Try to found in anyway line in viewtopic.php or other file that called forum_htmlencode() with non-unicode data.
Maybe this non-unicode data is saved in DB as post or username, title...

There are 462 occurrences of forum_htmlencode and even in viewtopic.php there are 21.

Sorry, I requested support here, but now it seems you ask me to do all your work ?

I'm certainly willing to help with some needed information, but I'm unable to spend time on investigating possibly the whole PunBB code.


Maybe this non-unicode data is saved in DB as post or username, title...

It certainly is, since it is available on page request. As you can see, a guest posted it in German language. And if you would just have tried to copy the first post of the topic to post it on your own PunBB board you should see the same issue.
That means the visible text contains the problem chars, it has nothing to do with any data stored in the database.


What about Parpalak? Isn't he no longer moderating this forum?

I'm not using the "Fancy stop spam" extension. I developed my own anti-spam PunBB extension Yasb. Meanwhile I fixed a few more Yasb bugs and I'm very happy with it. I just see you posted your intention to adopt my idea - thanks!

The reason why I mentioned the "Fancy Stop Spam" honeypot annoyance was that my Firefox does not save log-in data on http://punbb.informer.com, thus I cannot disable the honey-pot option.


Ok, I will focus on the topic now:
What's your suggestion in order to trace or resolve the "Invalid multibyte sequence in argument " issue?

I do not use mb_convert_encoding !
I only tried this 5 days ago, but for a few minutes only.


BTW: Your forum log-in page features a hidden anti-spam input tag, just between the username input and the password input tags. This is a bad idea since it breaks Firefox password manager (won't remember or save log-in data).
Firefox recognizes the input above a password field as username field (even if hidden by CSS). Unfortunately this is the ant-spam honey-pot on your page which even has an autocomplete=off attribute. However, just removing this attribute won't fix the issue, you need to remove the whole input tag for the reason mentioned above. (tested and verified your source on on my own page)
I wonder why a password-protected page needs a honey-pot at all - especially the log-in page.

Yesterday I already tried this configuration,
I also looked at the source for hidden error messages,
and to be sure I saved and compared the pages (with and w/o error display) md5 check-sums,
they are always identical, nothing displayed.
Additionally tried to use error_prepend_string option to identify messages.

With error_reporting = E_ALL the issue is not even logged to Apache logfile!

As I mentioned in a previous topic, error_reporting = E_NOTICE is required to log the notice, but however this only logs the notice, but does not display it. Probably because display_errors will display errors and warnings only, but never notices.

Please read my previous posts more thoroughly, you always ask me for already provided information.

I already tried to make the notice displayed on page, but as mentioned in my previous post and while applying the settings you suggested, the notice is never displayed.

I certainly know how to hide error or notice messages, but I.M.O that's not the right way to solve coding issues - at least not as long you confirmed that it is a minor issue, not a security problem.

I dont see any errors in page when visiting this page as guest.

You do not need to login to trigger this error. The error is never displayed on page, only in the server logs as PHP notice:
PHP Warning:  mb_convert_encoding(): Illegal character encoding specified in ....


Changed php.ini settings to:
display_errors = On
error_reporting = E_ALL | E_STRICT | E_NOTICE | E_DEPRECATED | E_PARSE
log_errors = On
...and restarted Server, but the error is NOT displayed on page, also tried clearing browser cache and restarting browser

Please note: The mentioned error is a PHP notice only, without E_NOTICE (e.g. error_reporting = E_ALL | E_STRICT) the problem is not even logged to server log! This might be the reason why it is not displayed on page.

@dimkalinux
Did you receive my PM ?

Done (PM)

I tried the proposed fix from tohex,

    //return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
        return htmlspecialchars(mb_convert_encoding($str, 'UTF-8', mb_detect_encoding($str)), ENT_QUOTES, 'UTF-8');

but this produces:

PHP Warning:  mb_convert_encoding(): Illegal character encoding specified in ....\\include\\functions.php on line 22

Still having this problem, now happening quite often, e.g. always when Google bot visits special forum topics - but also if I open the URL with Firefox..

PHP Warning:  htmlspecialchars(): Invalid multibyte sequence in argument in \\htdocs\\forum\\include\\functions.php on line 21

66.249.72.87   12.11 21:15:34   811167   + GET /forum/viewtopic.php?id=347 HTTP/1.1  S:200 (200)   B:15580   R:crawl-.googlebot.com  L:-  H:Host=nc.ddns.us|Accept=*/*|From=googlebot(at)googlebot.com|User-Agent=Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)|Accept-Encoding=gzip,deflate

Will this ever be fixed? Is it to be considered as a security issue?

Thank you.

Succeeded in deleting the corrupted posting.

Tried to find the corresponding id number for a direct call of delete.php.
Then I edited delete.php and temporarily removed the  'p.message' item in the SQL query command 'SELECT'.

No longer a reset error occurred when opening delete.php with id of the corrupted topic.

Recently a user made forum post, but it is completely un-accessable, even if trying to access it as administrator.
I never was able to read this posting.
Opening the post always results in a connection reset error.
All other forum posts work as usually.

On every attempt to access the posting my Apache 2.2 logs the following:

[Thu Aug 19 20:05:58 2010] [notice] Parent: child process exited with status 3221225725 -- Restarting.
[Thu Aug 19 20:06:02 2010] [notice] Apache/2.2.14 (Win32) configured -- resuming normal operations

No other problems are logged.

Enabled PunBB debug mode, but nothing is logged or displayed.
I am using PunBB with SQLite database.


Direct link to the probably corrupted posting:
http://netticat.ath.cx/forum/viewtopic.php?id=225
...or use the following URL and then click BetterPrivacy 1.48.3 Configuration Issues by XT-8147:
http://netticat.ath.cx/forum/viewforum.php?id=1

I think it would be difficult, probably impossible to find the reason for the problem.

Now my most important question is: How to delete the corrupted posting?
PunBB does not allow to access the post in order to delete it.
Tried some SQLite editors, but most of them only support SQLite 3 which is not supported by PunBB.
The remaining editors allow me to edit table structures etc, but not the actual data.

Using PunBB 1.3.4 and PHP 5.3.3 on Windows XP

Last week I found 8 times the following PHP warning in the Apache log file (nothing changed in my server or PHP configuration):

PHP Warning:  htmlspecialchars(): Invalid multibyte sequence in argument in D:\\Programme\\Apache\\htdocs\\forum\\include\\functions.php on line 21,

....caused by 6 different clients from different countries (USA, China,  Czech Republic, however,  the logged IP's could be proxies or faked)

I just want to notify you about. Probably it is some unimportant warning, but may you want to know about it.

13

(23 replies, posted in PunBB 1.3 extensions)

Hello Lexazloy,

thanks for your work.

Unfortunately I get fatal errors as soon as I make a double posting for test purposes.
(2 postings, same IP, same guest name). If I submit the second posting (which should be merged) then the following error is shown (with PunBB debug enabled):

An error was encountered
The error occurred on line 2125 in D:\Programme\Apache\htdocs\forum\include\functions.php
Database reported: SQL logic error or missing database (Errno: 1).

Double posting again works normally as soon as your extension is uninstalled.

Note: I am using SQLLite as database (it works slightly different)

Any hope to get this fixed?

Thank you Gordei4ik !

Exactly what I needed and for me the right time of release.
Works fine - for now I only needed the split function.

Well, it makes sense for guest posting only, and since I have only guests (registering disabled) this was a major problem for me. In a privacy related forum most visitors in fact have cookies disabled.

Sorry, I could not know that you already fixed the problem, did not even know about those changesets.

However, besides the warning message this extension adds some session_start instructions for guests. Otherwise the forum would not set a cookie for guests, even if the guest has cookies enabled. (would only work if PHP automatically sets a session cookie for every website user, but I do not force cookies for everyone if not needed)

Thank you - done.  smile

This extension adds useragent information (just the header string) after the last line of topics and replies. Not added for administrators and localhost.

I know there already exist similar extensions, however this one is slightly different what was important for me.



<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE extension SYSTEM "ext-1.0.dtd">

<!--
/**
 * Add useragent to posts
 *
 * @package add_useragent_to_posts and replies
 */
-->

    <extension engine="1.0">
    <id>add_useragent_to_posts</id>
    <title>Add useragent to posts and replies</title>
    <version>1.0</version>
    <description>
        Adds useragent information (just the header string) after the last line of topics and replies. Not added for administrators and localhost.
    </description>
    <author>NettiCat</author>
    <minversion>1.3</minversion>
    <maxtestedon>1.3.4</maxtestedon>




    <hooks>
        <hook id="po_end_validation" priority="10"><![CDATA[
            if (empty($errors) && !isset($_POST['preview']))
            {
                $user_agent = $_SERVER["HTTP_USER_AGENT"];
                if($forum_user['g_id'] != FORUM_ADMIN  && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR'])
                    $message = $message."\r\n\r\n".$user_agent;
            }
        ]]>
        </hook>
    </hooks>

</extension>

The goal of the extension system is to add or modify the forum functionality without touching the code

Yes I know, however I did not find a better solution.
I won't publish a patch again! (only extensions)

Fix for always wrong captcha if missing cookie bug

Important: Installation of this extension makes sense only if you have pun_antispam installed
see also:
http://punbb.informer.com/forums/topic/ … -disabled/

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE extension SYSTEM "ext-1.0.dtd">

<!--
/**
 * Session For All Visitors (always set PHP session cookie and check on post))
 *
 * @package session_for_all_visitors
 */
-->

    <extension engine="1.0">
    <id>session_for_all_visitors</id>
    <title>Session For All Visitors (fix for always wrong captcha if missing cookie)</title>
    <version>1.0</version>
    <description>
        1. Tries to set a session cookie for all forum visitors (even guests).
        2. Checks for cookie if visitor is about to post and warns/aborts if cookie is missing.
    </description>
    <author>NettiCat</author>
    <minversion>1.3</minversion>
    <maxtestedon>1.3.4</maxtestedon>
    <dependencies>
        <dependency>pun_antispam</dependency>
    </dependencies>



    <install>
        <![CDATA[
        ]]>
    </install>
    
    <uninstall>
        <![CDATA[
        ]]>
    </uninstall>

    <hooks>
        <hook id="in_start, vf_start, vt_start"><![CDATA[
            session_start();    //try to set cookie for all visitors, even for guests
        ]]>
        </hook>
        <hook id="rg_start, aop_start, li_start, po_start" priority="10"><![CDATA[
            if (!isset($_COOKIE["PHPSESSID"])) //warn when user is about to post
                message($lang_pun_antispam['Missing Cookie'] ? $lang_pun_antispam['Missing Cookie'] : 'Missing cookie. Please enable cookies and reload the page twice.');
        ]]>
        </hook>
    </hooks>

</extension>

Are you sure?
I tried to make it an extension but I must admit that I had no idea how to do it.

<?php
/**
 * PunBB Patch: Place category in the Forums header instead of using extra vertical space.
 * This means that category headers will be collapsed - the category is shown before 'Forums' instead.
 * The line 'Forums,...Topics,.., Posts,...' becomes 'CATEGORY Forums,...Topics,.., Posts,...'
 * ---------------------------------------------
 * Patch is compatible at least with PunBB 1.3.4
 * Important: Needs write permissions for index.php
 * A backup of index.php is created automatically
 * HowToUse: Place this in the same directory as index.php, then open (execute) it.
 * Patch uses NC-patch-engine v1.1
 */

//files
$file_to_patch = 'index.php';
$file_backup = 'index.php.bak';

//patches
$patches[0]['pattern'] = '/<h2 class=\"hn\"><span><\?php echo forum_htmlencode\(\$cur_forum\[\'cat_name\'\]\)/i';
$patches[0]['replacement'] = '<h2 class="hn" style="display:none"><span><\?php echo forum_htmlencode($cur_forum[\'cat_name\'])';
$patches[1]['pattern'] = '/<strong class=\"subject-title\">\'\.\$lang_index\[\'Forums\'\]/i';
$patches[1]['replacement'] = '<strong class="subject-title">\'.$cur_forum["cat_name"].\' \'.$lang_index["Forums"]';






$error = 0;
//does patch target exist
if (!file_exists($file_to_patch)){
    echo 'Cannot find index.php - patch failed!';
    exit;
}

//try to make a backup
$backup = file_get_contents($file_to_patch);
try{
    if (!file_exists($file_backup))
        file_put_contents($file_backup, $backup);
}catch(Exception $e){;}

//make sure backup exists
if (!file_exists($file_backup)){
    echo 'Could not write backup file '.$file_backup.' Patch abortet. Nothing has been modified!';;
    exit;
}

