Kilobaid 2 Posted March 22, 2018 Posted March 22, 2018 Any version for Prestashop 1.6.0.5? Share this post Link to post Share on other sites
salud marco 2 Posted March 23, 2018 Posted March 23, 2018 hola yo tengo la versión de prestashop 1.6.1.1 acabo de instalar el modulo, simplemente cambiando el nombre ya me apareció en prestashop. Mi pregunta es tengo que hacer alguna cosa mas?. hay que implementarlo en el código PHP de la web que realiza el envío del formulario?.( si tuviera que hacerlo, como tendría que realizarlo ?) en la web donde lo instale es (car-angeleyes.net) por si pueden he charle un vistazo. gracias por todo y por este fantástico modulo, ya que me llegaron una oleada de mensajes rusos no muy agradables Share this post Link to post Share on other sites
outlet.ee 9 Posted March 27, 2018 Posted March 27, 2018 Works great, thank you. The language code for Swedish is in fact 'sv' but when I installed the language I mistakenly added it as 'se'. I won't want to loose my rankings so I decided to keep it. Tried to add 'sv | se ' and 'se | sv ' but that resulted the capthcha being in English in all languages sites. What shall I put in the force language field in order to gave it displayed in Swedish if the language selected in Prestashop is 'se', and keep the other languages as selected in the FO? Share this post Link to post Share on other sites
dmr-electronics 2 Posted March 29, 2018 Posted March 29, 2018 On 22-3-2018 at 4:58 PM, Kilobaid said: Any version for Prestashop 1.6.0.5? Go here: How to integrate recaptcha in prestashop Result no need for installation extra modules, yust follow the instructions. See it working on Prestashop site 1.6.1.18 DMR-Electronics EU Share this post Link to post Share on other sites
karmaedv 4 Posted April 1, 2018 Posted April 1, 2018 Hey man, thank you so much for this awesome module that just works out of the box! Here is a german translation file Cheers eicaptcha.zip Share this post Link to post Share on other sites
Muad'Dib 19 Posted April 4, 2018 Posted April 4, 2018 (edited) Greetings, First of all please let me thanks @herve25 for this great work which makes accessible an easy integration of a captcha verification to most, and doing so help fight against spammers. The module works great out of the box, if the instructions are followed properly for installation. It also offers an easy way to maintenance your keys directly from the module itself in case you want to change them like different sites and such, without having to go back edit the files. However I would like to point that even if it 'may' stop some spams, it cannot be properly implemented without overriding the ContactController. As I said, it 'may' seem to work and block, almost if not all, spam considered messages, but it remains some checks needs to be added in order to make it a fully working sollution. For example, if you disable JavaScript, captcha is not loaded at all and you can send messages without taking the captcha challenge, and guess what, spammers mostly use Perl scripts to spam our 'generic' websites (vs customized ones. indeed if you use generic templates of everything out of the box without any customization your are just making yourself of an easier target for spammers who make generic scripts to attack the most possible websites/targets) and they just dont care about JavaScript. So at the very least you need to check what's happening with the "g-recaptcha-response" variable, and as being said it is being done in the ContactController on PS.1.6.0.14 (original thread version). This has already been addressed by @sekwoja & @TACS in earlier posts, here is a simple code you need to add at the very least in an override you will need to place into: site/override/controllers/front/ContactController.php On 2/19/2018 at 1:22 PM, TACS said: it is not very clear from the OP how to use this module to provide the complete security needed, because if you do have a real spam problem then they still bypass the captcha on the contact form even after installing this module and following the first post. so, I wanted to make it clear, that not only do you need to follow the first post of this thread, but you will also need to write in the code from the quoted post above and into to the contactcontroller.php else if (!