Kinetic Pulse
  • Home
  • Services
  • Portfolio
  • Blog
  • Terms
  • Contact

Adding a simple Spam trap to Zencart 1.5

January 31, 2013

One client wanted simple spam prevention device on the customer registration form of his Zencart store and while I looked at the plugins available on the Zencart website, as I had done some hefty customisation to the client’s Zencart theme already, I was worried that some of the plugins would overwrite all my hard work.

So I did it from scratch and here’s how:

1) Edit your YOUR_TEMPLATE/templates/tpl_module_create_account.php

This is the form that is used on both the login & create account pages. You need to add the actual input field here:





Which should give you something like this on your form:

we-dont-like-spam

Now we need to get it to work. There are two places that Zencart does its validation – within the javascript (which pops up the alert) and within the php which is the fallback if the customer somehow circumvents the javascript.

Lets look at the php first;

2) Edit your modules\create_account.php

First we need to grab a reference to our new fields so at about line 83 add the following:

 

//-------------- BOF Additional Captcha code LJ 31/1/13 1 of 2 -------------------------//
$captcha = zen_db_prepare_input($_POST['captcha']);
//-------------- EOF Additional Captcha code LJ 31/1/13 1 of 2 -------------------------//

 

Then we need to flag an error if the answer isn’t 10 so add the following at around line 253:

    

//-------------- BOF Additional Captcha code LJ 31/1/13 2 of 2 -------------------------//
  if ($captcha=="") {
    $error = true;
    $messageStack->add('create_account', "You must enter the answer to the question");
  } elseif ($captcha!="10") {
    $error = true;
    $messageStack->add('create_account', "Your answer to the question is incorrect");
  }
  //-------------- EOF Additional Captcha code LJ 31/1/13 2 of 2 -------------------------//

So far so good – this will alert your user if they haven’t filled anything or have got the wrong answer, but only after they have submitted the form.

But it would be nice to give them more of a heads up if they made a mistake before submitting so we need to add some javascript.

3) Edit your modules\pages\create_account\jscript_form_check.php

(Yes I know its php but it does produce a javascript function I promise)

First we want to add a little function to check the captcha:

At around line 121 add the following:


/*-----------------  BOF new captcha test LJ 31/1/13 1 of 2-----------------------*/
function check_captcha(field_name, field_answer, message) {
  if (form.elements[field_name] && (form.elements[field_name].type != "hidden")) {

    var field_value = form.elements[field_name].value;

    if (field_value.length != 0 && field_value != field_answer) {
      error_message = error_message + "* " + message +"\n";
      error = true;
    }
  }
}
/*-----------------  EOF new captcha test LJ 31/1/13 1 of 2-----------------------*/

 

and at around line 184 add these lines:

 

check_input("captcha",1, "");
 check_captcha("captcha","10", "");

You will also need to make these changes to the following file: modules\pages\login\jscript_form_check.php as that form has a slightly different javascript function.

Its not particularly elegant and I’ve hardcoded the answer to the spam question in several places, but it should only take 15 minutes to implement and if it prevents you getting all those spam mesages then I’m sure its worth it!

Share

Facebook Google+ Twitter Pinterest Email
  1. Senani Ponnamperuma says

    February 25, 2013 at 4:46 am

    You are a legend. I saw this solution on some site and thought to myself this is an elegant solution for my site and now you have done it.

    It seems to be working.

    Can you please tell me how I do this for my Contact Us page. Whic his really where i need it.

  2. Simon says

    June 21, 2013 at 11:17 am

    Awesome thank you for sharing, I use checkout without account and this worked perfectly to stop those annoying spam accounts without damaging the option to COWOA.

  3. andy says

    July 4, 2013 at 7:08 am

    thanks for this solution .. Have been looking for a simple way to use it on ask a question & create account ,so will give it a try sometime

  4. Lee Prince says

    August 10, 2013 at 8:29 am

    Thanks – just added to the site, hopefully will stop the spam!

  5. Pinky says

    August 23, 2013 at 2:53 am

    H i just wanna know. Is this code only for one question?

    I mean every one who register will get the same question of 5+5? … Or u can put it to make different questions. Like if u refresh or make a mistake with the answer, do u get another question of 6+6? Or watever

  6. Laura James says

    August 26, 2013 at 4:16 pm

    Hi Pinky,
    No, there is just the one question – it was only meant to be a really quick & dirty spam trap to prevent some automatic spam bots!

