Tom Posted May 6, 2011 Report Share Posted May 6, 2011 This code prevents known spammers (checked against the stopforumspam.com email database) from registering. I've used it in core/modules/Registration/Registration.php within the ProcessRegistration function, as so: // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); if($response->appears == 'yes'){ $spammer = true; } else { $spammer = false; } if($spammer){ $this->set('message', 'Your email appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); return false; } It could be condensed a little, but I feel this makes it easier to understand. 2 Quote Link to comment Share on other sites More sharing options...
James142 Posted May 8, 2011 Report Share Posted May 8, 2011 Thanks Quote Link to comment Share on other sites More sharing options...
Strider Posted May 8, 2011 Report Share Posted May 8, 2011 Warning this will g et overwritten in an update, so keep a backup of it on your computer, so maybe nabeel can put this in there for the next update. Quote Link to comment Share on other sites More sharing options...
Txmmy83 Posted June 8, 2011 Report Share Posted June 8, 2011 great where in ProcessRegistration function should that code pasted? Quote Link to comment Share on other sites More sharing options...
Tom Posted June 8, 2011 Author Report Share Posted June 8, 2011 great where in ProcessRegistration function should that code pasted? I put it directly after the following: $data = array( 'firstname' => $this->post->firstname, 'lastname' => $this->post->lastname, 'email' => $this->post->email, 'password' => $this->post->password1, 'code' => $this->post->code, 'location' => $this->post->location, 'hub' => $this->post->hub, 'confirm' => false ); As long as it's after this part it's fine, but don't put it too far down because it'll create the user before checking... Quote Link to comment Share on other sites More sharing options...
Txmmy83 Posted June 8, 2011 Report Share Posted June 8, 2011 ok then I did everything right Quote Link to comment Share on other sites More sharing options...
Txmmy83 Posted September 6, 2011 Report Share Posted September 6, 2011 getting this although registration works Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 6: parser error : Opening and ending tag mismatch: hr line 5 and body in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: </body> in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 7: parser error : Opening and ending tag mismatch: body line 3 and html in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: </html> in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: Entity: line 8: parser error : Premature end of data in tag html line 1 in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 Warning: simplexml_load_string() [function.simplexml-load-string]: ^ in /home/flyeurop/public_html/core/modules/Registration/Registration.php on line 89 so something is setup wrong I guess thanks in advance Thomas Quote Link to comment Share on other sites More sharing options...
Tom Posted September 7, 2011 Author Report Share Posted September 7, 2011 Odd, I think I've been receiving the same error... When I go to the page I get a normal response: <response success="true"> <type>email</type> <appears>no</appears> <frequency>0</frequency> </response> yet it seems we're being sent something completely different when it's loaded in the script :S Will go see if they've made changes to their API terms or something. Update: I just printed the contents and I'm getting a 403 Forbidden error... Are you on fivedev? Quote Link to comment Share on other sites More sharing options...
Txmmy83 Posted September 7, 2011 Report Share Posted September 7, 2011 I am on fivedev Best regards Thomas Quote Link to comment Share on other sites More sharing options...
Tom Posted September 7, 2011 Author Report Share Posted September 7, 2011 I have a feeling they may have blocked the fivedev server IP. I wouldn't know why seeing as we'd only be using it for registrations which is ok (they block if you use it too regularly - every visit to your site). Either that or for some reason it's a problem with our end? Quote Link to comment Share on other sites More sharing options...
avdesigns Posted January 31, 2012 Report Share Posted January 31, 2012 Thanks I will let you know how it goes Quote Link to comment Share on other sites More sharing options...
flyalaska Posted May 7, 2012 Report Share Posted May 7, 2012 I have used this. It worked for awhile, now all the sudden the spammers are back. Quote Link to comment Share on other sites More sharing options...
Moderators Kyle Posted May 7, 2012 Moderators Report Share Posted May 7, 2012 it might not be working... I see that they have the API Usage limits. I'll write something up some kind of a status checker tonight to see if the feature is actually working. Quote Link to comment Share on other sites More sharing options...
flyalaska Posted May 7, 2012 Report Share Posted May 7, 2012 Is there anyway of catching the ip on registration, than we can block their ip through our host cp? Quote Link to comment Share on other sites More sharing options...
Moderators Kyle Posted May 7, 2012 Moderators Report Share Posted May 7, 2012 I done that as well, I can get the code together and post it here in later tonight. the blocking IP won't be that realistic since it would require a core change. I won't go into it. Quote Link to comment Share on other sites More sharing options...
Tom Posted May 7, 2012 Author Report Share Posted May 7, 2012 If you were being use limited it would return a 403... that's what the problem was before ^^^ It's purely down to whether the person has been reported as a spammer yet or not. Obviously you're getting them before they've been added... Quote Link to comment Share on other sites More sharing options...
