this is not your typical "edit the variable names" script.
Instead Im adding a fully customizable visual confirmation that actually requires a human to register.
It displays an image out of a database and the registree must identify it out of several options. However to prevent spambots from smartening up and learning which options correspond to which pictures, this comes with an administrative interface that allows you to add and remove your own pictures making it fully customizable.
anyway, I finished coding the MOD, but its getting late so Im just going to post a few screenies of it and go make the beta template file in the morning.
Make the <img> tag in the register page reference a php image generator script with a random md5 string corresponding to the user's session or something, so bots can't defeat it by looking at the url for the img/
thats a good idea. I also have to change the way it validates the input so that isn't just numeric.
[edit]
fixed my error. working your idea.
Cool stuff. I really hope this helps with all the bot problems. ^_^
I just finished implementing your suggestion.
Time for the beta mod template.
I'd love to see it in action on your site. Let me see if I can find anything else to suggest...
http://rancidmoose.unitedti.org/members/software/eXtreme_antispam_mod_v0.6.0.zip
Code: ##############################################################
## MOD Title: eXtreme Antispam
## MOD Author: rancidmoose < elfprince13@gmail.com > (Thomas Dickerson) http://rancidmoose.unitedti.org
## MOD Description: Prevents spambots from registering on your site
## MOD Version: x.x.x
##
## Installation Level: (Intermediate)
## Installation Time: 10 Minutes
## Files To Edit: templates/subSilver/profile_add_body.tpl,
## includes/usercp_register.php
## Included Files: (includes/functions_antispam_img.php, admin/admin_antispam.php, templates/subSilver/admin/admin_edit_antispam.tpl, templates/subSilver/admin/admin_edit_antispam.tpl, images/antispam/)
## License: http://opensource.org/licenses/gpl-license.php GNU General Public License v2
##############################################################
## For security purposes, please check: http://www.phpbb.com/mods/
## for the latest version of this MOD. Although MODs are checked
## before being allowed in the MODs Database there is no guarantee
## that there are no security problems within the MOD. No support
## will be given for MODs not found within the MODs Database which
## can be found at http://www.phpbb.com/mods/
##############################################################
## Author Notes:
##
##all images should be uploaded to the images/antispam/ directory
##
##
##############################################################
## MOD History:
##
## 2006-06-09 - Version 0.6.0
## - added script to mask the filename
## 2006-06-09 - Version 0.5.0
## - improved validation of registration form input
## 2006-05-09 - Version 0.4.0
## - templated admin interface
## 2006-05-09 - Version 0.3.0
## - integrated into registration script
## 2006-05-09 - Version 0.2.0
## - added functionality to admin interface
## 2006-05-09 - Version 0.1.0
## - created admin interface
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ SQL ]------------------------------------------
#
CREATE TABLE `phpbb_antispam` (
`Filename` varchar(32) NOT NULL default '',
`Option1` varchar(32) NOT NULL default '',
`Option2` varchar(32) NOT NULL default '',
`Option3` varchar(32) NOT NULL default '',
`Alt-Text` varchar(32) NOT NULL default '',
`CorrectOption` int(2) NOT NULL default '0'
) TYPE=MyISAM;
#
#-----[ COPY ]------------------------------------------
#
copy includes/functions_antispam_img.php to includes/functions_antispam_img.php
copy admin/admin_antispam.php to admin/admin_antispam.php
copy templates/subSilver/admin/admin_edit_antispam.tpl to templates/subSilver/admin/admin_edit_antispam.tpl
copy templates/subSilver/admin/admin_edit_antispam.tpl to templates/subSilver/admin/admin_edit_antispam.tpl
copy images/antispam/ to images/antispam/
#
#-----[ OPEN ]------------------------------------------
#
templates/subSilver/profile_add_body.tpl
#
#-----[ FIND ]------------------------------------------
#
<tr>
<td class="catSides" colspan="2" height="28"> </td>
</tr>
<tr>
<th class="thSides" colspan="2" height="25" valign="middle">{L_PROFILE_INFO}</th>
</tr>
<tr>
<td class="row2" colspan="2"><span class="gensmall">{L_PROFILE_INFO_NOTICE}</span></td>
</tr>
#
#-----[ BEFORE, ADD ]------------------------------------------
#
<!-- BEGIN switch_extreme_antispam -->
<tr>
<td class="row1"><span class="gen"><img src="{AS_FILENAME}" alt="{AS_ALTTEXT}"><br /> Displaying antispam image #{IMG_NUMBER}</span><br /><span class="gensmall">Please select the menu item represented by this picture</span></td>
<td class="row2"><span class="gen_med">{AS_ERROR}</span><br /><select name="pic_choice_id"><option value="{AS_OPTION1}">{AS_OPTION1}</option><option value="{AS_OPTION2}">{AS_OPTION2}</option><option value="{AS_OPTION3}">{AS_OPTION3}</option></select><input type="hidden" name="picture_id" value="{IMG_NUMBER}"></td>
</tr>
<!-- END switch_extreme_antispam -->
#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_register.php
#
#-----[ FIND ]------------------------------------------
#
$passwd_sql = '';
if ( $mode == 'editprofile' )
{
if ( $user_id != $userdata['user_id'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Wrong_Profile'];
}
}
else if ( $mode == 'register' )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty'];
}
}
#
#-----[ AFTER, ADD ]------------------------------------------
#
if($mode = 'register')
{
