Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Discussion Module Causing Spam Rate Topic   - - - - -

 
  • roban
  • Senior Member
  • Moderators
  • Join Date: 23-Oct 06
  • 1132 posts

Posted 17 January 2007 - 01:33 PM #1

I have had to shut down the Discussion Module because the usual a**holes who want to ride on the backs of folks who have done the work have been spamming me with bulls**t links hoping I'd actually publish them. Too bad isn't it? Maybe I should feel honored that my site is attractive to these idiots.

 
  • Zyles
  • Senior Member
  • Members
  • Join Date: 06-Nov 06
  • 596 posts

Posted 17 January 2007 - 01:39 PM #2

IMO I think only registered users should be able to comment. And these would be actual customers to a product aswell. Not an anonymous user.
Marketing tip:

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.

 
  • Grennix
  • Junior Member
  • Members
  • Join Date: 02-Nov 06
  • 5 posts

Posted 17 January 2007 - 11:10 PM #3

Maybe this could be a solution.
Add the code in red to /customer/addons/send_to_friend.tpl

<td nowrap valign="top"><b>{$lang.your_message}:</b></td>
<td class="required-field-mark" valign="top">*</td>
{*Check if customer is allowed to modify email body*}
{if $auth.user_id}
<td>
<textarea class="input-text" rows="5" cols="65" name="send_data[notes]" id="id_send_data_notes">
{$lang.send_to_friend_notice}
{$notes_data|escape:html}</textarea></td>
{else}
<td>
<textarea class="input-text" rows="5" cols="65" readonly wrap="soft" name="send_data[notes]" id="id_send_data_notes">{$lang.send_to_friend_notice}
{$notes_data|escape:html}</textarea></td>
{/if}
</tr>

Add a new language variable {$lang.send_to_friend_notice} and put in the messsage you like to show in the textarea.

You have to be logged in to add text in the message box.

Peter

 
  • roban
  • Senior Member
  • Moderators
  • Join Date: 23-Oct 06
  • 1132 posts

Posted 18 January 2007 - 01:13 PM #4

It's not really a question of registered or not. I receive emails about the posts and have to either approve or disapprove them before they go live and of course I delete them. So it is not really a problem of security, only an exploited module that causes more work than it may be worth.

 
  • Zyles
  • Senior Member
  • Members
  • Join Date: 06-Nov 06
  • 596 posts

Posted 18 January 2007 - 02:06 PM #5

It's not really a question of registered or not. I receive emails about the posts and have to either approve or disapprove them before they go live and of course I delete them. So it is not really a problem of security, only an exploited module that causes more work than it may be worth.


If you would only allow registered users to post you wouldn't get any email notifications from the spamposts. Unless the spammer decided to register.
Marketing tip:

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.

 
  • roban
  • Senior Member
  • Moderators
  • Join Date: 23-Oct 06
  • 1132 posts

Posted 19 January 2007 - 09:59 AM #6

If you would only allow registered users to post you wouldn't get any email notifications from the spamposts. Unless the spammer decided to register.


I'm not really sure how to do that. The Discussion module doesn't have that option.

 
  • Zyles
  • Senior Member
  • Members
  • Join Date: 06-Nov 06
  • 596 posts

Posted 19 January 2007 - 11:09 AM #7

I'm not really sure how to do that. The Discussion module doesn't have that option.


It's not possible without modding either the template or the module because CS-Cart didn't implement it. I was saying "This is how it's supposed to be". ;)
Marketing tip:

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.

 
  • roban
  • Senior Member
  • Moderators
  • Join Date: 23-Oct 06
  • 1132 posts

Posted 19 January 2007 - 11:15 AM #8

Understood. I am getting about 20 of these hits per day so I am shutting down the module. I tried Grennixs' fix but that didn't seem to do anything at all.

Thanks for the responses.

 

Posted 19 January 2007 - 12:29 PM #9

It's not possible without modding either the template or the module because CS-Cart didn't implement it.


I'm not 100% sure that this is what you are after but alas, you tell me
Admin // Settings // Modules // Discussion

I understand there is the options of "Any customer", "Only Anonymous", "No approval needed"

Help anyone?
I've moved on from CS-Cart to WooC******** - If you need anything I can be of little help.

 
  • Zyles
  • Senior Member
  • Members
  • Join Date: 06-Nov 06
  • 596 posts

Posted 19 January 2007 - 12:51 PM #10

Help anyone?


