Contributions
Sam's Anti-hacker Account Mods
Secure your account pages against code/SQL injection attempts, yet allow strong passwords.
There are many instances now of websites being hacked (or cracked to use the correct term) and it is necessary to make your site as secure as possible, one important measure in this is to sanitize all visitor inputs to ensure no code injection etc. attempt can work.
However this creates an issue, if your user creates a strong password by using characters that are likely to be 'cleaned' either their password will not work, or the account gets a password that is different to what was input (as it was 'sanitized'). This is especially an issue if adding input sanitizing to an old site where visitors have added passwords that are now 'illegal'.
This contribution resolves this issue by safely allowing any character to be used within the password, it does this by processing all password inputs before anything else, passwords are translated to hex values, the inputs validated then deleted as no longer required (only the hex strings are processed further). An option is provided to allow string to be reverse translated at the point of password checking to ensure existing passwords will work. This means the passwords now stored in the dBase are salted hashes of the hex string. Once the initial processing is done, all inputs are sanitized.
Other account fields are also subject to additional checks or the input converted:
The date of birth field is now a drop down which automatically formats according to the store country, this ensures the format is correct, slashes (/) can still be sanitized and the visitor cannot transpose days & months.
The telephone field is checked its numeric (if entered) and contains only limited allowed chars.
The post code field is checked for the correct format, but only for UK & USA sites.
If strong password is enabled, password forgotten will generate strong passwords.
The State/Province/County: field is pre-filled with the zones for the store country, rather than a blank field that gets populated on submit!
The Country drop down is pre-selected to the store country.
All input fields are sanitized.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Expand All / Collapse All
Added code to redirect visitor to checkout on login if items in cart, as per account create completion.
Added extra dob validation check to fix PCI scan issue.
Updated some code to resolve notice issues.
Added code for cleaning post in product_reviews_write.php
Added code for cleaning post in tell_a_friend.php
Added code to allow editing of current selected shipping/payment address within checkout.
Addes code to allow repositioning of phone fields in create account &/or removal of fax field.
Changed files:
account_secure.php, login.php, create_account.php, checkout_shipping_address.php, checkout_payment_address.php, account_edit.php, validate_name_fields.php
Support thread will be found at http://forums.oscommerce.com/index.php?showtopic=352361
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Added option for a login field on create account as checkout goes to create account if not logged in.
Changed the PWA logic slightly, if the visitor clicks on account without adding to cart the password fields will appear as before (even with no password enabled), as its assumed they want to create an account.
Fixed issue with cleaned chars by SecurityPro in login.php & password_forgotten.php.
Fixed minor bug in ajax.php
Fixed Contact Us bugs with name space & phone field.
Changed files:
account_secure.php, login.php, password_forgotten.php, create_account.php, contact_us.php, ajax.php
Support thread will be found at http://forums.oscommerce.com/index.php?showtopic=352361
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Added option to remove password input requirement, a save details option is provided in its place, see notes. If used visitor will return to checkout immediatly form is complete.
Created new address input module, all fields will be in the order defined by the address format for the country entered, an option to revert to the default order is provided.
Modified all account pages to use the new single address module.
Created new word validation function: Limit to set number of words, words are limited to 40 characters long.
Added extra input validation to name fields, restricted input to one word, first letter will be Capitalised. Word limit can be altered.
Added extra input validation to suburb & city fields, restricted input to three words, first letter will be Capitalised. Word limit can be altered.
Created new address and name validation modules to be used by all account pages, ensures consistancy & means only one place to modify instead of 5!! Also makes install easier.
Improved dob validation.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Expanded support to new address creation in account edit and checkout process.
Expanded Contact Us with details based on ideas in Super Contact Us add-on, but orders id is taken from dBase & provided as drop down
Made Contact Us Multilingual.
Created a global post code check function to improve code efficiency.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Modified cleaning code to expand server compatibilty.
Altered so default subject is used if none entered in Contact Us.
Increased post code validation to include UK, USA, Canada, Australia & France.
All validated post codes will be restructured to the standard form if they pass checks.
Modified Contact Us so e-mail is always editable, name is now only locked for logged in.
Added default State/Province/County pull down for account edit.
Added Ajax function for County pull down, based on some code provided by insaini.
Operation is as similar as possible with javascript off.
Added 'Please Select' Default to County pull down on country change.
Fixed osC Country edit bug in modules/address_book_details.php.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Modified cleaning code to allow any 'latin' characters, other continants will need to modify the character class.
Locked $HTTP_POST_VARS to $_POST for sanitise function.
Fixed typo bug in account_secure.php.
Created phone validation function in account_secure.php.
Modified phone validation to use new function.
Added fax input validation (only applied if input made).
Added compatibility with Master Password, thanks to sky_diver for code.
Added manual install, created by Tigergirl, thanks for the effort.
Modified order of some input validations.
Fixed year bug in dob input.
Changed post code validation to depend on provided country instead of store country.
Changed files:
account_secure.php, account_edit.php, address_book_process.php, create_account.php,
contact_us.php, english.php.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Secure your account pages against code/SQL injection attempts, yet allow strong passwords.
There are many instances now of websites being hacked (or cracked to use the correct term) and it is necessary to make your site as secure as possible, one important measure in this is to sanitize all visitor inputs to ensure no code injection etc. attempt can work.
However this creates an issue, if your user creates a strong password by using characters that are likely to be 'cleaned' either their password will not work, or the account gets a password that is different to what was input (as it was 'sanitized'). This is especially an issue if adding input sanitizing to an old site where visitors have added passwords that are now 'illegal'.
This contribution resolves this issue by safely allowing any character to be used within the password, it does this by processing all password inputs before anything else, passwords are translated to hex values, the inputs validated then deleted as no longer required (only the hex strings are processed further). An option is provided to allow string to be reverse translated at the point of password checking to ensure existing passwords will work. This means the passwords now stored in the dBase are salted hashes of the hex string. Once the initial processing is done, all inputs are sanitized.
Other account fields are also subject to additional checks or the input converted:
The date of birth field is now a drop down which automatically formats according to the store country, this ensures the format is correct, slashes (/) can still be sanitized and the visitor cannot transpose days & months.
The telephone field is checked its numeric (if entered) and contains only limited allowed chars.
The post code field is checked for the correct format, but only for UK & USA sites.
If strong password is enabled, password forgotten will generate strong passwords.
The State/Province/County: field is pre-filled with the zones for the store country, rather than a blank field that gets populated on submit!
The Country drop down is pre-selected to the store country.
All input fields are sanitized.
Tested on PHP 4 & 5, SQL 4 & 5, osC 2.2 ms2, rc1 & rc2a and is register_globals off compatible.
FULL PACKAGE
Note: Contributions are used at own risk.
Sam's Anti-hacker Account Mods V1.6
Sam's Anti-hacker Account Mods V1.5