Home
Scripts
Contributions (Pro Mod Access)
FAQ's
Downloads
Support Forum
  SnailSource.com [Logo]
Calendar LiteCalendar Lite (Demo)
Calendar ProCalendar Pro (Demo)
LinksLinks Pro (Demo)
Log in to check your private messagesForum
RegisterRegister
Log inLog in
Log in to check your private messagesLog in to check your private messages SearchSearch FAQFAQ ProfileProfile MemberlistMemberlist UsergroupsUsergroups Join GroupsJoin Groups

Block spambots in registration FIX

 
Post new topic   Reply to topic   printer-friendly view    SnailSource.com Forum Index -> Misc phpbb2 mods printer-friendly view
View previous topic :: View next topic  
Author Message
Martin
Site Admin


Joined: 24 Mar 2002
Posts: 8182



Hlp* 3655.72
PostPosted: Thu Dec 07, 2006 4:19 pm    Post subject: Block spambots in registration FIX Reply with quote Direct link

The mod by Proutchik doesn't seem to work properly so I'm posting a fix here:

Replace this code modification:
Code:
#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_register.php

#
#-----[ FIND ]------------------------------------------
#
   $passwd_sql = '';
   if ( !empty($new_password) && !empty($password_confirm) )

#
#-----[ BEFORE, ADD ]------------------------------------------
#
   if ($board_config['enable_block_spambots'] && $userdata['user_level'] != ADMIN && ($mode == 'register' || $mode == 'editprofile'))
   {
      $secretkey = $board_config['board_startdate'];
      
      // IMPORTANT!!!:
      // For added security, you should change the "nana" and "foofoo"
      // so that spambots can't simply spoof the form values as well.
      $authkey = md5("nana" . $secretkey . "foofoo");
      $authval = md5($HTTP_SERVER_VARS['HTTP_USER_AGENT'] . $secretkey . $HTTP_SERVER_VARS['REMOTE_ADDR']); 
      $timekey = md5("time" . $secretkey);
      $timeval = time();
      
      # If this is a registration which doesn't give with the above, turn it into a error.
      if ((!isset($HTTP_POST_VARS[$authkey]) || $HTTP_POST_VARS[$authkey] != $authval || !isset($HTTP_POST_VARS[$timekey]) || $HTTP_POST_VARS[$timekey] > time() - 5))
      {
         $error = TRUE;
         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
      }
   }


... with this code modification

Code:
#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_register.php

#
#-----[ FIND ]------------------------------------------
#

//
// Did the user submit? In this case build a query to update the users profile in the DB
//
if ( isset($HTTP_POST_VARS['submit']) )

#
#-----[ BEFORE, ADD ]------------------------------------------
#
if ($board_config['enable_block_spambots'] && $userdata['user_level'] != ADMIN && ($mode == 'register' || $mode == 'editprofile'))
{
   $secretkey = $board_config['board_startdate'];
      
   // IMPORTANT!!!:
   // For added security, you should change the "nana" and "foofoo"
   // so that spambots can't simply spoof the form values as well.
   $authkey = md5("nana" . $secretkey . "foofoo");
   $authval = md5($HTTP_SERVER_VARS['HTTP_USER_AGENT'] . $secretkey . $HTTP_SERVER_VARS['REMOTE_ADDR']); 
   $timekey = md5("time" . $secretkey);
   $timeval = time();
}



#
#-----[ FIND ]------------------------------------------
#
   $passwd_sql = '';
   if ( !empty($new_password) && !empty($password_confirm) )

#
#-----[ BEFORE, ADD ]------------------------------------------
#
   if ($board_config['enable_block_spambots'] && $userdata['user_level'] != ADMIN && ($mode == 'register' || $mode == 'editprofile'))
   {
      # If this is a registration which doesn't give with the above, turn it into a error.
      if ((!isset($HTTP_POST_VARS[$authkey]) || $HTTP_POST_VARS[$authkey] != $authval || !isset($HTTP_POST_VARS[$timekey]) || $HTTP_POST_VARS[$timekey] > time() - 5))
      {
         $error = TRUE;
         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
      }
   }


Back to top
View user's profile Send private message
GoleyC



Joined: 16 Dec 2002
Posts: 368



Hlp* 249.51
PostPosted: Fri Dec 08, 2006 4:11 am    Post subject: Reply with quote Direct link

Is this an entire mode or just part of the mod with the fix? Also, what MOD is this and where can one find it?
_________________
ATV Source Smile
www . atvsource . com
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
Martin
Site Admin


Joined: 24 Mar 2002
Posts: 8182



Hlp* 3655.72
PostPosted: Fri Dec 08, 2006 12:39 pm    Post subject: Reply with quote Direct link

GoleyC wrote:
Is this an entire mode or just part of the mod with the fix? Also, what MOD is this and where can one find it?

Just part of one... I thought I'd linked to the original but obviously not..

Lemme fix that now.
The download is here:
http://forum.aeroion.ru/download.php?id=64

The post discussing it is here:
thread link..
Back to top
View user's profile Send private message
GoleyC



Joined: 16 Dec 2002
Posts: 368



Hlp* 249.51
PostPosted: Sat Dec 09, 2006 1:26 am    Post subject: Reply with quote Direct link

Thanks for the link. I'll give this mode a try and see what happens.
_________________
ATV Source Smile
www . atvsource . com
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
Martin
Site Admin


Joined: 24 Mar 2002
Posts: 8182



Hlp* 3655.72
PostPosted: Mon Dec 11, 2006 11:43 pm    Post subject: Reply with quote Direct link

GoleyC wrote:
Thanks for the link. I'll give this mode a try and see what happens.

It's ok... but in truth I would recommend this mod more:
http://www.phpbb.com/phpBB/viewtopic.php?t=393606

That has cut my spam problems by as much as 95%... well you probably noticed already Very Happy
Back to top
View user's profile Send private message
GoleyC



Joined: 16 Dec 2002
Posts: 368



Hlp* 249.51
PostPosted: Wed Dec 13, 2006 8:11 pm    Post subject: Reply with quote Direct link

I must say, the spam has really dropped to almost 99%. Nice job on the MODs you have working on removing the junk before it even gets posted or registered.

I've included the spambot registration mod to element those bots that use a fake form to register a username.

The human ones I'm still having trouble with. What Proxy MOD are you using to element those hiding behind a proxy server?
_________________
ATV Source Smile
www . atvsource . com
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
eleanor123



Joined: 17 Aug 2011
Posts: 1
Location: ny


Hlp* 2.00
PostPosted: Wed Aug 17, 2011 8:03 am    Post subject: Reply with quote Direct link

Thanks for sharing such a great information,would e very helpful for me.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic   printer-friendly view    SnailSource.com Forum Index -> Misc phpbb2 mods All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

This board is protected by Phpbbantispam
Board Security

15554 Attacks blocked

Powered by phpBB © 2001, 2005 phpBB Group