Jump to content

violinman

Member
  • Content Count

    118
  • Joined

  • Last visited

Community Reputation

1 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I am using the galaxyx skin and CC6, in the skin templates folder there is a content.recaptcha.php file, the problem is there are no instructions as to any changes needed to this file in order for it to work. I think it is probably for an earlier version of Captcha whereas I have retrieved a site and secret key for the Google invisible Captcha and do not know what changes to make to the file. Brian
  2. Thanks for your prompt response, I assume once I enable Captcha in store settings it will work? What I am asking is whether I need to make any changes in the code. Regards, Brian
  3. I have now added the Google Captcha (v2 invisible) so hopefully that will help, as asked in previous post I would be grateful to know which parts of the site it protects. Many thanks, Brian
  4. Hi Bsmither, I need some more info please. I do not have the default Captcha enabled in store settings, but having continued to look into the fake account signup online quite a few people suggest having the Captch enabled. My Question is at what part of the process does the Captcha present itself, is it just for account signup? As always many thanks, Brian
  5. Well I suppose similar in that the bot seems to generate a random set of letters in upper and lower case. I am setting up a WAF (Web Application Firewall) on my server to see if that blocks the bot, it will be live in two weeks time. Brian
  6. I made the change you recommend and it now works a treat so many thanks for that. You said you were curious to learn why attempts at password resets are part of the activity. Actually thinking about it they are not. What happens in most cases is the bot generates a random customer which also included a random non existent email address, so that when the program sends an email to the customer this fails and I get a copy of the failed email which includes the password reset link. What I don't understand is where the bot sets up the customer account, unless it is within the cart but the
  7. Many thanks, I am away from home at present, I will do it tomorrow morning and let you know how it goes. Brian
  8. Hi Bsmither, I have just got around to implementing the mod you sent me. The customer page now shows the tick boxes to select multiple customers but when I delete the entries admin crashes out to a white screen. All of the changes were as you listed in the mod text file except for the very last alteration near line 350 in customers.index.inc.php. What I have and replaced was: --------------------------------------------------------------------------------------------------------------------------- $GLOBALS['main']->setACPNotify($lang['customer']['notify_customer_delete']);
  9. Many thanks for all of your help. It is late evening here in the UK so I will make the changes during the day tomorrow. You don't actually say in the mod txt file which file is the first of the two admin files that need to be edited, you just mention the second file? Brian
  10. I am quite happy to disable the password reset function, very few of my legitimate customers setup an account anyway as it is almost always a one off purchase. Please let me know the file and code section I need to change or comment out. I am not sure how it happens, the bot or hacker sets up a meaningless account and the first I know of it is when the password reset fails, I assume they would have needed to add an item to the cart in order to have the option of setting up an account? Many thanks, Brian
  11. Hi guys, I have received numerous attempted hacks via the customer password recovery page, they are always with a random email address, a user name made of random letters such as OVaDMukYnGQhBl The only reason I know whese are happening is because I get a "message could not be delivered" from my server, presumably from the random email address they use. Always different IPs so they must be using a proxy. I did not even realise there is a password reset form available from the main index page! (1) How can I disable that password reset form. (2) Is there anyway to select multiple
  12. Hello, I used the second line you suggested which works fine. Thank you for your help. I have another related question, if I mark a sale in orders "Order Complete" admin then sends another copy of the order email to both myself and to the client, how can I stop this second email from being sent? Many thanks, Brian
  13. Thanks bsmither, much appreciated, I will try it tomorrow. Brian
  14. Hello, I have been using this form for clients to pay by bank transfer for several years and it works fine but I want have the gateway.class.php to email my address as well as the client. This is the block of code from line 238: // Format data $order_summary['order_date'] = formatTime($order_summary['order_date'],false,true); $order_summary['link'] = $GLOBALS['storeURL'].'/index.php?_a=vieworder&cart_order_id='.$order_summary['cart_order_id']; $GLOBALS['smarty']->as
×
×
  • Create New...