[BETA] Unique Registration Hash

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
User avatar
drathbun
Former Team Member
Posts: 12204
Joined: Thu Jun 06, 2002 3:51 pm
Location: TOPICS_TABLE
Contact:

Post by drathbun » Mon Dec 04, 2006 2:49 pm

http://www.phpbb.com/downloads.php

Just download the entire package, and then extract / upload only the file(s) you need. :-)
I blog about phpBB: phpBBDoctor blog
Still using phpbb2? So am I! Click below for details
Image

abidjantalkcom
Registered User
Posts: 96
Joined: Sun May 22, 2005 2:02 am

Post by abidjantalkcom » Tue Dec 12, 2006 1:57 am

pentapenguin wrote: Thanks everyone for the kind words! :D

great MOD. Stopped cold all the crazy bots that were signin up every day.
THANK YOU.

Were you able to add the modification to stop them from posting messages too, for the one that already signe up?

Flapper
Registered User
Posts: 3
Joined: Thu Dec 14, 2006 3:54 pm

Post by Flapper » Thu Dec 14, 2006 3:57 pm

I am new to editing the php files and my file seems to be different than the instructions. Heres what it says:

Code: Select all

		"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=".AGREED_VAL),
		"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=". AGREED_VAL ."&".COPPA_VAR."=true"))
	);
I dont see where it says "agreed=true" to change it to your instructions. Can you help me?

Thanks,
Flap

User avatar
MarkTheDaemon
Former Team Member
Posts: 2770
Joined: Thu Oct 20, 2005 2:42 am
Location: United Kingdom
Name: Mark Barnes

Post by MarkTheDaemon » Fri Dec 15, 2006 12:04 am

Very good idea pentapenguin. I'll be following progress for sure :D.


Mark

c00kieDude
Registered User
Posts: 1
Joined: Fri Dec 15, 2006 10:13 am

Post by c00kieDude » Fri Dec 15, 2006 10:15 am

Dude!! This is awesome. The bots even could get activated and were very busy with spamming everything under :). And now, now with this simple mod, no more troubles anymore !!! You are my god !! So easy to install and so effective. NICE WORK MAN !!!

senyafin
Registered User
Posts: 69
Joined: Wed Jul 05, 2006 5:53 pm
Contact:

Post by senyafin » Tue Dec 19, 2006 7:55 am

Thank you for the Mod pentapenguin.
I've installed it yesterday in one of my forums.
Unfortunately without success - in the last 12 hours 6 Spambots were able to register.
I also using the humanizer mod.
Guess there is only a less chance to prevent forums from the Bot registrations .

scottlowe
Registered User
Posts: 1
Joined: Wed Dec 20, 2006 8:34 pm

Register does not work

Post by scottlowe » Wed Dec 20, 2006 8:46 pm

I am very new to PHPbb but not to programming. I applied the "unique_registration_hash_0.1.0" and now when I try to Register a new user I just get a blank page. When I copy the original usercp_register.php back to the \includes folder it works again.

I tried the modification process twice with the same non-result. I am using a version of subSilver that I modifed myself and changed the default folder to \forum. The forum has worked well for months so I can't image that is the problem.

Now what?

Bramster
Registered User
Posts: 605
Joined: Sun Jul 27, 2003 10:40 am

Post by Bramster » Sun Dec 24, 2006 7:19 am

The newest phpbb 2.0.22 version also seems to edit the registration code in the file "includes/usercp_register.php".

Could some one please help me out what to do ?



Original version 2.0.21 code:

Code: Select all

	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
I have (version 2.0.21 plus theis mod):

Code: Select all

	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="' . $registration_hash . '" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
The adviced code changes for version 2.0.22(last line is added to the original code):

Code: Select all

#
	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
Navy & Merchant Marine Forum:
www.DutchFleet.net

User avatar
bonelifer
Community Team Member
Community Team Member
Posts: 3368
Joined: Wed Oct 27, 2004 11:35 pm
Name: William
Contact:

Post by bonelifer » Sun Dec 24, 2006 1:58 pm

Then just add:

Code: Select all

$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
After the code it said to add it after.
Knowledge Base | phpBB Board Rules | Search Customisation Database
Image
Please don't contact me via PM or email for phpBB support .

