Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

NEW: Anti Robot Registration Validation


Druide

Recommended Posts

 

 

Yes your right, there should be a test in the code, thbough a better script would be:

 

<?php  
echo "GD support on your server: ";  

if(function_exists("gd_info"))  
{  
echo "YES<br>";  
$gd = gd_info(); 
echo 'XBM Support = ' . ($gd['XBM Support'] ? 'Yes' : 'No' ) . '<br>';
} else {
echo "NO";  
} 
?>

 

Ealy versions of this did use images, perhaps you would prefer to use those (take care of the bugs though!) smile.gif

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

  • 2 weeks later...

This issue is about reload.gif button which for an unkown reason placed in catalog/images folder in v3.1

Meanwhile if you store is multilanguage you would like to have corresponding button in languages/you_language/images/buttons folder where all of you buttons are stored.

 

This requires modification of the path in modules/validation.php on line 69

 document.writeln('<?php echo tep_image_button('button_update.gif', IMAGE_BUTTON_RELOAD)?><\/a>')

 

I use button_update.gif just because it is already available in all languages but you can to draw a spechial one.

Also dont forget to define button in english.php and all of you main langiage files

define('IMAGE_BUTTON_RELOAD', 'Alternative view');

Link to comment
Share on other sites

  • 1 month later...

Hi,

 

I installed this contribution on my test site.

Instead of showing the verification code it shows this error:

 

Generation Error: Missing SID

Please refresh the browser

 

I allready searched for this error and found it could have something to do with loosing the session ID.

The links to eg. my login page were not correct. Now, I corrected it like suggested in this post

Still, the generation error is showing up.

 

Any ideas?

Link to comment
Share on other sites

Generation Error: Missing SID

Please refresh the browser

 

 

 

Can be a server issue, what is the server type & versions?

 

Also Check what options are supported by your GD library, XBM support & jpeg required.

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Apache/2.2.3 (Win32) PHP/5.2.0

xbm and jpeg support are enabled on the server

 

 

I'm afraid, for the most part (there have been exceptions) this type of add-on does not work on windows servers, the proof is where some have tried on xamp on their pc, would'nt work, transfered files to linux web server, issues gone!!

 

There can be other issues with windows servers, can u upgrade to linux? wink.gif

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

There can be other issues with windows servers, can u upgrade to linux? wink.gif

This is my local testing server (using wampserver). My live site is on a linux server.

Only XBM isn't supported there. I need to ask my host if it's possible to activate it.

Link to comment
Share on other sites

  • 3 weeks later...

Hi, nice work ! Thank u

Can u help me, when i load the page i become a php error :

 

I work under:

oscommerce-2.2rc2a, OSX 10.3.9, php 5.1.6, apache 2, gd xbm tested, i use ttf fonts.

 

I search over urand(), $angle and more but found nothing.

 

php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  6 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  14 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  7 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  17 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  8 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  18 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 48
[10-Feb-2010 00:40:01] PHP Notice:  Undefined variable: rangeList in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 49
[10-Feb-2010 00:40:01] PHP Notice:  Undefined offset:  13 in /Library/WebServer/oscommerce-2.2rc2a/catalog/includes/functions/account_validation.php on line 50

 

Thank u

Edited by PiBo
Link to comment
Share on other sites

  • 2 weeks later...

Is there any possibility to mod this addon to output a completely new image/code every time the button is pushed? In that case - how?

 

Because using the button right now generates the same picture, but with the characters arranged differently and most of the time this alter the size of the image (even though it's set to a fixed size through the admin section) & it kinda mess up the GUI for my part...

Link to comment
Share on other sites

Is there any possibility to mod this addon to output a completely new image/code every time the button is pushed? In that case - how?

 

 

 

You seem to have mis-read the pupose of the function, its possible that the visitor may have trouble reading the chars, so by allowing them an alternate view, you circumvent the issue.

 

 

 

To get a new code, refresh the page, any code change routine must do the same.

 

 

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

You seem to have mis-read the pupose of the function, its possible that the visitor may have trouble reading the chars, so by allowing them an alternate view, you circumvent the issue.

 

 

 

To get a new code, refresh the page, any code change routine must do the same.

