Kod bezpieczeństwa dla e-mail

polish 5313

Chroń swój formularz e-mailowy przed niepotrzebnym nadużyciem.
Znajdź w pliku contact_us.php

  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
      $error = false;

Zmień na:

  $error = false;
  if (isset($_GET['action']) && ($_GET['action'] == 'send') && isset($_POST['formid']) && ($_POST['formid'] == $sessiontoken)) {

    // safetycode check
        $t = trim($_POST['verify']);
        if ($t == '') {
                $captcha_error = ENTER_THE_SAFETY_CODE;
                $error = true;
                $messageStack->add('create_account', $captcha_error);
        } else if (trim($_SESSION['thecode']) == '') {
                $captcha_error = NO_SAFETY_CODE;
                $error = true;
                $messageStack->add('create_account', $captcha_error);
        } else if ($_SESSION['thecode'] != strtoupper($t)) {
                $captcha_error = INVALID_SAFETY_CODE;
                $error = true;
                $messageStack->add('create_account', $captcha_error);
        }
        else
        { // safetycode -->

Znajdź:

      tep_redirect(tep_href_link('contact_us.php', 'action=success'));
    }
  }

Dodaj poniźej:

} // --> safetycode end

Znajdź:

  <div class="buttonSet">
    <span class="buttonAction"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?></span>
  </div>

Zmień na:
Code do wersji BS:

<div class="buttonSet">
<div class="col-sm-12" style="margin:12px;">
<label for="inputFromEmail" class="control-label col-sm-3"><?php echo SAFETY_CODE; ?>&nbsp;<?php echo '<font color="#990000" size="1px"><b><i class="fas fa-asterisk"></i></b></font>'; ?></label>
<span class="pull-right"><img class="pls_safety" src="image.php" width="70" height="32" alt="Please enter the values from this image" />&nbsp;
<input type="text" name="verify" size="7" maxlength="8" />&nbsp;<?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'fa fa-send', null, 'primary', null, 'btn-success'); ?>
</span>
</div>
</div>

Code do wersji: 2.3.4

<div class="buttonSet">
<div class="col-sm-12" style="margin:12px;">
<label for="inputFromEmail" class="control-label col-sm-3"><?php echo SAFETY_CODE; ?>&nbsp;<?php echo '<font color="#990000" size="1px"><b><i class="fas fa-asterisk"></i></b></font>'; ?></label>
<span class="pull-right"><img class="pls_safety" src="image.php" width="70" height="32" alt="Please enter the values from this image" />&nbsp;
<input type="text" name="verify" size="7" maxlength="8" />&nbsp;<?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?>
</span>
</div>
</div>

Dodaj do pliku catalog/includes/languages/polish.php

define('SAFETY_CODE', 'Kod potwierdzający:');
define('ENTER_THE_SAFETY_CODE', 'Wprowadź kod weryfikacyjny!');
define('NO_SAFETY_CODE', 'Nie wygenerowano kodu weryfikacyjnego!<br>Proszę wprowadzić kod weryfikacyjny ponownie.');
define('INVALID_SAFETY_CODE', 'Nieprawidłowy kod weryfikacyjny!');

Utwórz nowy plik o nazwie image.php i przenieś go do głównego katalogu.

<?php
include_once('includes/application_top.php');
function generate_verification() {
        srand((double)microtime()*1000000);
        $rand = rand(0,999999999);
        $thecode = substr(strtoupper(md5($rand)), 2, 5);
        $thecode = str_replace("O", "A", $thecode);
        $thecode = str_replace("0", "B", $thecode);
        $_SESSION['thecode'] = $thecode;
}

generate_verification();
header("Content-type: image/png");
$image = imagecreate(60,20);
$background_color = imagecolorallocate ($image, 255, 255, 255);
$textcolor = imagecolorallocate($image, 221, 0, 0);
imagestring($image,5,8,2,$_SESSION['thecode'],$textcolor);
imagepng($image);
imagedestroy($image);
tep_session_register('thecode');
?>