Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

osC reCaptcha


olsonsp4c

Recommended Posts

This is the support form for the addon osC reCaptcha: http://addons.oscommerce.com/info/6306

 

This places a reCaptcha validation code box at the bottom of your form pages to eliminate SPAM and bot submissions from your website.

 

Currently works on:

Create Account

Contact Us

Tell a Friend

 

Addon Support:

Wholesale Inquiries

Customer Testimonials (in progress)

Edited by olsonsp4c
Link to comment
Share on other sites

  • Replies 116
  • Created
  • Last Reply

Top Posters In This Topic

Installed this on a perfectly new contact_us.php file (after doing all the other steps). Everything appears to work fine, enter code, etc and click send. It goes to a blank screen. If i remove the oscid number after it and hit enter, it responds with:

 

our E-Mail Address does not appear to be valid - please make any necessary corrections.

Error The Security Code was not entered correctly. (reCAPTCHA output: incorrect-captcha-sol)

 

I have tried everything on this, its a vanilla install of the cart, no mods - setup this way to have a pure test. Yet it won't work.

 

Any suggestions?

 

--------------------------------------------------------

on further testing....just a blank contact_us.php (untouched) yields this blank screen after you click send - seems like it craps when it adds oscid.

Edited by carryG
Link to comment
Share on other sites

disregard, got it working.

 

Had to change tld.txt and add gmail, etc.

 

I apologize, but could you elaborate a little bit on this and explain a little more on this so that others could understand what you did, in case they have the same problem? Thanks!

 

Scott

Link to comment
Share on other sites

Hello Scott,

Great contribution! Installation was flawless with my heavily modded site.

Just one simple issue that has me puzzled. I have a dark background, almost black, for the store.

The problem is that the user can not see what is entered, as it is black on black. I have searched many places and found a few similar questions on other forums over the past year. Most had no replies, but the ones that did have a reply, was the link to the recaptcha documentation on the development website.

I even created a new tad in my .CSS called {main2}. Was similar to my original {main} .CSS tag, but changed it to the color to FFFFFF. It changed the cell where the recaptcha box located on the CONTACT US form, but still was 'black on black'.

 

Hope you might some input on this issue.

 

'Rexx

Link to comment
Share on other sites

I apologize, but could you elaborate a little bit on this and explain a little more on this so that others could understand what you did, in case they have the same problem? Thanks!

 

Scott

The tld.txt file is in the includes directory and lists the com net org etc but I don't know how gmail could be added.

Link to comment
Share on other sites

It would be great with "Ask a (product) question" as well.

 

The instructions for ASK A QUESTION would be the same as TELL A FRIEND, as it was cloned from that.

 

In catalog/ask_a_question.php

 

Find this:

 

require('includes/application_top.php');

 

Insert this AFTER:

 

// start modification for reCaptcha

require_once('includes/classes/recaptchalib.php');

require_once('includes/recaptchakeys.php');

// end modification for reCaptcha

 

 

Find this:

 

if ($error == false) {

$email_subject = sprintf(TEXT_EMAIL_SUBJECT, $from_name, STORE_NAME);

$email_body = sprintf(TEXT_EMAIL_INTRO, $to_name, $from_name, $product_info['products_name'], STORE_NAME) . "\n\n";

 

Insert this BEFORE:

 

// start modification for reCaptcha

// the response from reCAPTCHA

$resp = null;

 

// was there a reCAPTCHA response?

$resp = recaptcha_check_answer ($privatekey,

$_SERVER["REMOTE_ADDR"],

$_POST["recaptcha_challenge_field"],

$_POST["recaptcha_response_field"]);

 

if (!$resp->is_valid) {

$error = true;

 

$messageStack->add('friend', ENTRY_SECURITY_CHECK_ERROR . " (reCAPTCHA output: " . $resp->error . ")");

}

// end modification for reCaptcha

 

 

Find this:

 

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>

</tr>

<tr>

<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">

<tr class="infoBoxContents">

<td><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $HTTP_GET_VARS['products_id']) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>

<td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

</table></td>

</tr>

</table></td>

</tr>

</table></form></td>

<!-- body_text_eof //-->

<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">

<!-- right_navigation //-->

 

Insert this BEFORE:

 

<!-- start modification for reCaptcha -->

<tr>

<td class="main"><?php echo ENTRY_SECURITY_CHECK; ?></td>

</tr>

<tr>

<script>

var RecaptchaOptions = {

theme : 'white',

tabindex : 3

};

</script>

<td class="main"><?php echo recaptcha_get_html($publickey); ?></td>

</tr>

<!-- end modification for reCaptcha -->

 

 

**********

* Step 6 *

**********

 

In catalog/includes/languages/xxxxxxx/ask_a_question.php

 

Find the ENDING:

 

?>

 

Insert this BEFORE:

 

define('ENTRY_SECURITY_CHECK', 'Security Code:');

define('ENTRY_SECURITY_CHECK_ERROR', 'The Security Code was not entered correctly.');

 

========

** END **

========

 

Remember to backup first.