//do the patch work
$matches = 0;
$array_of_lines = explode("\n", file_get_contents($file_to_patch));
$num_lines = count($array_of_lines);
try{
    for ($i = 0; $i < $num_lines; $i++)
    {
        $k = 0;
        while(isset($patches[$k])){
            if (preg_match($patches[$k]['pattern'], $array_of_lines[$i], $results)) {
                $matches++;
                $array_of_lines[$i] = preg_replace($patches[$k]['pattern'], $patches[$k]['replacement'], $array_of_lines[$i]);
            }
            $k++;
        }
    }
}catch(Exception $e){$error++;}

//write patched bytes back to file
try{
    if(!$error)
        file_put_contents($file_to_patch, implode("\n", $array_of_lines));
}catch(Exception $e){$error++;}

//give the user something to read
echo (!$error && $matches) ? $matches.' lines have been patched. Now try the modified file.' : 'File already patched or wrong version of '.$file_to_patch.'. Nothing has been modified!'

?>

Create a new php file, place code inside and run in index.php directory (needs write rights).

22

(2 replies, posted in PunBB 1.3 bug reports)

If a forum has  absolutely no permissions to post topics or replies (could be an announcement forum where only the administrator is allowed to post) then for guests there is still shown 'You must login or register to post/reply'.
It should be 'Sorry! no permission to post/reply'.



I tried to fix it my modifying the following in viewforum.php (and also in viewtopic.php with ' && $cur_forum['post_replies']'):

else if ($forum_user['is_guest'])
    $forum_page['page_post']['posting'] = ...

to

else if ($forum_user['is_guest'] && $cur_forum['post_topics'])
    $forum_page['page_post']['posting'] = ...

Hope I made no mistake.

BTW, could you add the attribute autocomplete="off" to the captcha input field in the AntiSpam extension?

Well, the explode function is really useful, also removing the evil \n
I looked for a function like that, but did no find yet. Thanks.

I  begin to realize that PHP probably is a very nice language, worth to spend much more time on.

Parpalak wrote:

I have just two little advice

Thank you! This is my first work with the PHP language, and good advice is always welcome.  smile

I just applied your suggestions and release it as version 1.11,
but this time as zip file - in case there are users who have problems with creating the necessary files.

It is hosted here: http://www.megaupload.com/?d=4RJUVQCJ

Blocks comment spam with non-captcha methods.
The extension adds 3 options to PunBB's administrative settings panel:

1. Stop posting over proxies of the  transparent type.
This proxy type is usually abused by spammers. It is preferred over the anonymous type, probably because the latter type often is slow and only accessible through web-interfaces. This method of comment spam blocking works surprisingly good in many cases - and still allows forum visitors to use anonymous proxies without limitations. Almost the same method is used by Google to protect their servers, in that you are not allowed to start a search without solving a captcha. Remeber that the anonymous type is not blocked, only the transparent one.

2. Prevent posting from clients that do not send the accept-language header (every bowser sends this header, but spammers sometimes hide it completely). 

3. Insert a spammer trap in post.php (a hidden dummy form) - only bots can see it. Thus most bots cannot abuse the post form. They are blocked before they reach the real  form. Only the most recent IP's from bots that used the hidden form are stored- the oldest are deleted.

This extension might be useful for those who are looking for a captcha alternative or for those looking for additional spam protection.

You would need to create two files as follows.
- the yasb extension folder should contain manifest.xml with:

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE extension SYSTEM "ext-1.0.dtd">

<!--
/**
 * Yet another spam blocker (YASB - a non captcha alternative)
 *
 * @package yasb
 */
-->

    <extension engine="1.0">
    <id>yasb</id>
    <title>Yet another spam blocker (YASB - a non captcha alternative)</title>
    <version>1.1</version>
    <description>Blocks comment spam with non-captcha methods: 
    1. Stops posting over the transparent proxy type (this type is usually abused by spammers) but allows the anonymous web proxies maybe used by your forum visitors. 
    2. Prevents posting from  browsers not sending an accept-language header (every bowser sends this header, but spammers often try to hide the originating country).  
    3. Inserts a spammer trap through a hidden form in post.php - only bots can see it. Thus many bots are blocked from using the post form. Only the most recent IP's that used the hidden form are stored, so the blocked IP's will expire automatically. 
    </description>
    <author>NettiCat</author>
    <minversion>1.3</minversion>
    <maxtestedon>1.3.4</maxtestedon>




