Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Spam Through Support Ticket System


marcot

Recommended Posts

Posted

I may see the problem.

 

I think you only need to move one line to get it to work.

 

This is how it is:

 

//VISUAL VERIFY CODE 
 start  require(DIR_WS_FUNCTIONS . 'visual_verify_code.php');
 $code_query = tep_db_query("select code from visual_verify_code where oscsid = '" . $HTTP_GET_VARS['osCsid'] . "'");
 $code_array = tep_db_fetch_array($code_query);
 $code = $code_array['code'];
 tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results
 $user_entered_code = $HTTP_POST_VARS['visual_verify_code'];
 if (!(strcasecmp($user_entered_code, $code) == 0)) {	//make the check case insensitive
$error = true;
$messageStack->add('contact', VISUAL_VERIFY_CODE_ENTRY_ERROR);
 }
//VISUAL VERIFY CODE stop
// Form was submitted
 $error = false;

 

I think this is how it needs to be:

 

  $error = false;
//VISUAL VERIFY CODE 
 start  require(DIR_WS_FUNCTIONS . 'visual_verify_code.php');
 $code_query = tep_db_query("select code from visual_verify_code where oscsid = '" . $HTTP_GET_VARS['osCsid'] . "'");
 $code_array = tep_db_fetch_array($code_query);
 $code = $code_array['code'];
 tep_db_query("DELETE FROM " . TABLE_VISUAL_VERIFY_CODE . " WHERE oscsid='" . $vvcode_oscsid . "'"); //remove the visual verify code associated with this session to clean database and ensure new results
 $user_entered_code = $HTTP_POST_VARS['visual_verify_code'];
 if (!(strcasecmp($user_entered_code, $code) == 0)) {	//make the check case insensitive
$error = true;
$messageStack->add('contact', VISUAL_VERIFY_CODE_ENTRY_ERROR);
 }
//VISUAL VERIFY CODE stop
// Form was submitted

 

Move the "$error = false" line (currently after the "// Form was submitted" line) to just above the "//VISUAL VERIFY CODE " line.

 

See the diff?

:unsure:

 

The way you have it arranged, the variable "$error" is always getting set to "false" even if the visual code check makes it "true".

 

See the logic in that?

:unsure:

 

Give that a try.

:thumbsup:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...