Lösung für Sicherheitscode Captcha Problem

[ingmar1601]

Ich hatte das Problem, dass der Sicherheitscode bei "Passwort vergessen" nicht angezeigt worden ist und alle Lösungen hier aus dem Forum haben nicht geholfen (wie z.B. fonts im Binärmodus hochladen oder Dateirechte anpassen)

Deswegen habe ich mich für die Lösung von reCAPTCHA: Stop Spam, Read Books entschieden. Man muss sich hier einmal anmelden und bekommt dann einen public und private key, den man für die Anbindung braucht.

Jetzt müssen folgende Dateien angepasst werden:

/www/password_double_opt.php

Hier muss der public und private key eingtragen werden

Code:

<?php

/*------------------------------------------------------------------------------
   $Id: password_double_opt.php,v 1.0 

   XTC-NEWSLETTER_RECIPIENTS RC1 - Contribution for XT-Commerce http://www.xt-commerce.com
   by Matthias Hinsche http://www.gamesempire.de

   Copyright (c) 2003 XT-Commerce
   -----------------------------------------------------------------------------------------
   based on: 
   (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
   (c) 2002-2003 osCommerce www.oscommerce.com 
   (c) 2003  nextcommerce www.nextcommerce.org

   Released under the GNU General Public License 
   ---------------------------------------------------------------------------------------*/

require ('includes/application_top.php');

// create smarty elements
$smarty = new Smarty;

// include boxes
require (DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/source/boxes.php');

// include needed functions
//require_once (DIR_FS_INC.'xtc_render_vvcode.inc.php');
//require_once (DIR_FS_INC.'xtc_random_charcode.inc.php');
require_once (DIR_FS_INC.'xtc_encrypt_password.inc.php');
require_once (DIR_FS_INC.'xtc_validate_password.inc.php');
require_once (DIR_FS_INC.'xtc_rand.inc.php');



$case = double_opt;
$info_message = TEXT_PASSWORD_FORGOTTEN;
if (isset ($_GET['action']) && ($_GET['action'] == 'first_opt_in')) {

	$check_customer_query = xtc_db_query("select customers_email_address, customers_id from ".TABLE_CUSTOMERS." where customers_email_address = '".xtc_db_input($_POST['email'])."'");
	$check_customer = xtc_db_fetch_array($check_customer_query);

	//$vlcode = xtc_random_charcode(32);
	$link = xtc_href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=verified&customers_id='.$check_customer['customers_id'].'&key='.$vlcode, 'NONSSL');

	// assign language to template for caching
	$smarty->assign('language', $_SESSION['language']);
	$smarty->assign('tpl_path', 'templates/'.CURRENT_TEMPLATE.'/');
	$smarty->assign('logo_path', HTTP_SERVER.DIR_WS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/img/');

	// assign vars
	$smarty->assign('EMAIL', $check_customer['customers_email_address']);
	$smarty->assign('LINK', $link);
	// dont allow cache
	$smarty->caching = false;

	// create mails
	$html_mail = $smarty->fetch(CURRENT_TEMPLATE.'/mail/'.$_SESSION['language'].'/password_verification_mail.html');
	$txt_mail = $smarty->fetch(CURRENT_TEMPLATE.'/mail/'.$_SESSION['language'].'/password_verification_mail.txt');


require_once('recaptchalib.php');
$privatekey = "hier den private key eintragen";
$resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

if ($resp->is_valid) {
		if (!xtc_db_num_rows($check_customer_query)) {
			$case = wrong_mail;
			$info_message = TEXT_EMAIL_ERROR;
		} else {
			$case = first_opt_in;
			xtc_db_query("update ".TABLE_CUSTOMERS." set password_request_key = '".$vlcode."' where customers_id = '".$check_customer['customers_id']."'");
			xtc_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $check_customer['customers_email_address'], '', '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', TEXT_EMAIL_PASSWORD_FORGOTTEN, $html_mail, $txt_mail);

		}
	} else {
		$case = code_error;
		$info_message = TEXT_CODE_ERROR.$resp->error;
	}
}

