Prevent known spammers

phpVMS Legacy Add-Ons (v2/v5) Code Snippets
1

This code prevents known spammers (checked against the stopforumspam.com email database) from registering.

I’ve used it in core/modules/Registration/Registration.php within the ProcessRegistration function, as so:

// Check email for known spammer
$url = 'http://www.stopforumspam.com/api?email='.$data['email'];
$file = new CodonWebService();
$contents = $file->get($url);
$response = simplexml_load_string($contents);

if($response->appears == 'yes'){
$spammer = true;
} else {
$spammer = false;
}			

if($spammer){
$this->set('message', 'Your email appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.');
$this->render('core_error.tpl');
return false;
}

It could be condensed a little, but I feel this makes it easier to understand.

2

Thanks

3

Warning this will g et overwritten in an update, so keep a backup of it on your computer, so maybe nabeel can put this in there for the next update.

4

great where in ProcessRegistration function should that code pasted?

5

great where in ProcessRegistration function should that code pasted?

I put it directly after the following:

$data = array(
			'firstname' => $this->post->firstname,
			'lastname' => $this->post->lastname,
			'email' => $this->post->email,
			'password' => $this->post->password1,
			'code' => $this->post->code,
			'location' => $this->post->location,
			'hub' => $this->post->hub,
			'confirm' => false
		);

As long as it’s after this part it’s fine, but don’t put it too far down because it’ll create the user before checking…

6

ok then I did everything right

7

getting this although registration works

Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: </body> in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 7: parser error : Opening and ending tag mismatch: body line 3 and html in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: </html> in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 8: parser error : Premature end of data in tag html line 1 in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89

so something is setup wrong I guess

thanks in advance

Thomas

8

Odd, I think I’ve been receiving the same error…

When I go to the page I get a normal response:

<response success="true">
<type>email</type>
<appears>no</appears>
<frequency>0</frequency>
</response>

yet it seems we’re being sent something completely different when it’s loaded in the script :S

Will go see if they’ve made changes to their API terms or something.

Update: I just printed the contents and I’m getting a 403 Forbidden error…

Are you on fivedev?

9

I am on fivedev

Best regards

Thomas

10

I have a feeling they may have blocked the fivedev server IP. I wouldn’t know why seeing as we’d only be using it for registrations which is ok (they block if you use it too regularly - every visit to your site).

Either that or for some reason it’s a problem with our end?

11

Thanks I will let you know how it goes

12

I have used this. It worked for awhile, now all the sudden the spammers are back.

13

it might not be working… I see that they have the API Usage limits.

I’ll write something up some kind of a status checker tonight to see if the feature is actually working.

14

Is there anyway of catching the ip on registration, than we can block their ip through our host cp?

15

I done that as well, I can get the code together and post it here in later tonight.

the blocking IP won’t be that realistic since it would require a core change. I won’t go into it.

16

If you were being use limited it would return a 403… that’s what the problem was before ^^^

It’s purely down to whether the person has been reported as a spammer yet or not. Obviously you’re getting them before they’ve been added…

17

Put in the same place what Tom said on the first post.

IP Check to see if spammer.

// Check IP
 $getIP = $_SERVER['REMOTE_ADDR'];
 $url = 'http://www.stopforumspam.com/api?ip='.$getIP;
 $file = new CodonWebService();
 $contents = $file->get($url);
 $response = simplexml_load_string($contents);
 if($response->appears == 'yes'){
	$spammer = true;
 } else {
	$spammer = false;
 }					  
 if($spammer == true){
	$this->set('message', 'Your IP Address appears to be in our spam\'s provider\'s database, if you think this is not correct, please contact us.');
	$this->render('core_error.tpl');
	return false;
 }
18

A more effective solution is to check BOTH email and IP:

// Check email & IP for known spammer
$url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR'];
$file = new CodonWebService();
$contents = $file->get($url);
$response = simplexml_load_string($contents);
$spammer = false;

foreach($response->appears as $appears){
if($appears == 'yes'){
	$spammer = true;
}
}				  

if($spammer){
$this->set('message', 'Your email address or IP appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.');
$this->render('core_error.tpl');
return false;
}

(Not tested)

19

I have added this script to my VA as well as I was getting the same problem with the roster filling up with spam accounts and have not had a real issue since. I also added a quick email function to send me an email each time a registration is rejected just to see if it was working and it is rejecting on average 10 a day from my site. No matter how detailed you get there will always be something that gets through but that is what website management is all about.

The code I am using including the email function

// Check email for known spammer
$url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR'];
$file = new CodonWebService();
$contents = $file->get($url);
$response = simplexml_load_string($contents);

if($response->email == 'yes' || $response->ip == 'yes'){
  $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume
	you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.');
  $this->render('core_error.tpl');

	//send email that spam registration rejected
	$email = 'your email address';
	$sub = 'Spam Registration Rejected';
	$message = 'Spam pilot registration rejected using email '.$data['email'].' and
		 IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time());
	Util::SendEmail($email, $sub, $message);

return false;
}
//end spam check
20

Hi Simpilot

I tried your code but it does not work, I tried to register with an email to my site taken from "http://www.stopforumspam.com" and the registration is successful