SCH_001 Posted August 5, 2019 Posted August 5, 2019 It appears spam emails are still getting threw with the below content in them http://enibpatcons.tk/ucgm?GXiHtf Quote
SCH_001 Posted August 5, 2019 Posted August 5, 2019 @Jack_mcs Hi Jack is your honeypot meant to look like the image below as it appears to have grid list in it as well I downloaded this from https://apps.oscommerce.com/t3rEO&honey-pot-captcha and uploaded the includes folder from the v234 new files directory I will go an un-install a download and ftp again and see if it's different Quote
Jack_mcs Posted August 5, 2019 Author Posted August 5, 2019 That's just the result of using an existing module as the source to saving coding time. The text itself can be ignored but you need to check the pages that have forums on them. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
SCH_001 Posted August 6, 2019 Posted August 6, 2019 has have forums on them? not sure what you mean... How do I go about fixing the saving of the badwords? Quote
Jack_mcs Posted August 6, 2019 Author Posted August 6, 2019 Maybe I misunderstood. I understood your post to be about the mention of the grid/list line. I don't see any mention about saving bad words. The "have forums on them" should have been "have forms on them". This addon only works on pages that have forms, like contact us and create account. As for the bad words, they are entered in the modules settings. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
SCH_001 Posted August 6, 2019 Posted August 6, 2019 (edited) 9 hours ago, SCH_001 said: Hi Jack, I have just installed this on osCommerce Online Merchant v2.3.4.1 CE aka Frozen BS and when I enter a word in the bad word area and click save the bad words not saved I also added the extra TOR IP's part as per above Can you please assist Thanks Jack, yes just putting it on the contact us page, and yes have that ticked in admin but seems to have not made a difference. So want to add some bad words but they will not save see my other posts one page back Edited August 6, 2019 by SCH_001 Quote
Jack_mcs Posted August 6, 2019 Author Posted August 6, 2019 If you can't save the words, then something is wrong with your installation. The bad words is just another setting so there's no reason why one setting won't save but others will. But since you said this has not made a difference, I am wondering if you have the email and url options set to false. If they are set to true then spam emails won't be blocked. Have you tried sending an email with the contact us page that has an email address in it? Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
SCH_001 Posted August 6, 2019 Posted August 6, 2019 Ok lets work on one item at a time, How can I correct the installation? I have already uninstalled and re-installed and it has made no difference. I have also installed it on a test version of frozen and still won't save bad words Also tested on Phoenix and same issue won't save bad words Can we get this sorted first.. Quote
Jack_mcs Posted November 4, 2019 Author Posted November 4, 2019 A new version has been uploaded with these changes: Added an option to record known bad IP's from an external site and to check those at run-time. Added an option to display a math captcha. Added an option to block accounts that have numbers in the name. Added an option to block accounts that have letters in the phone and fax fields. Added an option to log details for create account attempts. Added check for an account field containing html. Added optional code change to fix a known problem with oscommerce handling textareas in configuration. Corrected a logic error that would prevent the bad words filter from working for create account. Corrected a mistake in the database commands for older shops. Moved display text to a language file. Some Notes: This is not a direct replacement as previous versions were. Please follow the included instructions. Basically, you will need to remove any previous changes before applying these. The new IP List option creates a list of known bad IP's provided by myip.ms. But they only supply a limited number on their site to prevent large files from being downloaded. So there is a cron script in the package that will check their site and add any new IP's they find to be bad. I run the script daily but you may wish to run it more often or less. But if you go beyond five days or so, you may miss some of the additions so I don't recommend that. I added the match captcha at the request of one of my clients. Personally, I don't care for any challenge being presented to the visitor. To get rid of that was one of the main reasons for creating this addon. But it is there for those that want it. I saw on these forums that Honey Pot wasn't always catching fake accounts. I spoke with one person about this privately and the reason was, for him at least, that he did not have the "Create Account Check" option enabled. That setting is the on/off switch for all of the account checks. It should always be on if you want to use any of the account checking options. If you find that Honey Pot didn't block a fake account, please take a screenshot of that account in the customers section in admin and post it here along with what settings you are using for the Honey Pot module and I will take a look. valquiria23 and JcMagpie 2 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
valquiria23 Posted November 4, 2019 Posted November 4, 2019 What a nice update Jack !!! Thank you!! Quote Community Oscommerce fan You'll find the latest osC community version here.
