Community Add-Ons

Maintainers: wdepot
Add file to this package
Top » Features

Anti-Spam for RC2A Tell A Friend
for osCommerce Online Merchant v2.2

We discovered that someone was using the Tell A Friend script on our RC2a based web site to send spam. Turning off guest access to Tell A Friend did not block this nor did the Verify Email with DNS option setting. This contribution adds measures to prevent this from happening.

1) If a customer id is set it is checked. If it is not valid the file immediately redirects to Log Off. Otherwise the from name and email from the database are used.

2) The process checks the address from which the form is posted. If the form was posted from anywhere other than the current web site's Tell A Friend file it is an attempt to send spam. The web site owner will be emailed a notice of the attempt with details of what was to be sent and the IP address of the attempted sender and the file will terminate.

3) The message is checked for links. Any links found to another web site in the message will trigger an error message and no email will be sent.

Installation is as simple as replacing the two Tell A Friend files. WARNING: This version is for osCommerce RC2a and earlier ONLY. Do NOT use it for osCommerce 2.3.x.

Legend:  Download   Report

Expand All / Collapse All

Anti-Spam for RC2A Tell A Friend wdepot 15 Mar 2013  

We discovered that someone was using the Tell A Friend script on our RC2a based web site to send spam. Turning off guest access to Tell A Friend did not block this nor did the Verify Email with DNS option setting. This contribution adds measures to prevent this from happening.

1) If a customer id is set it is checked. If it is not valid the file immediately redirects to Log Off. Otherwise the from name and email from the database are used.

2) The process checks the address from which the form is posted. If the form was posted from anywhere other than the current web site's Tell A Friend file it is an attempt to send spam. The web site owner will be emailed a notice of the attempt with details of what was to be sent and the IP address of the attempted sender and the file will terminate.

3) The message is checked for links. Any links found to another web site in the message will trigger an error message and no email will be sent.

Installation is as simple as replacing the two Tell A Friend files. WARNING: This version is for osCommerce RC2a and earlier ONLY. Do NOT use it for osCommerce 2.3.x.

NOTE: The earlier upload contains a tell a friend file from our RC2A web site that was modified to use DIV sections rather than a table layout. This set contains the correct RC2A tell_a_friend.php file.

Anti-Spam for RC2A Tell A Friend wdepot 10 Mar 2013