How to protect X-Cart 4 from spambots  

 

       1. Download CleanTalk API  from Github.com.

       2. Unzip the downloaded archive to your <root directory>/include/func/. You will see the folder with the name "php-antispam-master". Rename it to "cleantalk".

       3. Go to <root directory>/include/func/ and open func.mail.php. Add the following function at the end of this script:  

function func_spamcheck_email($name, $email) { require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php'); $sender_info = json_encode(array( 'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null, 'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null, 'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null, 'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null, )); $js_on = 0; if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y")) $js_on = 1; $ct = new Cleantalk(); $ct->work_url = 'http://moderate.cleantalk.org'; $ct->server_url = 'http://moderate.cleantalk.org'; // The facility in which to store the query parameters $ct_request = new CleantalkRequest(); $ct_request->auth_key = 'your access key'; $ct_request->agent = 'php-api'; $ct_request->sender_email = isset($email) ? $email : ''; $ct_request->sender_ip = $ct->cleantalk_get_real_ip(); $ct_request->sender_nickname = isset($name) ? $name : ''; $ct_request->js_on = $js_on; $ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0; $ct_request->sender_info = $sender_info; // Check $ct_result = $ct->isAllowUser($ct_request); return $ct_result; }

function func_spamcheck_message($name, $email, $message) { require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php'); $sender_info = json_encode(array( 'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null, 'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null, 'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null, 'REFFERRER_PREVIOUS' => isset($_COOKIE['apbct_prev_referer']) ? $_COOKIE['apbct_prev_referer'] : null, )); $js_on = 0; if (isset($_POST['ct_checkjs']) && $_POST['ct_checkjs'] == date("Y")) $js_on = 1; $ct = new Cleantalk(); $ct->work_url = 'http://moderate.cleantalk.org'; $ct->server_url = 'http://moderate.cleantalk.org'; // The facility in which to store the query parameters $ct_request = new CleantalkRequest(); $ct_request->auth_key = 'your access key'; $ct_request->agent = 'php-api'; $ct_request->sender_email = isset($email) ? $email : ''; $ct_request->sender_ip = $ct->cleantalk_get_real_ip(); $ct_request->sender_nickname = isset($name) ? $name : ''; $ct_request->js_on = $js_on; $ct_request->message = isset($message) ? $message : ''; $ct_request->submit_time = isset($_COOKIE['apbct_timestamp']) ? time() - intval($_COOKIE['apbct_timestamp']) : 0; $ct_request->sender_info = $sender_info; // Check $ct_result = $ct->isAllowMessage($ct_request); return $ct_result; }

 

 

      4. Go to <root directory>/skin/common_files/customer/main and open register_account.tpl    

Add the following field:

 <tr> <td> <input type="hidden" name="ct_checkjs" id="ct_checkjs" value="0" /> </td> </tr> <script type="text/javascript">var date = new Date(); document.getElementById("ct_checkjs").value = date.getFullYear();</script> 

 

      5. Go to <root directory> and open referer.php.

Add the following code at the end of this script:

 

// Cookie names to validate $cookie_test_value = array( 'cookies_names' => array(), 'check_value' => 'your access key', ); // Pervious referer if(!empty($_SERVER['HTTP_REFERER'])){ func_setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0); $cookie_test_value['cookies_names'][] = 'apbct_prev_referer'; $cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER']; } // Submit time $apbct_timestamp = time(); func_setcookie('apbct_timestamp', $apbct_timestamp, 0); $cookie_test_value['cookies_names'][] = 'apbct_timestamp'; $cookie_test_value['check_value'] .= $apbct_timestamp;

// Cookies test $cookie_test_value['check_value'] = md5($cookie_test_value['check_value']); func_setcookie('apbct_cookies_test', json_encode($cookie_test_value), 0);

 

      6. To protect X-Cart registration form from spam, go to <root directory>/include and open register.php.  

Paste the following code:

 $spamCheckResult = func_spamcheck_email($uname, $email); // Check spam if ($spamCheckResult->allow == 0) { $error_tpl=file_get_contents(dirname(__FILE__)."/func/cleantalk/die_page.html"); print str_replace('%ERROR_TEXT%',$spamCheckResult->comment,$error_tpl); die(); } 

After this line (#563):

   if (!func_check_email($email)) { $errors[] = func_reg_error(2); } 

 

   7. To protect X-Cart reviews from spam, go to <root directory> and open add_review.php.

Paste the following code:

 $spamCheckResult = func_spamcheck_message($review['author'], $review['email'],$review['message'] ); } 

After (#124):

   $antibot_reviews_err = ( !empty($active_modules['Image_Verification']) && func_validate_image('on_reviews', $antibot_input_str) ); } 

And 

 

if ($spamCheckResult->allow == 0) { $top_message['content'] .= '<br /> Message forbidden. Reason: ' .$spamCheckResult->comment; }

After (#132)

 

$stored_review = func_stripslashes($review);

Use the blacklisted e-mail s@cleantalk.org to register an account. As a result, you will see the blocking message.

 

Learn more about X-Cart.


Perhaps it would also be interesting