Hi
I have an issue on my website: We are starting to receive several fake account profiles and on checking the ReCaptcha form on our contact page, message are going through withour this being checked.
Our website Is Zencart 1.5.3 on PHP 5.6 So I tried to install 3.4.1 again and I am still getting the issue.
I have tried this set up in the tpl_contact_us_default.php, tpl_modules_create_account.php and tpl_products_reviews_write_default.php, both:
AndCode:<?php echo recaptcha_get_html($publickey, $resp->error,$request_type == 'SSL'); ?>
neither workCode:<?php echo recaptcha_get_html(); ?>
Theres no error logs and nothing related in the /logs/ folder
I have also set up a new Recaptcha key for shaftlimited.com and configured this new key and again this makes no difference.
The form can be viewed here https://shaftlimited.com/contact_us.html
We did migrate server about 3 months ago, but only recently has this issue come to light.
includes/modules/pages/contact_us/header_php.php around line 18 reads:
Please help or let me know if you need further info from me.Code:$error = false; if (isset($_GET['action']) && ($_GET['action'] == 'send')) { $name = zen_db_prepare_input($_POST['contactname']); $email_address = zen_db_prepare_input($_POST['email']); $subject = zen_db_prepare_input($_POST['subject']); $enquiry = zen_db_prepare_input(strip_tags($_POST['enquiry'])); $antiSpam = isset($_POST['should_be_empty']) ? zen_db_prepare_input($_POST['should_be_empty']) : ''; $zco_notifier->notify('NOTIFY_CONTACT_US_CAPTCHA_CHECK'); $zc_validate_email = zen_validate_email($email_address); if ($zc_validate_email and !empty($enquiry) and !empty($name) and !empty($subject) && $error == FALSE) { // if anti-spam is not triggered, prepare and send email: if ($antiSpam != '') { $zco_notifier->notify('NOTIFY_SPAM_DETECTED_USING_CONTACT_US'); } elseif ($antiSpam == '') { // auto complete when logged in if($_SESSION['customer_id']) { $sql = "SELECT customers_id, customers_firstname, customers_lastname, customers_password, customers_email_address, customers_default_address_id FROM " . TABLE_CUSTOMERS . " WHERE customers_id = :customersID"; $sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer'); $check_customer = $db->Execute($sql); $customer_email= $check_customer->fields['customers_email_address']; $customer_name= $check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname']; } else { $customer_email = NOT_LOGGED_IN_TEXT; $customer_name = NOT_LOGGED_IN_TEXT; }
Many thanks in advance.


Reply With Quote

