[BETA] Anti-spam bots registration

[callumw]

I have an enhancement request for this mod.

Let's presume that the bots or whatever are running from a shared webhost or from a amateur hacker's home PC......

Instead of emailing the Board Admin, could we not query the IP of the person/bot? Then do a RDNS on the IP to see who owns the connection (ISP or Hosting company) and send an email to the Admin of the ISP / Hoster with details of the detected Bot attack from IP xxx.xxx.xxx.xxx at Time/Date.

Play them at their own game

[EXreaction]

It worked a treat.

Thanks very much.

I thought the code below was just indicating the start and end of the changed code.

<!-- END switch_edit_website -->

Nope, that is a switch in the template.
If you want to know more, check this KB article out. 8)
http://www.phpbb.com/kb/article.php?article_id=200

I have an enhancement request for this mod.

Let's presume that the bots or whatever are running from a shared webhost or from a amateur hacker's home PC......

Instead of emailing the Board Admin, could we not query the IP of the person/bot? Then do a RDNS on the IP to see who owns the connection (ISP or Hosting company) and send an email to the Admin of the ISP / Hoster with details of the detected Bot attack from IP xxx.xxx.xxx.xxx at Time/Date.

Play them at their own game

That is not a bad idea.
I don't know how to do something like that though.

[callumw]

That is not a bad idea.
I don't know how to do something like that though.

PHP should have a request variable (REMOTE_HOST?) that shows something like:

rima.123.34.aol.com

All you do is strip the last 2 segments (or 3 if it's .co.uk or suchlike) and send an email to Webmaster@aol.com

[EXreaction]

That is not a bad idea.
I don't know how to do something like that though.

PHP should have a request variable (REMOTE_HOST?) that shows something like:

rima.123.34.aol.com

All you do is strip the last 2 segments (or 3 if it's .co.uk or suchlike) and send an email to Webmaster@aol.com

Ya, but how would I get the IPS from the IP address? Getting that info off of a different site is the part I don't know about.

[eggmceye]

I installed this mod a few days ago and tested it thoroughly (eg, manually registering without the switches in the template to see if putting values in website & sig will trigger the message_die) and it works, and the theory of it is great.

However, spambots are still getting thru - I had 5 overnight on my forum. They can't post of course, as they never activate.

I tried adding my own mod as well: embed a hidden key/value in the profile form then checking to see if that is set during registration, and if it isn't, it's a bot (since you'd think they wouldn't know abt my hidden field) - of course, it didn't work either (tho worked when testing by hand). Are the bots that clever - getting around my cheap mod + this one?

btw the bots always use the email domains mail.ru and cashette.com

This isn't really a call for help - I do php for my day job and can generally figure out modding problems myself - but more just sharing my experience.

[EXreaction]

Just because people are registering doesn't mean its a bot. I have one guy that keeps manually spamming our site(its really starting to make me mad).

You can do all kinds of things to stop bots but you will never stop manual registrations.

[eggmceye]

you'd think if it was a real person then they'd bother to activate, then actually post. Anyway, not trying to start an argument. Just wondering if the bots are smarter than we are allowing for.

[dmr727]

I still get the spammers after the mod, with no e-mails telling me anything's been killed. They just don't have the web and signature fields, but still stuff the other fields with junk.

A couple of noob questions - I'm assuming the reason I'm not getting e-mails is that the mail function used in the mod just uses sendmail or whatever is set up on the server. Is there an easy way to get it to use SMTP to send it instead?

I've also installed the mod that makes inactive users invisible (to all but admins) in my member list. But the inactive users still appear in the "Newest Registered User" line on the main page. Would there be an easy way to make that only show active users as well? If my members can't see any of the spammers, it really wouldn't matter if a couple of smart spammers still get through the mod this thread is based on.

[computersOC]

Anyone have any idea as to my question I posted a few posts back?

Please copy and paste the code here using the code brackets. I don't like downloading a hack from an unknown source.

Here are the potentially relevant parts. phpBB.com won't let me post the whole mod since it's big.

Code: Select all

# 
#-----[ OPEN ]------------------------------------------------ 
#
includes/usercp_avatar.php

# 
#-----[ FIND ]------------------------------------------------ 
#
$avatar_data .= @fread($fsock, $board_config['avatar_filesize']);

# 
#-----[ REPLACE WITH ]---------------------------------------- 
#

// Start replacement - Signatures control MOD
$avatar_data .= @fread($fsock, ( $board_config['sig_max_img_av_files_size'] ) ? $board_config['sig_max_img_av_files_size'] : $board_config['avatar_filesize']);
// End replacement - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------ 
#
if ( !$error && $avatar_filesize > 0

# 
#-----[ IN-LINE FIND ]---------------------------------------- 
#
!$error &&

# 
#-----[ IN-LINE REPLACE WITH ]-------------------------------- 
#
(

# 
#-----[ IN-LINE FIND ]---------------------------------------- 
#
['avatar_filesize']

# 
#-----[ IN-LINE AFTER, ADD ]---------------------------------- 
#
) || $board_config['sig_max_img_av_files_size']

# 
#-----[ FIND ]------------------------------------------------ 
#
if ( $avatar_filesize <= $board_config['avatar_filesize']

# 
#-----[ IN-LINE FIND ]---------------------------------------- 
#
$avatar_filesize

# 
#-----[ IN-LINE BEFORE, ADD ]--------------------------------- 
#
(

# 
#-----[ IN-LINE FIND ]---------------------------------------- 
#
> 0

# 
#-----[ IN-LINE AFTER, ADD ]----------------------------------
#
) || $board_config['sig_max_img_av_files_size']

# 
#-----[ OPEN ]------------------------------------------------ 
# 
includes/usercp_register.php 

# 
#-----[ FIND ]------------------------------------------------ 
# 
// Check and initialize some variables if needed
//

# 
#-----[ AFTER, ADD ]------------------------------------------ 
# 

// Start add - Signatures control MOD
if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_sig_control.' . $phpEx)) ) 
{ 
	include_once($phpbb_root_path . 'language/lang_english/lang_sig_control.' . $phpEx); 
} else 
{ 
	include_once($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_sig_control.' . $phpEx); 
} 
// End add - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
# 
if ( $signature != '' )

# 
#-----[ IN-LINE FIND ]----------------------------------------
#
''

# 
#-----[ IN-LINE AFTER, ADD ]----------------------------------
#
 && $userdata['user_allowsignature'] == 1

# 
#-----[ FIND ]------------------------------------------------
# 
if ( strlen($signature) > $board_config['max_sig_chars'] )

# 
#-----[ REPLACE WITH ]----------------------------------------
#

// Start replacement - Signatures control MOD
$signature_no_bbcode = preg_replace("#\[img\].*?\[/img\]|\[\/?(size.*?|b|i|u|color.*?|quote.*?|code|list.*?|url.*?)\]#si", "", $signature);
if ( strlen($signature_no_bbcode) > $board_config['max_sig_chars'] && $board_config['max_sig_chars'] )
// End replacement - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
# 
if ( !isset($signature_bbcode_uid) || $signature_bbcode_uid == '' )

# 
#-----[ BEFORE, ADD ]-----------------------------------------
#

// Start add - Signatures control MOD
	$sig_error_list = '';

	// BBCodes control
	$bbcode_error_list = '';
	$bbcode_error_list .= ( !$board_config['sig_allow_font_sizes'] && substr_count(strtolower($signature), '[/size]') > 0 ) ? '[size]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_bold'] && substr_count(strtolower($signature), '[/b]') > 0 ) ? '[b]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_italic'] && substr_count(strtolower($signature), '[/i]') > 0 ) ? '[i]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_underline'] && substr_count(strtolower($signature), '[/u]') > 0 ) ? '[u]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_colors'] && substr_count(strtolower($signature), '[/color]') > 0 ) ? '[color]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_quote'] && substr_count(strtolower($signature), '[/quote]') > 0 ) ? '[quote]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_code'] && substr_count(strtolower($signature), '[/(editedsincephpBB.com converts this)code]') > 0 ) ? '[code]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_list'] && substr_count(strtolower($signature), '[/list]') > 0 ) ? '[list]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_url'] && substr_count(strtolower($signature), '[/url]') > 0 ) ? '[url]' : '';
	$bbcode_error_list .= ( !$board_config['sig_allow_images'] && substr_count(strtolower($signature), '[/img]') > 0 ) ? '[img]' : '';

	$exotic_bbcodes_list = explode(",", $board_config['sig_exotic_bbcodes_disallowed']);
	while ( list($bbckey, $exotic_bbcode) = @each($exotic_bbcodes_list) )
	{
		$exotic_bbcode = trim(strtolower($exotic_bbcode));
		if ( $exotic_bbcode != '' )
		{
			$bbcode_error_list .= ( substr_count(strtolower($signature), '[/'.$exotic_bbcode.']') > 0 ) ? '['.$exotic_bbcode.']' : '';
		}
	}

	if ( $bbcode_error_list != '' )
	{
		$error = TRUE;
		$sig_error_list .= '<br />' . sprintf($lang['sig_error_bbcode'], '<span style="color: #800000">' . $bbcode_error_list . '</span>');
	}