$sql = "SELECT * FROM " . $table_prefix . "antispam";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not obtain antispam data', __LINE__, __FILE__, $sql);
}
$picid = intval($_POST['picture_id']);
$db->sql_rowseek($picid,$result);
$db->sql_fetchrow($result);
$crct_option = $db->sql_fetchfield('CorrectOption') % 3 + 1;
$option1 = $db->sql_fetchfield('Option1');
$option2 = $db->sql_fetchfield('Option2');
$option3 = $db->sql_fetchfield('Option3');
$ent_opt = $_POST['pic_choice_id'];
if((!($ent_opt == $option1 && $crct_option==1) && !($ent_opt == $option2 && $crct_option==2) && !($ent_opt == $option3 && $crct_option==3))){
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'You incorrectly identified the antispam image.';
}
}
#
#-----[ FIND ]------------------------------------------
#
$html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
$bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
$smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
$template->set_filenames(array(
'body' => 'profile_add_body.tpl')
);
if ( $mode == 'editprofile' )
{
$template->assign_block_vars('switch_edit_profile', array());
}
if ( ($mode == 'register') || ($board_config['allow_namechange']) )
{
$template->assign_block_vars('switch_namechange_allowed', array());
}
else
{
$template->assign_block_vars('switch_namechange_disallowed', array());
}
#
#-----[ AFTER, ADD ]------------------------------------------
#
//eXtreme Visual Confirmation
if ( $mode == 'register' )
{
$sql = 'SELECT * FROM ' . $table_prefix . 'antispam';
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not select antispam data', '', __LINE__, __FILE__, $sql);
}
$num_antispam_entries = $db->sql_numrows($result);
if($num_antispam_entries != 0)
{
$randomimg = rand(0, $num_antispam_entries - 1);
$db->sql_rowseek($randomimg,$result);
$filename = $db->sql_fetchfield('Filename');
$alttext = $db->sql_fetchfield('Alt-Text');
$Option1 = $db->sql_fetchfield('Option1');
$Option2 = $db->sql_fetchfield('Option2');
$Option3 = $db->sql_fetchfield('Option3');
$correct = $db->sql_fetchfield('CorrectOption');
}
else
{
$as_error = 'ERROR!!! The administration has not yet added any images. Please let them know about this by emailing <a href="mailto:"' . $board_config['board_email'] . '">' . $board_config['board_email'] . '</a>';
}
$template->assign_block_vars('switch_extreme_antispam', array());
}
#
#-----[ FIND ]------------------------------------------
#
'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'],
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_FORM_ENCTYPE' => $form_enctype,
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"),
#
#-----[ AFTER, ADD ]------------------------------------------
#
'AS_FILENAME' => append_sid($phpbb_root_path . "includes/functions_antispam_img.php?num=" . $randomimg),
'AS_OPTION1' => $Option1,
'AS_OPTION2' => $Option2,
'AS_OPTION3' => $Option3,
'AS_ALTTEXT' => $alttext,
'AS_ERROR' => $as_error,
'IMG_NUMBER' => $randomimg
#
#-----[ AFTER, ADD ]------------------------------------------
#
make sure to upload at least one image and enter it into the antispam database from the ACP
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Very cool. Don't know if I have a big need to install it here yet, but I'll certainly consider it.
awwesome. we do seem to get a fairly steady flow of bot registrations, they hardly ever post though.
1800
th post, elf! I don't want to put you out of a job, do i?
1801th post.
lol
anyway, Im planning on a few more changes to this too so if you do want to install it, dont do it yet.
Alrighty. What kinds of changes would those happen to be, exactly?
ones to make it harder for bots to guess the correct answer/
elfprince13 wrote:
ones to make it harder for bots to guess the correct answer/
Changes for the better then? Cool. Oh, and I see you've adopted my habit of hitting / instead of . as you tab-space at the end of a post.
I have a way to make it very difficult for spambots.
elfprince13 wrote:
I have a way to make it very difficult for spambots.
Which would be... ?
everything will be revealed in its own time. Im keeping this under wraps till its done. :p
to up the suspense you know.
Of course.
I noticed that Maxcoderz added something like this. Do you know how theirs works?
KermMartian wrote:
Of course.
I noticed that Maxcoderz added something like this. Do you know how theirs works?
yes. They instaban every IP address that tries to send a website and signature with registration, and then removed those 2 items from the registration form so they can tell if something skips the form. Mine has an even more intelligent way of telling: it just keeps a list of all the session ids which have visited the registration page, and if a session id not in that list, it knows it never visit the registratioon page, and bans it.
[edit]
Its now ready for usage on single language boards afaik
http://rancidmoose.unitedti.org/members/software/eXtreme_antispam_mod_v1.0.0.zip
elfprince13 wrote:
KermMartian wrote:
Of course.
I noticed that Maxcoderz added something like this. Do you know how theirs works?
yes. They instaban every IP address that tries to send a website and signature with registration, and then removed those 2 items from the registration form so they can tell if something skips the form. Mine has an even more intelligent way of telling: it just keeps a list of all the session ids which have visited the registration page, and if a session id not in that list, it knows it never visit the registratioon page, and bans it.
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.
»
Go to Registration page
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