// Verification
if (isset ($_GET['action']) && ($_GET['action'] == 'verified')) {
	$check_customer_query = xtc_db_query("select customers_id, customers_email_address, password_request_key from ".TABLE_CUSTOMERS." where customers_id = '".(int)$_GET['customers_id']."' and password_request_key = '".xtc_db_input($_GET['key'])."'");
	$check_customer = xtc_db_fetch_array($check_customer_query);
	if (!xtc_db_num_rows($check_customer_query) || $_GET['key']=="") {

		$case = no_account;
		$info_message = TEXT_NO_ACCOUNT;
	} else {

		$newpass = xtc_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
		$crypted_password = xtc_encrypt_password($newpass);

		xtc_db_query("update ".TABLE_CUSTOMERS." set customers_password = '".$crypted_password."' where customers_email_address = '".$check_customer['customers_email_address']."'");
		xtc_db_query("update ".TABLE_CUSTOMERS." set password_request_key = '' where customers_id = '".$check_customer['customers_id']."'");
		// assign language to template for caching
		$smarty->assign('language', $_SESSION['language']);
		$smarty->assign('tpl_path', 'templates/'.CURRENT_TEMPLATE.'/');
		$smarty->assign('logo_path', HTTP_SERVER.DIR_WS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/img/');

		// assign vars
		$smarty->assign('EMAIL', $check_customer['customers_email_address']);
		$smarty->assign('NEW_PASSWORD', $newpass);
		// dont allow cache
		$smarty->caching = false;
		// create mails
		$html_mail = $smarty->fetch(CURRENT_TEMPLATE.'/mail/'.$_SESSION['language'].'/new_password_mail.html');
		$txt_mail = $smarty->fetch(CURRENT_TEMPLATE.'/mail/'.$_SESSION['language'].'/new_password_mail.txt');

		xtc_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $check_customer['customers_email_address'], '', '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', TEXT_EMAIL_PASSWORD_NEW_PASSWORD, $html_mail, $txt_mail);
		if (!isset ($mail_error)) {
			xtc_redirect(xtc_href_link(FILENAME_LOGIN, 'info_message='.urlencode(TEXT_PASSWORD_SENT), 'SSL', true, false));
		}
	}
}

$breadcrumb->add(NAVBAR_TITLE_PASSWORD_DOUBLE_OPT, xtc_href_link(FILENAME_PASSWORD_DOUBLE_OPT, '', 'NONSSL'));

require (DIR_WS_INCLUDES.'header.php');
require_once('recaptchalib.php');
$publickey = "hier den public key eintragen"; // you got this from the signup page


switch ($case) {
	case first_opt_in :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('info_message', TEXT_LINK_MAIL_SENDED);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');

		break;
	case second_opt_in :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		//    $smarty->assign('info_message', TEXT_PASSWORD_MAIL_SENDED);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');
		break;
	case code_error :

		//$smarty->assign('VVIMG', '<img src="'.FILENAME_DISPLAY_VVCODES.'">');
                  $smarty->assign('VVIMG', '<img src="'.xtc_href_link(FILENAME_DISPLAY_VVCODES, 'SSL').'" />');
//$smarty->assign('VVIMG', '<img src="'. xtc_href_link(FILENAME_DISPLAY_VVCODES, 't='. time(), 'NONSSL') .'">');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		$smarty->assign('SHOP_NAME', EMAIL_SUPPORT_NAME);
		$smarty->assign('FORM_ACTION', xtc_draw_form('sign', xtc_href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', xtc_draw_input_field('email', xtc_db_input($_POST['email'])));
		$smarty->assign('INPUT_CODE', $_POST['recaptcha_response_field'].recaptcha_get_html($publickey));	$smarty->assign('BUTTON_SEND', xtc_image_submit('button_send.gif', IMAGE_BUTTON_LOGIN));
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');

		break;
	case wrong_mail :

