Topic: Extension Stopforumspam Query Beta Working!

Working extension!
http://punbb.informer.com/forums/topic/ … -antispam/

Grez wrote:

Anyway... I was checking the function Slavok advised, and somehow it seems we've got working (little bit rewriten) extension now big_smile

Check it out (.zip)  smile

Backup Version of Stopforumspam:
http://www.mediafire.com/file/vmsfi43m7 … _0.9.7.zip

**********************************
For get all my rambling below:


I'm trying to get this to work in my register.php
It's for blocking IPs that are known to be spammers according to stopforumspam.com

In my hosts setup file_get_contents are blocked
Warning: file_get_contents() [function.file-get-contents.php]: URL file-access is disabled in the server configuration
... so I need to rewrite the first block of code to something like? the second block?!

$urlchecker = file_get_contents('http://www.stopforumspam.com/api?ip='.get_remote_address());
 if (strpos($urlchecker, 'yes'))
        die($lang_common['No permission']);



$urlchecker = 'http://www.stopforumspam.com/api?ip='.get_remote_address();

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $urlchecker);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$urlchecker_response = curl_exec($ch);
curl_close ($ch);

if $urlchecker = 'yes'
  die ($lang_common['No permission']);

2 (edited by Grez 2010-07-18 22:33)

Re: Extension Stopforumspam Query Beta Working!

This code will try both file_get_contents and cURL ;-)

$url = 'http://www.stopforumspam.com/api?ip='.get_remote_address();

if(ini_get('allow_url_fopen') == 1) {

    $urlchecker = file_get_contents($url);
    if (strpos($urlchecker, 'yes')) {
        die($lang_common['No permission']); //got ya!
    }
    
} elseif(extension_loaded('curl')) {

    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_HEADER, FALSE);
    curl_setopt($curl, CURLOPT_TIMEOUT, 20);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    $result = curl_exec($curl);
    $ok = curl_errno($curl) === 0 && curl_getinfo($curl, CURLINFO_HTTP_CODE) === 200;
    
    if(!$ok) {
        //something gone wrong
    } else {
        if (strpos($result, 'yes')) {
            die($lang_common['No permission']); //got ya!
        }
    }
    
    curl_close ($curl);

} else {
    //You are doomed! I suggest contacting your hosting support for allowing_url_fopen or enabling curl :-)
}

//Edited

Eraversum - scifi browser-based online webgame

Re: Extension Stopforumspam Query Beta Working!

Thanks!!

Just wondering
I now saw, when test-registering,

ip no 0

in the top left corner (which means my IP passed the test and is clean)...

Should I post your code from above in a seperate php file (stopforumspam.php) and stick it in an extension ? Would it look something like this in manifest

       

    <hook id="rg_start" priority="4"><![CDATA[
            $register_head['sfs_php'] = '<script type="text/php" src="'.$ext_info['url'].'/stopforumspam.php"></script>';

          ]]></hook>

4

Re: Extension Stopforumspam Query Beta Working!

@KeyDog sorry, forgot one line  neutral Insert it before $result

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
Eraversum - scifi browser-based online webgame

Re: Extension Stopforumspam Query Beta Working!

btw: you've half written the extension now smile you might as well publish it, no?

6

Re: Extension Stopforumspam Query Beta Working!

I'm to lazy to do the "hooks thing" big_smile I prefer advising only smile

Eraversum - scifi browser-based online webgame

Re: Extension Stopforumspam Query Beta Working!

ok np big_smile
I uploaded the Beta extension here

do you have any idea how I can log the number of queries that are being sent to SFS? (they have a 5k daily limit I believe) I'm unsure as to whether it's actually sending queries, i.e. is the correct hook used, implemented etc...

8

Re: Extension Stopforumspam Query Beta Working!

Well, you could store it in db or in some file, but I don't think it's necessary because 5k daily limit should be sufficient for most forums wink

Eraversum - scifi browser-based online webgame

Re: Extension Stopforumspam Query Beta Working!

I agree, that won't be a prob.

What I would like though is to store this data that is returned from sfs

<response success="true">
     <type>ip</type>
     <appears>yes</appears>
     <lastseen>2007-09-18 05:48:53</lastseen>
     <frequency>2</frequency>
</response>

smile how would you do that?
plus the IP that was queried...

10 (edited by Grez 2010-07-18 22:51)

Re: Extension Stopforumspam Query Beta Working!