($gcaptcha = (int)(Tools::getValue('g-recaptcha-response')))) $this->errors[] = Tools::displayError('Captcha not verified'); This simple addition will probably block 99% of the spam, if not 100%. However this is not the proper way to do it as per Google ReCaptcha documentation. This "g-recaptcha-response" variable needs to be verified by google who will tell you in return if the challenge was passed or not. Indeed this variable can contain anything for all you know, it just means that the ReCaptcha challenge was taken, not that it was passed or failed. Again this has already been addressed by someone in earlier posts. On 5/19/2017 at 8:56 AM, servalagency said: Bonjour, Il faut créer un override pour chaque formulaire sinon le POST sans passer par la page n'est pas sécurisé, exemple pour le formulaire de contact à mettre dans override/controllers/front/ContactController.php : -- Hello, It is necessary to create an override for each form otherwise the POST without going through the page is not secure, example for the contact form to put in override/controllers/front/ContactController.php <?php class ContactController extends ContactControllerCore { /** * Start forms process * @see FrontController::postProcess() */ public function postProcess() { if (Tools::isSubmit('submitMessage')) { // Ma clé privée $secret = Configuration::get('CAPTCHA_PRIVATE_KEY'); // Paramètre renvoyé par le recaptcha $response = $_POST['g-recaptcha-response']; // On récupère l'IP de l'utilisateur $remoteip = $_SERVER['REMOTE_ADDR']; $api_url = "https://www.google.com/recaptcha/api/siteverify?secret=" . $secret . "&response=" . $response . "&remoteip=" . $remoteip ; $decode = json_decode(file_get_contents($api_url), true); if ($decode['success'] == true) { parent::postProcess(); } else { // BAN IP $path = _PS_ROOT_DIR_.'/.htaccess'; if (!$htaccess = @file_get_contents($path)) { return false; } $content = 'Deny from ' . $remoteip . "\r\n"; $content .= $htaccess; file_put_contents($path, $content); } } } } This script will automatically ban IP of people who failed the ReCaptcha challenge. Personally I find it a bit too radical. This is why I have not done it this way, however all credits goes to @servalagency for coming up with a working solution. Based on this I did a less aggressive response not banning any IP using the following override: $message = Tools::getValue('message'); // Html entities is not usefull, iscleanHtml check there is no bad html tags. // ReCaptcha Challenge $secretkey = Configuration::get('CAPTCHA_PRIVATE_KEY'); $remoteip = $_SERVER['REMOTE_ADDR']; [...] elseif (!($gcaptcha = Tools::getValue('g-recaptcha-response')) || !($decode = json_decode(file_get_contents($api_url = "https://www.google.com/recaptcha/api/siteverify?secret=".$secretkey."&response=".$gcaptcha."&remoteip=".$remoteip), true)) || !(intval($decode['success'] == true))) $this->errors[] = Tools::displayError('You need to take the Captcha challenge to use this form (Javascript).'); elseif (!$message) $this->errors[] = Tools::displayError('The message cannot be blank.'); Please note and this is very important, the "g-recaptcha-response" is left UNTOUCHED, no conversions or anything (unlike in very first posted solution), because google needs a valid variable so the verification process can happen. From this point we could also send only email to site admin for message review and possible manual IP bans directly into .htaccess, but that may not be really necessary and overkill. But that's doable. Only by adding those extra steps you will properly integrate the reCaptcha to your website by fully verifying the challenges, and not only feeling safe by adding a reCaptcha box... I hope this helps. Regards. Edited April 4, 2018 by Muad'Dib fixing credits (see edit history) 1 Share this post Link to post Share on other sites
hhennes 12 Posted April 5, 2018 Posted April 5, 2018 Hello @Muad'Dib, @herve25 is my old account, with an email i have no more access. This topic is not really relevent of the state of the module now and that's why your comments are unecessary ^^. The override of the contact form is already implemented since last year and the recapatcha response is well checked and verified The better solution to follow the module as already said in this topic is to check on github.https://github.com/nenes25/eicaptcha @karmaedv thanks i'll compare and update german translations if needed. Regards Share this post Link to post Share on other sites
Andrea_Firenze 2 Posted April 5, 2018 Posted April 5, 2018 Hi guys, I've installed the module and seems to work fine. I have installed the module on 2 different site, on one it work 100% without notice (ps: 1.6.1.2). On the other (ps: 1.6.0.14), above the captcha there are this notice: Notice: Undefined index: captcha in /home/ulqk7283/domains/advie.it/public_html/tools/smarty/sysplugins/smarty_internal_templatebase.php(157) : eval()'d code on line 240 Notice: Trying to get property of non-object in /home/ulqk7283/domains/advie.it/public_html/tools/smarty/sysplugins/smarty_internal_templatebase.php(157) : eval()'d code on line 240 In attached the image. i see the file smarty_internal_templatebase.php, but i don't know how change it. How i can do to fix this? Share this post Link to post Share on other sites
