Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Adding Burt's Math Capcha to checkout_payment


otgrouch

Recommended Posts

Hello all. 

I have successfully implemented the math capcha on my contact us and create account pages (2.3.4.1 CE) but would like to add it to the Checkout_payment page.  I've tried to no avail (it will require the content but does not recycle the page if you get the math wrong - always goes to the payment portal page upon hitting Continue).  Anyone ever done this?

Link to comment
Share on other sites

19 hours ago, otgrouch said:

would like to add it to the Checkout_payment page. 

I don't have an answer for you. Have you tried asking on his site? If you are going to add it, it probably should go on the confirmation page. But I suggest you install Honey Pot instead. It is much more powerful and will stop more hackers compared to that addon.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

On 11/30/2023 at 7:15 PM, otgrouch said:

Hello all. 

I have successfully implemented the math capcha on my contact us and create account pages (2.3.4.1 CE) but would like to add it to the Checkout_payment page.  I've tried to no avail (it will require the content but does not recycle the page if you get the math wrong - always goes to the payment portal page upon hitting Continue).  Anyone ever done this?

All support for 2.3.4.1 CE now at https://phoenixcart.org/forum/index.php

Link to comment
Share on other sites

The only question is, for what? Do you want to lose your customers? If a customer is already registered, he or she has already confirmed the security query for spam and this issue is therefore off the table. With freely accessible forms, such as the contact form, things are different.

Link to comment
Share on other sites

7 hours ago, YePix said:

Do you want to lose your customers? If a customer is already registered, he or she has already confirmed the security query for spam and this issue is therefore off the table.

While I don't like captcha's, I doubt they will cause the loss of a customer. In older versions of oscommerce, it was possible to submit the confirmation page via the url so captcha might stop those. But, in Honey Pot, captcha can be turned off without losing the protection.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

I had someone create an account and then use it to run around 1000 stolen cards to see if they were good.  My card provider made it a requirement that we put a captcha on the payment page to prevent bots from running multiple cards - I feel that a simple math problem isn't likely to run people off (unlike wavy letters and numbers or picking out traffic lights in pictures).   I put it on the account creation page instead and it seems to have satisfied them.

Link to comment
Share on other sites

57 minutes ago, otgrouch said:

I had someone create an account and then use it to run around 1000 stolen cards to see if they were good. 

It is a fairly common problem in older shops. If you stop them from creating accounts in the first place, it can stop a lot of them. But you have to be sure to remove all previous accounts that the hacker created, which is usually quite a few. If the captcha is working for you then that might be all you need, though your are almost certainly getting hit by hackers. I suggest you download Honey Pot and just make the changes for admin. That will allow you to see fake accounts. It won't do anything other than show them so it is safe to do.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Am 10.12.2023 um 22:03 schrieb Jack_mcs:

While I don't like captcha's, I doubt they will cause the loss of a customer. In older versions of oscommerce, it was possible to submit the confirmation page via the url so captcha might stop those. But, in Honey Pot, captcha can be turned off without losing the protection.

Try this: Open a page with captcha, click somewhere around the code a few times, wait a few seconds and you're done. It's so easy to ignore Google. Furthermore, checkout_shipping, checkout_payment, checkout_confirmation and checkout_proccess kicked you out if you weren't logged in. How could you then complete an order via the browser entry as a customer who was not already registered and logged in?

Link to comment
Share on other sites

vor 5 Stunden schrieb otgrouch:

I had someone create an account and then use it to run around 1000 stolen cards to see if they were good.  My card provider made it a requirement that we put a captcha on the payment page to prevent bots from running multiple cards - I feel that a simple math problem isn't likely to run people off (unlike wavy letters and numbers or picking out traffic lights in pictures).   I put it on the account creation page instead and it seems to have satisfied them.

That's what I meant too.

Link to comment
Share on other sites

18 hours ago, YePix said:

Try this: Open a page with captcha, click somewhere around the code a few times, wait a few seconds and you're done. It's so easy to ignore Google. Furthermore, checkout_shipping, checkout_payment, checkout_confirmation and checkout_proccess kicked you out if you weren't logged in. How could you then complete an order via the browser entry as a customer who was not already registered and logged in?

You're talking about Googles recaptcha and I agree that it is not that secure. It uses javascript for the protection.  I'm talking about Honey Pot. It uses some javascript but mostly php. Hackers can get by Javascript in some cases but they can't get by php checks.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...