Well, SimpleXML would be easy solution, but since it isn't in core of PHP we should use regular expressions. (Badly I sux at them sad, so this isn't probably the best solution but it seems to work...) smile

if (strpos($urlchecker, 'yes')) {
   $bot = array();
   $bot["ip"] = get_remote_address();
   preg_match_all('/<type>(.*?)<\/type>/', $urlchecker, $matches);
   $bot["type"] = $matches[1][0];
   preg_match_all('/<lastseen>(.*?)<\/lastseen>/', $urlchecker, $matches);
   $bot["lastseen"] = $matches[1][0];
   preg_match_all('/<frequency>(.*?)<\/frequency>/', $urlchecker, $matches);
   $bot["frequency"] = $matches[1][0];

   //store into db


   
   die("No permission"); //got ya!
}
Eraversum - scifi browser-based online webgame

11

Re: Extension Stopforumspam Query Beta Working!

Thanks, won't we have to create a table in the db first.
I want to be able to go and check what IPs are blocked...

I saw in pun_approval that tables are created like this?

        if (!$forum_db->table_exists('sfs'))
        {
            $schema = array(
                'FIELDS'        => array(
                    'ip'    => array(
                        'datatype'        => 'VARCHAR(39)',
                        'allow_null'    => false,
                        'default'        => '\'0.0.0.0\''
                    ),
                    'last_seen'        => array(
                        'datatype'        => 'INT(10) UNSIGNED',
                        'allow_null'    => false,
                        'default'        => '0'
                    ),
                    
            );

            $forum_db->create_table('sfs', $schema);
        }

12

Re: Extension Stopforumspam Query Beta Working!

PunBB has a function "get_remote_file" to get page content ("<FORUM_ROOT>/include/functions.php"), checking "curl" and "allow_url_fopen" for availability is implemented in the function, so you can use it.

KeyDog wrote:

I saw in pun_approval that tables are created like this?

This is correct way to create table.

13

Re: Extension Stopforumspam Query Beta Working!

Thanks.

Slavok can you install that extension here?
I'd  be very curious to see how many can register and add signatures once it's checking that db.

KeyDog wrote:

I uploaded the Beta extension here

14

Re: Extension Stopforumspam Query Beta Working!

Ok it seems it isnt working (all the time anyway).... any ideas why not?
An IP just registered that is in their db over 200x...

EDIT: Following my discussion with pedigree over at sfs I found out 2 things , 1 this is over my head big_smile two we need to incorporate caching as his mod for vbulletin does like so

// This function returns true if a spambot is found in the cache database.
// It first purges old records
function sfsCacheHit ($data, $field) {
    global $vbulletin, $sfsPurged, $sfsCacheHit;
    
    $sfsCacheHit = false;
    
    if (!$sfsPurged) {
            // purge cache database of old records
            $sql = "DELETE FROM " . TABLE_PREFIX . "vbstopforumspam_remotecache WHERE date < DATE_SUB(NOW(), INTERVAL " . (int)$vbulletin->options['vbstopforumspam_remote_cache'] . " MINUTE);";
            $vbulletin->db->query($sql);
            $sfsPurged = true;
    }
        
    // get rows from database that contain the data (cache hit)
    $sql = "SELECT spambot FROM " . TABLE_PREFIX . "vbstopforumspam_remotecache WHERE field = '$field' AND data = '" . addslashes($data) . "' LIMIT 1 ;";
    $result = $vbulletin->db->query($sql);

    $line = $vbulletin->db->fetch_array($result);
  if (!empty($line)) {            
        $sfsCacheHit = true;
      
          // if we have data in the results, check if we have a spam hit
          if ($line['spambot'] > 0) return VBSFS_FAIL;
          if ($line['spambot'] == 0) return VBSFS_HIT_BUT_PASS;
          // return VBSFS_FAIL if we have a spam hit or all return 2 if we have a hit but its not a spambot              
  }  
    return VBSFS_PASS;
}

// This function returns true if a spambot is found in the cache database.
// It first purges old records
function sfsCacheHit ($data, $field) {
    global $vbulletin, $sfsPurged, $sfsCacheHit;
    
    $sfsCacheHit = false;
    
    if (!$sfsPurged) {
            // purge cache database of old records
            $sql = "DELETE FROM " . TABLE_PREFIX . "vbstopforumspam_remotecache WHERE date < DATE_SUB(NOW(), INTERVAL " . (int)$vbulletin->options['vbstopforumspam_remote_cache'] . " MINUTE);";
            $vbulletin->db->query($sql);
            $sfsPurged = true;
    }
        
