Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 Anti-spam Humans		  New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 12 March 2014 :  21:46:21  Show Profile  Reply with Quote
In response to this post, I wrote this mod to preclude new users from including hyperlinks.

The issue arises from minimum wage human spammers defeating the CAPTCHA and then posting spam immediately.

This mod adds two fields to the forum features (anti-spam days and anti-spam posts). If you choose to use minimum number of posts without days, then users must post at least that number of posts before they will be allowed to include a hyperlink in a post.

If you choose to use minimum number of days without posts, then the specified number of days must have passed since users registered before they will be allowed to include a hyperlink in a post.

If you choose to use both, each set of conditions must be met.

This is untested in a production server, but I'm sure it'll work without any issues; it's fairly simple.

AnonJr
Moderator

United States
5768 Posts
Posted - 13 March 2014 :  07:57:06  Show Profile  Visit AnonJr's Homepage  Reply with Quote
quote:
but I'm sure it'll work without any issues; it's fairly simple.

... famous last words.

Nice option to have handy.
Go to Top of Page

Maxime
Average Member

France
521 Posts
Posted - 17 March 2014 :  03:44:19  Show Profile  Visit Maxime's Homepage  Reply with Quote
Hello Carefree. the mod is installed but not working, I have no errors. I tested with a member name created by me and I put 10 messages before placing a link. the link is visible on the post and no alert message to say that it is forbidden
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 17 March 2014 :  04:23:24  Show Profile  Reply with Quote
Did you set the limits on the admin features page?
Go to Top of Page

Maxime
Average Member

France
521 Posts
Posted - 17 March 2014 :  05:06:27  Show Profile  Visit Maxime's Homepage  Reply with Quote
Yes I put 10 messages
Cordially,
Maxime

Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
Go to Top of Page

Astralis
Senior Member

USA
1218 Posts
Posted - 21 March 2014 :  05:18:12  Show Profile  Send Astralis a Yahoo! Message  Reply with Quote
This is fantastic. All the spammers are gone -- I haven't deleted spam for five days straight, unlike before when I was deleting it every couple of hours.

But, there is one trick that at least one spammer has discovered: the signature field allows any links.

I can fix that myself, but thought I should let you know if you want to update your mod.

Great mod and absolutely needed. Thank you very much!
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 21 March 2014 :  07:40:47  Show Profile  Reply with Quote
Ok - for signatures:

"pop_profile.asp"


Look for the following lines (appx 1333-1335):

			if strSignatures = "1" then
				strSql = strSql & "     M_SIG = '" & ChkString(Request.Form("Sig"),"message") & "', "
			end if

Change them to say:

			if strSignatures = "1" then
				'	##	Anti-Spam Humans Below
				If strAntiSpamDays > 0 or strAntiSpamPosts > 0 Then
					strSqlP="SELECT M_POSTS, M_DATE FROM " & strMemberTablePrefix & "MEMBERS WHERE MEMBER_ID=" & MemberID
					Set rsP=my_Conn.Execute(strSqlP)
					If not rsP.EOF Then
						strDays=rsP("M_DATE")
						intPosts=rsP("M_POSTS")
						rsP.Close
					End If
					Set rsP=Nothing
					If strAntiSpamPosts > 0 Then
						If intPosts<strAntiSpamPosts Then
							If inStr(ChkString(Request.Form("Sig"),"message"), "http")>0 Then
								Go_Result "Not authorized to post links.",0
								Response.End
							End If
						End If
					End If
					If strAntiSpamDays > 0 Then
						intDays=DateDiff("d",StrtoDate(strDays),Now())
						If intDays<strAntiSpamDays Then
							If inStr(ChkString(Request.Form("Sig"),"message"), "http")>0 Then
								Go_Result "Not authorized to post links.",0
								Response.End
							End If
						End If
					End If
				End If
				'	##	Anti-Spam Humans Above
				strSql = strSql & "     M_SIG = '" & ChkString(Request.Form("Sig"),"message") & "', "
			end if
Go to Top of Page

Astralis
Senior Member

USA
1218 Posts
Posted - 07 April 2014 :  01:48:45  Show Profile  Send Astralis a Yahoo! Message  Reply with Quote
Carefree, you're awesome.