Moderators Kyle Posted May 8, 2012 Moderators Report Share Posted May 8, 2012 Put in the same place what Tom said on the first post. IP Check to see if spammer. // Check IP $getIP = $_SERVER['REMOTE_ADDR']; $url = 'http://www.stopforumspam.com/api?ip='.$getIP; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); if($response->appears == 'yes'){ $spammer = true; } else { $spammer = false; } if($spammer == true){ $this->set('message', 'Your IP Address appears to be in our spam\'s provider\'s database, if you think this is not correct, please contact us.'); $this->render('core_error.tpl'); return false; } Quote Link to comment Share on other sites More sharing options...
Tom Posted May 8, 2012 Author Report Share Posted May 8, 2012 A more effective solution is to check BOTH email and IP: // Check email & IP for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); $spammer = false; foreach($response->appears as $appears){ if($appears == 'yes'){ $spammer = true; } } if($spammer){ $this->set('message', 'Your email address or IP appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); return false; } (Not tested) Quote Link to comment Share on other sites More sharing options...
Administrators simpilot Posted May 8, 2012 Administrators Report Share Posted May 8, 2012 I have added this script to my VA as well as I was getting the same problem with the roster filling up with spam accounts and have not had a real issue since. I also added a quick email function to send me an email each time a registration is rejected just to see if it was working and it is rejecting on average 10 a day from my site. No matter how detailed you get there will always be something that gets through but that is what website management is all about. The code I am using including the email function // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); if($response->email == 'yes' || $response->ip == 'yes'){ $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); //send email that spam registration rejected $email = 'your email address'; $sub = 'Spam Registration Rejected'; $message = 'Spam pilot registration rejected using email '.$data['email'].' and IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time()); Util::SendEmail($email, $sub, $message); return false; } //end spam check Quote Link to comment Share on other sites More sharing options...
mattia Posted May 8, 2012 Report Share Posted May 8, 2012 Hi Simpilot I tried your code but it does not work, I tried to register with an email to my site taken from "http://www.stopforumspam.com" and the registration is successful Quote Link to comment Share on other sites More sharing options...
Administrators simpilot Posted May 9, 2012 Administrators Report Share Posted May 9, 2012 Try it like this, I adjusted the structure some so it should work on any phpvms site. // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); $reject = FALSE; foreach($response->appears as $data) { if($data == 'yes'){$reject = TRUE;} } if($reject == TRUE){ $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); //send email that spam registration rejected $email = 'Your Email Here'; $sub = 'Spam Registration Rejected';; $message = 'Spam pilot registration rejected using email '.$data['email'].' and IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time()); Util::SendEmail($email, $sub, $message); return false; } //end spam check Quote Link to comment Share on other sites More sharing options...
mattia Posted May 9, 2012 Report Share Posted May 9, 2012 Hi Dave I tried your code works, but in the mail that i have received the spam email is not present "Spam pilot registration rejected using email and IP address 79.4.191.124 on 05/09/2012 at 11:58am" many thanks Quote Link to comment Share on other sites More sharing options...
Administrators simpilot Posted May 9, 2012 Administrators Report Share Posted May 9, 2012 I had changed some things from pulling it out of my VA and inadvertently reassigned the $data variable. Try this; // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); $reject = FALSE; foreach($response->appears as $row) { if($row == 'yes'){$reject = TRUE;} } if($reject == TRUE){ $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); //send email that spam registration rejected $email = 'your email here'; $sub = 'Spam Registration Rejected';; $message = 'Spam pilot registration rejected using email '.$data['email'].' and IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time()); Util::SendEmail($email, $sub, $message); return false; } //end spam check 1 Quote Link to comment Share on other sites More sharing options...
mattia Posted May 9, 2012 Report Share Posted May 9, 2012 Many thanks Dave now works perfectly!!! Quote Link to comment Share on other sites More sharing options...
Strider Posted May 9, 2012 Report Share Posted May 9, 2012 the code works great Quote Link to comment Share on other sites More sharing options...
flyalaska Posted February 24, 2013 Report Share Posted February 24, 2013 I have updated since. Forgot to back up. Forgot exactly where in the Registration.php do I put the code. Quote Link to comment Share on other sites More sharing options...
Cor Posted November 26, 2019 Report Share Posted November 26, 2019 Hello, Last post in this topic is from 6 years ago but a must for us now. I still not get this thing working. Is anybody using this code and wehre do I have to put it. tnx Cor Quote Link to comment Share on other sites More sharing options...
Moderators shakamonkey88 Posted November 26, 2019 Moderators Report Share Posted November 26, 2019 Yes, I'm using it and it's working well. I'm using simpilots code in his last reply in this thread. It's inserted just after line 99, but this might be a little different to your registration.php Quote Link to comment Share on other sites More sharing options...