	// Number of lines control
	if ( $board_config['sig_max_lines'] )
	{
		if ( count(explode("\n", $signature)) > $board_config['sig_max_lines'] ) 
		{ 
			$error = TRUE;
			$sig_error_list .= '<br />' . sprintf($lang['sig_error_max_lines'], count(explode("\n", $signature)), $board_config['sig_max_lines']);
		}
	}

	// Wordwrap control
	if ( $board_config['sig_wordwrap'] )
	{
		$signature_no_bbcode = preg_replace("#\[img\].*?\[/img\]|\[\/?(size.*?|b|i|u|color.*?|quote.*?|code|list.*?|url.*?)\]#si", "", $signature);
		$signature_splited = preg_split("/[\s,]+/", $signature_no_bbcode);

		foreach($signature_splited as $key => $word)
		{
			$length = strlen($word);
			if( $length > $board_config['sig_wordwrap'] )
			{
				$words[$key] = $word;
			}
		}

		if ( count($words) ) 
		{ 
			$error = TRUE;
			$sig_error_list .= '<br />' . sprintf($lang['sig_error_wordwrap'], count($words), $board_config['sig_wordwrap']);
		}
	}

	// Font size limit control (imposed font size is managed in viewtopic.php)
	if ( $board_config['sig_allow_font_sizes'] == 2 )
	{
		if( preg_match_all("#\[size=([0-9]+?)\](.*?)\[/size\]#si", $signature, $sig_sizes_list) )
		{
			if ( $board_config['sig_min_font_size'] && min($sig_sizes_list[1]) < $board_config['sig_min_font_size'] )
			{
				$error = TRUE;
				$sig_error_list .= '<br />' . sprintf($lang['sig_error_font_size_min'], min($sig_sizes_list[1]), $board_config['sig_min_font_size']);
			}
			if ( $board_config['sig_max_font_size'] && max($sig_sizes_list[1]) > $board_config['sig_max_font_size'] )
			{
				$error = TRUE;
				$sig_error_list .= '<br />' . sprintf($lang['sig_error_font_size_max'], max($sig_sizes_list[1]), $board_config['sig_max_font_size']);
			}
		}
	}

	// Images control (except file the size error message)
	$total_image_files_size = 0;

	if( $board_config['sig_allow_images'] && preg_match_all("#\[img\]((ht|f)tp://)([^\r\n\t<\"]*?)\[/img\]#si", $signature, $sig_images_list) )
	{
		if( count($sig_images_list[0]) > $board_config['sig_max_images'] && $board_config['sig_max_images'] != 0 )
		{
			$error = TRUE;
			$sig_error_list .= '<br />' . sprintf($lang['sig_error_num_images'], count($sig_images_list[0]), $board_config['sig_max_images']);
		}

		for( $i = 0; $i < count($sig_images_list[0]); $i++ )
		{
			$image_url = $sig_images_list[1][$i].$sig_images_list[3][$i];

			preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $image_url, $image_url_ary);

			if ( empty($image_url_ary[4]) )
			{
				$error = true;
				$sig_error_list .= '<br />' . $lang['Incomplete_URL'] . ': ' . '<span style="color: #800000">' . $image_url . '"</span>';
			} else
			{
				$image_size_control = false;
				if ( $board_config['sig_max_img_height'] != 0 || $board_config['sig_max_img_width'] != 0 )
				{
					usleep(1500);
					if ( list($image_width, $image_height) = @getimagesize($image_url) )
					{
						$image_size_control = true;
						if( ($board_config['sig_max_img_height'] != 0 && $image_height > $board_config['sig_max_img_height']) ||
						    ($board_config['sig_max_img_width'] != 0 && $image_width > $board_config['sig_max_img_width']) )
						{
							$error = TRUE;
							$sig_error_list .= '<br />' . sprintf($lang['sig_error_images_size'], '<span style="color: #800000">' . $image_url . '"</span>', $image_height, $image_width, ( $board_config['sig_max_img_height'] ) ? $board_config['sig_max_img_height'] : $lang['sig_unlimited'], ( $board_config['sig_max_img_width'] ) ? $board_config['sig_max_img_width'] : $lang['sig_unlimited']);
						}
					}
				}
	