Muad'Dib 19 Posted April 5, 2018 Posted April 5, 2018 Geetings @hhennes! Many thanks for your reply. I am very happy to learn the verification is properly handled in latest versions now, so is the 'spam' work around from PS implemented since PS 1.6.1.7 (updates). Sadly, and for some reasons I cannot really explain myself, on my current version, which I know is pretty outdated, PS 1.6.0.14, latest releases v0.4.1x meant to be working for this version of the platform, just make my whole website crash. I just gave up trying to use those since I needed a fast solution to stop those spammers from ruining my domain reputation on mail hosts. Older versions however, currently v0.4.3, which was recommended and released I think prior you forked each < PS 1.7 and PS 1.7+ with completely different numering and version, and which does not use "on the fly" addition to templates gives me better results regarding its integration (and I use default PS templates), so I just sticked with this one after having tried v0.4.1{1-4} without good results (site crash or blank pages). But after a few days, since I was still receiving some spams (less than before, but still some) I decided to just look into it and if possible just fix on my own that version that was integrating smoothly for me and work from there until I stopped receiving spams.. It is probably only me having such problems very likely due to something else I am using (and which I need or I would not be using it), however, for the sake of explanation, I only wanted to share how I "fixed"/"made" the module work properly on my website by adding those few lines since it took me a few tries to make it work right, just in case some other readers of this thread would face the same situation on their own website, since after all this thread points to the same version of PS I use which is PS 1.6.0.14. Thanks again for your great modules and work which are always greatly appreciated! Regards. Share this post Link to post Share on other sites
hhennes 12 Posted April 5, 2018 Posted April 5, 2018 2 hours ago, Andrea_Firenze said: Hi guys, I've installed the module and seems to work fine. I have installed the module on 2 different site, on one it work 100% without notice (ps: 1.6.1.2). On the other (ps: 1.6.0.14), above the captcha there are this notice: Notice: Undefined index: captcha in /home/ulqk7283/domains/advie.it/public_html/tools/smarty/sysplugins/smarty_internal_templatebase.php(157) : eval()'d code on line 240 Notice: Trying to get property of non-object in /home/ulqk7283/domains/advie.it/public_html/tools/smarty/sysplugins/smarty_internal_templatebase.php(157) : eval()'d code on line 240 In attached the image. i see the file smarty_internal_templatebase.php, but i don't know how change it. How i can do to fix this? On your second website, you seems to be in dev mode. It is just a warning, if you disable the dev mode, everything should be ok. Share this post Link to post Share on other sites
Andrea_Firenze 2 Posted April 5, 2018 Posted April 5, 2018 (edited) 4 hours ago, hhennes said: On your second website, you seems to be in dev mode. It is just a warning, if you disable the dev mode, everything should be ok. Thanks a lot. in fact I had not thought that the site was in Dev mode, I thought it was a problem of installation or php. Now work fine on both sites. Edited April 5, 2018 by Andrea_Firenze (see edit history) Share this post Link to post Share on other sites
Pecatum 6 Posted April 11, 2018 Posted April 11, 2018 Thanks a lot! I've just installed it following just the first steps: Download + Copy to modules folder + Rename folder + Activate and configure with public & private key in the Back Office. I didn't have to modify contact-form.tpl and it works! Share this post Link to post Share on other sites
Darussalam 1 Posted April 18, 2018 Posted April 18, 2018 This page was very helpful in installing the Google reCaptcha script: kris.talkplus.org/2017/how-to-integrate-recaptcha-in-prestashop-in-3-step/ Share this post Link to post Share on other sites
sktthemes 0 Posted April 19, 2018 Posted April 19, 2018 Can prestashop 1.5 themes is completely free and can SKT Themes free this types of themes available in this marketplace.. Share this post Link to post Share on other sites
YitongM 2 Posted April 29, 2018 Posted April 29, 2018 Thank you so much!! It's working immediately! If I found this earlier, I wouldn't have had to wasted 3 hours to struggle with the php codes... Thank you! P.S. I use PS 1.7. And this one: https://github.com/nenes25/eicaptcha/releases/tag/2.0.3 1 Share this post Link to post Share on other sites