This doesn't stop people from submitting posts. I believe you could modify the template to just check if the user is logged in, else hide the form and say "You need to login to comment" or something similiar.
Marketing tip:

Did you know a targeted e-mail marketing campaign can bring conversion rates up to 3.9%? By using reliable e-mail marketing software you can upsell to existing customers on a tight budget. If you are not using e-mail marketing you are missing out big time. I recommend and use Aweber.

 
  • Grennix
  • Junior Member
  • Members
  • Join Date: 02-Nov 06
  • 5 posts

Posted 19 January 2007 - 02:36 PM #11

My mistake, the mod was for the Send to friend, to stop people to send anonymous mail to other people.

Try this for reviews if that is your problem area.
\customer\addons\discussion\discussion.tpl
1. This mod removes the textbox but not to add reviews.
Add the red code
[COLOR="Red"]{if $auth.user_id}[/COLOR]
{if $discussion.type == 'C' || $discussion.type == 'B'}
<tr>
	<td class="field-name" nowrap="nowrap">{$lang.your_message}: </td>
	<td width="100%">
		<textarea name="post_data[message]" class="input-text" cols="70" rows="10"></textarea></td>
</tr>
{/if}
<tr>
	<td> </td>
	<td>
		{include file="buttons/button.tpl" but_text=$lang.submit but_onclick="javascript: document.add_post_form.submit();"}</td>
[COLOR="Red"]</tr>

{else}
<tr>
	<td class="field-name" nowrap="nowrap">{$lang.your_message}: </td>
	<td class="field-name" nowrap="nowrap">{$lang.error_not_logged_reviews} </td>

</tr>
{/if}[/COLOR]
</table>
</form>
{/if}

{/capture}

2. This mod if remove the possibility to add reviews without to log in.
add the code in red

<br />
[COLOR="red"]{if $auth.user_id}[/COLOR]
{if 'CRB'|strpos:$discussion.type !== false}
{include file="common_templates/subheader.tpl" title=$lang.add_new_post}
<p></p>
<form action="{$index_script}" method="POST" name="add_post_form">
<input type ="hidden" name="{$target_name}" value="discussion" />
<input type ="hidden" name="{$mode_name}" value="add_post" />
<input type ="hidden" name="post_data[thread_id]" value="{$discussion.thread_id}" />
<input type ="hidden" name="redirect_url" value="{$current_url}" />
<input type="hidden" name="selected_section" value="" />

<table cellpadding="2" cellspacing="1" border="0" width="100%">
<tr>
	<td class="field-name" nowrap="nowrap">{$lang.your_name}: </td>
	<td width="100%">
		<input type="text" name="post_data[name]" value="{if $auth.user_id}{$user_info.firstname} {$user_info.lastname}{/if}" size="70" class="input-text" /></td>
</tr>
{if $discussion.type == 'R' || $discussion.type == 'B'}
<tr>
	<td class="field-name" nowrap="nowrap">{$lang.your_rating}: </td>
	<td width="100%">
		<select name="post_data[rating_value]">
		<option value="5" selected="selected">{$lang.excellent}</option>
		<option value="4">{$lang.very_good}</option>
		<option value="3">{$lang.average}</option>
		<option value="2">{$lang.fair}</option>
		<option value="1">{$lang.poor}</option>
		</select></td>
</tr>
{/if}

{if $discussion.type == 'C' || $discussion.type == 'B'}
<tr>
	<td class="field-name" nowrap="nowrap">{$lang.your_message}: </td>
	<td width="100%">
		<textarea name="post_data[message]" class="input-text" cols="70" rows="10"></textarea></td>
</tr>
{/if}
<tr>
	<td> </td>
	<td>
		{include file="buttons/button.tpl" but_text=$lang.submit but_onclick="javascript: document.add_post_form.submit();"}</td>
	
</table>
</form>
{/if}
[COLOR="Red"]{else}
<table cellpadding="2" cellspacing="1" border="0" width="100%">
<tr>
<td nowrap="nowrap" align="center"><b>{$lang.error_not_logged_reviews}</b></td>
</tr>
</table>
{/if}[/COLOR]
{/capture}


You also have to add a language variable to show your message, "error_not_logged_reviews"

It´s probably better to fix it in the admin product page, but this is a quick fix.
It works on my local installed shop.
Peter

 
  • roban
  • Senior Member
  • Moderators
  • Join Date: 23-Oct 06
  • 1132 posts

Posted 19 January 2007 - 04:37 PM #12

Thanks Peter. I'll give that a shot.