goldbond Posted February 22, 2018 Share Posted February 22, 2018 Hey there, I'm being spammed by mail.ru address. They are able to use my contact form without registering. It's different IP addresses every time. Any ideas how to stop this? Link to comment Share on other sites More sharing options...
samverdyck Posted February 23, 2018 Share Posted February 23, 2018 Easiest way is to buy and install a captcha module: https://addons.prestashop.com/nl/veiligheid-toegang/18478-re-captcha.html?pab=1& If you have some knowledge of how to edit the code, you can edit the contactform in this way: https://github.com/PrestaShop/PrestaShop/pull/8168 This worked for me. 1 Link to comment Share on other sites More sharing options...
willii Posted March 1, 2018 Share Posted March 1, 2018 I've installed a free module called Slide captcha from here but it didn't work. The Russian e-mails are coming even more than before. I've received 19 emails today :-( Link to comment Share on other sites More sharing options...
willii Posted March 2, 2018 Share Posted March 2, 2018 (edited) Today over 30 emails already. Any solution anyone? Edited March 2, 2018 by willii photo edited (see edit history) Link to comment Share on other sites More sharing options...
willii Posted March 4, 2018 Share Posted March 4, 2018 Sorted! I uninstalled the send-to-friend module and deleted the folder from FTP + I changed the SEO Url contact-us to something else and I haven't received any Russian email since then (for two days now). Link to comment Share on other sites More sharing options...
tivicrdotcom Posted March 5, 2018 Share Posted March 5, 2018 Awesome module, thanks for the collaboration, really needed indeed. Hopefully this will stop those "@email.ru" spammers. Successfully tested on 1.6.1.10 Link to comment Share on other sites More sharing options...
baggen Posted March 6, 2018 Share Posted March 6, 2018 (edited) On 2018-03-04 at 11:26 AM, willii said: Sorted! I uninstalled the send-to-friend module and deleted the folder from FTP + I changed the SEO Url contact-us to something else and I haven't received any Russian email since then (for two days now). Could not find the send to friend module i run 1.7.2.4, Under what menu/page do i find the contact us page so i can edit url of it? Edited March 6, 2018 by baggen (see edit history) Link to comment Share on other sites More sharing options...
willii Posted March 6, 2018 Share Posted March 6, 2018 3 hours ago, baggen said: Could not find the send to friend module i run 1.7.2.4, Under what menu/page do i find the contact us page so i can edit url of it? You can edit contact us page in CMS http://doc.prestashop.com/display/PS16/CMS+-+Managing+Static+Content I'd recommend to install the slide captcha. I run 1.6.0.9 and send to friend module is listed there by default even though it's not installed. Link to comment Share on other sites More sharing options...
baggen Posted March 6, 2018 Share Posted March 6, 2018 4 hours ago, willii said: You can edit contact us page in CMS http://doc.prestashop.com/display/PS16/CMS+-+Managing+Static+Content I'd recommend to install the slide captcha. I run 1.6.0.9 and send to friend module is listed there by default even though it's not installed. Hi, I have Design -> pages, but under that menu i have only the following pages, i cant find the contact us page or any other pages than these? delivery Leverans 1 Redigera 2 legal-notice Legal Notice 2 Redigera 3 villkor Villkor 3 Redigera 4 about-us About us 4 Redigera 5 secure-payment Säkra betalningar 5 Redigera 6 storlekstabell Link to comment Share on other sites More sharing options...
GoFenice Posted July 19, 2018 Share Posted July 19, 2018 Hi All , Here a paid module for the same issue , click here , The main advantage of this module is we can block spam domains too ( like qq.com , mail.ru etc ) , so you will get double protection ( google captcha + spam domain block ) by using this module Link to comment Share on other sites More sharing options...
