Google ReCaptcha 2.0

for osCommerce Online Merchant v2.2

This stops bots from spamming account creation, account login, contact us, and checkout. - This stops bots from making tons of accounts - This stops bots from brute forcing logins - This stops bots from sending you emails - This stops bots from spamming your payment gateway Simple instructions to add ReCaptcha 2.0 to oscommerce - First, register keys for your site at https://www.google.com/recaptcha/admin Create a new site and leave this open you'll need the keys - Add the ReCaptcha folder to catalog/includes/functions/ - Open catalog/includes/configure.php Add the following code to the end of the file before `?>`: // reCAPTCHA - start define('RECAPTCHA_PUBLIC_KEY', 'your Site key'); // replace your_public_key with your reCAPTCHA public key (from the API Signup Page https://www.google.com/recaptcha/admin/create?app=php) define('RECAPTCHA_PRIVATE_KEY', 'your Secret key'); // replace your_private_key with your reCAPTCHA private key (from the API Signup Page https://www.google.com/recaptcha/admin/create?app=php) // reCAPTCHA - end - Open catalog/includes/languages/english.php Add the following code to the end of the file before `?>`: // reCAPTCHA - start define('RECAPTCHA_INTRO', 'Type the characters you see in the picture below.'); define('RECAPTCHA_ERROR', 'Failed on ReCaptcha Validation. Please try again.'); // reCAPTCHA - end - Open catalog/login.php Find require('includes/application_top.php'); Replace require('includes/application_top.php'); // ReCaptcha Start require(DIR_WS_FUNCTIONS . 'ReCaptcha/autoload.php'); // reCAPTCHA // ReCaptcha End Find if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) { Add After // reCAPTCHA - start $recaptcha = new ReCaptchaReCaptcha(RECAPTCHA_PRIVATE_KEY); $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']); if ($resp->isSuccess()) { Find $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_LOGIN, '', 'SSL')); Add Before } else { $error = true; } } if ($error == true) { if ($resp->is_valid) { $messageStack->add('login', TEXT_LOGIN_ERROR); } else { $messageStack->add('login', RECAPTCHA_ERROR); } } // reCAPTCHA - end Find require(DIR_WS_INCLUDES . 'template_top.php'); ?> Replace require(DIR_WS_INCLUDES . 'template_top.php'); ?> <!-- ReCaptcha Start --> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <!-- ReCaptcha End --> Find <div class="buttonSet btn_position"> <span class="buttonAction"><?php echo tep_draw_button2_top();?><?php echo tep_draw_button(IMAGE_BUTTON_LOGIN, 'key', null, 'primary'); ?><?php echo tep_draw_button2_bottom();?></span> </div> Replace <!-- ReCaptcha Start --> <?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?> <div class="g-recaptcha" data-sitekey="<?php echo RECAPTCHA_PUBLIC_KEY; ?>"></div> <!-- ReCaptcha End --> <div class="buttonSet btn_position"> <span class="buttonAction"><?php echo tep_draw_button2_top();?><?php echo tep_draw_button(IMAGE_BUTTON_LOGIN, 'key', null, 'primary'); ?><?php echo tep_draw_button2_bottom();?></span> </div> - Open create_account.php Find require('includes/application_top.php'); Replace require('includes/application_top.php'); // ReCaptcha Start require(DIR_WS_FUNCTIONS . 'ReCaptcha/autoload.php'); // reCAPTCHA // ReCaptcha End Find $password = tep_db_prepare_input($HTTP_POST_VARS['password']); $confirmation = tep_db_prepare_input($HTTP_POST_VARS['confirmation']); $error = false; Replace $password = tep_db_prepare_input($HTTP_POST_VARS['password']); $confirmation = tep_db_prepare_input($HTTP_POST_VARS['confirmation']); $error = false; // reCAPTCHA - start $recaptcha = new ReCaptchaReCaptcha(RECAPTCHA_PRIVATE_KEY); $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']); if (!$resp->isSuccess()) { $error = true; $messageStack->add('create_account', RECAPTCHA_ERROR); } // reCAPTCHA - end Find require('includes/form_check.js.php'); ?> Replace require('includes/form_check.js.php'); ?