How to protect X-Cart 4 from spambots
 

 

       1. Download CleanTalk API  from Github.com.


       2. Unzip the downloaded archive to your <root directory>/include/func/. You will see the folder with the name "php-antispam-master". Rename it to "cleantalk".


       3. Go to <root directory>/include/func/ and open func.mail.php. Add the following function at the end of this script:
 


beginphp

function func_spamcheck_email($name, $email)
{
require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php');
$sender_info = json_encode(array(
'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null,
));
$js_on = 0;
if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y"))
$js_on = 1;
$ct = new Cleantalk();
$ct->work_url = 'http://moderate.cleantalk.org';
$ct->server_url = 'http://moderate.cleantalk.org';
// The facility in which to store the query parameters
$ct_request = new CleantalkRequest();
$ct_request->auth_key = 'your access key';
$ct_request->agent = 'php-api';
$ct_request->sender_email = isset($email) ? $email : '';
$ct_request->sender_ip = $ct->cleantalk_get_real_ip();
$ct_request->sender_nickname = isset($name) ? $name : '';
$ct_request->js_on = $js_on;
$ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0;
$ct_request->sender_info = $sender_info;
// Check
$ct_result = $ct->isAllowUser($ct_request);
return $ct_result;
}


function func_spamcheck_message($name, $email, $message)
{
require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php');
$sender_info = json_encode(array(
'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null,
));
$js_on = 0;
if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y"))
$js_on = 1;
$ct = new Cleantalk();
$ct->work_url = 'http://moderate.cleantalk.org';
$ct->server_url = 'http://moderate.cleantalk.org';
// The facility in which to store the query parameters
$ct_request = new CleantalkRequest();
$ct_request->auth_key = 'your access key';
$ct_request->agent = 'php-api';
$ct_request->sender_email = isset($email) ? $email : '';
$ct_request->sender_ip = $ct->cleantalk_get_real_ip();
$ct_request->sender_nickname = isset($name) ? $name : '';
$ct_request->js_on = $js_on;
$ct_request->message = isset($message) ? $message : '';
$ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0;
$ct_request->sender_info = $sender_info;
// Check
$ct_result = $ct->isAllowMessage($ct_request);
return $ct_result;
}

 

 

      4. Go to <root directory>/skin/common_files/customer/main and open register_account.tpl  
 

Add the following field:

beginphp
<tr>
<td>
<input type="hidden" name="ct_checkjs" id="ct_checkjs" value="0" />
</td>
</tr>
<script type="text/javascript">var date = new Date(); document.getElementById("ct_checkjs").value = date.getFullYear();</script>
endphp

 

      5. Go to <root directory> and open referer.php.

Add the following code at the end of this script:

// Cookie names to validate
$cookie_test_value = array(
'cookies_names' => array(),
'check_value' => 'your access key',
);
// Pervious referer
if(!empty($_SERVER['HTTP_REFERER'])){
func_setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0);
$cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
$cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
}
// Submit time
$apbct_timestamp = time();
func_setcookie('apbct_timestamp', $apbct_timestamp, 0);
$cookie_test_value['cookies_names'][] = 'apbct_timestamp';
$cookie_test_value['check_value'] .= $apbct_timestamp; // Cookies test
$cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
func_setcookie('apbct_cookies_test', json_encode($cookie_test_value), 0);

 

      6. To protect X-Cart registration form from spam, go to <root directory>/include and open register.php.
 

Paste the following code:


beginphp
$spamCheckResult = func_spamcheck_email($uname, $email);
// Check spam
if ($spamCheckResult->allow == 0) {
$error_tpl=file_get_contents(dirname(__FILE__)."/func/cleantalk/die_page.html");
print str_replace('%ERROR_TEXT%',$spamCheckResult->comment,$error_tpl);
die();
}
endphp

After this line (#563):

beginphp
  if (!func_check_email($email)) {
$errors[] = func_reg_error(2);
}
endphp

 

   7. To protect X-Cart reviews from spam, go to <root directory> and open add_review.php.

Paste the following code:


beginphp
$spamCheckResult = func_spamcheck_message($review['author'], $review['email'],$review['message'] );
}
endphp

After (#124):

beginphp
  $antibot_reviews_err = (
!empty($active_modules['Image_Verification'])
&& func_validate_image('on_reviews', $antibot_input_str)
);
}
endphp

And 

if ($spamCheckResult->allow == 0) {
$top_message['content'] .= '<br /> Message forbidden. Reason: ' .$spamCheckResult->comment;
}

After (#132)

$stored_review = func_stripslashes($review);

Use the blacklisted e-mail s@cleantalk.org to register an account. As a result, you will see the blocking message.

 

Learn more about X-Cart.


Perhaps it would also be interesting