I'm in the process of setting up a basic site for cell phone reviews and information. I keep getting these fake accounts registering and posting content on my site that is not appropriate.
I have just installed the CAPTCHA and image CAPTCHA module, but this doesn't seem to be stopping them.
What is the best way to avoid these fake accounts?
Thank you.
Another strategy is to add another field in the user registration form. Most bots wouldn't know which fields are required, so they fill in everything. If the user enters a value into the new field then don't create an account. You can hide the field from the UI with CSS so that real people won't be able to see the field and enter anything into it. Read Easy spam prevention using hidden forms for a detailed explanation.
To implement this feature into your Drupal site, you need to create a module to alter the user registration form and create a validation for it.
Add another field to the user registration form:
function mymodule_form_alter(&$form, $form_state, $form_id) {
if($form_id == 'user_register_form') {
$form['field_fname'] = array(
'#title' => 'Answer if you are a bot',
'#type' => 'textfield',
);
$form['#validate'][] = 'mymodule_user_bot_validate';
}
}
Add the validation:
function mymodule_user_bot_validate($form, &$form_state) {
if($form['field_fname']['#value'] != '') {
form_set_error('bot_prevention', t('Could not create your account.'));
drupal_goto('user/register');
}
}
Then hide the field with CSS.
Related
I am making a telegram bot that provides paid advanced access. I use the botman studio library.
There was a problem getting a response from telegrams "PreCheckoutQuery".
I went the following way:
1. Created a hierarchy of dialogs using buttons
*Main menu (MainConversation)
**some sub-menu
***some sub-sub-menu
***etc
*Payment (PaymentConversation)
*Help (HelpConversation)
2. I navigate through the menu sections using switch-case and the ask method:
$this->ask('some text', function (Answer $answer)
switch ($answer->getText()) {
case 'some function':
$this->bot->startConversation(new SomeConversation());
break;
case 'Payment':
$this->bot->startConversation(new PaymentConversation());
break;
case 'Help':
$this->bot->startConversation(new HelpConversation());
}
}, $this->keyboard());
3. Inside PaymentConversation this code:
public function invoice()
{
$invoice = [
'title' => 'asdf',
'description' => 'asdf',
'payload' => 'asdf',
'provider_token' => 'some token',
'currency' => 'USD',
'prices' => json_encode(array(array(
'label' => 'asdf',
'amount' => 100000
)))
];
$this->bot->sendRequest('sendInvoice', $invoice);
}
After sendRequest, the bot sends an invoice to which the user must respond. After the payment information is filled in, telegram sends an update "pre_checkout_query" to which I must answer using the answerPreCheckoutQuery method (more details)
I don't understand how to properly force botman update to listen from telegrams inside the dialog.
At first I had the idea to just make a middleware that would track the PreCheckoutQuery in IncomingMessage, but I ran into the fact that the class does not understand this request and created a separate TelegramPreCheckoutQueryDriver that handles such messages.
Now I can confirm the payment in the intermediary, but this greatly limits my actions. I would like to do this as part of a dialogue.
I see this algorithm:
User clicked the Payments button
The PaymentConversation dialog has started
An invoice has been sent to the user
The user fills in payment details and clicks pay
Bot receives message with PreCheckoutQuery
Bot returns pre_checkout_query_id value
Bot sends answerPreCheckoutQuery
The bot receives payment confirmation and writes information about it to the database
The bot launches the MainConversation dialog
I would be very grateful for any help! Thank you!
I am creating a simple Blog system with symfony2. Each blog Post is bound to a certain amount of Tags.
Tags can be selected with checkboxes when creating a new blog post. Now I want to be able to dynamically add new tag-checkboxes to the form.
The AJAX part is done and working, I can add new tag names to the Tag entity and append the new checkboxes to the form.
The problem is when I submit the form, symfony2 doesn't recognize the new added tags because they don't belong to the Tag entity yet (at the time the form was generated).
For example: after submitting the form, I dump:
$tags = $form->get('tags')->getData();
The controller ignores the tags that were added through ajax.
I know it has to be solved with events somehow, I already read this documentation: http://symfony.com/doc/current/cookbook/form/dynamic_form_modification.html but can't figure out how to implement it for this specific case.
Here is my form builder for "PostType":
$builder
->add('title')
->add('content', 'textarea')
->add('tags', 'entity', array(
'class' => 'Bundle:Tag',
'property' => 'name',
'multiple' => true,
'expanded' => true,
))
->add('save', 'submit')
;
You can try to use this: Form Collection
Make sure you persist the newly added Tags before submit the form, and the checkboxes has the right names and values.
Names should be like "post[tags][]" and values should be the database ids of the Tag entities.