Suddenly, I received an error when people tried to make posts. I have no clue why it worked before.


post_info.asp

Error:

If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Date(Now))
				If intDays<strAntiSpamDays Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result "Not authorized to post links.",0
						Response.End
					End If
				End If
			End If


Changed to:


If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Now)
				If intDays<strAntiSpamDays Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result "Not authorized to post links.",0
						Response.End
					End If
				End If
			End If

Edited by - Astralis on 07 April 2014 01:49:53
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 07 April 2014 :  20:49:51  Show Profile  Reply with Quote
quote:
Originally posted by Astralis

intDays=DateDiff("d",StrtoDate(strDays),Now)


Change that to say this:

intDays=DateDiff("d",StrtoDate(strDays),Now())

Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 16 May 2014 :  05:46:59  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
I was asked to install this for someone else and the code has two errors that prevent it from working effectively. I am posting the correct code below:


                    If strAntiSpamDays > 0 or strAntiSpamPosts > 0 Then
			strSqlP="SELECT M_POSTS, M_DATE FROM " & strMemberTablePrefix & "MEMBERS WHERE MEMBER_ID=" & MemberID
			Set rsP=my_Conn.Execute(strSqlP)
			If not rsP.EOF Then
				strDays=rsP("M_DATE")
				intPosts=rsP("M_POSTS")
				rsP.Close
			End If
			Set rsP=Nothing
			If strAntiSpamPosts > 0 Then
				If CInt(intPosts)<CInt(intAntiSpamPosts) Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result fLang(strLangGatekeeper00170),0
						Response.End
					End If
				End If
			End If
			If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Now())
				If CInt(intDays)<CInt(intAntiSpamDays) Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result fLang(strLangGatekeeper00170),0
						Response.End
					End If
				End If
			End If
		End If

I've highlighted the parts that needed fixing, which comprise two fixes: using the correct mod variables to check for number of posts and number of days limits and the conversion of the variables to integers, before comparing them.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Astralis
Senior Member

USA
1218 Posts
Posted - 16 May 2014 :  05:55:57  Show Profile  Send Astralis a Yahoo! Message  Reply with Quote
Thank you ruirib. The Snitz community is alive! I'm going to apply this change.
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 16 May 2014 :  18:39:12  Show Profile  Reply with Quote
Neither M_POSTS nor DateDiff can return anything but integer values, so cInt(intDays) and cInt(intPosts) should not change anything. The other ones I concede LOL. Didn't think about config_new storing them as strings.
Edited by - Carefree on 16 May 2014 18:45:54
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 16 May 2014 :  19:50:55  Show Profile  Send ruirib a Yahoo! Message  Reply with Quote
quote:
Originally posted by Carefree

Neither M_POSTS nor DateDiff can return anything but integer values, so cInt(intDays) and cInt(intPosts) should not change anything. The other ones I concede LOL. Didn't think about config_new storing them as strings.

config_new stores everything as strings and the problem was not only that one. You have two sets of variables with very similar names, the difference being the start of their names: a set starts with str and keeps configuration values (whether the options to check number of posts or number of days since registration are active), the other set keeps the minimum number of days since registration or the minimum number of posts to allow link posting.

The previous code was comparing the actual numbers for a user with the status variables, that return a 0 or a 1, so it was allowing link posting all the time.

The code failed even after I fixed it for the errors in variable names, and it was double work as I was asked to install this in two different forums, so I was in a "no hostages taken mood" on my final attempt. You are free not to include the changes as I posted them, but you should fix the variable names, at the very least.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Carefree
Advanced Member

Philippines
4207 Posts
Posted - 17 May 2014 :  07:35:45  Show Profile  Reply with Quote
I changed it on SnitzBitz earlier when I read your previous post.
Go to Top of Page

MaGraham
Senior Member

USA
1297 Posts
Posted - 07 June 2014 :  01:20:00  Show Profile  Reply with Quote

Installed and working properly.

Great mod, Carefree! Really necessary for all forums, too. Thank you!

"Do all the good you can, by all the means you can, in all the ways you can, at all the times you can, to all the people you can, as long as ever you can." - John Wesley
Go to Top of Page

KC
Junior Member

USA
152 Posts
Posted - 31 March 2015 :  13:56:38  Show Profile  Visit KC's Homepage  Reply with Quote
Old topic and not related to what to what I am looking for today but I thought I would share this...

Everyone hates Capitca or any other thing that makes them type something in a box for everything.

I just make it simple.
My policy.asp have this in the body.



It passes 4 variables from radio buttons to the register.asp page which checks them.

The thing is, all questions default to Yes, but 2 are No.
You can do or ask whatever you want here, the object is 32 possible 'right guess' button selections to register that are easy to answer.

If it's right registration goes through, if not they get redirected to this page.



It simply tells them to read the darn policy page so they know the rules.
If they can't like some foreign spammer or bot, they can't register.

I mix mine up now and again but I just don't get many spammers, maybe 5 in 5 years, but they don't last a day and if they are a from a country that has no business with me I'll block their whole server at my server level.

One other trick is neuter the Admin account.
One I set my user name as a member name and give that full admin ability, I grant Admin nothing so people can try to hack away at that and even if they do though can't do **** ;-}
Owner of vales.com and Elite Computers.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.22 seconds. Powered By: Snitz Forums 2000 Version 3.4.07