Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Tell-A-Friend Feature Exploited


risrik

Recommended Posts

I just got word that my client's tell-a-friend feature has been exploited and is causing spam complaints from the upstream provider. They had to shut the page down. Is there anything that can be done to stop these programs from using the feature to send their own emails? I can't seem to find anything on this issue and I'm surprised it isn't more widespread.

Link to comment
Share on other sites

I just got word that my client's tell-a-friend feature has been exploited and is causing spam complaints from the upstream provider. They had to shut the page down. Is there anything that can be done to stop these programs from using the feature to send their own emails? I can't seem to find anything on this issue and I'm surprised it isn't more widespread.

I've never heard of it being "exploited" unless someone was naive enough to set "Allow guest to tell a friend" to true in the Admin.

 

With it set that way any wandering robot will spam the hell out of everyone and their brother...

:o

 

It needs to be set false

 

If that's not the case you'd probably need some CAPTCHA contribution to stop it.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Thanks for the reply. They did have it set to True which allowed guests to use it. I didn't set up their store and wasn't aware that this could be turned off. In any case, I made the change and all is good. :)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...