Jump to content
Sign in to follow this  
Druide

NEW: Anti Robot Registration Validation

Recommended Posts

 

 

Yes your right, there should be a test in the code, thbough a better script would be:

 

<?php  
echo "GD support on your server: ";  

if(function_exists("gd_info"))  
{  
echo "YES<br>";  
$gd = gd_info(); 
echo 'XBM Support = ' . ($gd['XBM Support'] ? 'Yes' : 'No' ) . '<br>';
} else {
echo "NO";  
} 
?>

 

Ealy versions of this did use images, perhaps you would prefer to use those (take care of the bugs though!) smile.gif


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

This issue is about reload.gif button which for an unkown reason placed in catalog/images folder in v3.1

Meanwhile if you store is multilanguage you would like to have corresponding button in languages/you_language/images/buttons folder where all of you buttons are stored.

 

This requires modification of the path in modules/validation.php on line 69

 document.writeln('<?php echo tep_image_button('button_update.gif', IMAGE_BUTTON_RELOAD)?><\/a>')

 

I use button_update.gif just because it is already available in all languages but you can to draw a spechial one.

Also dont forget to define button in english.php and all of you main langiage files

define('IMAGE_BUTTON_RELOAD', 'Alternative view');

Share this post


Link to post
Share on other sites

Hi,

 

I installed this contribution on my test site.

Instead of showing the verification code it shows this error:

 

Generation Error: Missing SID

Please refresh the browser

 

I allready searched for this error and found it could have something to do with loosing the session ID.

The links to eg. my login page were not correct. Now, I corrected it like suggested in this post

Still, the generation error is showing up.

 

Any ideas?

Share this post


Link to post
Share on other sites

Generation Error: Missing SID

Please refresh the browser

 

 

 

Can be a server issue, what is the server type & versions?

 

Also Check what options are supported by your GD library, XBM support & jpeg required.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Can be a server issue, what is the server type & versions?

Also Check what options are supported by your GD library, XBM support & jpeg required.

Apache/2.2.3 (Win32) PHP/5.2.0

xbm and jpeg support are enabled on the server

Share this post


Link to post
Share on other sites

Apache/2.2.3 (Win32) PHP/5.2.0

xbm and jpeg support are enabled on the server

 

 

I'm afraid, for the most part (there have been exceptions) this type of add-on does not work on windows servers, the proof is where some have tried on xamp on their pc, would'nt work, transfered files to linux web server, issues gone!!

 

There can be other issues with windows servers, can u upgrade to linux? wink.gif


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

There can be other issues with windows servers, can u upgrade to linux? wink.gif

This is my local testing server (using wampserver). My live site is on a linux server.

Only XBM isn't supported there. I need to ask my host if it's possible to activate it.

Share this post


Link to post
Share on other sites

Hi, nice work ! Thank u

Can u help me, when i load the page i become a php error :

 

I work under:

oscommerce-2.2rc2a, OSX 10.3.9, php 5.1.6, apache 2, gd xbm tested, i use ttf fonts.

 

I search over urand(), $angle and more but found nothing.

 

php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  6 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  14 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  7 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  17 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  8 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  18 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  13 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50

 

Thank u

Edited by PiBo

Share this post


Link to post
Share on other sites

Is there any possibility to mod this addon to output a completely new image/code every time the button is pushed? In that case - how?

 

Because using the button right now generates the same picture, but with the characters arranged differently and most of the time this alter the size of the image (even though it's set to a fixed size through the admin section) & it kinda mess up the GUI for my part...

Share this post


Link to post
Share on other sites

Is there any possibility to mod this addon to output a completely new image/code every time the button is pushed? In that case - how?

 

 

 

You seem to have mis-read the pupose of the function, its possible that the visitor may have trouble reading the chars, so by allowing them an alternate view, you circumvent the issue.

 

 

 

To get a new code, refresh the page, any code change routine must do the same.

 

 


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

You seem to have mis-read the pupose of the function, its possible that the visitor may have trouble reading the chars, so by allowing them an alternate view, you circumvent the issue.

