Page 1 of 3

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 4:00 pm
by LanikSJ
picaron wrote:
Sat May 11, 2019 3:31 pm
Extension Name: No DEA Emails
Author: Picaron

Extension Description:
This extension prevents the registration of a user in the forum when using a disposable or temporary email account (DEA).
Such as:
  • Mailinator
  • Spamgourmet
  • TrashMail
  • Burnr
  • HMail
  • Temp Mail
NoDEAemails 1.0.0-RC5
Supported Templates: All.

Requirements:
  • phpBB >=3.2.4
  • PHP >=5.6
  • Extension cURL of PHP loaded.
Spanish support:
http://www.phpbb-es.com

Download:
Download NoDEAemails 1.0.0-RC5

History:
  • 1.0.0-rc1 - First release.
  • 1.0.0-rc2 - Management is removed through NameAPI.
  • 1.0.0-rc3 - Including management through cURL.
  • 1.0.0-RC4
    - Management is eliminated through API.
    - The external load of DEA domains is done through CRON.
    - DEA domain management is enabled locally.
    - Management of registered Users with DEA domains is enabled.
  • 1.0.0-RC5
    - Basic tools for user management are added:
    *** Send Private Message
    *** DELETE USER and Hold Your Messages
    *** DELETE USER and Delete Your Messages
Installation:
  1. Download the latest release.
  2. Unzip the downloaded release.
  3. Copy the content of /pikaron/nodeaemails/ folder to /ext/pikaron/nodeaemails/.
  4. Navigate the ACP -> Customize -> Manage Extensions.
  5. Search for "No DEA Emails" in the Extensions list and click on the Enable link.
  6. Configure browsing on the ACP -> EXTENSIONS-> No DEA Emails
Screenshots:

Image

Image

Image

Image

I get an error:

Code: Select all

General Error
SQL ERROR [ mysqli ]

Duplicate entry 'nodeaemails_apikey' for key 'PRIMARY' [1062]

SQL

INSERT INTO phpbb_config (config_name, config_value, is_dynamic) VALUES ('nodeaemails_apikey', 'my-uber-secret-key', 0)

BACKTRACE

FILE: (not given by php)
LINE: (not given by php)
CALL: msg_handler()

FILE: [ROOT]/phpbb/db/driver/driver.php
LINE: 997
CALL: trigger_error()

FILE: [ROOT]/phpbb/db/driver/mysqli.php
LINE: 193
CALL: phpbb\db\driver\driver->sql_error()

FILE: [ROOT]/phpbb/db/driver/factory.php
LINE: 329
CALL: phpbb\db\driver\mysqli->sql_query()

FILE: [ROOT]/phpbb/config/db.php
LINE: 161
CALL: phpbb\db\driver\factory->sql_query()

FILE: [ROOT]/phpbb/config/db.php
LINE: 122
CALL: phpbb\config\db->set_atomic()

FILE: [ROOT]/ext/pikaron/nodeaemails/acp/acp_nodeaemails_module.php
LINE: 104
CALL: phpbb\config\db->set()

FILE: [ROOT]/includes/functions_module.php
LINE: 676
CALL: pikaron\nodeaemails\acp\acp_nodeaemails_module->main()

FILE: [ROOT]/adm/index.php
LINE: 82
CALL: p_master->load_active()
After pasting the key and submitting it.

phpbb: 3.2.7
PHP: 7.2

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 4:33 pm
by </Solidjeuh>
So if I understand correctly, this ext blocks "temp mails" like https://temp-mail.org/en/, https://www.tempmailaddress.com/?

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 7:30 pm
by </Solidjeuh>
Now this is a useful ext :D

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 7:44 pm
by 3Di
Looks interesting at a first glance.

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 7:50 pm
by LanikSJ
Removed the extension, deleted the data and reinstalled it. Now I get this:

Code: Select all

ERROR: Connection with the API of NameAPI could not be made.
I use other APIs like Stop Forum Spam API so I know I can make calls out.

Re: [3.2][RC] No DEA Emails

Posted: Sat May 11, 2019 8:48 pm
by LanikSJ
picaron wrote:
Sat May 11, 2019 8:15 pm
It is necessary that the php file_get_contents function be enabled.
I'm not sure I follow where to set that.

I've copied and pasted the API key.

Re: [3.2][RC] No DEA Emails

Posted: Sun May 12, 2019 6:40 am
by nou nou
Seems very useful indeed!

Would you consider having some sort of search feature to see if any of the currently registered users have used a DEA to register in the past?

A little note on https://www.nameapi.org/en/live-demos/d ... -detector/ was interesting:

For new account signups etc, you can refuse disposable email addresses. As a result, the user can fall back to his real address, which will usually be a freemail address such as gmail. You may want to store a flag in the record that the signup attempt was with a disposable. Alternatively you can silently accept and flag it.

The logging of a first DEA attempt may be interesting as a feature as well?

Re: [3.2][RC] No DEA Emails

Posted: Sun May 12, 2019 7:02 pm
by </Solidjeuh>
picaron wrote:
Sun May 12, 2019 6:58 pm
what would we do with each user registered in our forum with an email type DEA
Simple, delete. I don't like users that register with fake emails. I delete them immediately.

Re: [3.2][RC] No DEA Emails

Posted: Sun May 12, 2019 9:06 pm
by nou nou
picaron wrote:
Sun May 12, 2019 6:58 pm
what would we do with each user registered in our forum with an email type DEA? ... We eliminate it? ...
I guess that would be up to the administrators, but it would be a great thing to know for starters - thank you for considering it!

Re: [3.2][RC] No DEA Emails

Posted: Sun May 19, 2019 7:08 pm
by NastyBoy
good i will test it the next Days.

Re: [3.2][RC] No DEA Emails

Posted: Mon May 20, 2019 5:39 am
by John connor
Now this is a good idea. Right now I have a long list in the email addresses that can't be used that I've taken from all kinds of sources.

I'll check out this ext in my test domain. Thanks!

Re: [3.2][RC] No DEA Emails

Posted: Sat Jun 01, 2019 7:39 am
by John connor
Are there any config settings? I just installed this ext and created an account with the temp-mail.org
and got an @eaglemail.top email. Despite that this extension never blocked it.

Re: [3.2][RC] No DEA Emails

Posted: Sun Jun 02, 2019 1:48 am
by John connor
Doesn't appear to be working. I tried my test domain and my live board. I don't see any errors either. I checked CloudFlare to see if an IP was blocked and it wasn't.

Re: [3.2][RC] No DEA Emails

Posted: Sun Jun 02, 2019 5:12 am
by John connor
How do I verify that? I have a shared account. Is there a script I can run to check?

Re: [3.2][RC] No DEA Emails

Posted: Sun Jun 02, 2019 5:56 am
by 3Di
picaron wrote:
Sun Jun 02, 2019 4:05 am
Hi John connor, verify that the PHP function file_get_contents() is enabled on your server. :?
This can also be checked code wise. Also I reccomend using cURL instead.
https://stackoverflow.com/questions/348 ... ternal-url
John connor wrote:
Sun Jun 02, 2019 5:12 am
How do I verify that? I have a shared account. Is there a script I can run to check?
allow_url_fopen is responsible for file_get_contents().
This is what you have to check if enabled in your php.ini or ACP / php_info.

Or a simple script

Code: Select all

<?php

if (!ini_get('allow_url_fopen'))
{
	echo 'That is bad, allow_url_fopen IS disabled';
}