Page 4 of 5

Posted: Mon Dec 04, 2006 2:49 pm
by drathbun
http://www.phpbb.com/downloads.php

Just download the entire package, and then extract / upload only the file(s) you need. :-)

Posted: Tue Dec 12, 2006 1:57 am
by abidjantalkcom
pentapenguin wrote: Thanks everyone for the kind words! :D

great MOD. Stopped cold all the crazy bots that were signin up every day.
THANK YOU.

Were you able to add the modification to stop them from posting messages too, for the one that already signe up?

Posted: Thu Dec 14, 2006 3:57 pm
by Flapper
I am new to editing the php files and my file seems to be different than the instructions. Heres what it says:

Code: Select all

		"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=".AGREED_VAL),
		"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=". AGREED_VAL ."&".COPPA_VAR."=true"))
	);
I dont see where it says "agreed=true" to change it to your instructions. Can you help me?

Thanks,
Flap

Posted: Fri Dec 15, 2006 12:04 am
by MarkTheDaemon
Very good idea pentapenguin. I'll be following progress for sure :D.


Mark

Posted: Fri Dec 15, 2006 10:15 am
by c00kieDude
Dude!! This is awesome. The bots even could get activated and were very busy with spamming everything under :). And now, now with this simple mod, no more troubles anymore !!! You are my god !! So easy to install and so effective. NICE WORK MAN !!!

Posted: Tue Dec 19, 2006 7:55 am
by senyafin
Thank you for the Mod pentapenguin.
I've installed it yesterday in one of my forums.
Unfortunately without success - in the last 12 hours 6 Spambots were able to register.
I also using the humanizer mod.
Guess there is only a less chance to prevent forums from the Bot registrations .

Register does not work

Posted: Wed Dec 20, 2006 8:46 pm
by scottlowe
I am very new to PHPbb but not to programming. I applied the "unique_registration_hash_0.1.0" and now when I try to Register a new user I just get a blank page. When I copy the original usercp_register.php back to the \includes folder it works again.

I tried the modification process twice with the same non-result. I am using a version of subSilver that I modifed myself and changed the default folder to \forum. The forum has worked well for months so I can't image that is the problem.

Now what?

Posted: Sun Dec 24, 2006 7:19 am
by Bramster
The newest phpbb 2.0.22 version also seems to edit the registration code in the file "includes/usercp_register.php".

Could some one please help me out what to do ?



Original version 2.0.21 code:

Code: Select all

	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
I have (version 2.0.21 plus theis mod):

Code: Select all

	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="' . $registration_hash . '" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
The adviced code changes for version 2.0.22(last line is added to the original code):

Code: Select all

#
	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';

Posted: Sun Dec 24, 2006 1:58 pm
by bonelifer
Then just add:

Code: Select all

$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
After the code it said to add it after.

Posted: Sun Dec 24, 2006 6:16 pm
by ecwpa
seems like 2.0.22 code changes takes some of your idea
[Sec] Added session checks to various forms - kellanved

Code: Select all

#-----[ OPEN ]---------------------------------------------
#
includes/usercp_register.php

#
#-----[ FIND ]---------------------------------------------
# Line 145
        $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
        $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;

#
#-----[ AFTER, ADD ]---------------------------------------------
#
        $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;

#
#-----[ FIND ]---------------------------------------------
# Line 253
if ( isset($HTTP_POST_VARS['submit']) )
{
        include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);


#
#-----[ AFTER, ADD ]---------------------------------------------
#
        // session id check
        if ($sid == '' || $sid != $userdata['session_id'])
        {
                $error = true;
                $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
        }


#
#-----[ FIND ]---------------------------------------------
# Line 298
                                message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]---------------------------------------------
#
                                message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);

#
#-----[ FIND ]---------------------------------------------
# Line 315
                                                message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]---------------------------------------------
#
                                                message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);

#
#-----[ FIND ]---------------------------------------------
# Line 903
        $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';

#
#-----[ AFTER, ADD ]---------------------------------------------
#
   
this code stop any action if there is no session id, i guess

do you guys think could be any problem if I run the code changes with Unique Registration Hash mod alredy in use? I'm not sure so, I'm asking first :D

hope this code changes helps a lot of people

Posted: Fri Jan 26, 2007 8:17 am
by CosmicD
Hello,

I'm a bit confused with the directives to install this mod:

in the beginning I see the line:

Code: Select all

// Begin Unique Registration Hash MOD by pentapenguin (http://www.pentapenguin.com)
$registration_hash = md5($userdata['session_ip'] . $userdata['session_id']);
// End Unique Registration Hash MOD by pentapenguin
it's all on 1 line here: which makes me confused as a programming noob , shouldn't there bie at least a few lines of code without the // ?
But i wouldn't know what starts on a new line...

PS: it's only in the code window here that i can acutally see how it has to be done :)

Posted: Sun Feb 25, 2007 7:39 pm
by A-Jay
OKay, so I know how to make the changes to the file.
But where do I place all the other files?

Re: [BETA] Unique Registration Hash

Posted: Fri Apr 06, 2007 6:19 am
by jalaln
Thanks for this MOD . Works well, until now ;).

Re:

Posted: Fri Apr 06, 2007 6:21 am
by pentapenguin
CosmicD wrote: it's all on 1 line here: which makes me confused as a programming noob , shouldn't there bie at least a few lines of code without the // ?

The file is saved with UNIX line endings so open the file in Wordpad instead of Notepad.
jalaln wrote: Thanks for this MOD . Works well, until now ;).

Well if you have suggestions I'm all ears. ;)

Re: [BETA] Unique Registration Hash

Posted: Fri Apr 06, 2007 8:26 am
by jalaln
I wonder why this MOD is not "popular", since it is more efficient than others. :roll: