Google reCAPTCHA v3

[tony34567 0]

here is   admin/includes/application_top.php

<?php
/*
  $Id$

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2014 osCommerce

  Released under the GNU General Public License
*/

// Start the clock for the page parse time log
  define('PAGE_PARSE_START_TIME', microtime());

// Set the level of error reporting
  error_reporting(E_ALL & ~E_NOTICE);
 
  if (defined('E_DEPRECATED')) {
    error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
  }

// check support for register_globals
  if (function_exists('ini_get') && (ini_get('register_globals') == false) && (PHP_VERSION < 4.3) ) {
    exit('Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory. Please use PHP 4.3+ if register_globals cannot be enabled on the server.');
  }

// load server configuration parameters
  if (file_exists('includes/local/configure.php')) { // for developers
    include('includes/local/configure.php');
  } else {
    include('includes/configure.php');
  }

// Define the project version --- obsolete, now retrieved with tep_get_version()
  define('PROJECT_VERSION', 'osCommerce Online Merchant v2.3');

// some code to solve compatibility issues
  require('includes/functions/compatibility.php');

// set the type of request (secure or not)
  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

// set php_self in the local scope
  $req = parse_url($_SERVER['SCRIPT_NAME']);
  $PHP_SELF = substr($req['path'], ($request_type == 'SSL') ? strlen(DIR_WS_HTTPS_ADMIN) : strlen(DIR_WS_ADMIN));

// Used in the "Backup Manager" to compress backups
  define('LOCAL_EXE_GZIP', 'gzip');
  define('LOCAL_EXE_GUNZIP', 'gunzip');
  define('LOCAL_EXE_ZIP', 'zip');
  define('LOCAL_EXE_UNZIP', 'unzip');

// include the list of project database tables
  require('includes/database_tables.php');

// Define how do we update currency exchange rates
// Possible values are 'oanda' 'xe' 'fixer' or ''
// fixer is the lastest added, more details at http://fixer.io
  define('CURRENCY_SERVER_PRIMARY', 'fixer');
  define('CURRENCY_SERVER_BACKUP', '');

// include the database functions
  require('includes/functions/database.php');

// make a connection to the database... now
  tep_db_connect() or die('Unable to connect to database server!');

// set application wide parameters
  $configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);
  while ($configuration = tep_db_fetch_array($configuration_query)) {
    define($configuration['cfgKey'], $configuration['cfgValue']);
  }

// define our general functions used application-wide
  require('includes/functions/general.php');
  require('includes/functions/html_output.php');

// initialize the logger class
  require('includes/classes/logger.php');

// include shopping cart class
  require('includes/classes/shopping_cart.php');

// define how the session functions will be used
  require('includes/functions/sessions.php');

// set the cookie domain
  $cookie_domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN);
  $cookie_path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH);

// set the session name and save path
  tep_session_name('osCAdminID');
  tep_session_save_path(SESSION_WRITE_DIRECTORY);

// set the session cookie parameters
   if (function_exists('session_set_cookie_params')) {
    session_set_cookie_params(0, $cookie_path, $cookie_domain);
  } elseif (function_exists('ini_set')) {
    ini_set('session.cookie_lifetime', '0');
    ini_set('session.cookie_path', $cookie_path);
    ini_set('session.cookie_domain', $cookie_domain);
  }

  @ini_set('session.use_only_cookies', (SESSION_FORCE_COOKIE_USE == 'True') ? 1 : 0);

// lets start our session
  tep_session_start();

  if ( (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {
    extract($_SESSION, EXTR_OVERWRITE+EXTR_REFS);
  }

// set the language
  if (!tep_session_is_registered('language') || isset($_GET['language'])) {
    if (!tep_session_is_registered('language')) {
      tep_session_register('language');
      tep_session_register('languages_id');
    }

    include('includes/classes/language.php');
    $lng = new language();

    if (isset($_GET['language']) && tep_not_null($_GET['language'])) {
      $lng->set_language($_GET['language']);
    } else {
      $lng->get_browser_language();
    }

    $language = $lng->language['directory'];
    $languages_id = $lng->language['id'];
  }

// redirect to login page if administrator is not yet logged in
  if (!tep_session_is_registered('admin')) {
    $redirect = false;

    $current_page = $PHP_SELF;

