cherylb Posted June 13, 2011 Share Posted June 13, 2011 hi - my host has informed me that my cc4 has been exploited for email spamming. i enabled "spam/bot flood control" but the problem still persists. they have now informed that i should eliminate the "tell a friend" option but i have no idea how to do this. if anyone would be kind enough to tell me "how to" i would really appreciated it as my host is threatening to close my account. many thanks cheryl. Quote Link to comment Share on other sites More sharing options...
vokf Posted June 13, 2011 Share Posted June 13, 2011 hi - my host has informed me that my cc4 has been exploited for email spamming. i enabled "spam/bot flood control" but the problem still persists. they have now informed that i should eliminate the "tell a friend" option but i have no idea how to do this. if anyone would be kind enough to tell me "how to" i would really appreciated it as my host is threatening to close my account. many thanks cheryl. Hi Cheryl, first step; Delete; /www/includes/content/tellafriend.inc.php This is the actual script that sends the email. Then you need to remove the link from your template (so people don't click it!); Edit; /www/skins/yourtemplatename/styleTemplates/content/viewProd.tpl Remove the following line; <li class="bulletLrg"><a href="index.php?_a=tellafriend&productId={PRODUCT_ID}" target="_self" class="txtDefault">{LANG_TELLFRIEND}</a></li> As always, run a full account backup before you do anything! I hope this helps, Jason Quote Link to comment Share on other sites More sharing options...
cherylb Posted June 13, 2011 Author Share Posted June 13, 2011 hi - my host has informed me that my cc4 has been exploited for email spamming. i enabled "spam/bot flood control" but the problem still persists. they have now informed that i should eliminate the "tell a friend" option but i have no idea how to do this. if anyone would be kind enough to tell me "how to" i would really appreciated it as my host is threatening to close my account. many thanks cheryl. Hi Cheryl, first step; Delete; /www/includes/content/tellafriend.inc.php This is the actual script that sends the email. Then you need to remove the link from your template (so people don't click it!); Edit; /www/skins/yourtemplatename/styleTemplates/content/viewProd.tpl Remove the following line; <li class="bulletLrg"><a href="index.php?_a=tellafriend&productId={PRODUCT_ID}" target="_self" class="txtDefault">{LANG_TELLFRIEND}</a></li> As always, run a full account backup before you do anything! I hope this helps, Jason hi jason - thank you so much for your help - greatly appreciated - cheryl Quote Link to comment Share on other sites More sharing options...
cherylb Posted June 15, 2011 Author Share Posted June 15, 2011 hi i have deleted the " /includes/contenttellafriend.inc.php" and edited the " /viewProd.tpl " file to remove the link. i thought that was it but my host informs me there are several "tellafriend.inc.php" files in " /language/ " and they what them sorted. for example " /language/de/includes/content/tellafriend.inc.php ". does anyone know if it is ok to delete each of the " tellafriend.inc.php " files for each language ? any help would be kindly appreciated. cheryl. Quote Link to comment Share on other sites More sharing options...
vokf Posted June 15, 2011 Share Posted June 15, 2011 HI Cheryl, the files under the language folder are used for language translation only. There is no "active" code in the file that could be used to send emails. You can try to rename one of the files - if you're not using other languages I don't see a problem, but suspect you may seen an error if you delete/rename a file that is required for the langage you're using. So - rename /langauge/en/includes/content/tellafriend.inc.php to tellafriend.old.inc.php Surf the store- if all looks ok, you can probably safely remove it. I'm not sure how the file is used (ie how it is included) in the main code. If you rename and there are errors, you can very quickly restore it, and post back with the error. Jason Quote Link to comment Share on other sites More sharing options...
cherylb Posted June 15, 2011 Author Share Posted June 15, 2011 HI Cheryl, the files under the language folder are used for language translation only. There is no "active" code in the file that could be used to send emails. You can try to rename one of the files - if you're not using other languages I don't see a problem, but suspect you may seen an error if you delete/rename a file that is required for the langage you're using. So - rename /langauge/en/includes/content/tellafriend.inc.php to tellafriend.old.inc.php Surf the store- if all looks ok, you can probably safely remove it. I'm not sure how the file is used (ie how it is included) in the main code. If you rename and there are errors, you can very quickly restore it, and post back with the error. Jason hi jason - i will rename as you suggested & see what happens - once again thank you. cheryl Quote Link to comment Share on other sites More sharing options...
bsmither Posted June 15, 2011 Share Posted June 15, 2011 I have come to learn that everything in the language folders simply sets up arrays. There is no decision code and no code that actually generates a output or performs a function. Each language folder is set up in such a way as to make programming easier, for example: $a = $_GET('tellafriend'); getLang($a); getFunc($a); getTemplate($a); getMain($a); where getMain brings in and executes the one and only file that actually does anything. Also, I have come to learn that CC4 affords the admin to make changes to the language array, but then the changes are stored in the database. So, manually removing a language file (regardless of the file's filename and what it implies) is not the proper solution. And if that language was databased, it wouldn't have any effect anyway. You may inform your host that everything in the /language/ folder is inert. Quote Link to comment Share on other sites More sharing options...
cherylb Posted June 16, 2011 Author Share Posted June 16, 2011 I have come to learn that everything in the language folders simply sets up arrays. There is no decision code and no code that actually generates a output or performs a function. Each language folder is set up in such a way as to make programming easier, for example: $a = $_GET('tellafriend'); getLang($a); getFunc($a); getTemplate($a); getMain($a); where getMain brings in and executes the one and only file that actually does anything. Also, I have come to learn that CC4 affords the admin to make changes to the language array, but then the changes are stored in the database. So, manually removing a language file (regardless of the file's filename and what it implies) is not the proper solution. And if that language was databased, it wouldn't have any effect anyway. You may inform your host that everything in the /language/ folder is inert. hi bsmithe - many thanks for your reply - unfortunately my host was insistent about removing/modifying the lang/taf files so i just renamed them (all) as jason previously suggested as a possible temporary solution - i have found no "apparent problems" on testing - however will change back. shortly as i appreciate what you are saying. cheryl Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.