LieBM Posted July 19, 2018 Share Posted July 19, 2018 Hi, we have developed a module to fix spam messages from contact form. It is a professional module with great features. https://addons.prestashop.com/en/website-security-access/39829-module-anti-spam-protector.html Best regards! Link to comment Share on other sites More sharing options...
thanhdo218 Posted September 11, 2018 Share Posted September 11, 2018 (edited) Change code in the file contactcontroller.php. "yourdomain/controllers/front/ContactController.php” don't send email if email address have ".ru" public function postProcess() { if (Tools::isSubmit('submitMessage')) { $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg'); $fileAttachment = Tools::fileAttachment('fileUpload'); $message = Tools::getValue('message'); // Html entities is not usefull, iscleanHtml check there is no bad html tags. //Khong gui thu tu mail *.ru (spam mail)--- ||strpos(trim(Tools::getValue('from')),'.ru') if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)||strpos(trim(Tools::getValue('from')),'.ru')) $this->errors[] = Tools::displayError('Invalid email address.'); elseif (!$message) $this->errors[] = Tools::displayError('The message cannot be blank.'); elseif (!Validate::isCleanHtml($message)) $this->errors[] = Tools::displayError('Invalid message'); elseif (!($id_contact = (int)Tools::getValue('id_contact')) || !(Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id)))) $this->errors[] = Tools::displayError('Please select a subject from the list provided. '); elseif (!empty($fileAttachment['name']) && $fileAttachment['error'] != 0) $this->errors[] = Tools::displayError('An error occurred during the file-upload process.'); elseif (!empty($fileAttachment['name']) && !in_array(Tools::strtolower(substr($fileAttachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($fileAttachment['name'], -5)), $extension)) $this->errors[] = Tools::displayError('Bad file extension'); else { $customer = $this->context->customer; if (!$customer->id) $customer->getByEmail($from); $contact = new Contact($id_contact, $this->context->language->id); $id_order = (int)$this->getOrder(); if (!(( ($id_customer_thread = (int)Tools::getValue('id_customer_thread')) && (int)Db::getInstance()->getValue(' SELECT cm.id_customer_thread FROM '._DB_PREFIX_.'customer_thread cm WHERE cm.id_customer_thread = '.(int)$id_customer_thread.' AND cm.id_shop = '.(int)$this->context->shop->id.' AND token = \''.pSQL(Tools::getValue('token')).'\'') ) || ( $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order) ))) { $fields = Db::getInstance()->executeS(' SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email FROM '._DB_PREFIX_.'customer_thread cm WHERE email = \''.pSQL($from).'\' AND cm.id_shop = '.(int)$this->context->shop->id.' AND ('. ($customer->id ? 'id_customer = '.(int)$customer->id.' OR ' : '').' id_order = '.(int)$id_order.')'); $score = 0; foreach ($fields as $key => $row) { $tmp = 0; if ((int)$row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) continue; if ($row['id_order'] != 0 && $id_order != $row['id_order']) continue; if ($row['email'] == $from) $tmp += 4; if ($row['id_contact'] == $id_contact) $tmp++; if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) $tmp += 2; if ($tmp >= 5 && $tmp >= $score) { $score = $tmp; $id_customer_thread = $row['id_customer_thread']; } } } $old_message = Db::getInstance()->getValue(' SELECT cm.message FROM '._DB_PREFIX_.'customer_message cm LEFT JOIN '._DB_PREFIX_.'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread) WHERE cc.id_customer_thread = '.(int)$id_customer_thread.' AND cc.id_shop = '.(int)$this->context->shop->id.' ORDER BY cm.date_add DESC'); if ($old_message == $message) { $this->context->smarty->assign('alreadySent', 1); $contact->email = ''; $contact->customer_service = 0; } if ($contact->customer_service) { if ((int)$id_customer_thread) { $ct = new CustomerThread($id_customer_thread); $ct->status = 'open'; $ct->id_lang = (int)$this->context->language->id; $ct->id_contact = (int)$id_contact; $ct->id_order = (int)$id_order; if ($id_product = (int)Tools::getValue('id_product')) $ct->id_product = $id_product; $ct->update(); } else { $ct = new CustomerThread(); if (isset($customer->id)) $ct->id_customer = (int)$customer->id; $ct->id_shop = (int)$this->context->shop->id; $ct->id_order = (int)$id_order; if ($id_product = (int)Tools::getValue('id_product')) $ct->id_product = $id_product; $ct->id_contact = (int)$id_contact; $ct->id_lang = (int)$this->context->language->id; $ct->email = $from; $ct->status = 'open'; $ct->token = Tools::passwdGen(12); //Ko gui mail neu tu email mail.ru if(!strpos($from,'.ru')) $ct->add(); } //Ko gui mail neu tu email mail.ru if ($ct->id&&!strpos($ct->email,'.ru')) { $cm = new CustomerMessage(); $cm->id_customer_thread = $ct->id; $cm->message = $message; if (isset($fileAttachment['rename']) && !empty($fileAttachment['rename']) && rename($fileAttachment['tmp_name'], _PS_UPLOAD_DIR_.basename($fileAttachment['rename']))) { $cm->file_name = $fileAttachment['rename']; @chmod(_PS_UPLOAD_DIR_.basename($fileAttachment['rename']), 0664); } $cm->ip_address = (int)ip2long(Tools::getRemoteAddr()); $cm->user_agent = $_SERVER['HTTP_USER_AGENT']; if (!$cm->add()) $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } else $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } if (!count($this->errors)) { $var_list = array( '{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '', ); if (isset($fileAttachment['name'])) $var_list['{attached_file}'] = $fileAttachment['name']; $id_product = (int)Tools::getValue('id_product'); if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) { $order = new Order((int)$ct->id_order); $var_list['{order_name}'] = $order->getUniqReference(); $var_list['{id_order}'] = (int)$order->id; } if ($id_product) { $product = new Product((int)$id_product); if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) $var_list['{product_name}'] = $product->name[Context::getContext()->language->id]; } if (empty($contact->email)) Mail::Send($this->context->language->id, 'contact_form', ((isset($ct) && Validate::isLoadedObject($ct)) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent')), $var_list, $from, null, null, null, $fileAttachment); else { if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form').' [no_sync]', $var_list, $contact->email, $contact->name, $from, ($customer->id ? $customer->firstname.' '.$customer->lastname : ''), $fileAttachment) || !Mail::Send($this->context->language->id, 'contact_form', ((isset($ct) && Validate::isLoadedObject($ct)) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent')), $var_list, $from, null, $contact->email, $contact->name, $fileAttachment)) $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } } if (count($this->errors) > 1) array_unique($this->errors); else $this->context->smarty->assign('confirmation', 1); } } } Edited September 11, 2018 by thanhdo218 (see edit history) Link to comment Share on other sites More sharing options...
ElectrostuffUG Posted September 18, 2018 Share Posted September 18, 2018 On 11.9.2018 at 8:12 AM, thanhdo218 said: Change code in the file contactcontroller.php. "yourdomain/controllers/front/ContactController.php” don't send email if email address have ".ru" public function postProcess() { if (Tools::isSubmit('submitMessage')) { $extension = array('.txt', '.rtf', '.doc', '.docx', '.pdf', '.zip', '.png', '.jpeg', '.gif', '.jpg'); $fileAttachment = Tools::fileAttachment('fileUpload'); $message = Tools::getValue('message'); // Html entities is not usefull, iscleanHtml check there is no bad html tags. //Khong gui thu tu mail *.ru (spam mail)--- ||strpos(trim(Tools::getValue('from')),'.ru') if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)||strpos(trim(Tools::getValue('from')),'.ru')) $this->errors[] = Tools::displayError('Invalid email address.'); elseif (!$message) $this->errors[] = Tools::displayError('The message cannot be blank.'); elseif (!Validate::isCleanHtml($message)) $this->errors[] = Tools::displayError('Invalid message'); elseif (!($id_contact = (int)Tools::getValue('id_contact')) || !(Validate::isLoadedObject($contact = new Contact($id_contact, $this->context->language->id)))) $this->errors[] = Tools::displayError('Please select a subject from the list provided. '); elseif (!empty($fileAttachment['name']) && $fileAttachment['error'] != 0) $this->errors[] = Tools::displayError('An error occurred during the file-upload process.'); elseif (!empty($fileAttachment['name']) && !in_array(Tools::strtolower(substr($fileAttachment['name'], -4)), $extension) && !in_array(Tools::strtolower(substr($fileAttachment['name'], -5)), $extension)) $this->errors[] = Tools::displayError('Bad file extension'); else { $customer = $this->context->customer; if (!