// if the first page request is to the login page, set the current page to the index page
// so the redirection on a successful login is not made to the login page again
    if ( ($current_page == 'login.php') && !tep_session_is_registered('redirect_origin') ) {
      $current_page = 'index.php';
      $_GET = array();
    }

    if ($current_page != 'login.php') {
      if (!tep_session_is_registered('redirect_origin')) {
        tep_session_register('redirect_origin');

        $redirect_origin = array('page' => $current_page,
                                 'get' => $_GET);
      }

// try to automatically login with the HTTP Authentication values if it exists
      if (!tep_session_is_registered('auth_ignore')) {
        if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) {
          $redirect_origin['auth_user'] = $_SERVER['PHP_AUTH_USER'];
          $redirect_origin['auth_pw'] = $_SERVER['PHP_AUTH_PW'];
        }
      }

      $redirect = true;
    }

    if (!isset($login_request) || isset($_GET['login_request']) || isset($_POST['login_request']) || isset($_COOKIE['login_request']) || isset($_SESSION['login_request']) || isset($_FILES['login_request']) || isset($_SERVER['login_request'])) {
      $redirect = true;
    }

    if ($redirect == true) {
      tep_redirect(tep_href_link('login.php', (isset($redirect_origin['auth_user']) ? 'action=process' : '')));
    }

    unset($redirect);
  }

// include the language translations
  $_system_locale_numeric = setlocale(LC_NUMERIC, 0);
  require('includes/languages/' . $language . '.php');
  setlocale(LC_NUMERIC, $_system_locale_numeric); // Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634)

  $current_page = basename($PHP_SELF);
  if (file_exists('includes/languages/' . $language . '/' . $current_page)) {
    include('includes/languages/' . $language . '/' . $current_page);
  }

// define our localization functions
  require('includes/functions/localization.php');

// Include validation functions (right now only email address)
  require('includes/functions/validations.php');

// setup our boxes
  require('includes/classes/table_block.php');
  require('includes/classes/box.php');

// initialize the message stack for output messages
  require('includes/classes/message_stack.php');
  $messageStack = new messageStack;

// split-page-results
  require('includes/classes/split_page_results.php');

// entry/item info classes
  require('includes/classes/object_info.php');

// email classes
  require('includes/classes/mime.php');
  require('includes/classes/email.php');

// file uploading class
  require('includes/classes/upload.php');

// action recorder
  require('includes/classes/action_recorder.php');

// calculate category path
  if (isset($_GET['cPath'])) {
    $cPath = $_GET['cPath'];
  } else {
    $cPath = '';
  }

  if (tep_not_null($cPath)) {
    $cPath_array = tep_parse_category_path($cPath);
    $cPath = implode('_', $cPath_array);
    $current_category_id = end($cPath_array);
  } else {
    $current_category_id = 0;
  }

// initialize configuration modules
  require('includes/classes/cfg_modules.php');
  $cfgModules = new cfg_modules();

// the following cache blocks are used in the Tools->Cache section
// ('language' in the filename is automatically replaced by available languages)
  $cache_blocks = array(array('title' => TEXT_CACHE_CATEGORIES, 'code' => 'categories', 'file' => 'categories_box-language.cache', 'multiple' => true),
                        array('title' => TEXT_CACHE_MANUFACTURERS, 'code' => 'manufacturers', 'file' => 'manufacturers_box-language.cache', 'multiple' => true),
                        array('title' => TEXT_CACHE_ALSO_PURCHASED, 'code' => 'also_purchased', 'file' => 'also_purchased-language.cache', 'multiple' => true)
                       );
                       
  require(DIR_FS_CATALOG . 'includes/classes/hooks.php');
  $OSCOM_Hooks = new hooks('admin');
  $OSCOM_Hooks->register(basename($PHP_SELF, '.php'));

 

[♥ecartz 693]

7 hours ago, tony34567 said:

[Mon Apr 06 01:49:38 2020] [error] [client xx.xx.xx.xx] PHP Fatal error:  require(): Failed opening required 'DIR_WS_INCLUDEStemplate_top.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/vhosts/mywebsite/mywebsite.co.uk/httpdocs/admin/modules_hooks.php on line 17, referer: http://mywebsite.co.uk/admin/administrators.php

This error says that your module_hooks page is trying to use a DIR_WS_INCLUDES constant that has not been defined. 

You could try adding

define('DIR_WS_INCLUDES', 'includes/');

At the top of the module_hooks.php page (even before it includes application_top.php but anywhere before template_top.php would probably do).  Of course, that might just get it to the next error. 