KarZan 2 Posted July 18, 2018 Posted July 18, 2018 Firstly thanks for the module. I just started to get a lot of spam through contact us page and it stopped after adding this module. However is there something I have missed (after tripple checking) because I get odd bahaviour with the "send to a friend" functionality. I have PS 1.6.1.13 (with default theme) and downloaded the module from github (0.4.14). I also followed the instructions on github (https://github.com/nenes25/eicaptcha/blob/master/install-sendtoafriend.md) on how to install for send to a friend also (copied the two files). I even made diff against the files to verify the copying: diff modules/eicaptcha/views/js/modules/sendtoafriend/sendtoafriend.js themes/default-bootstrap/js/modules/sendtoafriend/sendtoafriend.js diff modules/eicaptcha/views/templates/front/modules/sendtoafriend/sendtoafriend-extra.tpl themes/default-bootstrap/modules/sendtoafriend/sendtoafriend-extra.tpl Now if I go to a product and fill the fields and check the captcha then nothing happens when clicking the send button. Without checking captcha I get the error message asking to verify myself (I am not a robot). Now the really odd part is that with a product without combinations if I click the cancel button (immediately or after filling the fields) the popup closes AND I get "product not available in this combination" even though it is a product with no combinations. But if I close the popup from the X in the top right corner everything is fine. If the product does have combinations then there is no problem. Share this post Link to post Share on other sites
hhennes 12 Posted July 19, 2018 Posted July 19, 2018 Hi, This issue may be linked with your theme. Could you please open an issue on github ? Regards, Share this post Link to post Share on other sites
KarZan 2 Posted July 19, 2018 Posted July 19, 2018 Opened an issue (#75) Share this post Link to post Share on other sites
rabmark2u 0 Posted July 19, 2018 Posted July 19, 2018 Hello. I have a mistake during installation.What I need to add to file? Release of version 2.0.4 for PS 1.7 Share this post Link to post Share on other sites
hhennes 12 Posted July 20, 2018 Posted July 20, 2018 It's a false positive. I'll fix it in next release Share this post Link to post Share on other sites
rabmark2u 0 Posted July 24, 2018 Posted July 24, 2018 On 20.07.2018 at 5:15 PM, hhennes said: It's a false positive. I'll fix it in next release Hi, Can you give me the approximate date of the next update? Share this post Link to post Share on other sites
devo 0 Posted July 28, 2018 Posted July 28, 2018 Hi, I need to stop the .ru emails on PrestaShop 1.5.4.1. Please, is this module compatible with 1.5.4.1.? Thank you very much for your help! Best regards. Devo Share this post Link to post Share on other sites
hhennes 12 Posted July 30, 2018 Posted July 30, 2018 @rabmark2u it should be release in next weeks, i'm a bit late on it Share this post Link to post Share on other sites
MackStores.Com 19 Posted August 6, 2018 Posted August 6, 2018 On 7/28/2018 at 4:58 PM, devo said: Hi, I need to stop the .ru emails on PrestaShop 1.5.4.1. Please, is this module compatible with 1.5.4.1.? Thank you very much for your help! Best regards. Devo Easy... just go to seo urls and change the friendly url... contact-us to Talktous or something unique Share this post Link to post Share on other sites
SirachMatthews 0 Posted September 6, 2018 Posted September 6, 2018 Works smoothly on PS 1.6.1.11! Free is my favourite price. Share this post Link to post Share on other sites
cool cellphone case 3 Posted December 6, 2018 Posted December 6, 2018 (edited) only the i am not a robot checkbox works others are not working , erro information"ERROR for site owner: Invalid key type you can check in my site iphone xs max case https://www.devicessmart.com Edited December 6, 2018 by cool cellphone case (see edit history) Share this post Link to post Share on other sites
Pablus 21 Posted December 16, 2018 Posted December 16, 2018 Hello, thanks for the module, is very useful. Just one detail, I found a js error when I try to create an account. I have the last version 2.04 with Ps 1.7.4.2. Anyway its allow me to register but if I could fix it would be better. Regards recaptcha__es.js:517 Uncaught Error: reCAPTCHA has already been rendered in this element at Object.gY (recaptcha__es.js:517) at onloadCallback (iniciar-sesion?create_account=1:103) at GY (recaptcha__es.js:522) at V4 (recaptcha__es.js:509) at recaptcha__es.js:524 at recaptcha__es.js:544 Share this post Link to post Share on other sites
