Jack_mcs Posted November 26, 2019 Author Share Posted November 26, 2019 50 minutes ago, dfr717 said: I believe the previous fix just resolved the 'Parse error' but the function itself doesn't actually work. I set the time to 60 seconds and I was able to make two accounts in less than 30 seconds, the second account shouldn't have been able to be created since the form was submitted twice from the same ip, correct? No, that's not correct. There are two settings regarding the time. The "Create Account Period" control how many minutes between create accounts are possible. So if you have it set to 30, it means that a second account cannot be created until 30 minutes after the first one was created. The "Verify Time to Submit" setting looks at the number of seconds between account creations. So if it is set to 4 and you create a second account in 3 seconds, it will block you. When spammers create accounts, they may use a script to do so. And if the script is set to create multiple accounts, it will just take a few seconds for them to do that. A person, on the other hand, cannot create an second account in a matter of seconds so this setting won't affect them. If a spammer is filling out the form manually, then this option won't affect him either. It would only catch scripts that can quickly create accounts. With that said, the code for that option will not work. To fix it, find the following in the includes/functions/honeypot.php file } else { //an entry for this IP doesn't exist so add one WriteToLog(sprintf(TEXT_CREATE_ACCOUNT_NEW_ACCOUNT, $cust)); and change it to } else { //an entry for this IP doesn't exist so add one if (defined('MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT') && tep_not_null(MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT)) { if (! tep_session_is_registered('time_check')) { $time_check = time(); tep_session_register('time_check'); } } WriteToLog(sprintf(TEXT_CREATE_ACCOUNT_NEW_ACCOUNT, $cust)); Then replace this function CheckTimeToSubmit() { if (! empty(MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT)) { $diff = ((time() - $_SESSION['time_check']) / 3660) * 1000; if ($diff < MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT) { return true; } unset($_SESSION['time_check']); } return false; } with this function CheckTimeToSubmit() { if (defined('MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT') && tep_not_null(MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT)) { if (tep_session_is_registered('time_check')) { $diff = ((time() - $time_check) / 3660) * 1000; if ($diff < MODULE_HEADER_TAGS_HONEYPOT_VERIFY_TIME_TO_SUBMIT) { $time_check = time(); //keep active in case script continues return true; } else { tep_session_unregister('time_check'); } } } return false; } Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted November 26, 2019 Share Posted November 26, 2019 Hello @Jack_mcs I have Honeypot set up to disallow URLs in the Contact Us form, and it seems to work on my end. If I try to send one, I get this: However, I am still getting emails thru Contact Us with urls inserted. The last one was just moments ago, lots of text in another language (Russian?) and it ends with this: Всю статью читайте здесь: http://www.xxxx.blo.com/2019/11/force.html I've edited the URL, so...not valid, but you get the idea. How is that possible? - Andrea Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 26, 2019 Author Share Posted November 26, 2019 2 hours ago, puggybelle said: How is that possible? Assuming you had HP installed previously, please verify the code near the top of the contact us page that calls the verify file is calling verify_general and not verify_contact_us. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Guest Posted November 27, 2019 Share Posted November 27, 2019 2 hours ago, Jack_mcs said: Assuming you had HP installed previously, please verify the code near the top of the contact us page that calls the verify file is calling verify_general and not verify_contact_us. Yep. I had not changed the call from verify_contact_us to verify_general in contact_us.php So excited to try the new HP I must have raced past that part. Sorry! - Andrea Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted November 27, 2019 Author Share Posted November 27, 2019 13 hours ago, puggybelle said: Yep. I had not changed the call from verify_contact_us to verify_general in contact_us.php I was just notified that I failed to change the install instructions and they still mention the wrong module. So everyone should check their contact_us.php file and make sure they have honeypot_verify_general.php, not honeypot_contact_us.php. My apologies to anyone affected. valquiria23 1 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
elara Posted December 22, 2019 Share Posted December 22, 2019 Hi Jack, I would like to install HoneyPot Captcha, I am running v2.3.1 Oscommerce / 5.3.29 PHP Version, Is it compatible?, what instructions I have to follow?. Thanks a lot in advanced. Quote Link to comment Share on other sites More sharing options...