$customer->id) $customer->getByEmail($from); $contact = new Contact($id_contact, $this->context->language->id); $id_order = (int)$this->getOrder(); if (!(( ($id_customer_thread = (int)Tools::getValue('id_customer_thread')) && (int)Db::getInstance()->getValue(' SELECT cm.id_customer_thread FROM '._DB_PREFIX_.'customer_thread cm WHERE cm.id_customer_thread = '.(int)$id_customer_thread.' AND cm.id_shop = '.(int)$this->context->shop->id.' AND token = \''.pSQL(Tools::getValue('token')).'\'') ) || ( $id_customer_thread = CustomerThread::getIdCustomerThreadByEmailAndIdOrder($from, $id_order) ))) { $fields = Db::getInstance()->executeS(' SELECT cm.id_customer_thread, cm.id_contact, cm.id_customer, cm.id_order, cm.id_product, cm.email FROM '._DB_PREFIX_.'customer_thread cm WHERE email = \''.pSQL($from).'\' AND cm.id_shop = '.(int)$this->context->shop->id.' AND ('. ($customer->id ? 'id_customer = '.(int)$customer->id.' OR ' : '').' id_order = '.(int)$id_order.')'); $score = 0; foreach ($fields as $key => $row) { $tmp = 0; if ((int)$row['id_customer'] && $row['id_customer'] != $customer->id && $row['email'] != $from) continue; if ($row['id_order'] != 0 && $id_order != $row['id_order']) continue; if ($row['email'] == $from) $tmp += 4; if ($row['id_contact'] == $id_contact) $tmp++; if (Tools::getValue('id_product') != 0 && $row['id_product'] == Tools::getValue('id_product')) $tmp += 2; if ($tmp >= 5 && $tmp >= $score) { $score = $tmp; $id_customer_thread = $row['id_customer_thread']; } } } $old_message = Db::getInstance()->getValue(' SELECT cm.message FROM '._DB_PREFIX_.'customer_message cm LEFT JOIN '._DB_PREFIX_.'customer_thread cc on (cm.id_customer_thread = cc.id_customer_thread) WHERE cc.id_customer_thread = '.(int)$id_customer_thread.' AND cc.id_shop = '.(int)$this->context->shop->id.' ORDER BY cm.date_add DESC'); if ($old_message == $message) { $this->context->smarty->assign('alreadySent', 1); $contact->email = ''; $contact->customer_service = 0; } if ($contact->customer_service) { if ((int)$id_customer_thread) { $ct = new CustomerThread($id_customer_thread); $ct->status = 'open'; $ct->id_lang = (int)$this->context->language->id; $ct->id_contact = (int)$id_contact; $ct->id_order = (int)$id_order; if ($id_product = (int)Tools::getValue('id_product')) $ct->id_product = $id_product; $ct->update(); } else { $ct = new CustomerThread(); if (isset($customer->id)) $ct->id_customer = (int)$customer->id; $ct->id_shop = (int)$this->context->shop->id; $ct->id_order = (int)$id_order; if ($id_product = (int)Tools::getValue('id_product')) $ct->id_product = $id_product; $ct->id_contact = (int)$id_contact; $ct->id_lang = (int)$this->context->language->id; $ct->email = $from; $ct->status = 'open'; $ct->token = Tools::passwdGen(12); //Ko gui mail neu tu email mail.ru if(!strpos($from,'.ru')) $ct->add(); } //Ko gui mail neu tu email mail.ru if ($ct->id&&!strpos($ct->email,'.ru')) { $cm = new CustomerMessage(); $cm->id_customer_thread = $ct->id; $cm->message = $message; if (isset($fileAttachment['rename']) && !empty($fileAttachment['rename']) && rename($fileAttachment['tmp_name'], _PS_UPLOAD_DIR_.basename($fileAttachment['rename']))) { $cm->file_name = $fileAttachment['rename']; @chmod(_PS_UPLOAD_DIR_.basename($fileAttachment['rename']), 0664); } $cm->ip_address = (int)ip2long(Tools::getRemoteAddr()); $cm->user_agent = $_SERVER['HTTP_USER_AGENT']; if (!