Sundis 0 Posted January 2, 2019 Posted January 2, 2019 Got this reply from the contactform.... 1. incorrect response to CAPTCHA challenge. Please try again. Followed the instructions. Running PS 1.6.0.14 Share this post Link to post Share on other sites
dragona771 0 Posted January 4, 2019 Posted January 4, 2019 Hello, I installed ecaptcha and finally it did not work on my contact name. Saying that keys are not right. Then I deinstalled and deleted the module. Now on my contact form the button "send" does not work at all. I don't have spam anymore, but actually nobody can write through contact form anymore. Any ideas for non-professional user? Already regretting installing ecaptcha Thank you Share this post Link to post Share on other sites
Giordx 4 Posted January 7, 2019 Posted January 7, 2019 On prestashop 1.6.1.11 I solved inserting that code on ContactController.php On 2/19/2018 at 1:22 PM, TACS said: } else if (!($gcaptcha = (int)(Tools::getValue('g-recaptcha-response')))){ $this->errors[] = Tools::displayError('Captcha not verified'); } that code above didn't work, it just threw the contact page but the below code is what worked for me on 1.6.0.14 after the code (for me on line 53): $this->errors[] = Tools::displayError('Bad file extension'); } thanks at hhennes, TACS and you all. Share this post Link to post Share on other sites
Marcilio Farias 0 Posted January 14, 2019 Posted January 14, 2019 On 06/12/2018 at 02:14, cool cellphone case said: apenas a caixa de verificação "Eu não sou um robot" funciona, outras não estão a funcionar, "informações de erro" ERRO para o proprietário do site: tipo de chave inválido você pode verificar no meu site iphone xs max case https://www.devicessmart.com ANY SOLUTION? I HAVE THE SAME PROBLEM... Share this post Link to post Share on other sites
karcharoth 2 Posted January 15, 2019 Posted January 15, 2019 (edited) Great module, but it does not work during ONEPAGECHECKOUT (INSTANT CHECKOUT & CREATE ACCOUNT FORM) and 5-STEPS STANDARD CHECKOUT (only INSTANT CHECKOUT - CREATE ACCOUNT FORM works in this case). Are you able to fix it? The Captcha appears, but is not required to proceed. Edited January 15, 2019 by karcharoth (see edit history) Share this post Link to post Share on other sites
serdib 6 Posted April 20, 2019 Posted April 20, 2019 On 4/4/2018 at 3:10 PM, Muad'Dib said: $message = Tools::getValue('message'); // Html entities is not usefull, iscleanHtml check there is no bad html tags. // ReCaptcha Challenge $secretkey = Configuration::get('CAPTCHA_PRIVATE_KEY'); $remoteip = $_SERVER['REMOTE_ADDR']; [...] elseif (!($gcaptcha = Tools::getValue('g-recaptcha-response')) || !($decode = json_decode(file_get_contents($api_url = "https://www.google.com/recaptcha/api/siteverify?secret=".$secretkey."&response=".$gcaptcha."&remoteip=".$remoteip), true)) || !(intval($decode['success'] == true))) $this->errors[] = Tools::displayError('You need to take the Captcha challenge to use this form (Javascript).'); elseif (!$message) $this->errors[] = Tools::displayError('The message cannot be blank.'); Hello guys I installed this module but spammers are still doing their "job" (creating new spam accounts) by disabling javascript. I don't understand which file should I change with this code? As I understand "ContactController.php" used for "Contact us" page on site. But I need to protect also my "create an account" page. I have only this code in override ContactController.php (see below) And I can't see any signs of "$message = Tools::getValue('message');" or something in this file. Please explain this for me. Should I change PHP or any TPL files? Thank you. <?php class ContactController extends ContactControllerCore { /* * module: eicaptcha * date: 2019-04-19 17:23:56 * version: 0.4.15 */ public function checkAccess() { return (bool)Hook::exec('contactFormAccess'); } /* * module: eicaptcha * date: 2019-04-19 17:23:56 * version: 0.4.15 */ public function initCursedPage() { parent::setMedia(); if (!empty($this->redirect_after)) { parent::redirect(); } if (!$this->content_only && ($this->display_header || (isset($this->className) && $this->className))) { parent::initHeader(); } parent::initContent(); if (!$this->content_only && ($this->display_footer || (isset($this->className) && $this->className))) { parent::initFooter(); } parent::display(); die; } } Share this post Link to post Share on other sites
TillyOak 10 Posted April 20, 2019 Posted April 20, 2019 Just wondering if anyone has a similar mod or instructions on how to add recaptcha to the customer registration page, I've managed to stop spam messages in the contact form but now they're registering with all manner of stupid names, thing is I just don't understand why because it's not like they're getting advertising or anything, anyone with any help much appreciated. Marko Share this post Link to post Share on other sites
