = CODE_CHECKED;
		}
	  }
	}
  } 
?>

 

 

Thanks Sam ... this mod has sorted out my problems and all files now work as expected ... great job

Share this post


Link to post
Share on other sites

Uploaded V3.1

 

Update Detail

 

  • Fixed bug in includes/modules/validation_check.php that may cause issues for some sites.
  • Modified so Alternate View button will remain & image will swap view on each press.
  • The only changed files effected in this are catalog/includes/modules/validation.php and catalog/includes/modules/validation_check.php


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites
Using tep_href_link for all links

 

If your not then only using cookies can prevent problems

 

Have you tried testing after clearing cache & cookies?

 

 

Sam, please, I did all installing 3.0

Nothing... I still have the red alert and the SID problem.

 

How can I try to clearing cache & cookies ?

Or do you mean in my browser ?

 

Any other idea ?

... I need to cry a little...

Share this post


Link to post
Share on other sites

<_<

I uploaded the last 3.1

 

Nothing has changed for me,

also, the button "Alternate View" is like locked...

Doesn't work (I mean as a button).

Share this post


Link to post
Share on other sites

Does this contribution works ONLY for english site versions ??? :huh:

Share this post


Link to post
Share on other sites

i have a problem so:

 

Generation Error:

Missing SID

Please Refresh your browser

 

my Anti Robot Registration Validation V3.1 version.

my system osCommerce Online Merchant v2.2 RC2

PHP Versiyon: 5.2.6

MySQL 5.0.51

Share this post


Link to post
Share on other sites

Most likely you have SID issues: http://forums.oscommerce.com/index.php?sho...c=330479&hl

 

Its just possible you have an isssue with the 'empty' function, try this:

 

in validation_png.php replace

 

if(empty($HTTP_GET_VARS['rsid']))

 

with:

 

$rsid = $_GET['rsid'];
if (($rsid == '') || (strtolower($rsid) == 'null') || (strlen(trim($rsid)) == 0))


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites
Does this contribution works ONLY for english site versions ??? :huh:

 

Many error messages are in english only yes, it takes extra effort to make contribs fully multi-lingual, so its always something that gets left till there's the time & inclination to do it.

 

If thats a problem just go through the files & translate any text you find.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

SID killer won`t prevent SID issues, it still appears your loosing the SID

 

You could try changing:

 

Configuration -> Images -> Image Required set to true


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites
Many error messages are in english only yes, it takes extra effort to make contribs fully multi-lingual, so its always something that gets left till there's the time & inclination to do it.

 

If thats a problem just go through the files & translate any text you find.

 

Sam... That was something like a joke...

As it seems the contribution works for everybody but not me...

 

I still have the red alert and the button to refresh is freezed.

Any idea ?

Share this post


Link to post
Share on other sites
SID killer won`t prevent SID issues, it still appears your loosing the SID

 

You could try changing:

 

Configuration -> Images -> Image Required set to true

 

it is already true. i have used oscommerce rc2a new. same problem.

Generation Error:

Missing SID

Please Refresh your browser

i have

in validation_png.php replace

 

CODE

if(empty($HTTP_GET_VARS['rsid']))

 

with:

 

CODE

$rsid = $_GET['rsid'];

if (($rsid == '') || (strtolower($rsid) == 'null') || (strlen(trim($rsid)) == 0))

 

 

after again no bild. this is big problem. have u got another idea? or sent me your worked shop.

Share this post


Link to post
Share on other sites

Then its SID problems: http://forums.oscommerce.com/index.php?sho...c=330479&hl

 

Do all your links use tep_href_link ?

 

PS are you using a template?

Edited by spooks

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

i don`t understand. i have lock for exam: product info is so link

tep_href_link(DIR_WS_IMAGES . $product_info['products_image']) . '" target="_blank">'

 

i wrote a private message written. can you send me a new RC2a mit worked antirobot PLEASE.because I have tried so much. i want only RC2a (http://www.oscommerce.com/about/news,130) with antirobot

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×