 

 

 

To get a new code, refresh the page, any code change routine must do the same.

 

 

I didn't miss read it, I just though I could mod it into working that way :-"

I'll work out a solution with time though...

 

But this doesn't alter the fact - that if you refresh / alter the view, the size of the image is altered. Why that is happening I can't understand, since the image should be locked to one fixed size if you set it to one fixed size in the admin right?

Share this post


Link to post
Share on other sites

I didn't miss read it, I just though I could mod it into working that way whistling.gif

I'll work out a solution with time though...

 

But this doesn't alter the fact - that if you refresh / alter the view, the size of the image is altered. Why that is happening I can't understand, since the image should be locked to one fixed size if you set it to one fixed size in the admin right?

 

 

There are a number of params that effect image size, thats why it can change. Use HTML techniques if its an issue.

 

The only way (without a refresh) to achieve a change is through javascript, but as that is client based it removes all the security your adding, so making that method pointless.


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

There are a number of params that effect image size, thats why it can change. Use HTML techniques if its an issue.

 

The only way (without a refresh) to achieve a change is through javascript, but as that is client based it removes all the security your adding, so making that method pointless.

 

 

I solved all of my issues - removed the refresh button (to have my validation code always load to a fixed size) & that solved the other issue as well.

 

 

The only trouble I experience right now is that the check of the code always return - false; which prevents the customer from ever geting past this security check.

Something I might have done wrong or maybe something in the code to begin with?

I use the validation on the "contact us" page & when creating an account...

Share this post


Link to post
Share on other sites

 

Something I might have done wrong or maybe something in the code to begin with?

 

 

 

Do you always like throwing insults!!! mad.gif

 

If there is such a fault in the code don't you think there would be loads of posts on it!!! rolleyes.gif


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

Do you always like throwing insults!!! mad.gif

 

If there is such a fault in the code don't you think there would be loads of posts on it!!! rolleyes.gif

 

 

Not throwing insults, just checking up on my own sketchy php-knowledge ;)

 

Plus that I thought I read something about someone else having trouble with the same thing a couple of posts earlier... but guess I'll have to go over my own code again and see if I can find the problem there...

Share this post


Link to post
Share on other sites

Not throwing insults, just checking up on my own sketchy php-knowledge ;)

 

Plus that I thought I read something about someone else having trouble with the same thing a couple of posts earlier... but guess I'll have to go over my own code again and see if I can find the problem there...

 

Now I've narrowed it down to that it only sends me false when the validation code contains a special char. Don't know why it's doing that though... can it be the char-set the page is saved in?

Share this post


Link to post
Share on other sites

Now I've narrowed it down to that it only sends me false when the validation code contains a special char. Don't know why it's doing that though... can it be the char-set the page is saved in?

 

 

in functions/account_validation.php

 

you will find the line

 

 

$chars = 'abcdefghjklmnpqrstuvwxyz123456789@#?+=';

 

thats sets the chars used, reduce that bye any you have issues with.

 

I would suspect you have a sanitising issue, have you added any?

 

 


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

in functions/account_validation.php

 

you will find the line

 

 

$chars = 'abcdefghjklmnpqrstuvwxyz123456789@#?+=';

 

thats sets the chars used, reduce that bye any you have issues with.

 

I would suspect you have a sanitising issue, have you added any?

 

Thanks! Will check it out... :thumbsup:

 

Yea, if you're refering to a function to sanitize the $PHP_SELF calls, then yea I've got that added.

 

 

I'm obviously not as good on php as yourself so sorry for asking, but what made you draw the conclusion that it could be a sanitizing issue? :blush:

(Just trying to learn to understand the code & how to interpret possible signs of faults better in case of future issues... always a good thing to learn from the better ones right?)

Share this post


Link to post
Share on other sites

Hi I have recently installed this contribution and just wanted to see if it has all the security updates or if I still need to install Super Contact us enhancement 1.0 b/c it mentions the "Contact Us Form Vunerability Fix".

 

Thanks for your help!

Mike

 

 

This is for testing for real users, it does not add any input sanitisation.