MackStores.Com 19 Posted April 21, 2019 Posted April 21, 2019 the free ones just do the deregistration after the registration is done. firstly they fully register the person and then they afterwards make them temporary in the database. our module is not free but the does not do this , at first instance the customer will be registered as not full member until they click link on the email. Share this post Link to post Share on other sites
frontend 1 Posted April 22, 2019 Posted April 22, 2019 I have this same issue as many others on Presta 1.6 where hunderds of spam accounts are created. This issue for account creation to send spam, Spam account creation seems related to this is. https://github.com/nenes25/eicaptcha/issues/96 Please check if you can work out a solution for this issue. Ill check both posts to see if there is any update. Till now i could only stop it with ip region blocking at server level. Share this post Link to post Share on other sites
Hacktronics India 0 Posted April 27, 2019 Posted April 27, 2019 (edited) On 4/22/2019 at 9:47 PM, Hacktronics India said: Thank you works fine with Prestashop 1.6.17, now no more spam customers registration. Sorry this doesn't worked, it works for human, but for bots they are able to do spam registration with www.somepornsite.domain without any issue. The Captcha has no effect on the bots. Finally I managed to stop the spam registrations via changes in controllers/front/AuthController.php by adding the validation code in protected function processSubmitAccount(). if(stripos(Tools::getValue('firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); if(stripos(Tools::getValue('customer_firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('customer_lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); Edited April 27, 2019 by Hacktronics India (see edit history) Share this post Link to post Share on other sites
BeatsMe 1 Posted April 28, 2019 Posted April 28, 2019 On 4/27/2019 at 2:53 PM, Hacktronics India said: Finally I managed to stop the spam registrations via changes in controllers/front/AuthController.php by adding the validation code in protected function processSubmitAccount(). if(stripos(Tools::getValue('firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); if(stripos(Tools::getValue('customer_firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('customer_lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); Hello.... Just wondering where in the protected function processSubmitAccount() section is it safe to place this code?? Share this post Link to post Share on other sites
Hacktronics India 0 Posted April 29, 2019 Posted April 29, 2019 22 hours ago, BeatsMe said: Hello.... Just wondering where in the protected function processSubmitAccount() section is it safe to place this code?? I put it just before the call to // Preparing customer Share this post Link to post Share on other sites
MackStores.Com 19 Posted April 29, 2019 Posted April 29, 2019 all hacktronics india did was stop a specific attack in which if the bot fills www in firstname lastname etc only then it will reject the form. all other attacks will continue. its not a fix , its just a temporary way around till another type of attack happens. Share this post Link to post Share on other sites
Hacktronics India 0 Posted April 29, 2019 Posted April 29, 2019 42 minutes ago, MackStores.Com said: all hacktronics india did was stop a specific attack in which if the bot fills www in firstname lastname etc only then it will reject the form. all other attacks will continue. its not a fix , its just a temporary way around till another type of attack happens. Yes, but you can write regex and stop other attacks, you can also write a custom validator for the names, I had just posted a sample to tell, where to look, and what type of code need to be placed. Share this post Link to post Share on other sites
PrestaPros 4 Posted April 29, 2019 Posted April 29, 2019 We've created a free module for reCaptcha. For now it is for PS 1.6, but we are going to make it also for 1.7 More details: https://prestapros.com/en/blog/free-module-recaptcha-for-prestashop-registration-form Share this post Link to post Share on other sites
TillyOak 10 Posted April 29, 2019 Posted April 29, 2019 3 minutes ago, PrestaPros said: We've created a free module for reCaptcha. For now it is for PS 1.6, but we are going to make it also for 1.7 More details: https://prestapros.com/en/blog/free-module-recaptcha-for-prestashop-registration-form Does this work any differently from Ei Captcha by hhennes because we have that module installed with both keys from Google and they are still able to get through the registrations? Thanks Marko Share this post Link to post Share on other sites
