最近负责的几个网站都有出现垃圾注册,使用中文和网址作为fistname和lastname进行注册,然后多次重复注册,导致发送注册邮件重复,被误判为垃圾邮件,进而导致邮箱被封,无法发送正常的邮件。这样就考虑如何实现注册的时候进行字符过滤,避免垃圾注册。当然magento有一个注册验证码设置是否开启,但因为我们的系统进行了二次开发,在后台开启后仅仅适用在create方法,不适用login页面的注册功能,所以无法完全避免此种情况,最终还是要通过更改系统逻辑实现。具体分为三步:
在通用函数库里定义过滤方法,过滤中文,http和不允许姓名过长:
function getChinese($string)
{
$pattern = '/[^\x00-\x80]/';
if (preg_match($pattern, $string)) {
return true;
} else {
if(strlen($string)>16){
return true;
}elseif(strstr($string,"http")){
return true;
}else{
return false;
}
}
}
在自定义的模块中更改config.xml,定义重写的方法规则,使用自定义的controller继承并重写注册提交的方法:
<rewrite>
<Xieyu_Common_account>
<from><![CDATA[#^/customer/account/#]]></from>
<to>/common/account/</to>
</Xieyu_Common_account>
</rewrite>
3、在自定义模块的controllers目录新增AccountController.php,定义需要更改的Action并调用函数进行过滤,文件位置为app\code\local\Xieyu\Common\controllers\AccountController.php:
<?php
require_once Mage::getModuleDir('controllers', 'Mage_Customer').DS.'AccountController.php';
class Xieyu_Common_AccountController extends Mage_Customer_AccountController
{
/**
* Create customer account action
*/
public function createPostAction()
{$errUrl = $this->_getUrl('*/*/create', array('_secure' => true));
/* Filter the Chinese characters by zx 20171215*/
$firstname=$this->getRequest()->getParam('firstname');
$lastname=$this->getRequest()->getParam('lastname');
if(getChinese($firstname) || getChinese($lastname)){
$this->_redirectError($errUrl);
return;
}
/* Filter the Chinese characters by zx 20171215*/if (!$this->_validateFormKey()) {
$this->_redirectError($errUrl);
return;
}/** @var $session Mage_Customer_Model_Session */
$session = $this->_getSession();
if ($session->isLoggedIn()) {
$this->_redirect('*/*/');
return;
}if (!$this->getRequest()->isPost()) {
$this->_redirectError($errUrl);
return;
}$customer = $this->_getCustomer();
try {
$errors = $this->_getCustomerErrors($customer);if (empty($errors)) {
$customer->cleanPasswordsValidationData();
$customer->save();
$this->_dispatchRegisterSuccess($customer);
$this->_successProcessRegistration($customer);
return;
} else {
$this->_addSessionError($errors);
}
} catch (Mage_Core_Exception $e) {
$session->setCustomerFormData($this->getRequest()->getPost());
if ($e->getCode() === Mage_Customer_Model_Customer::EXCEPTION_EMAIL_EXISTS) {
$url = $this->_getUrl('customer/account/forgotpassword');
$message = $this->__('There is already an account with this email address. If you are sure that it is your email address, <a href="%s">click here</a> to get your password and access your account.', $url);
} else {
$message = $this->_escapeHtml($e->getMessage());
}
$session->addError($message);
} catch (Exception $e) {
$session->setCustomerFormData($this->getRequest()->getPost());
$session->addException($e, $this->__('Cannot save the customer.'));
}$this->_redirectError($errUrl);
}}