Jump to content

I want to try a new approach to my increacing spam on reviews


Recommended Posts

I have tried been trying to figure what happens after the write review is submitted but no joy in locating the process. I'm trying to add my own simple capture to stop spam (I find built in capture hard to read). I have a contact form online which uses the below method and has been online for a few months with no spam, so I'm hoping this may work for my cubecart reviews. I'm no coder so I play about till something works or break's but cant get my head around this issue.

The current contact form I want to use the code from works as follows:- I have a standaed HTML page which goes to a .php page when submitted for a thankyou note for the submission and to process a email of the completed form.

Im hoping to add the following code in the review page ( from my contact form html page).
<img src="capture_image.jpg">
<input type="text" name="code" />

The capture_image.jpg will be have a image of say 12344567 for this example

then after the review is submitted im hoping to add the following code in the review processing page.
if (strtolower($_POST['code']) != '1234567') {die('Wrong access code, please use your browsers back button to try again. ');}

I just cant locate where the review code is processed to play about with this code. I think it works well on my contactform as it seems all my spam is robots and think they get stuck on the blank die page saying to use the back button, I guess the spambots think that they have succeeded and move on at this point.


Just hoping I can work this out as the spammers are getting annoying now

Link to comment
Share on other sites

The form data for the entered review is processed by the file /classes/cubecart.class.php, line 2168:

private function _product()


If the customer is logged in, there should be no captcha shown. If not, then lines 2186-2189 test for a valid captcha response having been made (that test is elsewhere) and if not, sets $error to true and loads a message to GUI setError.


Line 2210 will fail and the code at 2224 will execute.


Then recaptcha will be reloaded and the product page will get sent back.


In the skin template file content.product.php, look for this statement:

{include file='templates/content.recaptcha.php'}


In the skin template file content.recaptcha.php, try putting your own code here.

Link to comment
Share on other sites

Cubecart 3 and some versions of CubeCart 4 did, in fact, implement a captcha as you describe. It didn't work well, once the robots got smart at reading numbers.


So, when you say, "I guess the spambots think that they have succeeded and move on," may I suggest that perhaps spambots don't care if they succeed or not.


I might also suggest that the spambots hitting your CubeCart site are expecting to deal with Google's reCaptcha code -- which has been defeated, and not because they can read the image. So maybe they are not prepared to OCR images, until they are.

Link to comment
Share on other sites

Hi bsmither,
Many thanks for your qucik reply I have managed to get it working successfully with your massive help on my test site. I will now implement it on my live site and hoping it will reduce the spam. your correct with the bots getting smarter and reading the text but i dont have any form of caprure at present so this should help.

I have added the steps I took below:-

Added owncode between </fieldset> and <div> to lines 192 and 193 open:-


191 </fieldset>
192 <img src="capture_image.jpg">
193 <input type="text" name="code" />
194 <div>

save and close

open:- /classes/cubecart.class.php
find and replace
find lines 2186 to 2189

if ($GLOBALS['config']->get('config','recaptcha') && !$GLOBALS
['session']->isEmpty('error', 'recaptcha')) {
('error', 'recaptcha'));
$error = true;

replace with:-
if (strtolower($_POST['code']) != '1234567') {die('Wrong access code, please use your browsers back button to try again. ');}

replace 1234567 with your own code from your capture_image.jpg

The only bug is that the capture will still show when a registered customer is logged in. However it will not function when and a registered customer can leave blank, fill randon rubbish and the review will still submit, howver this isnt a problem for me as resgistered customers are unlikly to sumbit spam. :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...