|

Discussion Module Causing Spam
Posted 17 January 2007 - 01:33 PM #1
Posted 17 January 2007 - 01:39 PM #2
Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.
Posted 17 January 2007 - 11:10 PM #3
Add the code in red to /customer/addons/send_to_friend.tpl
<td nowrap valign="top"><b>{$lang.your_message}:</b></td>
<td class="required-field-mark" valign="top">*</td>
{*Check if customer is allowed to modify email body*}
{if $auth.user_id} <td>
<textarea class="input-text" rows="5" cols="65" name="send_data[notes]" id="id_send_data_notes">
{$lang.send_to_friend_notice}
{$notes_data|escape:html}</textarea></td>
{else}
<td>
<textarea class="input-text" rows="5" cols="65" readonly wrap="soft" name="send_data[notes]" id="id_send_data_notes">{$lang.send_to_friend_notice}
{$notes_data|escape:html}</textarea></td>
{/if}</tr>
Add a new language variable {$lang.send_to_friend_notice} and put in the messsage you like to show in the textarea.
You have to be logged in to add text in the message box.
Peter
Posted 18 January 2007 - 01:13 PM #4
Posted 18 January 2007 - 02:06 PM #5
It's not really a question of registered or not. I receive emails about the posts and have to either approve or disapprove them before they go live and of course I delete them. So it is not really a problem of security, only an exploited module that causes more work than it may be worth.
If you would only allow registered users to post you wouldn't get any email notifications from the spamposts. Unless the spammer decided to register.
Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.
Posted 19 January 2007 - 09:59 AM #6
If you would only allow registered users to post you wouldn't get any email notifications from the spamposts. Unless the spammer decided to register.
I'm not really sure how to do that. The Discussion module doesn't have that option.
Posted 19 January 2007 - 11:09 AM #7
I'm not really sure how to do that. The Discussion module doesn't have that option.
It's not possible without modding either the template or the module because CS-Cart didn't implement it. I was saying "This is how it's supposed to be".

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.
Posted 19 January 2007 - 11:15 AM #8
Thanks for the responses.
Posted 19 January 2007 - 12:29 PM #9
It's not possible without modding either the template or the module because CS-Cart didn't implement it.
I'm not 100% sure that this is what you are after but alas, you tell me
Admin // Settings // Modules // Discussion
I understand there is the options of "Any customer", "Only Anonymous", "No approval needed"
Help anyone?
Posted 19 January 2007 - 12:51 PM #10
Help anyone?
This doesn't stop people from submitting posts. I believe you could modify the template to just check if the user is logged in, else hide the form and say "You need to login to comment" or something similiar.
Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.
Posted 19 January 2007 - 02:36 PM #11
Try this for reviews if that is your problem area.
\customer\addons\discussion\discussion.tpl
1. This mod removes the textbox but not to add reviews.
Add the red code
[COLOR="Red"]{if $auth.user_id}[/COLOR] {if $discussion.type == 'C' || $discussion.type == 'B'} <tr> <td class="field-name" nowrap="nowrap">{$lang.your_message}: </td> <td width="100%"> <textarea name="post_data[message]" class="input-text" cols="70" rows="10"></textarea></td> </tr> {/if} <tr> <td> </td> <td> {include file="buttons/button.tpl" but_text=$lang.submit but_onclick="javascript: document.add_post_form.submit();"}</td> [COLOR="Red"]</tr> {else} <tr> <td class="field-name" nowrap="nowrap">{$lang.your_message}: </td> <td class="field-name" nowrap="nowrap">{$lang.error_not_logged_reviews} </td> </tr> {/if}[/COLOR] </table> </form> {/if} {/capture}
2. This mod if remove the possibility to add reviews without to log in.
add the code in red
<br /> [COLOR="red"]{if $auth.user_id}[/COLOR] {if 'CRB'|strpos:$discussion.type !== false} {include file="common_templates/subheader.tpl" title=$lang.add_new_post} <p></p> <form action="{$index_script}" method="POST" name="add_post_form"> <input type ="hidden" name="{$target_name}" value="discussion" /> <input type ="hidden" name="{$mode_name}" value="add_post" /> <input type ="hidden" name="post_data[thread_id]" value="{$discussion.thread_id}" /> <input type ="hidden" name="redirect_url" value="{$current_url}" /> <input type="hidden" name="selected_section" value="" /> <table cellpadding="2" cellspacing="1" border="0" width="100%"> <tr> <td class="field-name" nowrap="nowrap">{$lang.your_name}: </td> <td width="100%"> <input type="text" name="post_data[name]" value="{if $auth.user_id}{$user_info.firstname} {$user_info.lastname}{/if}" size="70" class="input-text" /></td> </tr> {if $discussion.type == 'R' || $discussion.type == 'B'} <tr> <td class="field-name" nowrap="nowrap">{$lang.your_rating}: </td> <td width="100%"> <select name="post_data[rating_value]"> <option value="5" selected="selected">{$lang.excellent}</option> <option value="4">{$lang.very_good}</option> <option value="3">{$lang.average}</option> <option value="2">{$lang.fair}</option> <option value="1">{$lang.poor}</option> </select></td> </tr> {/if} {if $discussion.type == 'C' || $discussion.type == 'B'} <tr> <td class="field-name" nowrap="nowrap">{$lang.your_message}: </td> <td width="100%"> <textarea name="post_data[message]" class="input-text" cols="70" rows="10"></textarea></td> </tr> {/if} <tr> <td> </td> <td> {include file="buttons/button.tpl" but_text=$lang.submit but_onclick="javascript: document.add_post_form.submit();"}</td> </table> </form> {/if} [COLOR="Red"]{else} <table cellpadding="2" cellspacing="1" border="0" width="100%"> <tr> <td nowrap="nowrap" align="center"><b>{$lang.error_not_logged_reviews}</b></td> </tr> </table> {/if}[/COLOR] {/capture}
You also have to add a language variable to show your message, "error_not_logged_reviews"
It´s probably better to fix it in the admin product page, but this is a quick fix.
It works on my local installed shop.
Peter