I'm trying to create a custom component in Joomla 2.5 and struggling to get it to stop it stripping all html tags out of the editor field - links, new lines, p tags - the full works. The form field is below:
<field
name="post"
type="editor"
label="COM_HELLO_WORLD_EDITOR_LABEL"
description="COM_HELLO_WORLD_EDITOR_DESC"
class="inputbox"
filter="JComponentHelper::filterText"
required="true"
default=""
/>
Clearly there are many many posts about this around both SO and Joomla forums. However they generally seem to have two clear themes.
Tiny MCE Settings. I've checked after setting my default editor to "None" (i.e. just a text area) and the tags are all still stripped
Joomla Text filter settings. I'm logged in as a Global Admin with the super users set to "no filtering"
I'm overriding the model's save function for this with:
function store()
{
$row =& $this->getTable();
$input = new JInput();
$data = $input->getArray($_POST);
//Sets Users id as current logged in user if not set
if(!$data['jform']['post_user']) {
$data['jform']['post_user']=JFactory::getUser()->id;
}
// Bind the form fields to the post table
if (!$row->bind($data['jform'])) {
$this->setError($this->_db->getErrorMsg());
return false;
}
// Make sure the hello is valid
if (!$row->check()) {
$this->setError($this->_db->getErrorMsg());
return false;
}
// Store the hello table to the database
if (!$row->store()) {
$this->setError($this->_db->getErrorMsg());
return false;
}
return true;
}
My gut instinct is that it's to do with JInput stripping HTML tags. But even adding in the extra line into the save file $data['jform']['post']=$input->getHTML('post'); nothing happened. So I'm not really sure where to go from here. Any ideas?
UPDATE
Just to clarify an issue quickly - I want to use the preset Joomla 'Text Filter' Settings under 'Global Configuration' rather than manually setting each tag in the component!
UPDATE 2
I added filter="raw" to the editor form field. I now see the html <p> tags when I dump out the variable $_POST['jform']['post'], null, 'HTML'). However then when applying just a simple JInput Filter function - let alone applying the Joomla Config values - I'm getting null.
$input = new JInput();
$data = $input->getArray($_POST);
$data['jform']['post']=$input->get($_POST['jform']['post'], null, 'HTML');
Is the sentence here "HTML - Returns a string with HTML entities and tags intact, subject to the white or black lists in the filter." describing the JInput HTML filter referring to the Global Config Text filter settings? Just to confirm?
Try something like this
$input_options = JFilterInput::getInstance(
array(
'img','p','a','u','i','b','strong','span','div','ul','li','ol','h1','h2','h3','h4','h5',
'table','tr','td','th','tbody','theader','tfooter','br'
),
array(
'src','width','height','alt','style','href','rel','target','align','valign','border','cellpading',
'cellspacing','title','id','class'
)
);
$postData = new JInput($_POST,array('filter' => $input_options));
First array it is allowed tags, second array it is allowed attributes.
What is this about? filter="JComponentHelper::filterText"? Did you write a custom filter?
The default filtering like most things in Joomla (also acl for example) is very strict so that if you get xss from not filtering it's a deliberate choice you've made not a security risk in the core. But your core filtering should be being applied ... except that you seem to have perhaps overridden with the unknown filter. So I suspect given this unknown filter it's falling back to very string.
Quite some time later, but just for the record, for anyone encountering the same problem, here my solution.
For me this problem was immediately solved by using JRequest instead of JInput. I believe it's deprecated, but it is still used by Joomla 2.5.14 (most up-to-date Joomla 2.5 at this moment) in the save() function of JControllerForm.
I need to create module in Magento which will have few database tables. One of the function of the module is adding multiple images.
For example while being on the "Add new item" or "Edit item" page in the admin, from the left side I have tabs, one of them is "Item Images". When being clicked I want the content of this tab to be my own custom one.
After digging into the code, found out that the way it renders this content, Magento is using one of the Varien_Data_Form_Element classes for each element in the full form. I want to add my own class here that will render form elements the way I want.
Is this a good practice to do so, or there is some other more elegant way of adding own content in the admin forms?
EDIT: I must add that none of the existing classes is helping my problem.