		//$smarty->assign('VVIMG', '<img src="'.FILENAME_DISPLAY_VVCODES.'">');
$smarty->assign('VVIMG', '<img src="'.xtc_href_link(FILENAME_DISPLAY_VVCODES, 'SSL').'" />');
//$smarty->assign('VVIMG', '<img src="'. xtc_href_link(FILENAME_DISPLAY_VVCODES, 't='. time(), 'NONSSL') .'">');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		$smarty->assign('SHOP_NAME', EMAIL_SUPPORT_NAME); //STORE_NAME
		$smarty->assign('FORM_ACTION', xtc_draw_form('sign', xtc_href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', xtc_draw_input_field('email', xtc_db_input($_POST['email'])));
		$smarty->assign('INPUT_CODE', $_POST['recaptcha_response_field'].recaptcha_get_html($publickey));	$smarty->assign('BUTTON_SEND', xtc_image_submit('button_send.gif', IMAGE_BUTTON_LOGIN));
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');

		break;
	case no_account :
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		$smarty->assign('info_message', $info_message);
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_messages.html');

		break;
	case double_opt :

		//$smarty->assign('VVIMG', '<img src="'.FILENAME_DISPLAY_VVCODES.'">');
//$smarty->assign('VVIMG', '<img src="'.xtc_href_link(FILENAME_DISPLAY_VVCODES, 'SSL').'" />');
//$smarty->assign('VVIMG', '<img src="'. xtc_href_link(FILENAME_DISPLAY_VVCODES, 't='. time(), 'NONSSL') .'">');
		$smarty->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
		//    $smarty->assign('info_message', $info_message);
		$smarty->assign('message', TEXT_PASSWORD_FORGOTTEN);
		//$smarty->assign('SHOP_NAME', STORE_NAME);


               $smarty->assign('SHOP_NAME', EMAIL_SUPPORT_NAME);
		$smarty->assign('FORM_ACTION', xtc_draw_form('sign', xtc_href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
		$smarty->assign('INPUT_EMAIL', xtc_draw_input_field('email', xtc_db_input($_POST['email'])));
		$smarty->assign('INPUT_CODE', $_POST['recaptcha_response_field'].recaptcha_get_html($publickey));
		$smarty->assign('BUTTON_SEND', xtc_image_submit('button_continue.gif', IMAGE_BUTTON_LOGIN));
		$smarty->assign('FORM_END', '</form>');
		$smarty->assign('language', $_SESSION['language']);
		$smarty->caching = 0;
		$main_content = $smarty->fetch(CURRENT_TEMPLATE.'/module/password_double_opt_in.html');

		break;
}

$smarty->assign('main_content', $main_content);
$smarty->assign('language', $_SESSION['language']);
$smarty->caching = 0;
if (!defined(RM))
	$smarty->load_filter('output', 'note');
$smarty->display(CURRENT_TEMPLATE.'/index.html');
include ('includes/application_bottom.php');



?>

Dann diese Datei anpassen:

/www/templates/abc/module/password_double_opt_in.html

Code:

{config_load file="$language/lang_$language.conf" section="new_password"} 
<h2>{$text_heading}</h2>
{if $info_message!=''}
<br />
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td class="main" style="border: 1px solid; border-color: #ff0000;" bgcolor="#FFCCCC"><div align="center">{$info_message}</div></td>
  </tr>
</table>
<br />
<br />
{/if}

{$FORM_ACTION}

<table class="formArea" width="100%" border="0" cellspacing="3" cellpadding="0">
  <tr> 
    <td colspan="2"><b>{$message}<br>
      <br>
      </b></td>
  </tr>
  <tr> 
    <td colspan="2"><strong>{#text_step1#}</strong><br>
      {#text_info_pre#} {$SHOP_NAME} {#text_info_post#}</td>
  <tr> 
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    
    
<td valign="top"><strong>{#text_sec_code#}:</strong></td>    <td>{$INPUT_CODE}</td>
  </tr>
<tr> 
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td><strong>{#text_email#}</strong></td>
    <td>{$INPUT_EMAIL}</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td colspan="2">{#text_continue#}</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td><strong><span class="small"><strong>{#text_to_step2#}</strong></span> 
      </strong><span class="small"></span></td>
    <td><span class="small">{$BUTTON_SEND}</span><span class="small"><strong></strong></span></td>
  </tr>
</table>