> <!-- ReCaptcha Start --> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <!-- ReCaptcha End --> Find <div class="buttonSet fl_right"> <span class="buttonAction"><?php echo tep_draw_button_top();?><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'person', null, 'primary'); ?><?php echo tep_draw_button_bottom();?></span> </div> Replace <!-- ReCaptcha Start --> <?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?> <div class="g-recaptcha" data-sitekey="<?php echo RECAPTCHA_PUBLIC_KEY; ?>"></div> <!-- ReCaptcha End --> <div class="buttonSet fl_right"> <span class="buttonAction"><?php echo tep_draw_button_top();?><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'person', null, 'primary'); ?><?php echo tep_draw_button_bottom();?></span> </div> - Open contact_us.php Find require('includes/application_top.php'); Replace require('includes/application_top.php'); // ReCaptcha Start require(DIR_WS_FUNCTIONS . 'ReCaptcha/autoload.php'); // reCAPTCHA // ReCaptcha End Find if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) { Replace if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) { // reCAPTCHA - start $recaptcha = new ReCaptchaReCaptcha(RECAPTCHA_PRIVATE_KEY); $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']); if ($resp->isSuccess()) { $error = false; $name = tep_db_prepare_input($HTTP_POST_VARS['name']); $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']); $enquiry = tep_db_prepare_input($HTTP_POST_VARS['enquiry']); if (!tep_validate_email($email_address)) { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } else { $error = true; $messageStack->add('contact', RECAPTCHA_ERROR); } // reCAPTCHA - end Find require(DIR_WS_INCLUDES . 'template_top.php'); ?> Replace require(DIR_WS_INCLUDES . 'template_top.php'); ?> <!-- ReCaptcha Start --> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <!-- ReCaptcha End --> Find <div class="buttonSet"> <span class="fl_right"><?php echo tep_draw_button_top()?><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?><?php echo tep_draw_button_bottom()?></span> </div> Replace <!-- ReCaptcha Start --> <?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?> <div class="g-recaptcha" data-sitekey="<?php echo RECAPTCHA_PUBLIC_KEY; ?>"></div> <!-- ReCaptcha End --> <div class="buttonSet"> <span class="fl_right"><?php echo tep_draw_button_top()?><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'triangle-1-e', null, 'primary'); ?><?php echo tep_draw_button_bottom()?></span> </div> - Open checkout_process.php Find include('includes/application_top.php'); Replace include('includes/application_top.php'); // ReCaptcha Start require(DIR_WS_FUNCTIONS . 'ReCaptcha/autoload.php'); // reCAPTCHA // ReCaptcha End Find require(DIR_WS_CLASSES . 'order.php'); $order = new order; Replace require(DIR_WS_CLASSES . 'order.php'); $order = new order; // reCAPTCHA - start $recaptcha = new ReCaptchaReCaptcha(RECAPTCHA_PRIVATE_KEY); $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']); if (!$resp->isSuccess()) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . urlencode(RECAPTCHA_ERROR), 'SSL')); } // reCAPTCHA - end - Open checkout_confirmation.php Find require(DIR_WS_INCLUDES . 'template_top.php'); ?> Replace require(DIR_WS_INCLUDES . 'template_top.php'); ?> <!-- ReCaptcha Start --> <script src="https://www.google.com/recaptcha/api.js" async defer></script> <!-- ReCaptcha End --> Find <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td> </tr> <?php } } ?> </table> </div> Replace <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['title']; ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $confirmation['fields'][$i]['field']; ?></td> </tr> <?php } } ?> </table> </div> <!-- ReCaptcha Start --> <?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?> <div class="g-recaptcha" data-sitekey="<?php echo RECAPTCHA_PUBLIC_KEY; ?>"></div> <!-- ReCaptcha End -->

Files