    <install>
        <![CDATA[
        $new_config = array(
            'o_yasb_block_proxy'        => '1',
            'o_yasb_block_missing_language'    => '1',
            'o_yasb_spamtrap'        => '1'
        );

        foreach($new_config as $conf_name => $conf_value)
        {
            if (!array_key_exists($conf_name, $forum_config))
            {
                $query = array(
                    'INSERT'    => 'conf_name, conf_value',
                    'INTO'        => 'config',
                    'VALUES'    => '\''.$conf_name.'\', \''.$conf_value.'\''
                );
                $forum_db->query_build($query) or error(__FILE__, __LINE__);
            }
        }

        ]]>
    </install>
    
    <uninstall>
        <![CDATA[
            $query = array(
            'DELETE'    => 'config',
            'WHERE'        => 'conf_name in (\'o_yasb_block_proxy\', \'o_yasb_block_missing_language\', \'o_yasb_spamtrap\')',
            );
            $forum_db->query_build($query) or error(__FILE__, __LINE__);
        ]]>
    </uninstall>

    <hooks>
        <hook id="po_start"><![CDATA[
            $fname = ".htbots"; //bot IP's file
            //is the IP an already known bot? compare with saved IP's
            if (file_exists($fname) && $forum_config['o_yasb_spamtrap'] == '1')         
            {
                $lines = file($fname);
                foreach($lines as $line)
                {
                    if(trim($line) == $_SERVER['REMOTE_ADDR']){
                        //known bot has gone into trap
                        echo "403 Forbidden - Your IP is listed as known spam bot\n";
                        header("HTTP/1.0 403 Forbidden");
                        exit;
                    }
                }
            }
            //yet unknown bot has gone into trap
            if (isset($_GET['trap']) && $forum_config['o_yasb_spamtrap'] == '1')
            {
                //read saved bot IP list
                if (file_exists($fname)) {
                    $lines = file($fname);
                }else{
                    $lines = array(); 
                }
                //trim list
                while(count($lines) > 100) {
                    array_shift($lines);
                }
                //add new bot IP
                array_push($lines, $_SERVER['REMOTE_ADDR']);
                //save updated list to public file
                $fhandle = fopen($fname,"w");
                    foreach($lines as $key => $value){
                        fwrite($fhandle,trim($value)."\n");
                }
                fclose($fhandle);
                echo "403 Forbidden - It seems you are a spam bot\n";
                header("HTTP/1.0 403 Forbidden");
                exit;
            }

            //check request headers
            $headers = getallheaders();
            $acceptlang = "";
            while (list ($header, $value) = each ($headers)) {
                if($forum_config['o_yasb_block_proxy'] == '1' && (stristr($header, 'FORWARD') == TRUE || stristr($header, 'PROX') == TRUE  || stristr($header, 'VIA') == TRUE
                    || stristr($header, 'REMOTE') == TRUE || stristr($header, 'CLIENT-IP') == TRUE)) {
                    echo "403 Forbidden - Posting via PROXY is not allowed, please use a direct connection (anti-spam protection)\n";
                    header("HTTP/1.0 403 Forbidden");
                    exit;
                }
                if(stristr($header, 'ACCEPT-LANGUAGE') == TRUE) {
                    $acceptlang = $value;
                }
            }
            //does accept language exist?
            if($forum_config['o_yasb_block_missing_language'] == '1' && $acceptlang == "") {
                echo "403 Forbidden - Missing browser accept language (anti-spam protection)\n";
                header("HTTP/1.0 403 Forbidden");
                exit;
            }
            ]]>
        </hook>

        <hook id="po_main_output_start, vt_qpost_output_start">
        <![CDATA[
            //create hidden form as bot trap
            ?>
            <!-- spam trap begin -->
            <div style='display: none;'>
            <form action='post.php?trap=1' method='post'><br>
            <input name='email' value='email'/><br>
            <input name='homepage' value='homepage'/><br>
            <input name='url' value='url'/><br>
            <textarea name='comment'></textarea><br>
            </form>
            </div>
            <!-- spam trap end -->
            <?php
        ]]>
    </hook>