				$image_data = '';
				$image_file_size_control = 0;
				if( $board_config['sig_max_img_files_size'] != 0 || $board_config['sig_max_img_av_files_size'] != 0 ||
					(($board_config['sig_max_img_height'] != 0 || $board_config['sig_max_img_width'] != 0) && $image_size_control == false) )
				{
					if( $image_fd = @fopen($image_url, "rb") )
					{
						while (!feof($image_fd))
						{
							$image_data .= fread($image_fd, 1024);
						}
						fclose($image_fd);

						$total_image_files_size += strlen($image_data);
						$image_file_size_control = 3;
					} else		
					{
						$base_get = '/' . $image_url_ary[4];
						$port = ( !empty($image_url_ary[3]) ) ? $image_url_ary[3] : 80;

						if ( !($image_fsock = @fsockopen($image_url_ary[2], $port, $errno, $errstr)) )
						{
							$error = true;
							$sig_error_list .= '<br />' . $lang['No_connection_URL'] . ': ' . '<span style="color: #800000">' . $image_url . '"</span>';
						} else
						{
							@fputs($image_fsock, "GET $base_get HTTP/1.1\r\n");
							@fputs($image_fsock, "HOST: " . $image_url_ary[2] . "\r\n");
							@fputs($image_fsock, "Connection: close\r\n\r\n");

							while( !@feof($image_fsock) )
							{
								$image_data .= @fread($image_fsock, 1024);
							}
							@fclose($image_fsock);		

							if ( preg_match('#Content-Length\: ([0-9]+)[^ /][\s]+#i', $image_data, $image_file_data) )
							{
								$total_image_files_size += $image_file_data[1]; 
								$image_file_size_control = 2;
							} else
							{
								$total_image_files_size += strlen($image_data)-307; 
								$image_file_size_control = 1;
							}
						}
					}
				}

				if( ($board_config['sig_max_img_height'] != 0 || $board_config['sig_max_img_width'] != 0) && $image_size_control == false )
				{
					if( $image_file_size_control == 2 )
					{
						$image_data = substr($image_data, strlen($image_data) - $image_file_data[1], $image_file_data[1]);
					}

					if( function_exists('ImageCreateFromString') )
					{
						if( $image_string = @ImageCreateFromString($image_data) )
						{
							$image_width = ImageSX($image_string);
							$image_height = ImageSY($image_string);

							if( ($board_config['sig_max_img_height'] != 0 && $image_height > $board_config['sig_max_img_height']) ||
							    ($board_config['sig_max_img_width'] != 0 && $image_width > $board_config['sig_max_img_width']) )
							{
								$error = TRUE;
								$sig_error_list .= '<br />' . sprintf($lang['sig_error_images_size'], '<span style="color: #800000">' . $image_url . '"</span>', $image_height, $image_width, ( $board_config['sig_max_img_height'] ) ? $board_config['sig_max_img_height'] : $lang['sig_unlimited'], ( $board_config['sig_max_img_width'] ) ? $board_config['sig_max_img_width'] : $lang['sig_unlimited']);
							}

							ImageDestroy($image_string);
						} else
						{
							if( $board_config['sig_allow_on_max_img_size_fail'] == 0 )
							{
								$error = TRUE;
								$sig_error_list .= '<br />' . sprintf($lang['sig_error_images_size_control'], '<span style="color: #800000">' . $image_url . '"</span>');
							}
						}
					}else
					{
						if( $board_config['sig_allow_on_max_img_size_fail'] == 0 )
						{
							$error = TRUE;
							$sig_error_list .= '<br />' . sprintf($lang['sig_error_images_size_control'], '<span style="color: #800000">' . $image_url . '"</span>');
						}
					}
				}
			}
		}
	}
}

if ( $signature != '' )
{
// End add - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
#
$avatar_sql = '';

# 
#-----[ BEFORE, ADD ]----------------------------------------- 
#

// Start add - Signatures control MOD
if ( $board_config['sig_max_img_av_files_size'] != 0 && ($board_config['allow_avatar_upload'] || $board_config['allow_avatar_remote'] || $board_config['allow_avatar_local']) )
{
	if ( !empty($user_avatar_name) && $board_config['allow_avatar_upload'] )
	{
		$avatar_file_size = $user_avatar_size;
	} else
	{
		if ( !empty($user_avatar_upload) && $board_config['allow_avatar_upload'] )
		{
			$avatar_url = $user_avatar_upload;
		} elseif ( !empty($user_avatar_remoteurl) && $board_config['allow_avatar_remote'] )
		{
			$avatar_url = $user_avatar_remoteurl;
		} elseif ( !empty($user_avatar_local) && $board_config['allow_avatar_local'] )
		{
			$avatar_url = $board_config['avatar_gallery_path'] . '/' . $user_avatar_local;
		} elseif ( $user_avatar_type && !isset($HTTP_POST_VARS['avatardel']) )
		{
			switch( $user_avatar_type )
			{
				case USER_AVATAR_UPLOAD:
					$avatar_url = ( $board_config['allow_avatar_upload'] ) ? $board_config['avatar_path'] . '/' . $user_avatar : '';
					break;
				case USER_AVATAR_REMOTE:
					$avatar_url = ( $board_config['allow_avatar_remote'] ) ? $user_avatar : '';
					break;
				case USER_AVATAR_GALLERY:
					$avatar_url = ( $board_config['allow_avatar_local'] ) ? $board_config['avatar_gallery_path'] . '/' . $user_avatar : '';
					break;
			}
		} else
		{
			$avatar_url = '';	
		}

		if ( $avatar_url != '' )
		{
			preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_url, $avatar_url_ary);

			if ( empty($avatar_url_ary[4]) )
			{
				$error = true;
				$sig_error_list .= '<br />' . $lang['Incomplete_URL'] . ': ' . '<span style="color: #800000">' . $avatar_url . '"</span>';
			} else
			{
				$avatar_data = '';

				if( $avatar_fd = @fopen($avatar_url, "rb") )
				{
					while (!feof($avatar_fd))
					{
						$avatar_data .= fread($avatar_fd, 1024);
					}
					fclose($avatar_fd);

					$avatar_file_size = strlen($avatar_data);
				} else		
				{
					$base_get = '/' . $avatar_url_ary[4];
					$port = ( !empty($avatar_url_ary[3]) ) ? $avatar_url_ary[3] : 80;

					if ( !($avatar_fsock = @fsockopen($avatar_url_ary[2], $port, $errno, $errstr)) )
					{
						$error = true;
						$sig_error_list .= '<br />' . $lang['No_connection_URL'] . ': ' . '<span style="color: #800000">' . $avatar_url . '"</span>';
					} else
					{
						@fputs($avatar_fsock, "GET $base_get HTTP/1.1\r\n");
						@fputs($avatar_fsock, "HOST: " . $avatar_url_ary[2] . "\r\n");
						@fputs($avatar_fsock, "Connection: close\r\n\r\n");

						while( !@feof($avatar_fsock) )
						{
							$avatar_data .= @fread($avatar_fsock, 1024);
						}
						@fclose($avatar_fsock);		

						if ( preg_match('#Content-Length\: ([0-9]+)[^ /][\s]+#i', $avatar_data, $avatar_file_data) )
						{
							$avatar_file_size = $avatar_file_data[1]; 
						} else
						{
							$avatar_file_size = strlen($avatar_data)-307; 
						}
					}
				}
			}
		}
	}		

	if( round(($total_image_files_size+$avatar_file_size)/1024, 2) > $board_config['sig_max_img_av_files_size'] )
	{
		$error = TRUE;
		$sig_error_list .= '<br />' . sprintf($lang['sig_error_img_av_files_size'], round($total_image_files_size/1024, 2), round($avatar_file_size/1024, 2), $board_config['sig_max_img_av_files_size']);
		$user_avatar_local = '';
	}
} else
{
	if( $board_config['sig_max_img_files_size'] != 0 && (round($total_image_files_size/1024, 2) > $board_config['sig_max_img_files_size']) )
	{
		$error = TRUE;
		$sig_error_list .= '<br />' . sprintf($lang['sig_error_img_files_size'], round($total_image_files_size/1024, 2), $board_config['sig_max_img_files_size']);
	}
}

if ( $error == TRUE && $sig_error_list )
{
	$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['sig_error'] . '<br />' . $sig_error_list;
}
// End add - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
#
$sql = "UPDATE " . USERS_TABLE . "

# 
#-----[ BEFORE, ADD ]-----------------------------------------
#

// Start add - Signatures control MOD
if ( $board_config['allow_sig'] && $userdata['user_allowsignature'] != 0 )
{
	$sig_update = "user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid',";
	$attachsig_update = "user_attachsig = $attachsig,";
} else
{
	$sig_update = "";
	$attachsig_update = "";
}
// End add - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
#
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace( ...
#
SET " . $username_sql . $passwd_sql .

# 
#-----[ IN-LINE FIND ]----------------------------------------
#
user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid',

# 
#-----[ IN-LINE REPLACE WITH ]--------------------------------
#
" . $sig_update . "

# 
#-----[ IN-LINE FIND ]----------------------------------------
#
user_attachsig = $attachsig,

# 
#-----[ IN-LINE REPLACE WITH ]--------------------------------
#
" . $attachsig_update . "

# 
#-----[ FIND ]------------------------------------------------
#
$bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode']  ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];

# 
#-----[ REPLACE WITH ]---------------------------------------- 
#

// Start replacement - Signatures control MOD
if ( $board_config['sig_max_lines'] )
{
	$sig_explain_max_lines = sprintf($lang['sig_explain_max_lines'], $board_config['sig_max_lines']);
} else
{
	$sig_explain_max_lines = '';
}

if ( $board_config['sig_allow_font_sizes'] == 2 && !(!$board_config['sig_min_font_size'] && !$board_config['sig_max_font_size']) )
{
	if ( $board_config['sig_min_font_size'] )
	{
		if ( $board_config['sig_max_font_size'] )
		{
			$sig_explain_font_size_limit = sprintf($lang['sig_explain_font_size_limit'], $board_config['sig_min_font_size'], $board_config['sig_max_font_size']);
		} else
		{
			$sig_explain_font_size_limit = sprintf($lang['sig_explain_font_size_limit'], $board_config['sig_min_font_size'], '29');
		}
	} else
	{
		$sig_explain_font_size_limit = sprintf($lang['sig_explain_font_size_max'], $board_config['sig_max_font_size']);
	}
} else
{
	$sig_explain_font_size_limit = '';
}

if ( $board_config['sig_allow_images'] )
{
	if ( $board_config['sig_max_images'] )
	{
		$sig_explain_images_limit = sprintf($lang['sig_explain_images_limit'], $board_config['sig_max_images'], ( $board_config['sig_max_img_height'] ) ? $board_config['sig_max_img_height'] : $lang['sig_explain_unlimited'], ( $board_config['sig_max_img_width'] ) ? $board_config['sig_max_img_width'] : $lang['sig_explain_unlimited'], ( $board_config['sig_max_img_av_files_size'] ) ? $board_config['sig_max_img_av_files_size'] : $board_config['sig_max_img_files_size']);
	} else
	{
		$sig_explain_images_limit = sprintf($lang['sig_explain_unlimited_images'] , ( $board_config['sig_max_img_height'] ) ? $board_config['sig_max_img_height'] : $lang['sig_explain_unlimited'], ( $board_config['sig_max_img_width'] ) ? $board_config['sig_max_img_width'] : $lang['sig_explain_unlimited'], ( $board_config['sig_max_img_av_files_size'] ) ? $board_config['sig_max_img_av_files_size'] : $board_config['sig_max_img_files_size']);
	}
} else
{
	$sig_explain_images_limit = $lang['sig_explain_no_image'];
}

if ( $board_config['sig_max_img_av_files_size'] )
{
	$sig_explain_images_limit .= $lang['sig_explain_avatar_included'];
}

$signature_explain = $lang['sig_explain'];

if ( $userdata['user_allowsignature'] != 2 )
{
	$signature_explain .= ' ' . sprintf($lang['sig_explain_limits'], $board_config['max_sig_chars'], $sig_explain_font_size_limit, $sig_explain_max_lines, $sig_explain_images_limit);

	if ( $board_config['sig_wordwrap'] )
	{
		$signature_explain .= ' ' . sprintf($lang['sig_explain_wordwrap'], $board_config['sig_wordwrap']);
	}
}

if ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode']  )
{
	if (($board_config['sig_allow_font_sizes'] &&
	     $board_config['sig_allow_bold'] &&
	     $board_config['sig_allow_italic'] &&
	     $board_config['sig_allow_underline'] &&
	     $board_config['sig_allow_colors'] &&
	     $board_config['sig_allow_quote'] &&
	     $board_config['sig_allow_code'] &&
	     $board_config['sig_allow_list'] &&
	     $board_config['sig_allow_url'] &&
	     $board_config['sig_allow_images'] &&
	     $board_config['sig_exotic_bbcodes_disallowed']=='') || $userdata['user_allowsignature'] == 2)
	{
		$lang['sig_bbcodes_off'] .= $lang['sig_none'];
		$lang['sig_bbcodes_on'] .= $lang['sig_all'];
		$bbcode_status = sprintf($lang['sig_bbcodes_on'], '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>') . '<br />' . sprintf($lang['sig_bbcodes_off'], '', '');
	} else
	{
		$lang['sig_bbcodes_off'] .= '<span style="color: #800000">';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_font_sizes'] ) ? '[size]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_bold'] ) ? '[b]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_italic'] ) ? '[i]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_underline'] ) ? '[u]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_colors'] ) ? '[color]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_quote'] ) ? '[quote]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_code'] ) ? '[code]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_list'] ) ? '[list]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_url'] ) ? '[url]' : '';
		$lang['sig_bbcodes_off'] .= ( !$board_config['sig_allow_images'] ) ? '[img]' : '';

		$exotic_bbcodes_list = explode(",", $board_config['sig_exotic_bbcodes_disallowed']);
		while ( list($bbckey, $exotic_bbcode) = @each($exotic_bbcodes_list) )
		{
			$exotic_bbcode = trim(strtolower($exotic_bbcode));
			if ( $exotic_bbcode != '' )
			{
				$lang['sig_bbcodes_off'] .= '['.$exotic_bbcode.']';
			}
		}

		$lang['sig_bbcodes_off'] .= '</span>';
		$bbcode_status = sprintf($lang['sig_bbcodes_off'], '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>');
	}
} else
{
	$bbcode_status = $lang['sig_BBCodes_are_OFF'];
}

if ( $board_config['allow_sig'] && $userdata['user_allowsignature'] )
{
	$template->assign_block_vars('switch_signature_allowed', array());
}
// End replacement - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
# 
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# $smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
#
$smilies_status = ( $userdata['user_allowsmile']

# 
#-----[ IN-LINE FIND ]----------------------------------------
# 
$board_config['allow_smilies']

# 
#-----[ IN-LINE AFTER, ADD ]----------------------------------
# 
 && $board_config['sig_allow_smilies']

# 
#-----[ FIND ]------------------------------------------------
# 
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),

# 
#-----[ REPLACE WITH ]---------------------------------------- 
#

// Start replacement - Signatures control MOD
'BBCODE_STATUS' => $bbcode_status,
// End replacement - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
# 
'L_AVATAR_EXPLAIN' => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], (round($board_config['avatar_filesize'] / 1024))),

# 
#-----[ REPLACE WITH ]---------------------------------------- 
#

// Start replacement - Signatures control MOD
'L_AVATAR_EXPLAIN' => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], ( $board_config['sig_max_img_av_files_size'] ) ? $board_config['sig_max_img_av_files_size'] : round($board_config['avatar_filesize']/1024) ),
// End replacement - Signatures control MOD

# 
#-----[ FIND ]------------------------------------------------
# 
'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']),

# 
#-----[ REPLACE WITH ]---------------------------------------- 
#

// Start replacement - Signatures control MOD
'L_SIGNATURE_EXPLAIN' => $signature_explain,
// End replacement - Signatures control MOD

# 
#-----[ OPEN ]------------------------------------------------ 
#
templates/subSilver/profile_add_body.tpl

# 
#-----[ FIND ]------------------------------------------------ 
#
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# <tr> 
#  <td class="row1"><span class="gen">{L_SIGNATURE}:</span><br /><span class="gensmall">{L_SIGNATURE_EXPLAIN}<br /><br />{HTML_STATUS}<br />{BBCODE_STATUS}<br />{SMILIES_STATUS}</span></td>
#
<tr> 
{L_SIGNATURE}

# 
#-----[ BEFORE, ADD ]----------------------------------------- 
#

<!-- Start add - Signatures control MOD -->
<!-- BEGIN switch_signature_allowed -->
<!-- End add - Signatures control MOD -->

# 
#-----[ FIND ]------------------------------------------------ 
#
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# 	<textarea name="signature"style="width: 300px"  rows="6" cols="30" class="post">{SIGNATURE}</textarea>
#  </td>
# </tr>
#
{SIGNATURE}
</td>
</tr>

# 
#-----[ AFTER, ADD ]------------------------------------------ 
#

<!-- Start add - Signatures control MOD -->
<!-- END switch_signature_allowed -->
<!-- End add - Signatures control MOD -->

# 
#-----[ FIND ]------------------------------------------------ 
#
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# <tr> 
#  <td class="row1"><span class="gen">{L_ALWAYS_ADD_SIGNATURE}:</span></td>
#
<tr> 
{L_ALWAYS_ADD_SIGNATURE}

# 
#-----[ BEFORE, ADD ]----------------------------------------- 
#

<!-- Start add - Signatures control MOD -->
<!-- BEGIN switch_signature_allowed -->
<!-- End add - Signatures control MOD -->

# 
#-----[ FIND ]------------------------------------------------ 
#
# NOTE: this is a search by part(s) of code line(s)!
# The original line(s) to find is(are) longer and must look like this (if no MOD has already modify them):
#
# 	<input type="radio" name="attachsig" value="0" {ALWAYS_ADD_SIGNATURE_NO} />
# 	<span class="gen">{L_NO}</span></td>
# </tr>
#
{ALWAYS_ADD_SIGNATURE_NO}
<span class="gen">{L_NO}</span></td>
</tr>

# 
#-----[ AFTER, ADD ]------------------------------------------ 
#

<!-- Start add - Signatures control MOD -->
<!-- END switch_signature_allowed -->
<!-- End add - Signatures control MOD -->

[Zarkow]

I still get the spammers after the mod, with no e-mails telling me anything's been killed. They just don't have the web and signature fields, but still stuff the other fields with junk.

The point is to remove urls that the spamming sites will gain google-points from, not to remove 'invalid/unwanted registrations'. This catogory would include 'to lazy to sign up properly'-users too, and so on, and cannot be stopped.

If you want to make sure every userprofile is crisp, if for instance running a church-forum, make sure the accounts needs to be admin-approved...it will instantly alert you to any accounts that should be listed and you can remove them.

[EXreaction]

you'd think if it was a real person then they'd bother to activate, then actually post. Anyway, not trying to start an argument. Just wondering if the bots are smarter than we are allowing for.

Well, you might think that, but I guess they don't want to(I even have a public forum on my board(unregistered users can post), and I have not had any spam problem there).

Bots are not smart. Each bot is codded specifically for one application, and when something changes, the bot programmers have to code that into the bots to get them working again.

I still get the spammers after the mod, with no e-mails telling me anything's been killed. They just don't have the web and signature fields, but still stuff the other fields with junk.

A couple of noob questions - I'm assuming the reason I'm not getting e-mails is that the mail function used in the mod just uses sendmail or whatever is set up on the server. Is there an easy way to get it to use SMTP to send it instead?

I've also installed the mod that makes inactive users invisible (to all but admins) in my member list. But the inactive users still appear in the "Newest Registered User" line on the main page. Would there be an easy way to make that only show active users as well? If my members can't see any of the spammers, it really wouldn't matter if a couple of smart spammers still get through the mod this thread is based on.

You might want to try the ACP version...it can hide all of the spamming locations during registration or until users have x number of posts. Plus the Hide Users add-on hides everyone unless they have more than a certian number of posts(configurable in the adminCP, and you can also set it so that mods and admins see the users that register no matter what).
http://www.phpbb.com/phpBB/viewtopic.php?t=399374

[lucraft]

Well it's certainly stopped mine, I've had 32 attempts in the last 2 days and not one has got through.

And yes, there are idiots who sit there all night manually posting, I get one who regularly hits my guestbook. I've got a bot block on there too.

[greeryan]

I installed the mod and still get spammers, but how do you make the website and sig features available in the profile update page?



www.rateyourbiz.net

[jimnms]

I still can not get this mod to work. I've checked it again and then just re-installed it. I still get the same ammount of spambot registrations as before, no blocked registrations and no emails are sent showing blocked registrations. The only thing it has done is prevent them from putting a URL in the website field.

I'm running phpBB 2.0.21 with no other mods installed.

[Cams]

I just installed this using EasyMod 0.3.0 and the code on the front page of the thread. No issues to report during installation, and five minutes later I got this lovely email:

Spam Bot Registration Attempted.

Spammer's IP Address = 85.241.45.244
IP Lookup = http://www.nwtools.com/default.asp?prog ... 241.45.244
Spammer's Username = Timothy6475
Spammer's Password = Timothy647512ok
Spammer's email address = Timothy6475@buy-discount-cigarettes.info
Spammer's Webpage URL = http://commercial-real-estate.qualityonly.co.uk/
Spammer's Signature Line =

Thanks so much for providing this mod!

I'm using phpBB 2.0.21 with the latest Attachments mod, keep unread flags and simply merge.

Cams