ecwpa
Registered User
Posts: 107
Joined: Thu Sep 25, 2003 2:13 am
Contact:

Post by ecwpa » Sun Dec 24, 2006 6:16 pm

seems like 2.0.22 code changes takes some of your idea
[Sec] Added session checks to various forms - kellanved

Code: Select all

#-----[ OPEN ]---------------------------------------------
#
includes/usercp_register.php

#
#-----[ FIND ]---------------------------------------------
# Line 145
        $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
        $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;

#
#-----[ AFTER, ADD ]---------------------------------------------
#
        $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;

#
#-----[ FIND ]---------------------------------------------
# Line 253
if ( isset($HTTP_POST_VARS['submit']) )
{
        include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);


#
#-----[ AFTER, ADD ]---------------------------------------------
#
        // session id check
        if ($sid == '' || $sid != $userdata['session_id'])
        {
                $error = true;
                $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
        }


#
#-----[ FIND ]---------------------------------------------
# Line 298
                                message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]---------------------------------------------
#
                                message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);

#
#-----[ FIND ]---------------------------------------------
# Line 315
                                                message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]---------------------------------------------
#
                                                message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);

#
#-----[ FIND ]---------------------------------------------
# Line 903
        $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';

#
#-----[ AFTER, ADD ]---------------------------------------------
#
   
this code stop any action if there is no session id, i guess

do you guys think could be any problem if I run the code changes with Unique Registration Hash mod alredy in use? I'm not sure so, I'm asking first :D

hope this code changes helps a lot of people

CosmicD
Registered User
Posts: 67
Joined: Sat Jan 18, 2003 11:31 pm

Post by CosmicD » Fri Jan 26, 2007 8:17 am

Hello,

I'm a bit confused with the directives to install this mod:

in the beginning I see the line:

Code: Select all

// Begin Unique Registration Hash MOD by pentapenguin (http://www.pentapenguin.com)
$registration_hash = md5($userdata['session_ip'] . $userdata['session_id']);
// End Unique Registration Hash MOD by pentapenguin
it's all on 1 line here: which makes me confused as a programming noob , shouldn't there bie at least a few lines of code without the // ?
But i wouldn't know what starts on a new line...

PS: it's only in the code window here that i can acutally see how it has to be done :)

A-Jay
Registered User
Posts: 13
Joined: Wed May 10, 2006 6:42 am
Contact:

Post by A-Jay » Sun Feb 25, 2007 7:39 pm

OKay, so I know how to make the changes to the file.
But where do I place all the other files?

User avatar
jalaln
Registered User
Posts: 1076
Joined: Tue Jul 05, 2005 5:05 am

Re: [BETA] Unique Registration Hash

Post by jalaln » Fri Apr 06, 2007 6:19 am

Thanks for this MOD . Works well, until now ;).
No more spambots for phpBB2 and phpBB3.

User avatar
pentapenguin
Former Team Member
Posts: 11030
Joined: Thu Jul 01, 2004 4:15 am
Location: GA, USA
Contact:

Re:

Post by pentapenguin » Fri Apr 06, 2007 6:21 am

CosmicD wrote: it's all on 1 line here: which makes me confused as a programming noob , shouldn't there bie at least a few lines of code without the // ?

The file is saved with UNIX line endings so open the file in Wordpad instead of Notepad.
jalaln wrote: Thanks for this MOD . Works well, until now ;).

Well if you have suggestions I'm all ears. ;)
Support Resources: Support Request Template
My Sites: Download my phpBB MODs | pentapenguin.com
If you need professional assistance with your board, please contact me for my reasonable rates.

User avatar
jalaln
Registered User
Posts: 1076
Joined: Tue Jul 05, 2005 5:05 am

Re: [BETA] Unique Registration Hash

Post by jalaln » Fri Apr 06, 2007 8:26 am

I wonder why this MOD is not "popular", since it is more efficient than others. :roll:
No more spambots for phpBB2 and phpBB3.

Post Reply

Return to “[2.0.x] MODs in Development”

Who is online

Users browsing this forum: No registered users and 12 guests