b-filler Posted December 17, 2010 Share Posted December 17, 2010 Hello & thank-you in advance, Has anyone added Sam's anti-hacker add on to osc v2.3.1 and if not what would some of the problems be? Quote Link to comment Share on other sites More sharing options...
Guest Posted January 7, 2011 Share Posted January 7, 2011 Hello, When a customer uses "password forgotten" or changes their password in "my account" the new password is not being stored on the database. Any idea of what could be causing this problem? Thanks! Quote Link to comment Share on other sites More sharing options...
matrix2223 Posted February 6, 2011 Share Posted February 6, 2011 Hello all, Has anyone got this to work with master password 1.0? Every time I enter the master password it tells me that it is incorrect. Thanks Quote Link to comment Share on other sites More sharing options...
matrix2223 Posted February 8, 2011 Share Posted February 8, 2011 Also while changing password within the front end it keeps telling me that, Your Current Password did not match the password in our records. Please try again. Quote Link to comment Share on other sites More sharing options...
matrix2223 Posted February 10, 2011 Share Posted February 10, 2011 This code is Sams contact us page with recaptcha added <?php /* $Id: contact_us.php,v 1.5 2010/02/02 Spooks Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ // anti-hacker account require('includes/functions/account_secure.php'); clean_post (); // EOF anti-hacker account require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CONTACT_US); $error = false; if (isset($_GET['action']) && ($_GET['action'] == 'send')) { $name = tep_db_prepare_input($_POST['name']); $email = tep_db_prepare_input($_POST['email']); $enquiry = tep_db_prepare_input($_POST['enquiry']); $subject = tep_db_prepare_input($_POST['subject']); $phone = tep_db_prepare_input($_POST['phone']); $date = 'Date Sent: ' . date("d M Y H:i:s"); $orders_id = tep_not_null($_POST['orders_id']) ? $_POST['orders_id'] : false; $xipaddress = $_SERVER["REMOTE_ADDR"]; $subject = $subject ? $subject : EMAIL_SUBJECT; $captchaurl = "captchaerror.php" ; require_once('captcha/recaptchalib.php'); $privatekey = "private key goes here"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")"); } else { // Your code here to handle a successful verification } //$enquiry = preg_replace('/\r/','\', \'',$enquiry); //$enquiry = preg_replace('/\(|\)/','\'',$enquiry); //$_POST['enquiry'] = $result; if (strlen($name) < ENTRY_LAST_NAME_MIN_LENGTH) { $error = true; $messageStack->add('contact', ENTRY_LAST_NAME_ERROR); } if (strlen($enquiry) < 8) { $error = true; $messageStack->add('contact', ENTRY_ERROR_ENQUIRY); } if (!tep_validate_email($email)) { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (!$error) { $enquiry = MESSAGE_FROM . $name . "\n" . $date . "\n" . ($phone ? ENTRY_TELEPHONE_NUMBER . $phone . "\n" : '' ) . ($customer_id ? MAIL_CLIENT_ID . $customer_id . "\n" : '') . ($orders_id ? MAIL_ORDER_ID . $orders_id . "\n" : '') . "\n" . MAIL_IP . $xipaddress . '.' . "\n\n" . ENTRY_ENQUIRY . "\n" . $enquiry; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $subject, $enquiry, $name, $email); tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US)); $account = array();$orders = array();$name = '';$email = '';$phone = ''; if (tep_session_is_registered('customer_id')) { $account_query = tep_db_query("select customers_firstname, customers_lastname, customers_telephone, customers_id, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'"); $account = tep_db_fetch_array($account_query); $name = $account['customers_firstname'].' '.$account['customers_lastname'] ; $email = $account['customers_email_address'] ; $phone = $account['customers_telephone'] ; $history_query = tep_db_query("select orders_id, date_purchased from " . TABLE_ORDERS . " where customers_id = '" . (int)$customer_id . "' order by orders_id DESC"); $orders[0] = array('id' => '0', 'text' => ENTRY_ORDER_ID); while ($history = tep_db_fetch_array($history_query)) { $orders[] = array('id' => $history['orders_id'], 'text' => $history['orders_id'] . ENTRY_ORDERED . tep_date_short($history['date_purchased'])); } } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" summary="" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" summary="" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('contact_us', tep_href_link(FILENAME_CONTACT_US, 'action=send')); ?><table border="0" summary="" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" summary="" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('contact') > 0) { ?> <tr> <td><?php echo $messageStack->output('contact'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if (isset($_GET['action']) && ($_GET['action'] == 'success')) { ?> <tr> <td class="main" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_man_on_board.gif', HEADING_TITLE, '0', '0', 'align="left"') . TEXT_SUCCESS; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" summary="" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" summary="" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } else { echo tep_draw_hidden_field('phone',$phone); ?> <tr> <td><table border="0" summary="" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td valign="top" width="40%"> <table> <tr> <td class="main" > <b><?php echo nl2br(STORE_NAME_ADDRESS); ?></b><br><br> <?php echo (OPENING_HOURS); ?> </td> </tr> </table> </td><td valign="top" width="50%"><table border="0" summary="" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo ENTRY_NAME; ?></td> </tr> <tr> <td class="main"><?php echo (isset($account['customers_lastname']) ? $name . tep_draw_hidden_field('name',$name) : tep_draw_input_field('name', $name, 'size="28"')); ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_EMAIL; ?></td> </tr> <tr> <td class="main"><?php echo tep_draw_input_field('email', $email, 'size="28"'); ?></td> </tr> <tr> <td class="main"><?php echo BOX_HEADING_SUBJECT; ?></td> </tr> <tr> <td class="main"><?php echo tep_draw_input_field('subject', '', 'size="28"'); if (sizeof($orders) > 1) { echo ' ' . tep_draw_pull_down_menu('orders_id', $orders); } ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_ENQUIRY; ?></td> </tr> <tr> <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 40, 15); ?></td> </tr> <tr> <td class="main"><?php echo SPAM_CODE; ?></td> </tr> <tr> <td><?php require_once('captcha/recaptchalib.php'); $publickey = "Public Key Goes Here"; // you got this from the signup page if ($request_type =='SSL') echo recaptcha_get_html($publickey, 0, $request_type); else echo recaptcha_get_html($publickey); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" summary="" width="100%" cellspacing="1" cellpadding="2"> <tr> <td><table border="0" summary="" width="100%" cellspacing="0" cellpadding="2"> <tr> <td align="middle"><a href="javascript:onclick=history.go(-1)"><?php echo tep_image_button('button_back.gif', IMAGE_BUTTON_BACK); ?></a></td> <td width="10px"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="middle"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php } ?> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" summary="" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Change the 2 public key and private key sections to include your keys Quote Link to comment Share on other sites More sharing options...