    // get rows from database that contain the data (cache hit)
    $sql = "SELECT spambot FROM " . TABLE_PREFIX . "vbstopforumspam_remotecache WHERE field = '$field' AND data = '" . addslashes($data) . "' LIMIT 1 ;";
    $result = $vbulletin->db->query($sql);

    $line = $vbulletin->db->fetch_array($result);
  if (!empty($line)) {            
        $sfsCacheHit = true;
      
          // if we have data in the results, check if we have a spam hit
          if ($line['spambot'] > 0) return VBSFS_FAIL;
          if ($line['spambot'] == 0) return VBSFS_HIT_BUT_PASS;
          // return VBSFS_FAIL if we have a spam hit or all return 2 if we have a hit but its not a spambot              
  }  
    return VBSFS_PASS;
}

the code continues...
(functions_vbsfs.php)
see discussion in this thread
http://www.stopforumspam.com/forum/t159 … rying-Your
download his mod for *analysis* http://www.fizzleblood.net/vbStopForumSpam_v0.61.zip

15

Re: Extension Stopforumspam Query Beta Working!

IMO you don't even need to use any "cache", you could use that table in db, where are you storing bots which tried registering to your forum. Just cross check if that IP isn't in your database and only if db returns 0 rows send query to SFS site  wink

Eraversum - scifi browser-based online webgame

16

Re: Extension Stopforumspam Query Beta Working!

okay big_smile

how do I inserat the values from sfs though into my table?

<?php
        if (!$forum_db->table_exists('sfs'))
        {
            $schema = array(
                'FIELDS'        => array(
                    'ip'    => array(
                        'datatype'        => 'VARCHAR(39)',
                        'allow_null'    => false,
                        'default'        => '\'0.0.0.0\''
                    ),
                    'appears'        => array(
                        'datatype'        => 'INT(10) UNSIGNED',
                        'allow_null'    => false,
                        'default'        => '0'
                    ),
                    'last_seen'        => array(
                        'datatype'        => 'INT(10) UNSIGNED',
                        'allow_null'    => false,
                        'default'        => '0'
                    ),
                    'frequency'        => array(
                        'datatype'        => 'INT(10) UNSIGNED',
                        'allow_null'    => false,
                        'default'        => '0'
                    ),
                    
            );

            $forum_db->create_table('sfs', $schema);
        }

    $insert_query = array(
        'INSERT'    =>    'ip, appears, last_seen , frequency',
        'INTO'        =>    'sfs',
        'VALUES'      =>   
?>

17

Re: Extension Stopforumspam Query Beta Working!

Each time query to db whether table exists? Why not use <install> and <unistall> at manifest.xml?

//As well I changed the table a little bit... ;-)

<install>
<![CDATA[
        $schema = array(
            'FIELDS'    =>    array(
                'ip'            => array(
                    'datatype'        =>    'VARCHAR(15)',
                    'allow_null'    =>    false,
                    'default'        =>    '\'0.0.0.0\''
                ),
                'lastseen'        => array(
                    'datatype'        => 'DATETIME',
                    'allow_null'    => false,
                    'default'        => '0'
                ),
                'frequency'        => array(
                    'datatype'        => 'SMALLINT UNSIGNED',
                    'allow_null'    => false,
                    'default'        => '0'
                )
            ),
            'PRIMARY KEY'        =>    array('ip')
        );
        $forum_db->create_table('stopforumspam', $schema);
    ]]>
</install>
    
<uninstall>
    <![CDATA[
        $forum_db->drop_table('stopforumspam');
    ]]>
</uninstall>

//"caching system" big_smile

$query = array(
   'SELECT'   => 'ip',
   'FROM'     => 'stopforumspam',
   'WHERE'    => 'ip='.get_remote_address(),
   'LIMIT'    => '1'
);
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
if($forum_db->num_rows($result) > 0) {
    //die('You are spammer')
} else {
    //Request to to SFS.com
        //Insert to db
}

//Query for inserting data into db

$query = array(
   'INSERT'   => 'ip, last_seen, frequency',
   'INTO'     => 'stopforumspam',
   'VALUES'   => '\''.$bot["ip"].'\', \''.$bot["lastseen"].'\', \''.$bot["frequency"].'\''
);
$forum_db->query_build($query) or error(__FILE__, __LINE__);
Eraversum - scifi browser-based online webgame

18

Re: Extension Stopforumspam Query Beta Working!

Once again thanks a lot
Are the two queries not aloud to be at the beginning of the register.php?