Cor Posted November 27, 2019 Report Share Posted November 27, 2019 This is how I have it now: /** * Registration::ProcessRegistration() * * @return */ protected function ProcessRegistration() { // Yes, there was an error if(!$this->VerifyData()) { $this->ShowForm(); return; } $vbv="VBV"; $data = array( 'firstname' => $this->post->firstname, 'lastname' => $this->post->lastname, 'email' => $this->post->email, 'password' => $this->post->password1, 'code' => $vbv, 'location' => $this->post->location, 'hub' => $this->post->hub, 'confirm' => false ); if(CodonEvent::Dispatch('registration_precomplete', 'Registration', $_POST) == false) { return false; } // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); $reject = FALSE; foreach($response->appears as $row) { if($row == 'yes'){$reject = TRUE;} } if($reject == TRUE){ $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); //send email that spam registration rejected $email = 'your email here'; $sub = 'Spam Registration Rejected';; $message = 'Spam pilot registration rejected using email '.$data['email'].' and IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time()); Util::SendEmail($email, $sub, $message); return false; } //end spam check $ret = RegistrationData::CheckUserEmail($data['email']); if($ret) { $this->set('error', Lang::gs('email.inuse')); $this->render('registration_error.tpl'); return false; } Quote Link to comment Share on other sites More sharing options...
Moderators shakamonkey88 Posted November 27, 2019 Moderators Report Share Posted November 27, 2019 1 hour ago, Cor said: This is how I have it now: /** * Registration::ProcessRegistration() ..... This is mine (core/modules/registration/registration.php) - feel free to have it. It's cut out all the spam for us. <?php /** * phpVMS - Virtual Airline Administration Software * Copyright (c) 2008 Nabeel Shahzad * For more information, visit www.phpvms.net * Forums: http://www.phpvms.net/forum * Documentation: http://www.phpvms.net/docs * * phpVMS is licenced under the following license: * Creative Commons Attribution Non-commercial Share Alike (by-nc-sa) * View license.txt in the root, or visit http://creativecommons.org/licenses/by-nc-sa/3.0/ * * @author Nabeel Shahzad * @copyright Copyright (c) 2008, Nabeel Shahzad * @link http://www.phpvms.net * @license http://creativecommons.org/licenses/by-nc-sa/3.0/ */ class Registration extends CodonModule { public function HTMLHead() { /*Show our password strength checker */ if($this->get->page == 'register') { $this->renderTemplate('registration_javascript.tpl'); } } public function index() { //updated to Google noCaptcha 1/15 require_once CORE_LIB_PATH.'/recaptcha/recaptchalib.php'; if(Auth::LoggedIn()) { // Make sure they don't over-ride it $this->render('login_already.tpl'); return; } if(isset($_POST['submit'])) { $this->ProcessRegistration(); } else { $this->ShowForm(); } } protected function ShowForm() { //Google reCaptcha //updated to Google noCaptcha 1/15 $this->set('sitekey', RECAPTCHA_PUBLIC_KEY); $this->set('lang', 'en'); $field_list = RegistrationData::GetCustomFields(); $this->set('extrafields', $field_list); $this->set('field_list', $field_list); $airline_list = OperationsData::getAllAirlines(true); $this->set('allairlines', $airline_list); $this->set('airline_list', $airline_list); $hub_list = OperationsData::getAllHubs(); $this->set('allhubs', $hub_list); $this->set('hub_list', $hub_list); $country_list = Countries::getAllCountries(); $this->set('countries', $country_list); $this->set('country_list', $country_list); $this->render('registration_mainform.tpl'); } /** * Registration::ProcessRegistration() * * @return */ protected function ProcessRegistration() { // Yes, there was an error if(!$this->VerifyData()) { $this->ShowForm(); return; } $data = array( 'firstname' => $this->post->firstname, 'lastname' => $this->post->lastname, 'email' => $this->post->email, 'password' => $this->post->password1, 'code' => $this->post->code, 'location' => $this->post->location, 'hub' => $this->post->hub, 'confirm' => false ); // Check email for known spammer $url = 'http://www.stopforumspam.com/api?email='.$data['email'].'&ip='.$_SERVER['REMOTE_ADDR']; $file = new CodonWebService(); $contents = $file->get($url); $response = simplexml_load_string($contents); $reject = FALSE; foreach($response->appears as $row) { if($row == 'yes'){$reject = TRUE;} } if($reject == TRUE){ $this->set('message', 'Your email or IP address appears on our spam database, we therefore assume you are a spammer and are rejecting your registration request. If you feel this is incorrect please contact us.'); $this->render('core_error.tpl'); //send email that spam registration rejected $email = 'YOUR@EMAILHERE.COM'; $sub = 'Spam Registration Rejected';; $message = 'Spam pilot registration rejected using email '.