 

 

I didn't miss read it, I just though I could mod it into working that way :-"

I'll work out a solution with time though...

 

But this doesn't alter the fact - that if you refresh / alter the view, the size of the image is altered. Why that is happening I can't understand, since the image should be locked to one fixed size if you set it to one fixed size in the admin right?

Link to comment
Share on other sites

I didn't miss read it, I just though I could mod it into working that way whistling.gif

I'll work out a solution with time though...

 

But this doesn't alter the fact - that if you refresh / alter the view, the size of the image is altered. Why that is happening I can't understand, since the image should be locked to one fixed size if you set it to one fixed size in the admin right?

 

 

There are a number of params that effect image size, thats why it can change. Use HTML techniques if its an issue.

 

The only way (without a refresh) to achieve a change is through javascript, but as that is client based it removes all the security your adding, so making that method pointless.

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

There are a number of params that effect image size, thats why it can change. Use HTML techniques if its an issue.

 

The only way (without a refresh) to achieve a change is through javascript, but as that is client based it removes all the security your adding, so making that method pointless.

 

 

I solved all of my issues - removed the refresh button (to have my validation code always load to a fixed size) & that solved the other issue as well.

 

 

The only trouble I experience right now is that the check of the code always return - false; which prevents the customer from ever geting past this security check.

Something I might have done wrong or maybe something in the code to begin with?

I use the validation on the "contact us" page & when creating an account...

Link to comment
Share on other sites

 

Something I might have done wrong or maybe something in the code to begin with?

 

 

 

Do you always like throwing insults!!! mad.gif

 

If there is such a fault in the code don't you think there would be loads of posts on it!!! rolleyes.gif

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

Do you always like throwing insults!!! mad.gif

 

If there is such a fault in the code don't you think there would be loads of posts on it!!! rolleyes.gif

 

 

Not throwing insults, just checking up on my own sketchy php-knowledge ;)

 

Plus that I thought I read something about someone else having trouble with the same thing a couple of posts earlier... but guess I'll have to go over my own code again and see if I can find the problem there...

Link to comment
Share on other sites

Not throwing insults, just checking up on my own sketchy php-knowledge ;)

 

Plus that I thought I read something about someone else having trouble with the same thing a couple of posts earlier... but guess I'll have to go over my own code again and see if I can find the problem there...

 

Now I've narrowed it down to that it only sends me false when the validation code contains a special char. Don't know why it's doing that though... can it be the char-set the page is saved in?

Link to comment
Share on other sites

Now I've narrowed it down to that it only sends me false when the validation code contains a special char. Don't know why it's doing that though... can it be the char-set the page is saved in?

 

 

in functions/account_validation.php

 

you will find the line

 

 

$chars = 'abcdefghjklmnpqrstuvwxyz123456789@#?+=';

 

thats sets the chars used, reduce that bye any you have issues with.

 

I would suspect you have a sanitising issue, have you added any?

 

 

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

in functions/account_validation.php

 

you will find the line

 

 

$chars = 'abcdefghjklmnpqrstuvwxyz123456789@#?+=';

 

thats sets the chars used, reduce that bye any you have issues with.

 

I would suspect you have a sanitising issue, have you added any?

 

Thanks! Will check it out... :thumbsup:

 

Yea, if you're refering to a function to sanitize the $PHP_SELF calls, then yea I've got that added.

 

 

I'm obviously not as good on php as yourself so sorry for asking, but what made you draw the conclusion that it could be a sanitizing issue? :blush:

(Just trying to learn to understand the code & how to interpret possible signs of faults better in case of future issues... always a good thing to learn from the better ones right?)

Link to comment
Share on other sites

Hi I have recently installed this contribution and just wanted to see if it has all the security updates or if I still need to install Super Contact us enhancement 1.0 b/c it mentions the "Contact Us Form Vunerability Fix".

 

Thanks for your help!

Mike

 

 

This is for testing for real users, it does not add any input sanitisation.

 

Yes Contact Us is vunerable, as are any pages using the post, to add sanitisation & validation to all forms including Contact Us add Anti-hacker Account Mods http://addons.oscommerce.com/info/7202

Sam

 

Remember, What you think I ment may not be what I thought I ment when I said it.

