foz1234 Posted January 1, 2021 Author Share Posted January 1, 2021 That seems to have done it, it does not send now if it contains Russian, it just goes to a white empty screen super thanks Brian Link to comment Share on other sites More sharing options...
harrisorganic Posted January 8, 2021 Share Posted January 8, 2021 There some of the IP addresses I have captured. They get past the recommended capture code on this page: https://www.harrisorganicwine.com.au/shop/contact-us.html They are all have russian script in them and are arriving after changing the code in ini-custom.inc.php as above. 46.33.41.40 92.255.198.132 141.101.69.80 141.101.77.51 5.188.84.251 162.158.183.124 176.67.86.32 46.33.33.28 172.68.246.15 172.69.190.53 162.158.183.214 172.69.190.65 162.158.154.86 162.158.183.232 172.69.190.67 162.158.158.156 162.158.154.62 31.181.158.233 46.53.253.43 141.101.98.85 162.158.183.192 172.69.10.137 172.68.239.168 162.158.165.17 141.101.98.15 141.101.96.27 141.101.69.156 141.101.69.36 141.101.96.128 141.101.99.212 141.101.76.157 172.68.37.9 172.68.238.139 172.69.222.53 162.158.183.194 172.68.37.41 172.68.239.232 162.158.183.154 141.101.96.207 162.158.158.180 162.158.183.104 172.68.244.61 172.69.55.107 172.69.55.11 172.69.54.238 162.158.183.158 108.162.229.145 Put them in your Banned IP Addresses list if you like. Meanwhile I have just added Russia as a country (in settings; countries and zones) with the status disabled. Will that make any difference? Country Name ISO Alpha-2 ISO Alpha-3 ISO Numeric EU Status Russia RU RUS 643 kindest regards Duncan Harris Link to comment Share on other sites More sharing options...
bsmither Posted January 8, 2021 Share Posted January 8, 2021 You may have had your list of countries truncated to only a few, or maybe none at all, but a stock install of Cubecart will have "Russian Federation" in the database with those details. The purpose of having this database table is for purposes other than banning/blocking visitors. The recent edit to ini-custom.inc.php scans for Cyrillic characters in the UTF-8 scheme. If possible, reply with a sample of the "russian" characters that are getting through. Specifically, try to post the hex value equivalents of those characters. They may be "russian" but not in the UTF-8 scheme. Link to comment Share on other sites More sharing options...
harrisorganic Posted January 8, 2021 Share Posted January 8, 2021 This one arrived this morning. Александр <[email protected]> wrote to Organic Wine Online Shop:---------------Получить AnyDesk для Windows https://anydesk.com/ru/downloads/windows---------------This email is sent from the store's master email address but it is possible to reply directly to the sender using the reply button on your email software. ip address:141.101.98.193 Link to comment Share on other sites More sharing options...
bsmither Posted January 9, 2021 Share Posted January 9, 2021 Strange. Definitely blocked the submission for me. Would you care to troubleshoot this deeper? Link to comment Share on other sites More sharing options...
harrisorganic Posted January 9, 2021 Share Posted January 9, 2021 Just checking the last of the code. I have if (preg_match('/.*[\x{0400}-\x{04ff}\x{0500}-\x{052f}\x{2de0}-\x{2dff}\x{a640}-\x{a69f}\x{1d2b}-\x{1d78}].*/u', $_POST['contact']['enquiry'])) exit; instead of if (preg_match('#.*[\x{0400}-\x{04ff}\x{0500}-\x{052f}\x{2de0}-\x{2dff}\x{a640}-\x{a69f}\x{1d2b}-\x{1d78}].*#', $_POST['contact']['enquiry'])) exit; will change and see what happens. Link to comment Share on other sites More sharing options...
bsmither Posted January 9, 2021 Share Posted January 9, 2021 The first one, having a .*/u at the end of the string, is the one to use. Link to comment Share on other sites More sharing options...
harrisorganic Posted January 9, 2021 Share Posted January 9, 2021 OK, this is what I have. <?php # Custom initialization commands # Filename: ini-custom.inc.php # File location: main CubeCart folder # ini_set('memory_limit', '256M'); # ini_set('max_execution_time', '60'); # ini_set('error_log', 'error_log'); # ini_set('log_errors', 'on'); if( ( (isset($_GET['seo_path']) && $_GET['seo_path'] == "register") || (isset($_GET['_a']) && $_GET['_a'] == "register") ) && !empty($_POST['first_name']) && !empty($_POST['last_name']) && ( (!empty($_POST['phone']) && $_POST['phone']=="123456") || # //preg_match('/[A-Z]\z/',trim($_POST['first_name']))===preg_match('/[A-Z]\z/',trim($_POST['last_name'])) (ctype_upper(substr(trim($_POST['first_name']),-2)) && ctype_upper(substr(trim($_POST['last_name']),-2))) || !empty($_GET['agreed']) ) ) exit; // Kills PHP leaving browser with white screen if (preg_match('/.*[\x{0400}-\x{04ff}\x{0500}-\x{052f}\x{2de0}-\x{2dff}\x{a640}-\x{a69f}\x{1d2b}-\x{1d78}].*/u', $_POST['contact']['enquiry'])) exit; ?> Link to comment Share on other sites More sharing options...
Frank Auffret Posted January 18, 2021 Share Posted January 18, 2021 Thank you guys I've added that script to one of my sites which was getting hammered by spam. I'll let you know how it goes. Link to comment Share on other sites More sharing options...
harrisorganic Posted January 19, 2021 Share Posted January 19, 2021 I have received a few in the last 10 days using the latest code. Here is the latest message. Subject: Прикладной подход к управлению деловой репутацией компании в интернет. SERM / ORM / HM / PR Content: Tiffanisog <[email protected]> wrote to Organic Wine Online Shop:--------------- serm репутация rebooster удаление отзывов москва serm на яндекс серм агентства компании по работе с репутацией serm цена Репутационный маркетинг от reBooster – это не исключительно зачистка или вброс отзывов для нужных сайтах. В первую очередь – это белые способы работы с репутацией компании и бренда. Всякий маркетинговый бюджет, вложенный около негативной репутации в узы - это сожженные средства компании! Link to comment Share on other sites More sharing options...
bsmither Posted January 19, 2021 Share Posted January 19, 2021 Please try this one: if (preg_match('/.*[\u0400-\u04ff\u0500-\u052f\u2de0-\u2dff\ua640-\ua69f\u1d2b-\u1d78].*/', $_POST['contact']['enquiry'])) exit; But I am not sure if this is PHP's version of the Perl Regex. Please remind me of the exact version of PHP your site is using. Link to comment Share on other sites More sharing options...
bsmither Posted January 19, 2021 Share Posted January 19, 2021 According to this, it may have actually been not possible to test for unicode codepoints prior to PHP7: https://www.php.net/manual/en/migration70.new-features.php#migration70.new-features.unicode-codepoint-escape-syntax Here is another test to try: if (preg_match('/.*\p{Cyrillic}.*/u', $_POST['contact']['enquiry'])) exit; But I think that was already tried. Link to comment Share on other sites More sharing options...
harrisorganic Posted January 19, 2021 Share Posted January 19, 2021 All good now with my latest test. thanks Brian. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.