Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Adding Google Recaptcha to Customer Login Form


pete2007

Recommended Posts

Oscommerce Version: 2.3.4

Hello, we are trying to add a Google Recaptcha to the customer login form by editing the following files:

includes/modules/content/login/templates/login_form.php
includes/modules/content/login/cm_login_form.php

The google recaptcha tick box is visible but we are able to login without ticking the box.

Are we editing the correct files? Thank you in advance.

 

Link to comment
Share on other sites

If you want to use Google Recaptcha, there is an addon for it. I don't know the link but you should be able to find it in the apps section. But I suggest you install the more powerful Honey Pot addon instead.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Hi Pete,  

Sorry, didn't recognize your username.  It is possible to enable HP on that page but there aren't any checks in the code that would catch a spammer. To be clear, when you go to .../login.php, there is an option to login to an existing account or a button to create a new account. Are you trying to prevent both of those options from working? It seems a waste of time to check the login since the person will already have an account at that point. If it is the new account page, that should already be handled by HP. Please describe what it is you are trying to do in more detail and I'll take another look.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

3 minutes ago, Jack_mcs said:

Hi Pete,  

Sorry, didn't recognize your username.  It is possible to enable HP on that page but there aren't any checks in the code that would catch a spammer. To be clear, when you go to .../login.php, there is an option to login to an existing account or a button to create a new account. Are you trying to prevent both of those options from working? It seems a waste of time to check the login since the person will already have an account at that point. If it is the new account page, that should already be handled by HP. Please describe what it is you are trying to do in more detail and I'll take another look.

Hi Jack,

Thank you for your reply.

All I was trying to do is add the recaptcha to the returning customer login section, isn't worth installing here? I thought it may prevent any brute force attempts etc..

We already have the recaptcha inside the register an account page.

Thanks,
Pete

Link to comment
Share on other sites

49 minutes ago, pete2007 said:

All I was trying to do is add the recaptcha to the returning customer login section, isn't worth installing here? I thought it may prevent any brute force attempts etc..

First, take a look at admin->Modules->Action Recorder for the login module. You can set the time between tries as well as how many tries. 

Second, in the cm_login_form.php file, after 

        $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
        $password = tep_db_prepare_input($HTTP_POST_VARS['password']);      

add this

        if (substr_count($email_address, '@') > 1) {
          $error = true;
        } else {     

and find

      }

      if ($error == true) {

and change to 

       }
      }

      if ($error == true) {

The above changes will prevent attacks where the spammer tries to enter multiple email addresses. I don't know if a spammer would try that on a login page but it won't hurt to add it just in case.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...