26

Re: Simple Antispambot-code Mod v0.8

Glad to help. smile

27 (edited by DerekA 2008-07-20 05:19)

Re: Simple Antispambot-code Mod v0.8

Is Sirena's and MattF's code going to work in 1.2.19.? I had Sirena's code working until I upgraded to 1.2.19 then it stopped. For several months I have had no unwanted sign ups but as soon as the upgrade turned it off they are back, about 3-5 every night. hmm

28 (edited by sirena 2008-07-20 07:12)

Re: Simple Antispambot-code Mod v0.8

There's no reason why the mod should stop working with 1.2.19 - none of the recent changes to punbb have affected register.php practically in any way at all.

[In fact I just compared register.php from v1.2.16 to the register.php from 1.2.19 and they are identical, except for the copyright line at the very top. So register.php has been very stable over the ages.]

Try the install again from scratch with just the basic mod, and see if that works, remembering to be very careful in putting the code in the right place etc. Then add in MattF's enhancements etc as required - also very carefully - and I can pretty much guarantee that it will still work.

Re: Simple Antispambot-code Mod v0.8

this is working for me.  Thanks for figuring this out!
one request - If the question fails, the user is returned to Register page.  I have "use forum rules" turned on, so the user needs to return to this page to activate the register button.  I tried to figure out how to either return to the Rules page or keep the "agree" set, but it is a beyond me.  Any ideas?

Thanks,
-Dan

30 (edited by allan 2008-08-23 06:52)

Re: Simple Antispambot-code Mod v0.8

I feel dumb. How does one install this?

Edit: Never mind, I figured it out. smile

Re: Simple Antispambot-code Mod v0.8

allan wrote:

I feel dumb. How does one install this?

Well, I'm totally dumb.  I wouldn't know where to start.  So far, my BB host has been doing all of the installations for me.

I've had to suspend registrations on my punBB, because all I was getting was bots, up to ten per night.

Can your moderating tweaks be incorporated into a new release of punBB for the almost totally clueless?

32

Re: Simple Antispambot-code Mod v0.8

If you want a real easy way to do an anti-spam registration page on 1.2*, download this file by Jacky:

http://www.punres.org/files.php?pid=503

It includes a ready-made anti-spam register.php you can just drop into your site to replace the default register.php (and a few support files you'll need to place on your site too).

You will need to customize the questions the mod asks though, of course, but that really is pretty easy and doesn't involve editing any code.

Re: Simple Antispambot-code Mod v0.8

Dear Sirena

Thank you for the suggestion.  The answer looks good.  However, I'm still dumb, so dumb that I don't know how to get to my register.php file...

Have asked my ISP to help.  Do you have any further advice?

Regards, Tundern

34

Re: Simple Antispambot-code Mod v0.8

tundern wrote:

Dear Sirena

Thank you for the suggestion.  The answer looks good.  However, I'm still dumb, so dumb that I don't know how to get to my register.php file...

Have asked my ISP to help.  Do you have any further advice?

Do you have the ability to FTP into your web server, to upload files etc? Most web hosts will let you do so. FTP clients are available everywhere for download - eg FileZilla:
http://filezilla-project.org/download.php?type=client

If you do have FTP, connect to your website with your FTP client, move to the folder that contains your Punbb forum files, find the folder that contains your current 'register.php' file, and then upload to that location the files that came with Jacky's mod. Make sure you upload the files as 'ASCII text', by the way, not 'binary' format.

Before you upload them, of course, open up the files of Jacky's mod with a text editor and modify the questions etc in there to suit your needs.

You may also be able to do all of this via the web-based control panel offered by your web host (eg cPanel) rather than FTP, but that depends on what your host has setup for you.

Re: Simple Antispambot-code Mod v0.8

Sirena--thank you for your help.  My ISP's help desk installed the modifications a couple of days ago.  So far, no new registrations but I have some idea now of the changes to ask for if the bots start again. 

How can we make sure that this modification is in the next version of PunBB, maybe with the ability of the administrator to change the questions and answers without going into the register.php file?

Cheers, Tundern

36

Re: Simple Antispambot-code Mod v0.8

tundern wrote:

How can we make sure that this modification is in the next version of PunBB, maybe with the ability of the administrator to change the questions and answers without going into the register.php file?

Ask the PunBB developers nicely smile

They know spam is a problem, and this sort of mod (simple question & answers with the addition of an admin control panel to make it easier to admin) might be part of a solution they could consider including in the core.

Re: Simple Antispambot-code Mod v0.8

tundern wrote:

How can we make sure that this modification is in the next version of PunBB, maybe with the ability of the administrator to change the questions and answers without going into the register.php file?

PunBB 1.3 (which is the next version) includes extensions system. Using it, you are able to download a pun_antispam extension and install it with one click. You don't have to modify the code manually.

sirena wrote:

They know spam is a problem, and this sort of mod (simple question & answers with the addition of an admin control panel to make it easier to admin) might be part of a solution they could consider including in the core.

PunBB is not aimed to be featured, but fast and lightweight.
CAPTCHA as an extension is a good option and may be implemented in a lot of ways.
Nevertheless, since 1.3 release you will be able to download and install the most common extensions with one click via pun_admin_repository extension.

Carpe diem

38

Re: Simple Antispambot-code Mod v0.8

PunBB 1.3 (which is the next version) includes extensions system. Using it, you are able to download a pun_antispam extension and install it with one click.

Excellent!! That will be a very popular extension for 1.3. Thank you for that news.

However it will be CAPTCHA based by the look of it, which has disadvantages.

Any chance of adding into that mod another field to the form and the DB to record a text-only response along the lines of the simple anti-spybot mod of this thread?

CAPTCHAS seem very vulnerable to automated (or outsourced human http://www.decaptcher.com/client/ ) attack, that's all, with VB, PhpBB, Gmail, Yahoo, MS etc all reporting CAPTCHA's being cracked.

Sometimes text-based Q&A can be harder to crack (even by outsourced humans in India or Vietnam) with good questions that may, for example, require some specific cultural or local understanding, or familiarity with a web site.

Re: Simple Antispambot-code Mod v0.8

sirena wrote:

Sometimes text-based Q&A can be harder to crack (even by outsourced humans in India or Vietnam) with good questions that may, for example, require some specific cultural or local understanding, or familiarity with a web site.

I think this is a good idea for special extension :-)

Carpe diem

40 (edited by User33 2008-10-27 20:25)

Re: Simple Antispambot-code Mod v0.8

My Idea

When a user visits 'register.php' a random string (Ex. ab45x) and a random arithmetic operation (Ex. 3+3) are generated and added to a MySQL table 'INSERT INTO regchk VALUES ("random string", "random operation", timestamp);' (rows are dropped automatically if they are 24 hours old).

You then add a new field to the registration form and a link to 'regchk.php?s=ab45x (random string)'. Then, you tell the user to visit the link and write the shown answer on the new field.

What 'regchk.php' does is look for the arithmetic operation related to the random string provided and then redirect the user to 'http://www.google.com/search?q=' + arithmetic operation (note that the operation's characters that are not numbers have to be URL-encoded).

Btw, this is just an idea.