iant Posted April 4, 2014 Share Posted April 4, 2014 I have tried been trying to figure what happens after the write review is submitted but no joy in locating the process. I'm trying to add my own simple capture to stop spam (I find built in capture hard to read). I have a contact form online which uses the below method and has been online for a few months with no spam, so I'm hoping this may work for my cubecart reviews. I'm no coder so I play about till something works or break's but cant get my head around this issue. The current contact form I want to use the code from works as follows:- I have a standaed HTML page which goes to a .php page when submitted for a thankyou note for the submission and to process a email of the completed form. Im hoping to add the following code in the review page ( from my contact form html page). <img src="capture_image.jpg"> <input type="text" name="code" /> The capture_image.jpg will be have a image of say 12344567 for this example then after the review is submitted im hoping to add the following code in the review processing page. if (strtolower($_POST['code']) != '1234567') {die('Wrong access code, please use your browsers back button to try again. ');} I just cant locate where the review code is processed to play about with this code. I think it works well on my contactform as it seems all my spam is robots and think they get stuck on the blank die page saying to use the back button, I guess the spambots think that they have succeeded and move on at this point. Just hoping I can work this out as the spammers are getting annoying now Quote Link to comment Share on other sites More sharing options...
bsmither Posted April 4, 2014 Share Posted April 4, 2014 The form data for the entered review is processed by the file /classes/cubecart.class.php, line 2168: private function _product() If the customer is logged in, there should be no captcha shown. If not, then lines 2186-2189 test for a valid captcha response having been made (that test is elsewhere) and if not, sets $error to true and loads a message to GUI setError. Line 2210 will fail and the code at 2224 will execute. Then recaptcha will be reloaded and the product page will get sent back. In the skin template file content.product.php, look for this statement: {include file='templates/content.recaptcha.php'} In the skin template file content.recaptcha.php, try putting your own code here. Quote Link to comment Share on other sites More sharing options...
bsmither Posted April 4, 2014 Share Posted April 4, 2014 Cubecart 3 and some versions of CubeCart 4 did, in fact, implement a captcha as you describe. It didn't work well, once the robots got smart at reading numbers. So, when you say, "I guess the spambots think that they have succeeded and move on," may I suggest that perhaps spambots don't care if they succeed or not. I might also suggest that the spambots hitting your CubeCart site are expecting to deal with Google's reCaptcha code -- which has been defeated, and not because they can read the image. So maybe they are not prepared to OCR images, until they are. Quote Link to comment Share on other sites More sharing options...
iant Posted April 5, 2014 Author Share Posted April 5, 2014 Hi bsmither, Many thanks for your qucik reply I have managed to get it working successfully with your massive help on my test site. I will now implement it on my live site and hoping it will reduce the spam. your correct with the bots getting smarter and reading the text but i dont have any form of caprure at present so this should help. I have added the steps I took below:- Added owncode between </fieldset> and <div> to lines 192 and 193 open:- skins/mican/templates/content.product.php 191 </fieldset> 192 <img src="capture_image.jpg"> 193 <input type="text" name="code" /> 194 <div> save and close open:- /classes/cubecart.class.php find and replace find lines 2186 to 2189 if ($GLOBALS['config']->get('config','recaptcha') && !$GLOBALS ['session']->isEmpty('error', 'recaptcha')) { $GLOBALS['gui']->setError($GLOBALS['session']->get ('error', 'recaptcha')); $error = true; } replace with:- if (strtolower($_POST['code']) != '1234567') {die('Wrong access code, please use your browsers back button to try again. ');} replace 1234567 with your own code from your capture_image.jpg The only bug is that the capture will still show when a registered customer is logged in. However it will not function when and a registered customer can leave blank, fill randon rubbish and the review will still submit, howver this isnt a problem for me as resgistered customers are unlikly to sumbit spam. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.