Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
I've installed this module, can i ask what i do once i have enabled it and enabled logs?
Ive refreshed all cache files as well.
Is there something else to switch on for this captcha system to work?
I currently have google recaptcha v2 robot.
No OC version posted. For documentation instructions, please read the guide on the marketplace where you downloaded the CSRF Form Protection. Full details are provided.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
For instance, in the controllers,
Code: Select all
$csrf = new Csrf();
$csrf->csrf_start($this->registry);
$data['csrf_form_input'] = $csrf->csrf_form_input();
Code: Select all
<form ...
Code: Select all
{% if csrf_form_input %}
{{ csrf_form_input }}
{% endif %}
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Is it only these two files that need to be uploaded and if so do I need to do anything else afterwards? I am not confident adding code to core files and I don't know how to edit TWIG files if I have to.
Sorry if this seems a stupid question you have answered before, but I'm getting overwhelmed with fake registrations for accounts and affiliates. I have already removed all affiliate links, removed countries etc but nothing seems to be stopping the fake registrations.
Code: Select all
Fatal error: Call to a member function csrf_form_input() on a non-object in /var/www/vhosts/domain.tld/htdocs/vqmod/vqcache/vq2-admin_view_template_common_login.tpl on line 16
OC Version is 1.5.6.1
I downloaded the csrf.zip (includes only a csrf.php) and copied this to system/library/ and the csrfformprotection1562.zip (includes only the xml) and copied to vqmod/xml
The are no other files and no readme
TWIG is v3markward wrote: ↑Tue Feb 13, 2018 2:39 pmI downloaded the version for 2.0.3.1 I can only see two files in the folder: catalog/model/tool/csrf.php and system/library/csrf.php
Is it only these two files that need to be uploaded and if so do I need to do anything else afterwards? I am not confident adding code to core files and I don't know how to edit TWIG files if I have to.
Sorry if this seems a stupid question you have answered before, but I'm getting overwhelmed with fake registrations for accounts and affiliates. I have already removed all affiliate links, removed countries etc but nothing seems to be stopping the fake registrations.
from what Ive read there's a html and a php to edit, the only issue I ran in to was that 2.0.2.0 has tpl not html... so I'm as lost as you
Hopefully we'll get some more information. I've tried turning on customer approval, removed all affiliate links, installed another anti-spam extension, and even removed USA from my countries list as we don't ship there and that was the address being used. Registrations are still coming in bypassing the required fields on the account registration forms (including "James Kelvin" mentioned on other threads). Also banning IPs has no effect.kevtheirish wrote: ↑Wed Feb 14, 2018 12:58 am
TWIG is v3
from what Ive read there's a html and a php to edit, the only issue I ran in to was that 2.0.2.0 has tpl not html... so I'm as lost as you
I had 100+ affiliates registered to one account and am getting around 20-30 fake registrations a day. This is a major hassle - especially since I have no idea the motive. A lot of people seem to be getting hit by this judging by other posts.
Hope a solution can be found
I've done those things too... getting a bit ticked off (@ james kelvin) right nowmarkward wrote: ↑Wed Feb 14, 2018 2:07 amHopefully we'll get some more information. I've tried turning on customer approval, removed all affiliate links, Registrations are still coming in bypassing the required fields on the account registration forms (including "James Kelvin" mentioned on other threads). Also banning IPs has no effect.
Hope a solution can be found
Where and how you did added the CSRF PHP code in the controller and how did you use the input line from the TPL file? More information is needed.HarryHirsch wrote: ↑Tue Feb 13, 2018 9:50 pmI too get aThis happens on every Form, also i can't login to the backend anymoreCode: Select all
Fatal error: Call to a member function csrf_form_input() on a non-object in /var/www/vhosts/domain.tld/htdocs/vqmod/vqcache/vq2-admin_view_template_common_login.tpl on line 16
OC Version is 1.5.6.1
I downloaded the csrf.zip (includes only a csrf.php) and copied this to system/library/ and the csrfformprotection1562.zip (includes only the xml) and copied to vqmod/xml
The are no other files and no readme
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Can you confirm that this version only contains (2) .php files? Is this + the edits all that is needed?
i dont have a login.html, mine is login.tpl I assume the .tpl is supposed to be edited?
the first "<form" I have is actually
Code: Select all
<form action="<?php echo $action; ?>" method="post" enctype="multipart/form-data">
Code: Select all
<form action="<?php echo $action; ?>" method="post" enctype="multipart/form-data">
<?php echo $csrf_form_input; ?>
<div class="form-group">
<label class="control-label" for="input-email"><?php echo $entry_email; ?></label>
<input type="text" name="email" value="<?php echo $email; ?>" placeholder="<?php echo $entry_email; ?>" id="input-email" class="form-control" />
</div>
Is there any update on this from anyone? Can anyone (Straightlight?) tell me what other core files need to be edited and what the additional code is for version 2.0.3.1?markward wrote: ↑Tue Feb 13, 2018 2:39 pmI downloaded the version for 2.0.3.1 I can only see two files in the folder: catalog/model/tool/csrf.php and system/library/csrf.php
Is it only these two files that need to be uploaded and if so do I need to do anything else afterwards? I am not confident adding code to core files.
After adding the <?php echo $csrf_form_input; ?> code, check your view source on the browser to see if the __csrf input form shows. An XML file should be implicit with my package. Ensure to use VQMod Manager to troubleshoot the XML file.kevtheirish wrote: ↑Wed Feb 14, 2018 9:49 am2.0.2.0
Can you confirm that this version only contains (2) .php files? Is this + the edits all that is needed?
i dont have a login.html, mine is login.tpl I assume the .tpl is supposed to be edited?
the first "<form" I have is actually
so I added it hereCode: Select all
<form action="<?php echo $action; ?>" method="post" enctype="multipart/form-data">
is that correct?Code: Select all
<form action="<?php echo $action; ?>" method="post" enctype="multipart/form-data"> <?php echo $csrf_form_input; ?> <div class="form-group"> <label class="control-label" for="input-email"><?php echo $entry_email; ?></label> <input type="text" name="email" value="<?php echo $email; ?>" placeholder="<?php echo $entry_email; ?>" id="input-email" class="form-control" /> </div>
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
There are no core files to edit as core files should never be modified. Use VQMod, see the above reply.markward wrote: ↑Wed Feb 14, 2018 3:34 pmIs there any update on this from anyone? Can anyone (Straightlight?) tell me what other core files need to be edited and what the additional code is for version 2.0.3.1?markward wrote: ↑Tue Feb 13, 2018 2:39 pmI downloaded the version for 2.0.3.1 I can only see two files in the folder: catalog/model/tool/csrf.php and system/library/csrf.php
Is it only these two files that need to be uploaded and if so do I need to do anything else afterwards? I am not confident adding code to core files.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Users browsing this forum: No registered users and 37 guests