PDA

View Full Version : Wishlist



michael_s
03-14-2013, 02:10 PM
After recently having trouble with a spammer using our Tell A Friend page to send spam, I realized in the process of adding anti-spam measures to Tell A Friend that there were no measures in Wish List to prevent it from being used to send spam. This version corrects that problem.

Anti-spam measures added to wish list include:
1) Matching form id to session token as is done in the base 2.3 version of Tell A Friend.
2) Preventing email if the wish list is empty.
3) Preventing email if the posted message contains links to any site other that the one sending the email.
4) Validating the customer id if it is set and redirecting to log off if it is not found in the database.
5) Added an action recorder module to Wish List as is found in the 2.3 version of Tell A Friend with an admin set wait time between emails.
6) Preventing email if the form is submitted from another web site. An email will be sent to the site administrator if this happens.

Complete install is enclosed. If you are just updating from the last version I posted simply replace the two wishlist.php files with the ones included here and add the two ar_wish_list.php files, then in admin go to Modules - Action Recorder and install the Wish List recorder module.

More... (http://addons.oscommerce.com/info/8665)