for 3.5.7 and tested on 3.5.7
please all files backup!!!
this mod requier GD Image Library
if doesn't not working.
GD Library :
http://www.boutell.com/gd/
create db
Code:
CREATE TABLE xcart_flood_register (
flood_id int(11) NOT NULL auto_increment,
flood_key varchar(10) NOT NULL default '',
session_id varchar(40) NOT NULL default '',
KEY flood_id (flood_id)
) TYPE=MyISAM;
***************************************
/customer/flood.php (new page)
Code:
<?php
require "./auth.php";
$key = "";
$max_length_reg_key = 7;
$chars = array(
"A","B","C","D","E","F","G","H","I","J","K","L","M",
"N","O","P","Q","R","S","T","U","V","W","X","Y","Z",
"0","1","2","3","4","5","6","7","8","9");
$count = count($chars) - 1;
srand((double)microtime()*1234567);
for($i = 0; $i < $max_length_reg_key; $i++)
{
$key .= $chars[rand(0, $count)];
}
//Generate my Image...
$posx = $max_length_reg_key * 10;
$img_number = imagecreate($posx,17);
$white = imagecolorallocate($img_number,255,255,255);
$black = imagecolorallocate($img_number,0,0,0);
Imagestring($img_number,9,0,0,$key,$black);
mysql_query("delete from xcart_flood_register where session_id='$XCARTSESSID'");
mysql_query("INSERT INTO xcart_flood_register (flood_key, session_id) VALUES ('$key', '$XCARTSESSID')");
// No Cache
header("Content-type: image/jpeg");
header ("Expires: Sat, 10 Dec 1983 07:00:00 GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header ("Pragma: no-cache"); // HTTP/1.0
imagejpeg($img_number);
?>
***************************************
include/register.php
find : db_query("insert into $sql_tbl[customers] (login,usertype, ......
add, after
Code:
// flood mod from turkey
$flood_rec = func_query_first("select flood_key from xcart_flood_register where session_id='$XCARTSESSID'");
if (empty($flood_rec)){
func_header_location("error_message.php?flood_reg");
}else{
if($flood_rec['flood_key']!=$flood_register){
db_query ("delete from xcart_flood_register where session_id='$XCARTSESSID'");
func_header_location("error_message.php?flood_reg");
}else{
db_query ("delete from xcart_flood_register where session_id='$XCARTSESSID'");
}
}
// flood mod from turkey
***************************************
skin1/customer/main/register.tpl
Add
Code:
<tr valign=middle>
<td align=right>Flood Control Key</td>
<td></td>
<td nowrap>[img]flood.php[/img]</td>
</tr>
<tr valign=middle>
<td align=right>Enter Flood Control Key</td>
<td></td>
<td nowrap><input type="text" size="32" name="flood_register"></td>
</tr>
***************************************
skin1/common_templates.tpl
add
Code:
{elseif $main eq "flood_reg"}
{include file="main/error_flood_reg.tpl"}
***************************************
main/error_flood_reg.tpl (new page)
Code:
{ include file="location.tpl" last_location=$lng.err_access_denied}
<h3>Please check flood control string!</h3>
{$lng.err_access_denied_msg}