PrestaPros 4 Posted April 29, 2019 Posted April 29, 2019 We don't know how the other module works, but in our clients shops our module works and blocks attacs Share this post Link to post Share on other sites
MackStores.Com 19 Posted April 29, 2019 Posted April 29, 2019 our module block all attacks so i think using free versions will have these trade offs Share this post Link to post Share on other sites
TillyOak 10 Posted April 29, 2019 Posted April 29, 2019 Just now, PrestaPros said: We don't know how the other module works, but in our clients shops our module works and blocks attacs I'm not overly technically minded but I read it was something to do with javascript, and the bot bypasses that which is how they manage to still register. Anything is worth a try I guess, I've blocked the last IP they used which is probably futile I know, but if it gives me a bit of breathing space until another IP is used then worth it. Thanks Marko Share this post Link to post Share on other sites
PrestaPros 4 Posted April 29, 2019 Posted April 29, 2019 5 minutes ago, ThankBooks said: I'm not overly technically minded but I read it was something to do with javascript, and the bot bypasses that which is how they manage to still register. Anything is worth a try I guess, I've blocked the last IP they used which is probably futile I know, but if it gives me a bit of breathing space until another IP is used then worth it. Thanks Marko Validation is made in PHP. We've installed modul for a couple of shops, and no fake accouns were made so far... Share this post Link to post Share on other sites
TillyOak 10 Posted April 29, 2019 Posted April 29, 2019 Just now, PrestaPros said: Validation is made in PHP. We've installed modul for a couple of shops, and no fake accouns were made so far... Ah, I'll install and see how it goes then, thanks for producing Marko Share this post Link to post Share on other sites
TillyOak 10 Posted April 30, 2019 Posted April 30, 2019 On 4/29/2019 at 12:14 PM, PrestaPros said: We don't know how the other module works, but in our clients shops our module works and blocks attacs Although it has stopped the spammers, it's also stopping people from using instant checkout or from even creating an account if they have already placed an item in their basket. I had a user report this today and I tried it myself and replicated the issue. A basic registration works OK but it's when customers add an item to their basket and then try registering using instant checkout that the issue crops up. Share this post Link to post Share on other sites
PrestaPros 4 Posted April 30, 2019 Posted April 30, 2019 38 minutes ago, ThankBooks said: Although it has stopped the spammers, it's also stopping people from using instant checkout or from even creating an account if they have already placed an item in their basket. I had a user report this today and I tried it myself and replicated the issue. A basic registration works OK but it's when customers add an item to their basket and then try registering using instant checkout that the issue crops up. Can you give a link to a shop that it doesn't work? What is the issue? reCaptcha does not shows up? Validation shows error? Share this post Link to post Share on other sites
TillyOak 10 Posted April 30, 2019 Posted April 30, 2019 (edited) When the customer tried registering via instant checkout, they claim reCaptcha wasn't visible, the next time they tried it challenged them with pictures but whatever they did it refused to acknowledge the user had correctly validated. I tried too, and although it looks like it's validated, hitting the 'Save' button to register the details just returns the error "Please use recaptcha". I had to disable the mod temporarily to allow the user to continue, but have enabled it again just now so you can see what it's doing. Edited May 2, 2019 by ThankBooks (see edit history) Share this post Link to post Share on other sites
seanbon 0 Posted May 1, 2019 Posted May 1, 2019 On 4/26/2019 at 9:53 PM, Hacktronics India said: Finally I managed to stop the spam registrations via changes in controllers/front/AuthController.php by adding the validation code in protected function processSubmitAccount(). if(stripos(Tools::getValue('firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); if(stripos(Tools::getValue('customer_firstname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid First Name.'); if(stripos(Tools::getValue('customer_lastname'), 'www') !== false) $this->errors[] = Tools::displayError('Please enter a valid Last Name.'); Thanks @Hacktronics India -- that seems to be a good simple solution to this particular method where the spammers are injecting things into the lastname field on the account signup form. I took it a step further and added 'http' in addition 'www' since some of the spammy urls they're using might not include a www. Share this post Link to post Share on other sites