 

Yes Contact Us is vunerable, as are any pages using the post, to add sanitisation & validation to all forms including Contact Us add Anti-hacker Account Mods http://addons.oscommerce.com/info/7202


Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Share this post


Link to post
Share on other sites

This is for testing for real users, it does not add any input sanitisation.

 

Yes Contact Us is vunerable, as are any pages using the post, to add sanitisation & validation to all forms including Contact Us add Anti-hacker Account Mods http://addons.oscommerce.com/info/7202

 

Great. I read your post on that and already installed. Thanks for the heads up!

Mike

Share this post


Link to post
Share on other sites

Hi, I had an issue come up with the image validation when I was addressing the login redirect issue. I installed the redirect contribution and also tried the simple code fix.

 

In both cases when a user adds a product to the cart, goes to check out, then logs in with their existing user name and pass it redirects to the image png on

the validation_png.php.

 

Does anyone have the same contribution installed or any help on the issue?

 

Thanks,

Mike

Share this post


Link to post
Share on other sites

Hi all just wondering if anyone has found a solution to this problem when installin the sql file in phpmyadmin on a linux server:

 

Error

SQL query:

 

INSERT INTO configuration_group( configuration_group_id, configuration_group_title, configuration_group_description, sort_order, visible )

VALUES (

 

'736', 'Anti Robot Reg', 'Anti Robot Registration', 300, 1

);

 

MySQL said:

 

#1062 - Duplicate entry '736' for key 'PRIMARY'

 

 

The only contribs that are installed so far (installed in the order listed) on a stock store are sts4.6 header tags seo 3.2.2 and order editor5.0.9b

 

Any help would be appreciated!

Edited by nedragdnuos

Share this post


Link to post
Share on other sites

Ok, this is just weird, and follow on from the previous post, I have just installed a brand new OSCommerce setup, as a "control test" ZERO contributions, straight from stock setup I try to add the anti robot reg, latest version, and I receive this error in my php admin when trying to import the database:

 

Error

SQL query:

 

INSERT INTO configuration( configuration_id, configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, last_modified, date_added, use_function, set_function )

VALUES (

 

'', 'Activate for New Users? ', 'ACCOUNT_CREATE_VALIDATION', 'true', 'Force the user to enter a visual code when creating a new account. (OPTIONAL)', 736, 20, '2004-08-08 17:00:00', '2004-08-08 17:00:00', NULL , 'tep_cfg_select_option(array(\'true\', \'false\'),'

);

 

MySQL said:

 

#1062 - Duplicate entry '0' for key 'PRIMARY'

 

Again, if anyone has encountered this any help would be appreciated,

 

Cheers!

Share this post


Link to post
Share on other sites

Ok, this is just weird, and follow on from the previous post, I have just installed a brand new OSCommerce setup, as a "control test" ZERO contributions, straight from stock setup I try to add the anti robot reg, latest version, and I receive this error in my php admin when trying to import the database:

 

Error

SQL query:

 

INSERT INTO configuration( configuration_id, configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, last_modified, date_added, use_function, set_function )

VALUES (

 

'', 'Activate for New Users? ', 'ACCOUNT_CREATE_VALIDATION', 'true', 'Force the user to enter a visual code when creating a new account. (OPTIONAL)', 736, 20, '2004-08-08 17:00:00', '2004-08-08 17:00:00', NULL , 'tep_cfg_select_option(array(\'true\', \'false\'),'

);

 

MySQL said:

 

#1062 - Duplicate entry '0' for key 'PRIMARY'

 

Again, if anyone has encountered this any help would be appreciated,

 

Cheers!

 

You have left in VALUES in first field blank, so it goes to save this entry to the first place of your table which in this id(=0)

has already a value.. you have to see what is your last id number of this table and change this into a next number of this(if your last entry is 265, for this line you want to insert, change the first value to 266)

 

 

One other question that i have my friends...

I just downloaded the last pack and i set it.. no problems with the setting and the modifications, BUT... no image with the characters display.. anyone has any idea for which reason i have this problem!?? thanks in advance!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×