Microsoft.AspNetCore.Mvc.Localization.LocalizedHtmlStringAnti-spam Humans

Author : Carefree
Subject : Anti-spam Humans
Posted : 12 March 2014, 21:46
Message :

In response to this post, I wrote this mod to preclude new users from including hyperlinks.
The issue arises from minimum wage human spammers defeating the CAPTCHA and then posting spam immediately.

This mod adds two fields to the forum features (anti-spam days and anti-spam posts). If you choose to use minimum number of posts without days, then users must post at least that number of posts before they will be allowed to include a hyperlink in a post.
If you choose to use minimum number of days without posts, then the specified number of days must have passed since users registered before they will be allowed to include a hyperlink in a post.
If you choose to use both, each set of conditions must be met.
This is untested in a production server, but I'm sure it'll work without any issues; it's fairly simple.

Reply Author: AnonJr
Replied on: 13 March 2014, 07:57
Message:

but I'm sure it'll work without any issues; it's fairly simple.

... famous last words.

Nice option to have handy.

Reply Author: Maxime
Replied on: 17 March 2014, 03:44
Message:

Hello Carefree. the mod is installed but not working, I have no errors. I tested with a member name created by me and I put 10 messages before placing a link. the link is visible on the post and no alert message to say that it is forbidden

Reply Author: Carefree
Replied on: 17 March 2014, 04:23
Message:

Did you set the limits on the admin features page?

Reply Author: Maxime
Replied on: 17 March 2014, 05:06
Message:

Yes I put 10 messages

Reply Author: Astralis
Replied on: 21 March 2014, 05:18
Message:

This is fantastic. All the spammers are gone -- I haven't deleted spam for five days straight, unlike before when I was deleting it every couple of hours.
But, there is one trick that at least one spammer has discovered: the signature field allows any links.

I can fix that myself, but thought I should let you know if you want to update your mod.
Great mod and absolutely needed. Thank you very much!

Reply Author: Carefree
Replied on: 21 March 2014, 07:40
Message:

Ok - for signatures:

"pop_profile.asp"

Code:


Look for the following lines (appx 1333-1335):

			if strSignatures = "1" then
				strSql = strSql & "     M_SIG = '" & ChkString(Request.Form("Sig"),"message") & "', "
			end if

Change them to say:

			if strSignatures = "1" then
				'	##	Anti-Spam Humans Below
				If strAntiSpamDays > 0 or strAntiSpamPosts > 0 Then
					strSqlP="SELECT M_POSTS, M_DATE FROM " & strMemberTablePrefix & "MEMBERS WHERE MEMBER_ID=" & MemberID
					Set rsP=my_Conn.Execute(strSqlP)
					If not rsP.EOF Then
						strDays=rsP("M_DATE")
						intPosts=rsP("M_POSTS")
						rsP.Close
					End If
					Set rsP=Nothing
					If strAntiSpamPosts > 0 Then
						If intPosts<strAntiSpamPosts Then
							If inStr(ChkString(Request.Form("Sig"),"message"), "http")>0 Then
								Go_Result "Not authorized to post links.",0
								Response.End
							End If
						End If
					End If
					If strAntiSpamDays > 0 Then
						intDays=DateDiff("d",StrtoDate(strDays),Now())
						If intDays<strAntiSpamDays Then
							If inStr(ChkString(Request.Form("Sig"),"message"), "http")>0 Then
								Go_Result "Not authorized to post links.",0
								Response.End
							End If
						End If
					End If
				End If
				'	##	Anti-Spam Humans Above
				strSql = strSql & "     M_SIG = '" & ChkString(Request.Form("Sig"),"message") & "', "
			end if

Reply Author: Astralis
Replied on: 07 April 2014, 01:48
Message:

Carefree, you're awesome.