Guest Posted November 4, 2019 Posted November 4, 2019 Thank You, @Jack_mcs I just finished installing it and all appears to be well except for the math captcha. It appears onscreen in all the forms I've assigned Honeypot to use, but it doesn't work for me. For example, I'll fill out create account with legit information and then answer the captcha question: 7 + 2 = and in the accompanying text field I'll type in 9 and then try to submit but it will fail. My error log is showing this: [04-Nov-2019 16:54:12 UTC] PHP Warning: imagecolordeallocate() expects exactly 2 parameters, 1 given in /home/xxxx/public_html/captcha.php on line 56 [04-Nov-2019 16:54:12 UTC] PHP Warning: imagecolordeallocate() expects exactly 2 parameters, 1 given in /home/xxxx/public_html/captcha.php on line 57 ...and that just goes whoosh over my head. If you could please take a look I'd appreciate it! - Andrea Quote
Jack_mcs Posted November 4, 2019 Author Posted November 4, 2019 @puggybelleThat's strange. I ran it here with full errors enabled and php 7.3 and it didn't fail. But to fix it, find the following in the captcha.php file: imagecolordeallocate( $text_color ); imagecolordeallocate( $background ); and change them to imagecolordeallocate( $img, $text_color ); imagecolordeallocate( $img, $background ); Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Jack_mcs Posted November 4, 2019 Author Posted November 4, 2019 1 hour ago, valquiria23 said: What a nice update Jack !!! Thank you!! You're welcome. valquiria23 1 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Guest Posted November 4, 2019 Posted November 4, 2019 Hi @Jack_mcs I changed those two entries in captcha.php and still not working. No new entries in the error log, but...still can't create an account or send via Contact Us with the captcha enabled. If Show Math Captcha is set to False, everything is fine. It is stopping accounts with more than 2 words for first name, more than 1 for last name, not allowing numbers in the fields, etc. It's just this one feature that won't cooperate! Ugh! I'm using PHP 7.0 for what it's worth. - Andrea Quote
Jack_mcs Posted November 4, 2019 Author Posted November 4, 2019 @puggybellePlease go to https://YOUR DOMIAN/captcha.php Is the math question displayed. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Jack_mcs Posted November 4, 2019 Author Posted November 4, 2019 The code requires the GD library and that may not be enabled on your server. To check it, go to admin->Tools->Server info and search for "GD Support". It should show enabled. If it isn't enabled or just not there, you will need to ask your host to enable it. If that isn't the problem, please visit the page in IE, or any browser that shows missing images. In IE, it will be shown with an X on a black background. Right click on it and choose properties. The url should be the one to that file. Is it? If both fail, after the application_top.php line near the top of the create_account.php file, add this under it. Then reload the page and see if there are any errors. error_reporting(E_ALL); ini_set('display_errors','1'); Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Guest Posted November 4, 2019 Posted November 4, 2019 GD Support is enabled. The captcha image is not missing in any web browser. And when I turned on the error reporting...what a mess! Lots of errors, but none related to Honeypot Captcha. Lots of deprecated constructor errors, stuff like that. Some of the contribs I'm using and whatnot. Does this look normal? From create_account.php - Andrea Quote
Guest Posted November 4, 2019 Posted November 4, 2019 I enabled the Honeypot setting in Log Tracker to Both, so I'm receiving emails when I try to create an account. First thing in the email is my IP address, followed by: 11-04-2019: Denied due to captcah Captcha is misspelled - could there be typos in the contribution causing a problem? - Andrea Quote
♥ecartz Posted November 4, 2019 Posted November 4, 2019 39 minutes ago, puggybelle said: Captcha is misspelled - could there be typos in the contribution causing a problem? Not exactly a typo, but in captcha.php try changing // set session variable to total $_SESSION['check'] = $numero; to // set session variable to total $_SESSION['security_check'] = $numero; to match the usage in includes/functions/honeypot.php Quote Always back up before making changes.
Guest Posted November 4, 2019 Posted November 4, 2019 @ecartz Nope. Still not working. Same email as before. Thanks for the idea! - Andrea Quote
Chadduck Posted November 5, 2019 Posted November 5, 2019 Jack My live store is OSC 2.3.4.1 and I just installed the HoneyPot Captcha and it appears to be working. BUT a Quick question - at present I have it enabled for these pages contact_us.php create_account.php password_reset.php tell_a_friend.php SHOULD it also be enabled for any others? There are 57 in the setup - should it be enabled for ALL of them? BTW I am updating to FROZEN and will be installing this in it also. BJ Quote
Chadduck Posted November 5, 2019 Posted November 5, 2019 Another quickie regarding enabling the LOG TRACKER file WHERE is it created and stored? Quote
Jack_mcs Posted November 5, 2019 Author Posted November 5, 2019 5 hours ago, puggybelle said: Does this look normal? From create_account.php Yes, that is correct. Did you make a change or were just expecting something else? 4 hours ago, puggybelle said: Captcha is misspelled - could there be typos in the contribution causing a problem? No, it's not used in the code other than the actual file but that is working. The above is just due to a typo. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Jack_mcs Posted November 5, 2019 Author Posted November 5, 2019 1 hour ago, Chadduck said: SHOULD it also be enabled for any others? The only pages that matter are the ones with forms on them. You need to add the two include statements to the ones you want to protect. See the install instructions for the contact us page and make those same changes for the password_reset page. The others have coded examples already. Each page with a form will have error checking for the form near the top. The verify statement goes there. The display statement goes above the submit button code for the page. 1 hour ago, Chadduck said: BTW I am updating to FROZEN and will be installing this in it also. Frozen is no longer supported as an oscommerce package. You should be upgrading to Phoenix. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. All of My Addons Get the latest versions of my addons Recommended SEO Addons
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.