  7. Pauldz says

    September 13, 2013 at 4:07 pm

    Can this code also be added to the Contact Us section? If so, can you tell us where to put it? Thanks!

  8. Greg says

    October 17, 2013 at 11:08 pm

    Hello, I’m looking for a way to modify the Contact Us code to add your anti spam question, would you be able to let me know where to insert your question code please?

    Cheers Greg

  9. jimmy says

    October 31, 2013 at 6:50 pm

    its not working. customer can leave it blank and proceed. How to make it required?

  10. Mike iLL Kilmer says

    November 11, 2013 at 11:21 pm

    Adding this functionality to the contact us form is relatively simple. Two file changes:

    your_template/templates/tpl_contact_us_default.php
    1 change – add lines:
    What is 5+5?

    near bottom of contact form.

    modules/pages/contact_us/header_php.php
    3 changes:
    add 2 lines around line 30 after:

    $enquiry = zen_db_prepare_input(strip_tags($_POST[‘enquiry’]));

    lines:

    $captcha = zen_db_prepare_input($_POST[‘captcha’]);
    $include_list = array(“a”,”A”);

    then around line 40 change this line:
    if ($zc_validate_email and !empty($enquiry) && $error == FALSE)

    to this:
    if ($zc_validate_email and !empty($enquiry) and !empty($name) and !empty($captcha) and (in_array($captcha, $include_list)) && $error == FALSE)

    towards the end of the file after this
    else {
    $error = true;

    add lines:
    //————– BOF Additional Captcha code LJ 31/1/13 2 of 2 ————————-//
    if ($captcha==””) {
    $messageStack->add(‘contact_us’, “You must enter the answer to the question”); } elseif (!in_array($captcha, $include_list)) {
    $messageStack->add(‘contact_us’, “Your answer to the question is incorrect”); }

  11. Mike iLL Kilmer says

    November 12, 2013 at 5:23 pm

    Here’s how to add it to ZC contact form:
    http://www.mzoo.org/2013/11/12/adding-simple-captcha-spam-trap-to-zen-cart-contact-form/

  12. Quiltecke - Patchwork mit Freude says

    December 9, 2013 at 10:58 pm

    Thank You !

Back to Blog

Trackbacks

  1. Adding Simple Captcha SPAM trap to Zen Cart contact form | Media Zoo says:
    November 12, 2013 at 5:07 pm

    […] I initially added a Google reCaptcha module, but it was really annoying to use, so am trying this simple SPAM trap as explained by Kinetic […]

Testimonials

Amazing and brilliant, Kinetic Pulse have lifted a dream to reality, Highly recommended and great if you are total novice, they know their stuff…Thanks again
Annie LindridgeSalt Yourself Out
Thank you guys so much for all that you’ve done helping us to create a really awesome website!! We get such great feedback – everyone loves it & we couldn’t be prouder! Look forward to working with you again soon!
Wild Thyme PlantsWild Thyme Plants
It’s been fab working with you – we love the site and certainly going to recommend you!
James DaviesThirty Eight Degrees North
I like it.  I like it a lot !!!

 You have interpreted what I wanted to achieve perfectly considering what you have to play with i.e not redoing the whole thing in the process.

Fiona Simmons-MooreSouth Gloucestershire Parents & Carers
Thanks so much for all your work on this, really appreciated. It’s come on in leaps and bounds since you took over.
Pete KewRedwood Strip Curtains
Thank you for all of your hard work its looks fab and I am over the moon with it!
Amanda MercerAmanda Mercer Ceramics
Absolutely fantastically professional web developer – I would highly recommend!!! Thank you so much Kinetic Pulse!
Tania MarstonDoris Designs

Twitter

@HMRCcustomers Will do - thanks for the swift response

Last year from Kinetic Pulse's Twitter

@HMRCcustomers I've submitted Self Assessment repayment requests multiple times over the past 6 months (always waiting 4 weeks between) and never has anything happened. There seems to be no way of tracking or chasing them either. Now, of all times, this is important

Last year from Kinetic Pulse's Twitter

Apologies to all clients who have had website issues today. There was a major outage for our hosting company @cloudabove but, as always, they have been fantastically open and transparent about what's going on and are working hard to restore service.

About a year ago from Kinetic Pulse's Twitter

@thegrapesbath @bathdrummer Thanks - looking forward to opening night!

About 2 years ago from Kinetic Pulse's Twitter

woobox.com/tjkbms/k1orue

About 3 years ago from Kinetic Pulse's Twitter

Copyright 2021 Kinetic Pulse