 

Contributions:

 

Auto Backup your Database, Easy way

 

Multi Images with Fancy Pop-ups, Easy way

 

Products in columns with multi buy etc etc

 

Disable any Category or Product, Easy way

 

Secure & Improve your account pages et al.

Link to comment
Share on other sites

This is for testing for real users, it does not add any input sanitisation.

 

Yes Contact Us is vunerable, as are any pages using the post, to add sanitisation & validation to all forms including Contact Us add Anti-hacker Account Mods http://addons.oscommerce.com/info/7202

 

Great. I read your post on that and already installed. Thanks for the heads up!

Mike

Link to comment
Share on other sites

  • 2 weeks later...

Hi, I had an issue come up with the image validation when I was addressing the login redirect issue. I installed the redirect contribution and also tried the simple code fix.

 

In both cases when a user adds a product to the cart, goes to check out, then logs in with their existing user name and pass it redirects to the image png on

the validation_png.php.

 

Does anyone have the same contribution installed or any help on the issue?

 

Thanks,

Mike

Link to comment
Share on other sites

  • 2 weeks later...

Hi all just wondering if anyone has found a solution to this problem when installin the sql file in phpmyadmin on a linux server:

 

Error

SQL query:

 

INSERT INTO configuration_group( configuration_group_id, configuration_group_title, configuration_group_description, sort_order, visible )

VALUES (

 

'736', 'Anti Robot Reg', 'Anti Robot Registration', 300, 1

);

 

MySQL said:

 

#1062 - Duplicate entry '736' for key 'PRIMARY'

 

 

The only contribs that are installed so far (installed in the order listed) on a stock store are sts4.6 header tags seo 3.2.2 and order editor5.0.9b

 

Any help would be appreciated!

Edited by nedragdnuos
Link to comment
Share on other sites

Ok, this is just weird, and follow on from the previous post, I have just installed a brand new OSCommerce setup, as a "control test" ZERO contributions, straight from stock setup I try to add the anti robot reg, latest version, and I receive this error in my php admin when trying to import the database:

 

Error

SQL query:

 

INSERT INTO configuration( configuration_id, configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, last_modified, date_added, use_function, set_function )

VALUES (

 

'', 'Activate for New Users? ', 'ACCOUNT_CREATE_VALIDATION', 'true', 'Force the user to enter a visual code when creating a new account. (OPTIONAL)', 736, 20, '2004-08-08 17:00:00', '2004-08-08 17:00:00', NULL , 'tep_cfg_select_option(array(\'true\', \'false\'),'

);

 

MySQL said:

 

#1062 - Duplicate entry '0' for key 'PRIMARY'

 

Again, if anyone has encountered this any help would be appreciated,

 

Cheers!

Link to comment
Share on other sites

Ok, this is just weird, and follow on from the previous post, I have just installed a brand new OSCommerce setup, as a "control test" ZERO contributions, straight from stock setup I try to add the anti robot reg, latest version, and I receive this error in my php admin when trying to import the database:

 

Error

SQL query:

 

INSERT INTO configuration( configuration_id, configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, last_modified, date_added, use_function, set_function )

VALUES (

 

'', 'Activate for New Users? ', 'ACCOUNT_CREATE_VALIDATION', 'true', 'Force the user to enter a visual code when creating a new account. (OPTIONAL)', 736, 20, '2004-08-08 17:00:00', '2004-08-08 17:00:00', NULL , 'tep_cfg_select_option(array(\'true\', \'false\'),'

);

 

MySQL said:

 

#1062 - Duplicate entry '0' for key 'PRIMARY'

 

Again, if anyone has encountered this any help would be appreciated,

 

Cheers!

 

You have left in VALUES in first field blank, so it goes to save this entry to the first place of your table which in this id(=0)

has already a value.. you have to see what is your last id number of this table and change this into a next number of this(if your last entry is 265, for this line you want to insert, change the first value to 266)

 

 

One other question that i have my friends...

I just downloaded the last pack and i set it.. no problems with the setting and the modifications, BUT... no image with the characters display.. anyone has any idea for which reason i have this problem!?? thanks in advance!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...