 

'Rexx

Link to comment
Share on other sites

Rex

 

I think that there is not a way to change this as the recaptcha images and such is pulled dynamically from their servers... you might checkout the reCaptcha forums on this one...

 

Scott

Link to comment
Share on other sites

Link to comment
Share on other sites

Nice contrib, thanks!

I'm trying to implement it on a "sligtly" older (but otherwise fully working) version of osC.

This line in contact_us.php is completely missing:

$messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);

...and the result is that the e-mail address is rendered not valid.

 

To be hones I'm not sure if it is possible to implement at all, but if someone can see how/where to insert reCaptcha-code in this segment it would be much appreiciated:

 

  require('includes/application_top.php');

$enquiry = $HTTP_POST_VARS['enquiry'];
$name = $HTTP_POST_VARS['name'];
$email = $HTTP_POST_VARS['email'];
$enquiry = '';
$name = '';
$email = '';

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US);

 $error = false;
 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) { 
if (tep_validate_email(trim($HTTP_POST_VARS['email']))) { 
  tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, 'Sent from IP: ' . $REMOTE_ADDR . "\n\n" . $HTTP_POST_VARS['enquiry'], $HTTP_POST_VARS['name'], $HTTP_POST_VARS['email']); 
  tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success', 'NONSSL')); 
} else { 
  $error = true; 
} 
 }

 $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US));

Petter - Arktisk Pudder

Link to comment
Share on other sites

I upgraded the contact_us.php, added message_stack.php to includes/classes and edited my application_top.php :rolleyes:

 

It works now, but it seems that some typing-errors slip through; anyone else noted this?

Petter - Arktisk Pudder

Link to comment
Share on other sites

I upgraded the contact_us.php, added message_stack.php to includes/classes and edited my application_top.php :rolleyes:

 

It works now, but it seems that some typing-errors slip through; anyone else noted this?

 

glad to know it works now - if you could post any code changes you did and mention what version of osC you are using (MS2? rc1? rc2a?) then your changes might help a bunch of people add this to their older versions of osC... thanks! I have noticed that reCaptcha has an allowance for 1 or so typing errors occasionally and I don't know why...

 

Scott

Link to comment
Share on other sites

My store is running a (fine-tuned to my needs) version of Loaded v.5 (based on osc snapshot 16th Febrauary 2003 (MS1 Releases).

 

As message_stack.php does not exist in Loaded v.5 I descided to try to drop it in includes/classes and it worked right out of the box with the contact_us.php from v2.2 RC2.

Id: contact_us.php 1739 2007-12-20 00:52:16Z hpdl

Id: message_stack.php 1740 2007-12-20 14:57:13Z hpdl

 

Apart from that I just modifyed my application_top.php by adding this at the end:

 

// initialize the message stack for output messages
 require(DIR_WS_CLASSES . 'message_stack.php');
 $messageStack = new messageStack;
?>

Petter - Arktisk Pudder

Link to comment
Share on other sites

I am working through the process of making all my forms encrypted using SSL - if you plan on doing this as well (and it would be a good idea), reCaptcha provides a SSL API so that your customers don't get the dreaded "insecure items on the page" popup or a little security lock with an alert! Here's what to change.

 

In every file you installed reCaptcha on (You must have an SSL certificate installed to use this) -

 

Find this:

 

<td class="main"><?php echo recaptcha_get_html($publickey); ?></td>

 

REPLACE with this:

 

<td class="main"><?php echo recaptcha_get_html($publickey, null, true); ?></td>

 

That's it - now you have a secured reCaptcha.

 

Scott

Link to comment
Share on other sites

  • 3 weeks later...
Link to comment
Share on other sites

I am working through the process of making all my forms encrypted using SSL - if you plan on doing this as well (and it would be a good idea), reCaptcha provides a SSL API so that your customers don't get the dreaded "insecure items on the page" popup or a little security lock with an alert! Here's what to change.

 

In every file you installed reCaptcha on (You must have an SSL certificate installed to use this) -

 

Find this:

 

<td class="main"><?php echo recaptcha_get_html($publickey); ?></td>

 

REPLACE with this:

 

<td class="main"><?php echo recaptcha_get_html($publickey, null, true); ?></td>

 

That's it - now you have a secured reCaptcha.

 

Scott

 

Scott,

A better solution is to use the following:

 

<td class="main"><?php echo recaptcha_get_html($publickey, null, ($request_type == 'SSL')); ?></td>

 

This version works for both secured and non-secured pages. includes/application_top.php sets the $request_type variable to either SSL or NONSSL, depending on how the page was called.