RCHobbyAddict Posted April 2, 2012 Share Posted April 2, 2012 When a customer is trying to edit an address in the address book, he is getting the following error: Fatal error: Call to undefined function ajax_get_zones_html() in /home/XXX/public_html/includes/modules/address_fields.php on line 47 Also, the create account page is comming completely unformatted, i.e. the side boxes have moved down. Quote Link to comment Share on other sites More sharing options...
spooks Posted April 2, 2012 Author Share Posted April 2, 2012 (edited) @ You've missed bits of the install, make sure you do it all :huh: I.E. you've missed some of the edits for catalog/address_book_process.php Edited April 2, 2012 by spooks Quote Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Mort-lemur Posted April 30, 2012 Share Posted April 30, 2012 Hi Sam, I have been using this mod since you released it - and to date it has helped me stay hacker free ! The problem I now have is that I am trying to install a change to the Create_account.php file for an automated postcode lookup system - but I cant get it to work at all. The install instructions for the mod are quite simple : 2.2 Installation Instructions (osCommerce 2.2)Installation is easy, and should take no longer than 10 minutes on any website. To install please follow these steps; First please register Click here, registration is free, and only takes 1 minute. Select the suitable plan for your site, please note we have a FREE plan with FREE credits to start you off. Place the following code before the </head> tag in create_account.php ensuring to change the bold XXX`s in this example below for your API Key given to you after you have selected your plan above. The same information with your unique key in place for you to cut and paste can be found here<script type="text/javascript">var pcs_conf = { postcode_id: 'postcode', city_id: 'city', county_id: 'state', street_id: 'street_address', house_number_id: 'street_address', onSelect: function (d) { /* Select drop down country */ var country = document.forms['create_account'].elements['country']; var l = country.options.length; if(d.country == 'England') { d.country = 'United Kingdom'; } for(i=0;i<l;i++) { if(country.options.innerHTML == d.country) { var n = i; break; } } country.selectedIndex = n; } };</script><script type="text/javascript" id="pcsdcom-v1" src="https://www.postcodesite.com/api?key=XXX-XXX"></script> To make sure clients enter the postcode before filling in their address move the following:<tr> <td class="fieldKey"><?php echo ENTRY_POST_CODE; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('postcode') . ' ' . (tep_not_null(ENTRY_POST_CODE_TEXT) ? '<span class="inputRequirement">' . ENTRY_POST_CODE_TEXT . '</span>': ''); ?></td> </tr>To just under this line:<td><table border="0" cellspacing="2" cellpadding="2"> But try as I might neither me nor the writers of that mod can understand the heavily modified Create_account of anti hacker mods. Any suggestions would be great thanks Quote Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
Mort-lemur Posted May 1, 2012 Share Posted May 1, 2012 Hi, Ignore the above - I managed to sort it out Thanks Quote Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
vampirehunter Posted August 15, 2012 Share Posted August 15, 2012 does this work on 2.3.2? Quote Link to comment Share on other sites More sharing options...
Guest Posted August 15, 2012 Share Posted August 15, 2012 @@vampirehunter NOT required on v2.3.x installations. Chris Quote Link to comment Share on other sites More sharing options...
vampirehunter Posted August 15, 2012 Share Posted August 15, 2012 @@vampirehunter NOT required on v2.3.x installations. Chris ok thanks it gets very confusing seeing all these plugins and whether i should actually install them on my site. Quote Link to comment Share on other sites More sharing options...
motorcity Posted April 24, 2013 Share Posted April 24, 2013 I'm hitting the wall trying to get http://addons.oscommerce.com/info/1560 (the older simpler visual-verify-code) working in both contact_us and create_account with Sam's Anti-hacker. The thing is I've got it working in tell_a_friend, and that does include changing the $HTTP_GET_VARS[tep_session_name() to $_GET and $HTTP_POST_VARS to $_POST so that doesn't seem to be the issue. It works regardless if you're logged in on tell_a_friend depending on the admin/Allow Guest To Tell setting. Gives the proper error if the code is entered wrong and sends the email if you get it right. Anybody else using this? Any thoughts on what to try? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.