Tried this and gives error:

    <![CDATA[
        $schema = array(
            'FIELDS'    =>    array(
                'ip'            => array(
                    'datatype'        =>    'VARCHAR(15)',
                    'allow_null'    =>    false,
                    'default'        =>    '\'0.0.0.0\''
                ),
                'lastseen'        => array(
                    'datatype'        => 'DATETIME',
                    'allow_null'    => false,
                    'default'        => '0'
                ),
                'frequency'        => array(
                    'datatype'        => 'SMALLINT UNSIGNED',
                    'allow_null'    => false,
                    'default'        => '0'
                )
            ),
            'PRIMARY KEY'        =>    array('ip')
        );
        $forum_db->create_table('stopforumspam', $schema);
      ]]>
    </install>
    
    <uninstall>
        <![CDATA[
            $forum_db->drop_table('stopforumspam');
        ]]>
    </uninstall>

    <hooks>
        <hook id="rg_start"><![CDATA[

                $register_head['sfs'] = '<script type="text/php" src="'.$ext_info['url'].'/sfs.php"></script>';

          $query = array(
            'SELECT'   => 'ip',
            'FROM'     => 'stopforumspam',
            'WHERE'    => 'ip='.get_remote_address(),
            'LIMIT'    => '1'
          );
          $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
          if($forum_db->num_rows($result) > 0) {
            //die('You are spammer')
          } else {
              //Request to to SFS.com
                  //Insert to db
          }
          
          $query = array(
            'INSERT'   => 'ip, last_seen, frequency',
            'INTO'     => 'stopforumspam',
            'VALUES'   => '\''.$bot["ip"].'\', \''.$bot["lastseen"].'\', \''.$bot["frequency"].'\''
          );
            $forum_db->query_build($query) or error(__FILE__, __LINE__);
        
    ]]></hook>

19 (edited by Grez 2010-07-19 22:26)

Re: Extension Stopforumspam Query Beta Working!

Ups, forgot about slashes in where clause for ip big_smile
Anyway... I was checking the function Slavok advised, and somehow it seems we've got working (little bit rewriten) extension now big_smile

Check it out (.zip)  smile

Eraversum - scifi browser-based online webgame

20

Re: Extension Stopforumspam Query Beta Working!

Fantastic will let you know asap how its going, thanks Grez and Slavok
and Slavok please try it here! big_smile

EDIT:        

Ext code wrote:

//maybe we could log this somewhere? (email, maybe), but I don't think it's 'that' important

I agree in principle. But especially after installing it would be good to see some feedback....


EDIT 2: We got this covered ? smile

pedigree (stopforumspam) wrote:

Im not familiar with the internals of punbb but I hope

$query = array(
'INSERT'   => 'ip, bot_visit, lastseen, frequency',
'INTO'     => 'stopforumspam',
  'VALUES'   => '\''.$ip.'\', NOW(), \''.$xml["response"]

handles duplicate primary key inserts/updates

21

Re: Extension Stopforumspam Query Beta Working!

Brilliant, can confirm this is working !!

This in my phpmyadmin table this morning big_smile

    ip    bot_visit    lastseen    frequency
            91.124.99.4    2010-07-20 03:47:12    2010-07-19 12:59:41    2
            84.111.37.26    2010-07-20 05:07:58    2010-07-19 21:02:55    260
            193.105.210.175    2010-07-20 05:27:29    2010-06-30 18:30:42    1

22

Re: Extension Stopforumspam Query Beta Working!

Yup, I've got some of them too  wink

217.23.10.108      2010-07-20 01:23:02      2010-07-19 19:14:36      33
91.212.226.240     2010-07-20 01:59:24     2010-07-19 18:08:58     1782
91.212.226.210     2010-07-20 02:43:02     2010-07-19 18:32:46     2522
217.21.115.189     2010-07-20 04:13:06     2010-06-29 05:48:40     36
195.191.40.104     2010-07-20 08:28:09     2010-07-20 00:00:17     73

So, I guess we can change version to 1.0.0 and release it  smile

Eraversum - scifi browser-based online webgame

23

Re: Extension Stopforumspam Query Beta Working!

Yes please feel free to do it! I'll close this topic as soon as you publish it in extensions...

24

Re: Extension Stopforumspam Query Beta Working!

KeyDog wrote:

EDIT 2: We got this covered ? smile

Yup, we do. We check the IP whether it's in db, before trying to insert it there  smile

//And unless we would have visits like Facebook I believe it should work

Eraversum - scifi browser-based online webgame

25

Re: Extension Stopforumspam Query Beta Working!

Where can I get the latest version of the extension? The last link returns 404 error.