Author |
Topic |
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:06:26
|
This morning, the forums that I run have come under attack (sort of), by some idiot who is spamming my server registering numerous user names (I have deleted over 25 accounts so far before turning my web server off to stop him).
I need help creating some code to go on the register.asp so that I can stop all further attempts by this idiot to spam me with registrations. (I discovered this early because half of the email addresses were undeliverable, and my email server bounced me the error messages, and that is when I noticed the ever growing list of user names with the same email domain).
basically, I want to put in a conditional statement that says:
if ("portion of email address" = "rpgoffice.com") send him message denying registration
but I do not know enough about coding in VBScript to do this on my own
Please help! (I think I have the proper place to put (in register.asp), but I need the code to do it...
**TANSTAAFL** |
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
Hamlin
Advanced Member
United Kingdom
2386 Posts |
Posted - 15 June 2002 : 10:14:31
|
try
strEmail = "some.one@blah.com" strEmails = Split(strEmail, "@")
if strEmails(1) = "blah.com" then response.redirect somepage end if
.::Hamlin::. The Arsenal! In the time of chimpanzees I was a monkey
Edited by - Hamlin on 15 June 2002 10:20:34 |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:27:13
|
that produces the following error Error Type: Microsoft VBScript runtime (0x800A0009) Subscript out of range: '[number: 1]' /iceforums/register.asp, line 142
this is the code I used badMail = Request.Form("Email") badMail2 = Split(splitStr, "@") if badMail2(1) = "rpgoffice.com" then Err_Msg = Err_Msg & "<li>Further Email addresses from rpgoffice.com are prohibited</li>" end if
**TANSTAAFL** |
|
|
Hamlin
Advanced Member
United Kingdom
2386 Posts |
Posted - 15 June 2002 : 10:29:23
|
quote:
that produces the following error Error Type: Microsoft VBScript runtime (0x800A0009) Subscript out of range: '[number: 1]' /iceforums/register.asp, line 142
this is the code I used badMail = Request.Form("Email") badMail2 = Split(splitStr, "@") if badMail2(1) = "rpgoffice.com" then Err_Msg = Err_Msg & "<li>Further Email addresses from rpgoffice.com are prohibited</li>" end if
**TANSTAAFL**
badMail2 = Split(badMail, "@")
.::Hamlin::. The Arsenal! In the time of chimpanzees I was a monkey |
|
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:32:26
|
quote:
Ok, I've found it. Here you have a mod you can adapt to eliminate that domain:
http://forum.snitz.com/forum/topic.asp?TOPIC_ID=24780
Unfortunately, this link downloads a zip file only 1 kb in size, and does not appear to be a valid zip file..
**TANSTAAFL** |
|
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:33:37
|
quote:
badMail2 = Split(badMail, "@")
Duh!! Thanks!! trying it now
**TANSTAAFL** |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 15 June 2002 : 10:34:44
|
You're right. I'm sorry about that. I didn't check the link before posting.
------------------------------------------------- Installation Guide | Do's and Dont's | MODs |
|
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:36:34
|
yippee!! it worked!! Thanks very much Hamlin....
(you too, ruirib)
**TANSTAAFL** |
|
|
Hamlin
Advanced Member
United Kingdom
2386 Posts |
Posted - 15 June 2002 : 10:38:41
|
No problem
You shoud maybe look in to the email validation mod as well (as ruirib suggested), cos it would still be easy to get past this.
.::Hamlin::. The Arsenal! In the time of chimpanzees I was a monkey
Edited by - Hamlin on 15 June 2002 10:39:16 |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 15 June 2002 : 10:43:00
|
Yeah, Rasir, the email validation mod will ensure that your users do not register themselves with bogus emails, so it may be a wise choice to implement it.
And I would suggest that you eliminate that error message, because you are also giving a clue (well, more than a clue IMHO) on how to overcome your protection. I would probably just give a general registration error and ask him to come back later.
------------------------------------------------- Installation Guide | Do's and Dont's | MODs |
|
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 15 June 2002 : 10:47:34
|
I had been thinking about it, but I have to main questions about it.
First off, I already have the "Hide Email addresses" Mod installed, and I thought I had seen something where this had some problems integrating with the Email verication Mod.
Also, how would inplementing this Mod affect the people who aer already registered?
**TANSTAAFL** |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 15 June 2002 : 11:02:47
|
quote:
I had been thinking about it, but I have two main questions about it.
First off, I already have the "Hide Email addresses" Mod installed, and I thought I had seen something where this had some problems integrating with the Email verication Mod.
Well I can't answer this one, cause I've never tried.
quote:
Also, how would inplementing this Mod affect the people who aer already registered?
As far as I know, it won't. This mod will introduce some changes to the registration process only, ensuring that users become registered users only when they reply to an email message sent to their registration email addresses. After that reply is made, everything works as usual, as I understand.
I haven't implemented this. I'm just stating this from the knowledge gathered from my regular visits to this forum and seeing this mod in place in some other forums.
Once we have a more definitive 4.0 version (after 3.4) I plan to implement it. This looks like a very useful mod.
------------------------------------------------- Installation Guide | Do's and Dont's | MODs |
|
|
Davio
Development Team Member
Jamaica
12217 Posts |
Posted - 15 June 2002 : 19:46:12
|
quote: First off, I already have the "Hide Email addresses" Mod installed, and I thought I had seen something where this had some problems integrating with the Email verication Mod.
I have both mods installed and they work ok. Problems that users run into is thier sql statements inthe register.asp file, since they don't copy the code properly or don't know what they are doing. quote: Also, how would inplementing this Mod affect the people who aer already registered?
It won't. Unless they change thier email address, it will send them a confirmation email to thier new email address to confirm it is valid.
But when new users register, they will be sent a confimration email before thier account is approved.quote: Once we have a more definitive 4.0 version (after 3.4) I plan to implement it. This looks like a very useful mod.
It's going to be in the 3.4 version, so you won't have the previlige of installing it, if you wait that long.
«------------------------------------------------------» Want to know when the next version comes out, as soon as possible? Join our Mailing Lists !
Edited by - Davio on 15 June 2002 19:54:17 |
|
|
Rasyr
Junior Member
USA
199 Posts |
Posted - 16 June 2002 : 11:34:43
|
Well, just wanted to let you guys know that I did run into one minor problem with the code I used for this. If the email address field was left blank, it would produce an error (and it still will if there is no '@' symbol in what is in the box, haven't figured that part out yet).
so what I did was to wrap the whole thing into an if statement, which makes sure that the length is greater than 0, like so: '##checking for bad email address
if Len(Request.Form("Email")) > 0 then badMail = Request.Form("Email") badMail2 = Split(badMail, "@") if badMail2(1) = "emailServerName.com" then Err_Msg = Err_Msg & "<li>Error message goes here</li>" end if end if
thus, I used the existing system (with the Err_Msg) since it is already in place. Heack, the less coding I have to do, the better.
**TANSTAAFL** |
|
|
Topic |
|