RonCain Posted December 22, 2019 Share Posted December 22, 2019 HI Jack: Thanks for the information. I had hoped that would fix the problem I am having. With Create Account Check set to false all is good. As soon as create account check is set to true the website gives a 500 error. As noted I have made the above correction, which I found when comparing files in distribution to my server and noticed that the verify create accounts file was missing; which brought me here to check. I am running Phoenix 1.0.4.0 with HP 1.9. Ron Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 22, 2019 Author Share Posted December 22, 2019 44 minutes ago, RonCain said: As soon as create account check is set to true the website gives a 500 error. If this is the case, meaning you cannot even load the home page of the shop, then the problem is with the honeypot module. Most likely one of the files it needs is missing. If you mean the site won't load on just the create account page, then it is most likely a change that was made to that file. You can compare your file to the included one, or just use the included one for a quick test. If the above doesn't help, you will need to find out what the actual error is. See if there is an error_log file in your shops root or check your hosts error log in your control panel if there isn't or ask your host to determine the error (some will, some won't). Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
RonCain Posted December 22, 2019 Share Posted December 22, 2019 I had thought I was pretty concise; but here are some details I forgot. The shop loads fine, the create account page loads fine, but once submit is clicked the 500 error appears instead of the successful account creation page. Quote Link to comment Share on other sites More sharing options...
RonCain Posted December 25, 2019 Share Posted December 25, 2019 No thoughts on the 500 error page on account submission and account check set to true? Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2019 Author Share Posted December 26, 2019 Please re-read my last post. Until you determine what the error is, all you can do is guess wildly. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
RonCain Posted December 28, 2019 Share Posted December 28, 2019 Hi Jack: Besides a bunch of undefined constant warnings, here is the only different error I get when account check is set to true: PHP Fatal error: Cannot redeclare AddIpEntry() (previously declared in .../includes/functions/honeypot.php:5) in .../includes/functions/honeypot.php on line 13 Hope this helps it is the only error in the log. Ron Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 28, 2019 Author Share Posted December 28, 2019 1 hour ago, RonCain said: Besides a bunch of undefined constant warnings, here is the only different error I get when account check is set to true: Please provide one of the undefined constant warnings. I have HP installed in the latest Phoenix running 7.3 with full error reporting and no warnings appear. For the create account page, did you make the changes manually or did you use the included file? If you used the included file, it may not be compatible with your shop, though it should work to test with. Have you tried doing that? 1 hour ago, RonCain said: PHP Fatal error: Cannot redeclare AddIpEntry() (previously declared in Is it possible you have some other addon installed that does something with IP's? That is the only thing I can think of that would cause this. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
♥ecartz Posted December 28, 2019 Share Posted December 28, 2019 Something that would cause both undefined constant warnings and a redeclaring error would be copying the wrong file. For example, if a file that is supposed to include another file is saved where a language file should be. So the function gets defined twice and the language defines are missing. Quote Always back up before making changes. Link to comment Share on other sites More sharing options...
RonCain Posted December 28, 2019 Share Posted December 28, 2019 Here are 4 errors I pulled the first is very frequent the other three are only occasional, although it is not related to honeypot: PHP Warning: Use of undefined constant MODULE_BOXES_MANUFACTURERS_MAX_LIST - assumed 'MODULE_BOXES_MANUFACTURERS_MAX_LIST' (this will throw an Error in a future version of PHP) in .../includes/modules/boxes/bm_manufacturers.php on line 40 PHP Warning: Use of undefined constant MODULE_BOXES_PRODUCT_NOTIFICATIONS_VIEW - assumed 'MODULE_BOXES_PRODUCT_NOTIFICATIONS_VIEW' (this will throw an Error in a future version of PHP) in .../includes/modules/boxes/templates/tpl_bm_product_notifications.php on line 6 PHP Warning: Use of undefined constant MODULE_HEADER_TAGS_HONEYPOT_TITLE - assumed 'MODULE_HEADER_TAGS_HONEYPOT_TITLE' (this will throw an Error in a future version of PHP) in .../includes/modules/header_tags/ht_honeypot.php on line 22 PHP Warning: Use of undefined constant MODULE_HEADER_TAGS_HONEYPOT_DESCRIPTION - assumed 'MODULE_HEADER_TAGS_HONEYPOT_DESCRIPTION' (this will throw an Error in a future version of PHP) in .../includes/modules/header_tags/ht_honeypot.php on line 23 Also I do not have any other addons currently. The only alterations since installation are Phoenix version updates. Ron Quote Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 28, 2019 Author Share Posted December 28, 2019 The two HP definitions are in the language file for this addon. So the file is not being loaded for some reason. The first one is a database entry so my guess is that a mistake was made in the update to the version of oscommerce you did. Try installing a clean version of the latest Phoenix with its own database and verify there are not any warnings (there shouldn't be). Then install HP in that shop and check again. Once you verify it is all working correctly, you can compare the files to your main shop using a compare program like Winmerge. I know that is a lot of unwanted work but if you have problem in the shop, which you do, you need to fix them now or they will cause you problems later on. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
