Hans Wolf Posted January 24, 2022 Share Posted January 24, 2022 (edited) Ask about 1.7.8.2 php 7.4 How can you prevent #/$%* being entered in a contact form reCAPTCHA was not the solution Edited January 24, 2022 by Hans Wolf (see edit history) Link to comment Share on other sites More sharing options...
ps8modules Posted January 24, 2022 Share Posted January 24, 2022 (edited) You can write your own kavascript that will check the characters and disable the send button. If you modify the controller, the filter will not work. Prestashop 1.6 is not secure. https://e-apps.eu/en/domu/54-antispam-protection-for-contact-form.html Edited January 24, 2022 by 4you.software (see edit history) 1 Link to comment Share on other sites More sharing options...
Hans Wolf Posted January 24, 2022 Author Share Posted January 24, 2022 4you.software What should I do on the site. You can't download anything. Help It's for 1.7.8.2 1 Link to comment Share on other sites More sharing options...
ps8modules Posted January 24, 2022 Share Posted January 24, 2022 And why don't you all write down for which version of Prestashop you need a solution. 1 Link to comment Share on other sites More sharing options...
ps8modules Posted January 24, 2022 Share Posted January 24, 2022 Eg. [1.7.8.2] Spam question. Contact form. reCAPTCHA 1 Link to comment Share on other sites More sharing options...
Hans Wolf Posted January 24, 2022 Author Share Posted January 24, 2022 I changed it Link to comment Share on other sites More sharing options...
ps8modules Posted January 25, 2022 Share Posted January 25, 2022 (edited) contactform.php Find: function sendMessage(). Add your message control. Add after $clientTokenTTL: $restricts = ['#','/','$','%','*']; $isValidMessage = true; foreach ($restricts as $restrict) { if (strpos($message, $restrict) !== false){$isValidMessage = false;} } And update: elseif (!Validate::isCleanHtml($message)) To: elseif (!Validate::isCleanHtml($message) || $isValidMessage == false) Edited January 25, 2022 by 4you.software (see edit history) 1 Link to comment Share on other sites More sharing options...
ps8modules Posted January 25, 2022 Share Posted January 25, 2022 If you need to find out if a message contains HTML tags, you can create your own function. E.g.: public function isHtmlTags($message) { if (preg_match("/<[^<]+>/", $message)){ return true; // found html tags } else { return false; // not found html tags } } 1 Link to comment Share on other sites More sharing options...
ps8modules Posted January 25, 2022 Share Posted January 25, 2022 There are several options. But this is the simplest solution. Add text to the Terms and conditions of use that HTML tags and special characters are prohibited in the contact form. Do not put a warning in the contact form. 1 Link to comment Share on other sites More sharing options...
Hans Wolf Posted January 25, 2022 Author Share Posted January 25, 2022 Thank you for this information and explanation I really appreciate that I'm going to delve into this 1 Link to comment Share on other sites More sharing options...
MJ_C Posted February 9, 2023 Share Posted February 9, 2023 Hello @ps8moduly.cz, many thanks for this BUT it didn't work for me. I entered the code in the correct places but when I tested, the messages were sent without error/warning. It should be the correct file as it matched yours and also as I made a typo and forgot a brace, it didn't work, until I corrected. /modules/contactform/contactform.php Any ideas? Also, if anyone can point me to a maths question easy code guide for prestashop 1.7.6.7, I would be grateful. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now