SOLUTION EDIT:
I have a controller in my custom module that is in Mypackage/Mymodule/controllers/Adminhtml/Item.php. In the editAction() method which I am using for adding and creating new items, I am creating 2 blocks, one for the form and one left for the tabs:
$this->_addContent($this->getLayout()->createBlock('item/adminhtml_edit'))
->_addLeft($this->getLayout()->createBlock('item/adminhtml_edit_tabs'));
$this->renderLayout();
The Block/Adminhtml/Edit/Tabs.php block is creating 2 tabs on the left: General Info and Item Images, each of them are rendering different content on the right side using Block classes.
protected function _beforeToHtml()
{
$this->addTab('item_info', array(
'label' => Mage::helper('mymodule')->__('Item Info'),
'content'=> $this->getLayout()->createBlock('item/adminhtml_edit_tab_form')->toHtml(),
));
$this->addTab('item_images', array(
'label' => Mage::helper('mymodule')->__('Item Images'),
'active' => ( $this->getRequest()->getParam('tab') == 'item_images' ) ? true : false,
'content' => $this->getLayout()->createBlock('item/adminhtml_images')->toHtml(),
));
return parent::_beforeToHtml();
}
I wanted the tab item_images to render my own form elements and values, not the default varien form elements.
class Mypackage_Mymodule_Block_Adminhtml_Images extends Mage_Core_Block_Template
{
public function __construct()
{
parent::__construct();
$this->setTemplate('item/images.phtml'); //This is in adminhtml design
}
public function getPostId()
{
return $this->getRequest()->getParam('id');
}
public function getExistingImages()
{
return Mage::getModel('mymodule/item')->getImages($this->getPostId());
}
}
Then in the template app/design/adminhtml/default/default/template/item/images.phtml you can use these values:
//You can add your own custom form fields here and all of them will be included in the form
foreach($this->getExistingImages() as $_img):
//Do something with each image
endforeach;
//You can add your own custom form fields here and all of them will be included in the form
No, it's not. You should never edit or add to files that provided by a vendor. If you absolutely must replace a class file you should use the local code pool. For example, if you wanted to change the behavior of a text field,
lib/Varien/Data/Form/Element/Text.php
You should place a file in the local or community code pool
app/code/local/Varient/Data/Form/Element/Text.php
However, doing the replaces the class, and it becomes your responsibility to maintain compatibility with future versions. That means if Magento Inc. changes lib/Varien/Data/Form/Element/Text.php, you need to update your version to be compatible.
Based on what you said I'd look into creating a class rewrite for the Block class that renders the form.
Am not even sure if this can be done but...
Ive added a feed from my forums to wordpress it works great but I need it to auto add the url of the image in a custom field from the images in the post (feed) first image would be fine as its only ahve a slider
Is there any way to do this?
Details
Ok I think I did not explain this very well so made a few screen shots
This is my slider at the minute with my
This is an imported post one other feed I was using
On this image you can see the custom field (which I have to fill in after every import)
Adding the image url into the custom field
and finaly a view of the slider working
This is what am trying to do (auto) so my feed from my booru / forums / 2 other of my sites and (2 other peoples) sites make my home page on a new site
Hope this explain it alot more
This uses the external Simple Pie library built into WordPress to fetch the feed, get the image url and create a new post for each item and save the image url as a custom field.
To activate the process we have to hook into wp_cron. The code below does it daily but it would probably be better to do it weekly to prevent overlap. Some overlap will probably occur so this still needs a way to check if we have already imported the image
First we need a function to save the custom field after the post has been created. This section comes from another answer I found on WordPress Answers.
Edit:
This needs to be wrapped in a plugin to schedule the cron event and the cron event was missing the action to make it fire.
Edit:
Final version below tested and it works but the feed the OP is getting is using relative url's so the domain name needs to be added somewhere in the output code.
<?php
/*
Plugin Name: Fetch The Feed Image
Version: 0.1
Plugin URI: http://c3mdigital.com
Description: Sample plugin code to fetch feed image from rss and save it in a post
Author: Chris Olbekson
Author URI: http://c3mdigital.com
License: Unlicense For more information, please refer to <http://unlicense.org/>
*/
//Register the cron event on plugin activation and remove it on deactivation
register_activation_hook(__FILE__, 'c3m_activation_hook');
register_deactivation_hook(__FILE__, 'c3m_deactivation_hook');
add_action( 'c3m_scheduled_event', 'create_rss_feed_image_post');
function c3m_activation_hook() {
wp_schedule_event(time(), 'weekly', 'c3m_scheduled_event');
}
function c3m_deactivation_hook() {
wp_clear_scheduled_hook('c3m_scheduled_event');
}
function create_rss_feed_image_post() {
if(function_exists('fetch_feed')) {
include_once(ABSPATH . WPINC . '/feed.php'); // include the required file
$feed = fetch_feed('http://animelon.com/booru/rss/images'); // specify the source feed
}
foreach ($feed->get_items() as $item) :
// global $user_ID;
$new_post = array(
'post_title' => $item->get_title(),
'post_status' => 'published',
'post_date' => date('Y-m-d H:i:s'),
//'post_author' => $user_ID,
'post_type' => 'post',
'post_category' => array(0)
);
$post_id = wp_insert_post($new_post);
if ($enclosure = $item->get_enclosure() )
update_post_meta( $post_id, 'feed_image_url', $enclosure->get_link() );
endforeach;
}