RonCain Posted December 28, 2019 Share Posted December 28, 2019 So the error is in coding not in the database itself? If so then it will be worth the effort. If the error is in the database, then this will not fix that, correct. I will work on your solution later and follow up. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 28, 2019 Author Share Posted December 28, 2019 The problem from the HP warnings are due to the language file not being seen for some reason. The non-HP warning, at least the first one, is a database problem. Most, if not all, of the Phoenix updates make changes to the database. You may have missed some. You should ask in the update thread for Phoenix as to why that warning is showing. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Chadduck Posted January 2, 2020 Share Posted January 2, 2020 Jack I hate to bother you but I have a small issue that I am certain is a setting. As you are aware (from our private messages) I recently moved over to a newly updated store. In the OLD store Honeypot was sending emails to the store owner (me). Since I switched over those emails have stopped. The Honeypot log is being updated as shown in this excerpt 176.114.153.23 01-02-2020: URL's are not allowed in the message.This IP has 2 violations. 185.220.100.252 01-02-2020: URL's are not allowed in the message.This IP has 1 violations. 173.249.33.205 01-02-2020: Denied due to a country - state mismatch.This IP has 1 violations. 173.249.33.205 01-02-2020: URL's are not allowed in the message.This IP has 2 violations. The settings from the header tag (setup file settings) are Log Tracker Both Emails from the store are working and being sent. There is nothing showing up in the php_errors.log nor is anything showing in the domain error logs either Can you point me in the right direction? Or at least give me a starting place? BJ Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 2, 2020 Author Share Posted January 2, 2020 The code uses the error_log command to record or email the error. Since the file option is working, that means that error logging is enabled. The only difference between the two commands is that one uses the email address. The address it uses is the shops so maybe you forgot to enter an email address in that setting? If that isn't it, it might be the formatting of the message is causing the email code to fail. To test that, change this line in the functions file error_log($text, 1, STORE_OWNER_EMAIL_ADDRESS); to error_log('hello', 1, STORE_OWNER_EMAIL_ADDRESS); Then cause an error and see if you get the email. If not, you could also try change the STORE_OWNER_EMAIL_ADDRESS to '[email protected]', where that is a known working email address not on your server. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Chadduck Posted January 3, 2020 Share Posted January 3, 2020 Jack as per your instructions I have tried the various combinations to no avail. error_log($text, 1, STORE_OWNER_EMAIL_ADDRESS); // error_log('hello', 1, STORE_OWNER_EMAIL_ADDRESS); // error_log($text, 1, '[email protected]'); // error_log($text, 1, '[email protected]'); WWW.XXX.YY.ZZZ 01-02-2020: Denied due to numbers in a nameThis IP has 2 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to letters in phone or fax fields.This IP has 3 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to numbers in a nameThis IP has 4 violations. WWW.XXX.YY.ZZZ 01-02-2020: Denied due to being too soon by testing testing.This IP has 5 violations. The interesting part is that the View Counter email works (see post here https://www.oscommerce.com/forums/topic/392949-view-counter/?page=21) With that working - it is obvious that the store's email is correctly configured. This is off the wall BUT it is possible that the code inserted in the create_account.php for View Counter could be conflicting somehow? I ask since the only difference between the OLD version store and the NEW version store - View Counter was NOT installed into the create_account.php file. I will attempt to restore the create_account.php WITHOUT the View Counter code and check. Quote Link to comment Share on other sites More sharing options...
Chadduck Posted January 3, 2020 Share Posted January 3, 2020 22 minutes ago, Chadduck said: I will attempt to restore the create_account.php WITHOUT the View Counter code and check. NO JOY - removed the code still no email Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 3, 2020 Author Share Posted January 3, 2020 32 minutes ago, Chadduck said: Jack as per your instructions I have tried the various combinations to no avail. Try replacing that line with this one tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); 33 minutes ago, Chadduck said: This is off the wall BUT it is possible that the code inserted in the create_account.php for View Counter could be conflicting somehow? No, there shouldn't be any conflict. I use both on my site without any problems. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Chadduck Posted January 3, 2020 Share Posted January 3, 2020 6 minutes ago, Jack_mcs said: Try replacing that line with this one tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); THAT WORKED... Email arrived Subj: honey pot failure WWW.XXX.YY.ZZZ 01-03-2020: Denied due to numbers in a nameThis IP has 2 violations. Quote Link to comment Share on other sites More sharing options...
Chadduck Posted January 3, 2020 Share Posted January 3, 2020 (edited) Jack Thank you for the assist. A follow on question Since that solved the NO EMAIL issue what do I need to do to STOP emails that are for valid accounts? Since I have emails working now I have received two separate ones like this for VALID accounts WWW.XXX.YYY.Z 01-03-2020: A new account was created by by Jane Doe.This IP has 1 violations. WWW.XXX.YYY.Z 01-03-2020: A new account was created by Frank Smith.This IP has 1 violations I know they are valid accounts since orders were placed by the individuals creating the accounts. Also, can this code tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); be changed in any manner to indicate what the violations were? Just asking because right now I am ecstatic to be getting the emails. THANKS AGAIN!?!?! BJ Edited January 3, 2020 by Chadduck Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.