Thread: anti robotic flood registeration MOD from Turkey
View Single Post
  #1  
Old 05-28-2004, 06:22 AM
 
arabayaservis.com arabayaservis.com is offline
 

Member
   
Join Date: Nov 2003
Posts: 10
 
Default anti robotic flood registeration MOD from Turkey
for 3.5.7 and tested on 3.5.7

please all files backup!!!

this mod requier GD Image Library
if doesn't not working.
GD Library : http://www.boutell.com/gd/

create db

Code:
CREATE TABLE xcart_flood_register (
  flood_id int(11) NOT NULL auto_increment,
  flood_key varchar(10) NOT NULL default '',
  session_id varchar(40) NOT NULL default '',
  KEY flood_id (flood_id)
) TYPE=MyISAM;

***************************************

/customer/flood.php (new page)

Code:
<?php

	require "./auth.php"; 
	
	$key = "";
	$max_length_reg_key = 7;

	$chars = array(
		"A","B","C","D","E","F","G","H","I","J","K","L","M",
		"N","O","P","Q","R","S","T","U","V","W","X","Y","Z",
		"0","1","2","3","4","5","6","7","8","9");

	$count = count($chars) - 1;

	srand((double)microtime()*1234567);

	for($i = 0; $i < $max_length_reg_key; $i++)
	{
		$key .= $chars[rand(0, $count)];
	}

	//Generate my Image...
	$posx = $max_length_reg_key * 10;
	$img_number = imagecreate($posx,17); 
	$white = imagecolorallocate($img_number,255,255,255); 
	$black = imagecolorallocate($img_number,0,0,0); 

	Imagestring($img_number,9,0,0,$key,$black); 	
	
	mysql_query("delete from xcart_flood_register where session_id='$XCARTSESSID'");
	mysql_query("INSERT INTO xcart_flood_register (flood_key, session_id) VALUES ('$key', '$XCARTSESSID')");

	// No Cache
	header("Content-type: image/jpeg");
	header ("Expires: Sat, 10 Dec 1983 07:00:00 GMT");
	header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
	header ("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1
	header ("Pragma: no-cache");                          // HTTP/1.0
	imagejpeg($img_number);
?>

***************************************

include/register.php

find : db_query("insert into $sql_tbl[customers] (login,usertype, ......

add, after

Code:
	// flood mod from turkey
	$flood_rec = func_query_first("select flood_key from xcart_flood_register where session_id='$XCARTSESSID'");
	if (empty($flood_rec)){
			func_header_location("error_message.php?flood_reg");
	}else{
		if($flood_rec['flood_key']!=$flood_register){
			db_query ("delete from xcart_flood_register where session_id='$XCARTSESSID'");
			func_header_location("error_message.php?flood_reg");
		}else{
			db_query ("delete from xcart_flood_register where session_id='$XCARTSESSID'");
		}
	}
	// flood mod from turkey
***************************************

skin1/customer/main/register.tpl

Add

Code:
<tr valign=middle>
<td align=right>Flood Control Key</td>
<td></td>
<td nowrap>[img]flood.php[/img]</td>
</tr>

<tr valign=middle>
<td align=right>Enter Flood Control Key</td>
<td></td>
<td nowrap><input type="text" size="32" name="flood_register"></td>
</tr>
***************************************

skin1/common_templates.tpl

add

Code:
{elseif $main eq "flood_reg"}
{include file="main/error_flood_reg.tpl"}
***************************************

main/error_flood_reg.tpl (new page)

Code:
{ include file="location.tpl" last_location=$lng.err_access_denied}
<h3>Please check flood control string!</h3>
{$lng.err_access_denied_msg}
Reply With Quote