        <hook id="aop_setup_validation">
            <![CDATA[
                if (!isset($form['yasb_block_proxy']) || $form['yasb_block_proxy'] != '1')
                    $form['yasb_block_proxy'] = '0';
                
                if (!isset($form['yasb_block_missing_language']) || $form['yasb_block_missing_language'] != '1')
                    $form['yasb_block_missing_language'] = '0';
                
                if (!isset($form['yasb_spamtrap']) || $form['yasb_spamtrap'] != '1')
                    $form['yasb_spamtrap'] = '0';
            ]]>
        </hook>

        <hook id="aop_setup_personal_fieldset_end">
            <![CDATA[
                    if (file_exists($ext_info['path'].'/lang/'.$forum_user['language'].'/'.$ext_info['id'].'.php'))
                        require $ext_info['path'].'/lang/'.$forum_user['language'].'/'.$ext_info['id'].'.php';
                    else
                        require $ext_info['path'].'/lang/English/'.$ext_info['id'].'.php';
                    $forum_page['group_count'] = $forum_page['item_count'] = 0;
                ?>
                <div class="content-head">
                    <h2 class="hn"><span><?php echo $lang_yasb['Setup'] ?></span></h2>
                </div>
                <fieldset class="frm-group group<?php echo ++$forum_page['group_count'] ?>">
                    <legend class="group-legend"><strong><?php echo $lang_yasb['Setup description legend'] ?></strong></legend>
                    <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
                        <div class="sf-box checkbox">
                            <label for="fld<?php echo $forum_page['fld_count'] ?>">
                                <span><?php echo $lang_yasb['Proxy'] ?></span>
                                <?php echo $lang_yasb['Proxy help'] ?>
                            </label>
                            <span class="fld-input"><input type="checkbox" id="fld<?php echo ++$forum_page['fld_count'] ?>" name="form[yasb_block_proxy]" value="1" <?php if ($forum_config['o_yasb_block_proxy'] == '1') echo ' checked="checked"' ?>/></span>
                        </div>
                    </div>
                    <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
                        <div class="sf-box checkbox">
                            <label for="fld<?php echo $forum_page['fld_count'] ?>">
                                <span><?php echo $lang_yasb['Language'] ?></span>
                                <?php echo $lang_yasb['Language help'] ?>
                            </label>
                            <span class="fld-input"><input type="checkbox" id="fld<?php echo ++$forum_page['fld_count'] ?>" name="form[yasb_block_missing_language]" value="1" <?php if ($forum_config['o_yasb_block_missing_language'] == '1') echo ' checked="checked"' ?>/></span>
                        </div>
                    </div>
                    <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
                        <div class="sf-box checkbox">
                            <label for="fld<?php echo $forum_page['fld_count'] ?>">
                                <span><?php echo $lang_yasb['Trap'] ?></span>
                                <?php echo $lang_yasb['Trap help'] ?>
                            </label>
                            <span class="fld-input"><input type="checkbox" id="fld<?php echo ++$forum_page['fld_count'] ?>" name="form[yasb_spamtrap]" value="1" <?php if ($forum_config['o_yasb_spamtrap'] == '1') echo ' checked="checked"' ?>/></span>
                        </div>
                    </div>
                </fieldset>
                <?php

            ]]>
        </hook>
    </hooks>

</extension>



....and the lang/english folder should contain yasb.php with:

<?php
if (!defined('FORUM')) die();
$lang_yasb = array(
    'Setup'                => 'YASB Spam Protection',
    'Setup description legend'    => 'Configure Spam Protection',
    'Proxy'                => 'Block transparent proxies',
    'Proxy help'        => 'If checked, any attempt to post via a non-anonymous proxy is rejected.',
    'Language'            => 'Block posts with missing language header',
    'Language help'        => 'If checked, posts from clients that do not send the accept language header will be rejected.',
    'Trap'                => 'Activate spammer trap',
    'Trap help'            => 'If checked, a invisible dummy form is created - any bot that uses the form is added to a temporary IP blacklist and cannot access post.php'
)
?>

YASB spammer trap would create a bot-IP plain text file named .htbots in the forum folder. You might want to make it public/share otherwise deny access by defining a .htaccess rule e.g.

<FilesMatch "^\.htbots">
Order allow,deny
Deny from all
</FilesMatch>