Hacktronics India 0 Posted May 2, 2019 Posted May 2, 2019 It looks finally after decade prestashop decided to fix it. https://github.com/PrestaShop/PrestaShop/commit/1b32ab71c60bcd26f62fb2f6c8c48a0daba82b33#diff-83536235df8e0d38c1fdcfd4b2613a0c Share this post Link to post Share on other sites
TillyOak 10 Posted May 2, 2019 Posted May 2, 2019 6 hours ago, Hacktronics India said: It looks finally after decade prestashop decided to fix it. https://github.com/PrestaShop/PrestaShop/commit/1b32ab71c60bcd26f62fb2f6c8c48a0daba82b33#diff-83536235df8e0d38c1fdcfd4b2613a0c Thank god because even now after having renamed the pages, they're still getting through!! Share this post Link to post Share on other sites
TillyOak 10 Posted May 2, 2019 Posted May 2, 2019 actually, worryingly too is the fact the referrer was prestashop.com - either they've masked the referrer or the spammers are active on these forums too - how worrying is that?! Share this post Link to post Share on other sites
tivicrdotcom 12 Posted June 19, 2019 Posted June 19, 2019 This works great as it stopped all those Russians spammers but how to adapt it to the create an user screen? I am getting a bunch of new accounts being created with spam. Thanks Share this post Link to post Share on other sites
Belus99 0 Posted June 29, 2019 Posted June 29, 2019 On 1/15/2019 at 3:15 PM, karcharoth said: Great module, but it does not work during ONEPAGECHECKOUT (INSTANT CHECKOUT & CREATE ACCOUNT FORM) and 5-STEPS STANDARD CHECKOUT (only INSTANT CHECKOUT - CREATE ACCOUNT FORM works in this case). Are you able to fix it? The Captcha appears, but is not required to proceed. I have the same problem. Any idea how to fix it? Share this post Link to post Share on other sites
deepakdhamuria 2 Posted August 5, 2019 Posted August 5, 2019 Thank you very much for this module. I have 1.7 version and I used https://github.com/nenes25/eicaptcha/releases/tag/2.0.3 Share this post Link to post Share on other sites
peppeg85 0 Posted August 24, 2019 Posted August 24, 2019 hi, thanks for the guide, I installed the plugin and it seems to work, but anyway I receive fake new registrations and spam messages, does anyone know how I can solve it? thank you! Share this post Link to post Share on other sites
MackStores.Com 19 Posted August 25, 2019 Posted August 25, 2019 18 hours ago, peppeg85 said: hi, thanks for the guide, I installed the plugin and it seems to work, but anyway I receive fake new registrations and spam messages, does anyone know how I can solve it? thank you! You can use our module but its paid and stops all kinds of spams. Easy to change contact Us url too from the modul e. plus it stops fake registrations by sending e mail for validation. Share this post Link to post Share on other sites
MackStores.Com 19 Posted August 25, 2019 Posted August 25, 2019 On 6/30/2019 at 3:27 AM, Belus99 said: I have the same problem. Any idea how to fix it? It does not but our module works with One page Checkout but it is paid. additionally you get many more features Share this post Link to post Share on other sites
presciak 3 Posted January 9, 2020 Posted January 9, 2020 is this module secure? uses PHPUnit? Share this post Link to post Share on other sites
gokturk 0 Posted January 28, 2020 Posted January 28, 2020 On 4/29/2019 at 2:05 PM, PrestaPros said: We've created a free module for reCaptcha. For now it is for PS 1.6, but we are going to make it also for 1.7 More details: https://prestapros.com/en/blog/free-module-recaptcha-for-prestashop-registration-form Hi dear; How can we use in the contact form ? Share this post Link to post Share on other sites
beepow 1 Posted February 11, 2020 Posted February 11, 2020 (edited) in PS 1.6.1.14 seems to work (version used: 0.4.17) but when I check if the module is properly installed I get this error: Quote ContactController.php override is not present in class_index.php I've deleted class_index.php in cache directory but I still have the error. Additional infos: Theme name default-bootstrap Php version 5.5.38 Edited February 11, 2020 by beepow (see edit history) Share this post Link to post Share on other sites
num47 2 Posted November 20, 2020 Posted November 20, 2020 Can anybody tell me how to add Ei Captcha on "Product comment" form? I am using PS 1.7 Thank you Share this post Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now