{$FORM_END}

Und noch diese Date folgenden Code hinzufügeni:

/www/includes/header.php

Hierüber kann man z.B. die Sprache einstellen

Code:

<script type="text/javascript">
var RecaptchaOptions = {
   lang: 'de',
   theme : 'white',
   tabindex : 2
};
</script>

Viel Spass

[RoElbl]

Hallo,

habe deine Anleitung befolgt und bekomme folgende Meldung:

Warning: require_once(recaptchalib.php) [function.require-once]: failed to open stream: No such file or directory in /home/www/robert2/password_double_opt.php on line 124

Fatal error: require_once() [function.require]: Failed opening required 'recaptchalib.php' (include_path='.:/usr/share/php') in /home/www/robert2/password_double_opt.php on line 124


Was habe ich falsch gemacht?

Gruß

Robert

[RoElbl]

Hallo,

ich habe deine Anleitung befolgt und leider funktioniert es nicht.

Ich bekomme folgende Fehler:

Warning: require_once(recaptchalib.php) [function.require-once]: failed to open stream: No such file or directory in /home/www/robert2/password_double_opt.php on line 124

Fatal error: require_once() [function.require]: Failed opening required 'recaptchalib.php' (include_path='.:/usr/share/php') in /home/www/robert2/password_double_opt.php on line 124


Kannst Du mir weiterhelfen?

Habe dieses leidliche Problem auch beim Newsletter.

Gruß

Robert

[ingmar1601]

Oh ich glaube habe was wichtiges vergessen in der Anleitung.

Die angehängte Datei entpacken und recaptchalib.php ins root des webshops legen.

Bei Dir wäre das:

/home/www/robert2/

[chrispeter]

Hallo, danke erst mal für deine Lösung. Ich habe alles durchgeführt, so wie Du es geschrieben hast. Jetzt habe ich aber folgendes Problem:

Schritt 1:
Bitte geben Sie die eMail-Adresse ein, unter der Sie Ihr Konto bei Mail send by support systems angelegt haben.

Hier möchte ich gerne meinen Namen haben und

2
Scherheitscode: Invalid public key. Make sure you copy and pasted it correctly.

Es wird kein Sicherheitscode angezeigt, nur diese Meldung.

Es währe super, wenn Du mir weiterhelfen kannst.

[ingmar1601]

Schaue mal in den Sprachdateien nach /lang /german , ob dort irgendwo "Mail send by support systems" und ändere es dort ab....ansonsten im Webshop Admin Bereich bei Konfiguration unten links mal schauen, ob es dort irgendwo drin steht....z.B. Mein Shop oder eMail Optionen.

Bezüglich der Fehlermeldung, hast Du auch den public und private key richtig eingefügt in der /www/password_double_opt.php?

[chrispeter]

Super danke, jetzt geht alles.

[chrispeter]

Hallo, sorry, dass ich nochmal nachfragen muss. Ich habe jetzt ein weiteres Problem. Wenn ich als Kunde Passwort vergessen anklicke bekomme ich eine Bestätigungs-Mail. Wenn ich dann bestätige, wird meine Seite aufgerufen und es erscheint folgendes:

Passwort erneuern?

Leider müssen wir Ihnen mitteilen, dass Ihre Anfrage für ein neues Anmelde-Passwort entweder ungültig war oder abgelaufen ist.
Bitte versuchen Sie es erneut

Kann mir da jemand helfen?

Danke

[ingmar1601]

Du hast Recht. In der Datei /www/password_double_opt.php müssen folgende Zeilen reinkommentiert werden:

require_once (DIR_FS_INC.'xtc_random_charcode.inc.php');

$vlcode = xtc_random_charcode(32);

Sorry für die später Antwort

[ingmar1601]

und diese Zeile:
$info_message = TEXT_CODE_ERROR.$resp->error;

durch

$info_message = TEXT_CODE_ERROR;

ersetzen