$cm->add()) $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } else $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } if (!count($this->errors)) { $var_list = array( '{order_name}' => '-', '{attached_file}' => '-', '{message}' => Tools::nl2br(stripslashes($message)), '{email}' => $from, '{product_name}' => '', ); if (isset($fileAttachment['name'])) $var_list['{attached_file}'] = $fileAttachment['name']; $id_product = (int)Tools::getValue('id_product'); if (isset($ct) && Validate::isLoadedObject($ct) && $ct->id_order) { $order = new Order((int)$ct->id_order); $var_list['{order_name}'] = $order->getUniqReference(); $var_list['{id_order}'] = (int)$order->id; } if ($id_product) { $product = new Product((int)$id_product); if (Validate::isLoadedObject($product) && isset($product->name[Context::getContext()->language->id])) $var_list['{product_name}'] = $product->name[Context::getContext()->language->id]; } if (empty($contact->email)) Mail::Send($this->context->language->id, 'contact_form', ((isset($ct) && Validate::isLoadedObject($ct)) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent')), $var_list, $from, null, null, null, $fileAttachment); else { if (!Mail::Send($this->context->language->id, 'contact', Mail::l('Message from contact form').' [no_sync]', $var_list, $contact->email, $contact->name, $from, ($customer->id ? $customer->firstname.' '.$customer->lastname : ''), $fileAttachment) || !Mail::Send($this->context->language->id, 'contact_form', ((isset($ct) && Validate::isLoadedObject($ct)) ? sprintf(Mail::l('Your message has been correctly sent #ct%1$s #tc%2$s'), $ct->id, $ct->token) : Mail::l('Your message has been correctly sent')), $var_list, $from, null, $contact->email, $contact->name, $fileAttachment)) $this->errors[] = Tools::displayError('An error occurred while sending the message.'); } } if (count($this->errors) > 1) array_unique($this->errors); else $this->context->smarty->assign('confirmation', 1); } } } This worked for us (Using Prestashop Version 1.6.1.7) - Thank you my friend! Link to comment Share on other sites More sharing options...
texxo Posted November 28, 2018 Share Posted November 28, 2018 So, i had today a serious issue with emails coming from [email protected] Some chinese spam. What i did and it worked for me for prestashop 1.7.2.4. (i guess it is same thing like the post before) Go find your file "contactform.php" which is located logically in ../modules/contactform Download it. Rename the file in your webserver to something else (so you do not lose it if something goes wrong, you can always rename it back) Edit it. Find the: public function sendMessage() and bellow this line: if (!($from = trim(Tools::getValue('from'))) || !Validate::isEmail($from)) { $this->context->controller->errors[] = $this->trans('Invalid email address.', array(), 'Shop.Notifications.Error'); add } elseif (strpos(trim(Tools::getValue('from')), '@qq.com')){ $this->context->controller->errors[] = $this->trans('Invalid email address.', array(), 'Shop.Notifications.Error'); of course you can change the @qq.com with whatever you want to be detected and rejected. It will act by giving message: invalid email Of course now i will have to see if it will work too. Of course if they start to use other domain in the sender email, then i will have to go and add another line and so on. I did this because for some unknown reason the Ei Captcha didnt work - it was asking always to validate which was not the case since i clicked the "i am not a robot". (if it would work, i wouldnt go to hard encode this trick) (so far 5mins passed and no spam came, lets see) Link to comment Share on other sites More sharing options...
texxo Posted November 28, 2018 Share Posted November 28, 2018 Well, as expected spam comes now from another supposed email. but good news i noticed something and i will try it tomorrow. Link to comment Share on other sites More sharing options...
texxo Posted December 1, 2018 Share Posted December 1, 2018 I tried my second option after i observed something and i managed to block the chinese messages. i dont want to say in public. Who wants can PM me. Its simple. Link to comment Share on other sites More sharing options...
Gipielle Posted December 6, 2018 Share Posted December 6, 2018 Any solution for version 1.5 ? Link to comment Share on other sites More sharing options...
saag1 Posted December 26, 2018 Share Posted December 26, 2018 On 3/4/2018 at 11:26 AM, willii said: Sorted! I uninstalled the send-to-friend module and deleted the folder from FTP + I changed the SEO Url contact-us to something else and I haven't received any Russian email since then (for two days now). I´m trying that solution in my old prestashop 1.4.8 version: A few hours and no Spam, y was receiving 5 per hour till the change. No other (captcha) tried yet. I will feed back how it goes. Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now