HELP! I'm getting spammed!

[bbrian017]

Thanks I found it.

Greatly Appreciated.

Thanks you!! I'm a noob sorry :)

[Divisive Cotton]

Quote:

we shall defend our Pligg site, whatever the cost may be, we shall fight on the beaches, we shall fight on the landing grounds, we shall fight in the fields and in the streets, we shall fight in the hills; we shall never surrender,

[JosephK]

To stop spams "xxx@xxx.info" in comments

Edit the story.php file
To the line 183 :
--> if(strlen($_POST['comment_content']) > 0)

Add after "0":
--> && !strstr($_POST['comment_content'], "[site]")

Replace [site] by the url/word of your spammer or "a href=" to disable any link.

Personnally, I have only one spammer (which make lot of damage) on my site and this method stop him absolutely. (but a lot of users are still registred :/)

Something like that could be improved in order to use a black list of spam words...

[katlis]

I've added a math question to my registration page. You can see it at luxa.org.

Open register.php and look for this...

Code:

	if($password !== $password2) { // if both passwords do not match
		$main_smarty->assign('register_error_text', "nopassmatch");
		$main_smarty->display($the_template . '/register_error.tpl');
		$error = true;
	}

Underneath that, add this:

Code:

	$mynumber = 9;

	if($_POST["addit"] != $mynumber) {
		$main_smarty->display($the_template . '/register_error.tpl');
		$error = true;
	}

Now in your register_step_1.tpl file, add this form field...

Code:

		<label>You're Human Right? What is 8 + 1?</label>
		<input type="text" id="addit" name="addit" size="2" tabindex="5"/>
		<br /><br/>

Hope it works.

Edit: Also add that form field to your sidebar_modules/login.tpl too.

[bbrian017]

Very nice katlis I will add this as well!

Cheers, bbrian017

[SportsGuy]

Just wanted to say thanks to everyone who has contributed ideas to help stop this rash of spamming.

I suddenly noticed 100 new users today, and having been online for a while, I quickly realized it was bogus. :(

I spent about 30 minutes deleting users one by one to get caught up, then high-tailed it here to learn more. As usual, it was the right move in terms of learning how to deal with things. With randomly generated e-mail addresses, and different IP addresses, it's not as easy to stop this "attack", but it's doable. :)

Big thanks to the devs, admins and everyone else who has posted or is working on solutions. Very much appreciated folks.

Duane

[davemackey]

Whew. The spammer is really slamming me. Gonna go grab the Akismet module. Thanks for the help Ash and Chuck!
David.

[davemackey]

I really like what Katlis did, but I think a longer term solution is going to require dynamic numbers. So I tried something like this (can someone explain why it isn't working):
In register.php added:
$number1 = mt_rand(1,10);
$number2 = mt_rand(1,25);
$rnd_smarty = new smarty;
$rnd_smarty->assign('number1', $number1);
$rnd_smarty->assign('number2', $number2);
$rnd_smarty->display('register_step_1.tpl');
$mynumber = $number1+$number2;

if($_POST["addit"] != $mynumber)
Then in register_step_1.tpl:
<label>You're Human Right? What is {$number1} + {$number2}?</label>
<input type="text" id="addit" name="addit" size="2" tabindex="5"/>

Essentially I am:
1. Generating two random numbers.
2. Passing those two random numbers to the register page.
3. Checking that the individual gave the right sum.
Its all the same as katlis' code, except the addition of variables. I think for some reason the variables aren't being passed to the page. I'm not a PHP coder or a Smarty Template designer. Can anyone give me a hand with this?
David.

[bbrian017]

Very nice davemackey thank you for taking the time to add your magic :)

Cheers,

bbrian017

[AshDigg]

Quote:

Originally Posted by davemackey

I really like what Katlis did, but I think a longer term solution is going to require dynamic numbers. So I tried something like this (can someone explain why it isn't working):
In register.php added:
$number1 = mt_rand(1,10);
$number2 = mt_rand(1,25);
$rnd_smarty = new smarty;
$rnd_smarty->assign('number1', $number1);
$rnd_smarty->assign('number2', $number2);
$rnd_smarty->display('register_step_1.tpl');
$mynumber = $number1+$number2;

if($_POST["addit"] != $mynumber)
Then in register_step_1.tpl:
<label>You're Human Right? What is {$number1} + {$number2}?</label>
<input type="text" id="addit" name="addit" size="2" tabindex="5"/>

Essentially I am:
1. Generating two random numbers.
2. Passing those two random numbers to the register page.
3. Checking that the individual gave the right sum.
Its all the same as katlis' code, except the addition of variables. I think for some reason the variables aren't being passed to the page. I'm not a PHP coder or a Smarty Template designer. Can anyone give me a hand with this?
David.

Don't spend too much time on this... I'm working on a module to allow admins to choose what type of captcha system to use. This random number addition method will be one of the options to choose from. I'll be released very soon.