 

--Glen

Link to comment
Share on other sites

Hello Scott,

Great contribution! Installation was flawless with my heavily modded site.

Just one simple issue that has me puzzled. I have a dark background, almost black, for the store.

The problem is that the user can not see what is entered, as it is black on black. I have searched many places and found a few similar questions on other forums over the past year. Most had no replies, but the ones that did have a reply, was the link to the recaptcha documentation on the development website.

I even created a new tad in my .CSS called {main2}. Was similar to my original {main} .CSS tag, but changed it to the color to FFFFFF. It changed the cell where the recaptcha box located on the CONTACT US form, but still was 'black on black'.

 

Hope you might some input on this issue.

 

'Rexx

 

The reCAPTCHA Wiki has instructions for doing this. You can set the theme to "clean" as below, then override the CSS styles to match your site.

 

		<script>
	var RecaptchaOptions = {
	   theme : 'clean',
	   tabindex : 4
	};
	</script>

 

The Wiki notes that the method is unsupported and may fail in a future release.

 

I have added the following to my stylesheet.css to set the colors to create a borderless infoBox. I put the reCAPTCHA box on my Contact Us page, but moved it right below the "Enquiry" textarea, so that it looks better.

 

/* BOF osC reCAPTCHA */
.recaptchatable .recaptcha_image_cell, #recaptcha_table {
  background-color: #f8f8f9 !important; /* reCaptcha widget background color */
}

#recaptcha_table {
  border-color: #f8f8f9 !important;	 /* reCaptcha widget border color */
}

#recaptcha_response_field {
  border-color: #b6b7cb !important;	 /* Text input field border color */
  background-color:#ffffff !important;  /* Text input field background color */
  color: #000000						/* Text input field font color */
}
/* EOF osC reCAPTCHA */

 

Below is an image showing where I put the box. This shows the default osC color scheme, but you should be able to set it to any color, as long as there is sufficient contrast on the buttons and the "reCAPTCHA" logo. This shows a white background and black text, but I have tested white text on black background by setting the appropriate colors in #recaptcha_response_field.

 

contact_us.jpg

--Glen

Link to comment
Share on other sites

Thanks Glen,

 

I will include your notes in the next version of osC reCaptcha - thanks for helping make it better!

 

Scott

Link to comment
Share on other sites

Thanks Glen,

 

I will include your notes in the next version of osC reCaptcha - thanks for helping make it better!

 

Scott

 

Scott,

I think that the work that you have done with this is incredibly cool. Here are some additional thoughts.

 

1. Another simplification for installation is to put the localizable strings ENTRY_SECURITY_CHECK and ENTRY_SECURITY_CHECK_ERROR into the main language file (includes/languages/english.php) rather than the localization file for each place you use it.

 

2. The reCAPTCHA box can be localized as well; adding the following to the JavaScript that sets the RecaptchaOptions will localize the box (including the 'help' popup) to any of the eight supported languages, and default to English if an unsupported language is selected.

 

<?php
  $languages_query = tep_db_query("select code from " . TABLE_LANGUAGES . " where directory = '" . $language . "'");
  $language_id = tep_db_fetch_array($languages_query);
?>
	<script>
	var RecaptchaOptions = {
	   theme : 'clean',
		   lang : '<?php if (in_array($language_id['code'] ,array('en', 'nl', 'fr', 'de', 'pt', 'ru', 'es', 'tr'))) {echo $language_id['code']; } else {echo 'en'; } ?>',
	};

 

3. While it's not a particularly high security situation, I feel uncomfortable about putting private keys into a PHP file. It would be fairly trivial to add them to the shop configuration in the database, or one could protect the file through .htaccess. At the very least, the file shouldn't be world readable.

 

--Glen

Link to comment
Share on other sites

Glen,

 

thanks again - this week I'll add the features you have suggested and I'll publish a new tested version by Thanksgiving... I truly appreciate your suggestions as it is not often that I get input backed by solid code that helps improve the addon - I really appreciate it as that is what Open Source is all about.

 

Scott

Edited by olsonsp4c
Link to comment
Share on other sites

Whoops. This post was originally regarding a reCaptcha box not appearing on the contact_us page, but in looking again, I discovered that I'd inserted the code from the install instructions in the wrong place. I moved the code to the correct location, everything's peachy now. My mistake, I apologize for cluttering the thread for this excellent add-on.

 

Namasté,

Russ

Edited by angryquaker

One: people are not wearing enough hats. Two: matter is energy. In the universe, there are many energy fields which we cannot normally perceive. Some energies have a spiritual source which act upon a person's soul. However, this soul does not exist ab initio, as orthodox Christianity teaches. It has to be brought into existence by a process of guided self-observation. However, this is rarely achieved, owing to man's unique ability to be distracted from spiritual matters by everyday trivia.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...