Suddenly, I received an error when people tried to make posts. I have no clue why it worked before.

post_info.asp

Error:

Code:


If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Date(Now))
				If intDays<strAntiSpamDays Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result "Not authorized to post links.",0
						Response.End
					End If
				End If
			End If

Changed to:

Code:


If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Now)
				If intDays<strAntiSpamDays Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result "Not authorized to post links.",0
						Response.End
					End If
				End If
			End If

Reply Author: Carefree
Replied on: 07 April 2014, 20:49
Message:

Originally posted by Astralis
Code:
intDays=DateDiff("d",StrtoDate(strDays),Now)

Change that to say this:

Code:


intDays=DateDiff("d",StrtoDate(strDays),Now())

Reply Author: ruirib
Replied on: 16 May 2014, 05:46
Message:

I was asked to install this for someone else and the code has two errors that prevent it from working effectively. I am posting the correct code below:

Code:


                    If strAntiSpamDays > 0 or strAntiSpamPosts > 0 Then
			strSqlP="SELECT M_POSTS, M_DATE FROM " & strMemberTablePrefix & "MEMBERS WHERE MEMBER_ID=" & MemberID
			Set rsP=my_Conn.Execute(strSqlP)
			If not rsP.EOF Then
				strDays=rsP("M_DATE")
				intPosts=rsP("M_POSTS")
				rsP.Close
			End If
			Set rsP=Nothing
			If strAntiSpamPosts > 0 Then
				If CInt(intPosts)<CInt(intAntiSpamPosts) Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result fLang(strLangGatekeeper00170),0
						Response.End
					End If
				End If
			End If
			If strAntiSpamDays > 0 Then
				intDays=DateDiff("d",StrtoDate(strDays),Now())
				If CInt(intDays)<CInt(intAntiSpamDays) Then
					If inStr(txtMessage, "http")>0 Then
						Go_Result fLang(strLangGatekeeper00170),0
						Response.End
					End If
				End If
			End If
		End If

I've highlighted the parts that needed fixing, which comprise two fixes: using the correct mod variables to check for number of posts and number of days limits and the conversion of the variables to integers, before comparing them.

Reply Author: Astralis
Replied on: 16 May 2014, 05:55
Message:

Thank you ruirib. The Snitz community is alive! I'm going to apply this change.

Reply Author: Carefree
Replied on: 16 May 2014, 18:39
Message:

Neither M_POSTS nor DateDiff can return anything but integer values, so cInt(intDays) and cInt(intPosts) should not change anything. The other ones I concede LOL. Didn't think about config_new storing them as strings.

Reply Author: ruirib
Replied on: 16 May 2014, 19:50
Message:

Originally posted by Carefree
Neither M_POSTS nor DateDiff can return anything but integer values, so cInt(intDays) and cInt(intPosts) should not change anything. The other ones I concede LOL. Didn't think about config_new storing them as strings.

config_new stores everything as strings and the problem was not only that one. You have two sets of variables with very similar names, the difference being the start of their names: a set starts with str and keeps configuration values (whether the options to check number of posts or number of days since registration are active), the other set keeps the minimum number of days since registration or the minimum number of posts to allow link posting.

The previous code was comparing the actual numbers for a user with the status variables, that return a 0 or a 1, so it was allowing link posting all the time.
The code failed even after I fixed it for the errors in variable names, and it was double work as I was asked to install this in two different forums, so I was in a "no hostages taken mood" on my final attempt. You are free not to include the changes as I posted them, but you should fix the variable names, at the very least.

Reply Author: Carefree
Replied on: 17 May 2014, 07:35
Message:

I changed it on SnitzBitz earlier when I read your previous post.

Reply Author: MaGraham
Replied on: 07 June 2014, 01:20
Message:

Installed and working properly.

Great mod, Carefree! Really necessary for all forums, too. Thank you!

Reply Author: KC
Replied on: 31 March 2015, 13:56
Message:

Old topic and not related to what to what I am looking for today but I thought I would share this...
Everyone hates Capitca or any other thing that makes them type something in a box for everything.
I just make it simple. My policy.asp have this in the body.

It passes 4 variables from radio buttons to the register.asp page which checks them.
The thing is, all questions default to Yes, but 2 are No. You can do or ask whatever you want here, the object is 32 possible 'right guess' button selections to register that are easy to answer.
If it's right registration goes through, if not they get redirected to this page.

It simply tells them to read the darn policy page so they know the rules. If they can't like some foreign spammer or bot, they can't register.
I mix mine up now and again but I just don't get many spammers, maybe 5 in 5 years, but they don't last a day and if they are a from a country that has no business with me I'll block their whole server at my server level.
One other trick is neuter the Admin account. One I set my user name as a member name and give that full admin ability, I grant Admin nothing so people can try to hack away at that and even if they do though can't do **** ;-}

Anti-spam Humans

Topic

Replies ...