How to Protect X-Cart 4 From Spambots
1. Download the CleanTalk archive from Github.com.
2. Unzip the downloaded archive to your <root directory>/include/func/. You will see the folder with the name "php-antispam-master". Rename it to "cleantalk".
3. Go to <root directory>/include/func/ and open "func.mail.php". Add the following function at the end of this script:
function func_spamcheck_email($name, $email)
{
require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php');
$sender_info = json_encode(array(
'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null,
));
$js_on = 0;
if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y"))
$js_on = 1;
$ct = new Cleantalk();
$ct->work_url = 'http://moderate.cleantalk.org';
$ct->server_url = 'http://moderate.cleantalk.org';
// The facility in which to store the query parameters
$ct_request = new CleantalkRequest();
$ct_request->auth_key = 'your access key';
$ct_request->agent = 'php-api';
$ct_request->sender_email = isset($email) ? $email : '';
$ct_request->sender_ip = $ct->cleantalk_get_real_ip();
$ct_request->sender_nickname = isset($name) ? $name : '';
$ct_request->js_on = $js_on;
$ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0;
$ct_request->sender_info = $sender_info;
// Check
$ct_result = $ct->isAllowUser($ct_request);
return $ct_result;
}
function func_spamcheck_message($name, $email, $message)
{
require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php');
$sender_info = json_encode(array(
'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null,
));
$js_on = 0;
if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y"))
$js_on = 1;
$ct = new Cleantalk();
$ct->work_url = 'http://moderate.cleantalk.org';
$ct->server_url = 'http://moderate.cleantalk.org';
// The facility in which to store the query parameters
$ct_request = new CleantalkRequest();
$ct_request->auth_key = 'your access key';
$ct_request->agent = 'php-api';
$ct_request->sender_email = isset($email) ? $email : '';
$ct_request->sender_ip = $ct->cleantalk_get_real_ip();
$ct_request->sender_nickname = isset($name) ? $name : '';
$ct_request->js_on = $js_on;
$ct_request->message = isset($message) ? $message : '';
$ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0;
$ct_request->sender_info = $sender_info;
// Check
$ct_result = $ct->isAllowMessage($ct_request);
return $ct_result;
}
4. Go to <root directory>/skin/common_files/customer/main and open "register_account.tpl".
Add the following field:
<tr>
<td>
<input type="hidden" name="ct_checkjs" id="ct_checkjs" value="0" />
</td>
</tr>
<script type="text/javascript">var date = new Date(); document.getElementById("ct_checkjs").value = date.getFullYear();</script>
5. Go to <root directory> and open "referer.php".
Add the following code at the end of this script:
// Cookie names to validate
$cookie_test_value = array(
'cookies_names' => array(),
'check_value' => 'your access key',
);
// Pervious referer
if(!empty($_SERVER['HTTP_REFERER'])){
func_setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0);
$cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
$cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
}
// Submit time
$apbct_timestamp = time();
func_setcookie('apbct_timestamp', $apbct_timestamp, 0);
$cookie_test_value['cookies_names'][] = 'apbct_timestamp';
$cookie_test_value['check_value'] .= $apbct_timestamp;// Cookies test
$cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
func_setcookie('apbct_cookies_test', json_encode($cookie_test_value), 0);
6. To protect X-Cart registration form from spam, go to <root directory>/include and open "register.php".
Paste the following code:
$spamCheckResult = func_spamcheck_email($uname, $email);
// Check spam
if ($spamCheckResult->allow == 0) {
$error_tpl=file_get_contents(dirname(__FILE__)."/func/cleantalk/die_page.html");
print str_replace('%ERROR_TEXT%',$spamCheckResult->comment,$error_tpl);
die();
}
After this line (#563):
if (!func_check_email($email)) {
$errors[] = func_reg_error(2);
}
7. To protect X-Cart reviews from spam, go to <root directory> and open "add_review.php".
Paste the following code:
$spamCheckResult = func_spamcheck_message($review['author'], $review['email'],$review['message'] );
}
After (#124):
$antibot_reviews_err = (
!empty($active_modules['Image_Verification'])
&& func_validate_image('on_reviews', $antibot_input_str)
);
}
and
if ($spamCheckResult->allow == 0) {
$top_message['content'] .= '<br /> Message forbidden. Reason: ' .$spamCheckResult->comment;
}
After (#132)
$stored_review = func_stripslashes($review);
Use the blacklisted e-mail s@cleantalk.org to register an account. As a result, you will see the blocking message.
Learn more about X-Cart.
It would also be interesting
- CleanTalk Anti-Spam check_newuser API MethodCleanTalk Anti-Spam "check_newuser" API method description This method is the best to filter spam signups,...
- How the CleanTalk Anti-Spam API Works. API Main HelpAPI Main Help Method "check_newuser" Method "check_message" Send_feedback Built-In...
- Spam Check API - API Method spam_checkAPI Method "spam_check" Common description Method's get parameters Response Explanation Multiple...