$data['email'].' and IP address '.$_SERVER['REMOTE_ADDR'].' on '.date('m/d/Y', time()).' at '.date('g:ia', time()); Util::SendEmail($email, $sub, $message); return false; } //end spam check if(CodonEvent::Dispatch('registration_precomplete', 'Registration', $_POST) == false) { return false; } $ret = RegistrationData::CheckUserEmail($data['email']); if($ret) { $this->set('error', Lang::gs('email.inuse')); $this->render('registration_error.tpl'); return false; } $val = RegistrationData::AddUser($data); if($val == false) { $this->set('error', RegistrationData::$error); $this->render('registration_error.tpl'); return; } else { $pilotid = RegistrationData::$pilotid; /* Automatically confirm them if that option is set */ if(Config::Get('PILOT_AUTO_CONFIRM') == true) { PilotData::AcceptPilot($pilotid); RanksData::CalculatePilotRanks(); $pilot = PilotData::getPilotData($pilotid); $this->set('pilot', $pilot); $this->render('registration_autoconfirm.tpl'); } else { /* Otherwise, wait until an admin confirms the registration */ RegistrationData::SendEmailConfirm($email, $firstname, $lastname); $this->render('registration_sentconfirmation.tpl'); } } CodonEvent::Dispatch('registration_complete', 'Registration', $_POST); // Registration email/show user is waiting for confirmation $sub = 'A user has registered'; $message = "The user {$data['firstname']} {$data['lastname']} ({$data['email']}) has registered, and is awaiting confirmation."; $email = Config::Get('EMAIL_NEW_REGISTRATION'); if(empty($email)) { $email = ADMIN_EMAIL; } Util::SendEmail($email, $sub, $message); // Send email to user $this->set('firstname', $data['firstname']); $this->set('lastname', $data['lastname']); $this->set('userinfo', $data); $message = Template::Get('email_registered.tpl', true); Util::SendEmail($data['email'], 'Registration at '.SITE_NAME, $message); $rss = new RSSFeed('Latest Pilot Registrations', SITE_URL, 'The latest pilot registrations'); $pilot_list = PilotData::GetLatestPilots(); foreach($pilot_list as $pilot) { $rss->AddItem('Pilot '.PilotData::GetPilotCode($pilot->code, $pilot->pilotid) . ' ('.$pilot->firstname .' ' . $pilot->lastname.')', SITE_URL.'/admin/index.php?admin=pendingpilots','',''); } $rss->BuildFeed(LIB_PATH.'/rss/latestpilots.rss'); } /* * Process all the registration data */ protected function VerifyData() { $error = false; //Google reCaptcha //updated to Google noCaptcha 1/15 $resp = null; $reCaptcha = new ReCaptcha(RECAPTCHA_PRIVATE_KEY); // Was there a reCAPTCHA response? if ($_POST["g-recaptcha-response"]) { $resp = $reCaptcha->verifyResponse( $_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"] ); } //check if reCaptcha response was valid if ($resp == null) { $error = true; $this->set('captcha_error', 'reCaptcha Validation Error'); } //end Google reCaptcha /* Check the firstname and last name */ if($this->post->firstname == '') { $error = true; $this->set('firstname_error', true); } else { $this->set('firstname_error', ''); } /* Check the last name */ if($this->post->lastname == '') { $error = true; $this->set('lastname_error', true); } else { $this->set('lastname_error', ''); } /* Check the email address */ if(filter_var($this->post->email, FILTER_VALIDATE_EMAIL) == false) { $error = true; $this->set('email_error', true); } else { $this->set('email_error', ''); } /* Check the location */ if($this->post->location == '') { $error = true; $this->set('location_error', true); } else { $this->set('location_error', ''); } // Check password length if(strlen($this->post->password1) <= 5) { $error = true; $this->set('password_error', 'The password is too short!'); } else { $this->set('password_error', ''); } // Check is passwords are the same if($this->post->password1 != $this->post->password2) { $error = true; $this->set('password_error', 'The passwords do not match!'); } else { $this->set('password_error', ''); } //Get customs fields $fields = RegistrationData::getCustomFields(); if(count($fields) > 0) { foreach ($fields as $field) { $value = Vars::POST($field->fieldname); $value1 = DB::escape($value); if ($field->required == 1 && $value1 == '') { $error = true; $this->set('custom_'.$field->fieldname.'_error', true); } else { $this->set('custom_'.$field->fieldname.'_error', ''); } } } if($error == true) { return false; } return true; } } Just change the email in the spam part - in the above code, it shows as YOUR@EMAILHERE.COM Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.