[tony34567 0]

6 hours ago, ecartz said:

This error says that your module_hooks page is trying to use a DIR_WS_INCLUDES constant that has not been defined. 

You could try adding

define('DIR_WS_INCLUDES', 'includes/');

At the top of the module_hooks.php page (even before it includes application_top.php but anywhere before template_top.php would probably do).  Of course, that might just get it to the next error. 

i added as you suggest and it works . Its a great help thanks to you and @ruden

Now i am going to add recaptchav3. lets see, finger crossed.

admin/module_hooks.php

Copyright (c) 2014 osCommerce

  Released under the GNU General Public License
*/

  define('DIR_WS_INCLUDES', 'includes/');

  require('includes/application_top.php');

  $directory = DIR_FS_CATALOG . 'includes/hooks/';

  require(DIR_WS_INCLUDES . 'template_top.php');
?>

 

Edited April 6, 2020 by tony34567

[tony34567 0]

osCommerce 2.3.4.1 CE
=====================
osCommerce
+ Bootstrap v3 

Just to confirm Hooks and Recaptcha V3 successfully installed and Recaptcha V3 appears on create an account and contact us pages.

i appreciate @ecartz and @ruden for  prompt replies.

I request @ruden  to look into it please.

Thanks

[milerwan 39]

@ruden

I tried your contribution on a 2.3.4 BS and it works well but i'm bothered because the shop system hook prevents another contribution from working on my secured working website (the localhost version works !?! )...
This is this one : Store Search with Image (BS) v1.6

It's a shame it looks like an .js script block cause of hook...

Have you got live website where you can test this contribution to let me know if you have issue too during real time search ?

Thank you for help.
 

[milerwan 39]

@ruden

I have got this type of error through Chrome Dev Tools :

Warning: require(//home/xxx/www/ext/modules/content/header/store_search/includes/classes/hooks.php): failed to open stream: Aucun fichier ou dossier de ce type in /home/xxx/www/includes/application_top.php on line 670

 

[milerwan 39]

It's ok, the issue is due to the call of the "application_top" file in the top of "content_search.php" file :

  //get rid of the individual calls for files and replace it with the only one we need, application_top.php
  //from here all other files necessary are also included.
  chdir('../../../../../');

  require('includes/application_top.php');

  include(DIR_WS_LANGUAGES . $language . '/modules/content/header/cm_header_logo_store_search_catmenu_xs.php');

 

So I have created an "alternative application_top" file located in the same directory without the "Hook system" call (at the end of file) :

  //get rid of the individual calls for files and replace it with the only one we need, application_top.php
  //from here all other files necessary are also included.
  chdir('../../../../../');

/// Hook system fix BOF
//  require('includes/application_top.php');
  require('ext/modules/content/header/store_search/application_top_search.php');
/// Hook system fix EOF

  include(DIR_WS_LANGUAGES . $language . '/modules/content/header/cm_header_logo_store_search_catmenu_xs.php');

Now all works well. ^^

Thank you for this easy module @ruben

[milerwan 39]

@ruben

I have installed the module last saturday but a customer tells me that it was unable to create an account sunday...
and today he sent me a message to tell me that it was impossible for him to create the account from Modzilla browser and only IE works for him.

I have tested with Chrome and Opera and it was impossible to me to create an account to (when press the continue button, return to index).

Do you have tested this module with many browsers to be sure it works with them ?
 

Same question to @ecartz and @tony34567 .

Thank you for feedbacks.

[milerwan 39]

Well, the tests have been done only on my localhost version but it seems no issue with live website with Chrome...

But Opera not works...

Edited April 28, 2020 by milerwan

[milerwan 39]

Ok I see, list of compatibility browsers is listed by Google :
- For computer (Windows, Linux, Mac): Chrome, Firefox, Safari, Internet Explorer, Edge
- For mobile: Chrome, Safari, Android (native browser)

So all is clear now. ^^
sorry for inconvenience.

[Krisz1 3]

Hi Folks,

I am having trouble with this update, trying to display the captcha symbol in my contact_us page. Installed hooks per the contrib, edited application_top.php with the code.. 

// HOOKS
  require(DIR_FS_CATALOG . '/includes/classes/hooks.php');
  $OSCOM_Hooks = new hooks('shop');
 $OSCOM_Hooks->register(basename($PHP_SELF, '.php'));

Same thing with inside the admin interface " new hooks('shop') "

Uploaded all other files. Admin interface shows OK

Quote

shop
contact_us/Recaptcha3.php	initReCaptcha
admin

Hooks Directory: /home/xxx/public_html/includes/hooks/

but no captcha on contact_us.php.

Error log is empty. I'm using OsC 2.3.4 BS Edition under php 5.6.4. All seems to be working fine, but the extra code is not being added to the form. What could be wrong?

If it makes any difference, I already had the recaptcha add on working with the previous revision (January?) . Reinstalled the bm_recaptcha box module, replaced the files with the update, and that was it. 

Thank you!

Edited April 30, 2020 by Krisz1

[♥DAVID3733 9]

I have installed this on 2.3.4bs quite close to phoenix, easy install, can see the Google box so assume its all working on contact and create account

 

Would think a good addition would be product pages as well, assume it would help with bots scraping, has anyone done this?

 

Regards

 

David

[ce7 8]

hi ruden, @ruden

thank you for the addon.
I have installed it on CE1.0.5.0 and found that after install it, the admin/modules/hooks list will disappear,
includes/hooks/shop/create_account/Recaptcha3.php


includes/hooks/shop/contact_us/Recaptcha3.php

What may I done wrong to cause this issue? How to fix it? Many thanks! Lyn

[EGLTD 13]

INstalled it on 1.0.7.1.
I could install it, registred and i can see the hooks.
But no ReCaptcha is seen in both pages

Any advice or missed i something ?

 

[Psytanium 15]

Hello, 

I was using another addon to activate Google reCAptcha, but it require allow_url_fopen to be enable.

Does this addon require us to enable allow_url_fopen ? and does it work on ocs2.3.4 ?

Thank you

Edited September 25, 2020 by Psytanium

[ruden 34]

allow_url_fopen should be set to On in php.ini by default

Edited September 26, 2020 by ruden

[gbaudio 1]

Hi guys, I've been plagued by (mostly Russian) spammers for a while, setting up fake accounts and bombarding my inbox with crap. I recently found a really quick and easy solution that has cut almost all of it without the need for any add-ons or coding. I noticed that in most cases, the bots fill the customer name section with the same text that they put in the message. I couldn't find any way of limiting this in my OSComm shop admin, so looked to the Databases on my hosting site and found the answer.

Log in to your hosting C-Panel and go to the Databases section of the menu and click phpMyAdmin
There will be directories shown on the left column.
Expand the directory called *yourstore*_oscomm 
Expand the sub-directory called Customers
Expand the sub-directory called Columns
Expand the sub-directory called Customers_FirstName
You will see that the default length/value is set to 255. Change it to 15 and press SAVE.
Do the same for the subdirectory called Customers_LastName
This will cut the bots off when they try to input whole messages into every field at sign up.

Good luck and thanks to OS Commerce online forum for helping me with other stuff before. Cheers, GB

[Jack_mcs 1,020]

8 hours ago, gbaudio said:

You will see that the default length/value is set to 255. Change it to 15 and press SAVE.
Do the same for the subdirectory called Customers_LastName
This will cut the bots off when they try to input whole messages into every field at sign up.

It will stop them from entering names longer than 15 characters. That doesn't stop the form from working but even if it did, their scripts would just be changed to enter a name of 14 characters.

If the names have code in them, Google Recaptcha may stop them but may not, depending on what it is. Install Honey Pot and it will catch all such accounts.

[danish8388 0]

Hi there~

Before installing the addon Google reCAPTCHA v3, is it required to install "the Hook System"?  My shop is running 2.3.4.1 and I've never heard of the Hook System.  

 

Thank you

-dd

[ruden 34]

Yes

https://apps.oscommerce.com/p9Yyp

[Psytanium 15]

Hi,

Im running OSC2.3.4 on PHP 5.6.40
Which addon version should I install ? and is there something I should consider ?

Thank you for the addon

[Psytanium 15]

I tried to upload the bm_recaptcha and activate it, then palced the keys. but the recaptcha icon is not appearing on right bottom screen.

is it because Im running OSC2.3.4 on PHP 5.6.40 ?

[ruden 34]

PHP error log needs to be checked

[phi148 10]

Don't you have to edit contact_us.php and create_account.php as well to make the call to initReCaptcha ?

For example, in "contact_us.php" don't you have to have this command somewhere?

echo $OSCOM_Hooks->call('contact_us', 'initReCaptcha');

 

[ruden 34]

Not necessary, it depends on the task.
The peculiarity of hooks is that you can add code without changing the file code.