SPAM Fighting Modification!

[raminia+]

Hi folks,

I made a modifiction to the base code of 1.5 RC1 that substantially reduced the number of spams on my site (almost zero!). I want to share it with you but first I want to test it more. If you are using PP 1.5RC1 and suffering from heavy comment spam attacks and you like to test it, please leave a PM and I'll send you the modification to test.

This is a combination of 2 methods, random/hashed comment saving command and use of JavaScript URL changing. The former prevents spammer attacks that have saved index.php?x=save_comment URL and second hides form ture save command from spam bots that don't interpret JScript.

[pennyjack]

Once you have something that seems stable, I would love to give it a t try. I got over 90 spam yesterday and I am on track for the same today.

[raminia+]

Please note that this modification requires users to have JavaScript Enabled. This is a typical requirement but people who may still have fears from JScript and have it disable could not make comments anymore.

0- open the zip file
1- copy content of TO Addon to addons folder
2- use the included index.php instead of original index.php
if you are using a modified version of that file (for AKISMET for example)
add

PHP Code:

// hashed comment field
    $save_comment_array = "be185c818e,0c732705c6,b59f992ff3,073ab00d00,b7cf1c28e6,a38b01f211,873bc77669,2c09296992,12540279b0,82a3333026,c2b31313fb,2fef3d9ab0,044cae1f62,276d60f3f1,6df8b3c326,5b7718cf5f,a38b01f211,3c41121df9,a2f05b2b8a,a85beba152,f7e781e966,14ceaee3f4,6a7d043ae2,778c72120c,ce1a393fe6,8fe0c4320c,5b9fb47340,ef2594f6cd,fbe1510232,11a5343131,0facb735fd,83830d171f,728699041e,dbbd2a12c0,94f6c5452c,a38b01f211,14f95763a6,497fbbd983,676ae68305,70cddf4c56,b64013e359,b7cf1c28e6,efd149c64b,150fb9e8bc,83830d171f,400204120c,3538bcb17a,74acc92650,a8f2d70ed5,8d88384730,36fd538eea,5baa8c5473,0803870868,36f8487b92,981e7ca850,544a32023b,6ebd49cfd3,00184a64ea,c27e6eb2e4,bc9c786ae1,c9080aaf51,4247288d84,5cdfc1807f,12634af390,46811b799b,544a32023b,55be7ea7a4,dcb107ead4,fd3e863823,da0722851b,80781e3b86,18338dcd9b,29a107ef57,b6a06750f5,7918744ef9,29a107ef57,4ef7d307ae,40b8390554,91a5c9054e,276d60f3f1,c877517703,11a5343131,0dda7317a7,f7e781e966,c750910429,b8e84043a0,3538bcb17a,400204120c,05d6397345,c750910429,497fbbd983,8a79dd7161,c24dd9b67b,ac1301da96,8b6e2869e2,87196299f8,2fef3d9ab0,29a107ef57,02e2584ef7,e228765df1,15de14576e,def55086ef,cd0b91617b,ada07200de,f7e781e966,46811b799b,13327c12ef,2236bc2514,74225d7b72,3b9201ed55,1f286013ef,a46abbd989,1119de2c80,3c6205862f,3c41121df9,f489ca9a1a,5796292fcd,db21bdd61b,c470549055,99e0b87357,3b0690f379,23cf2b34ed,83d1e88e9a,526025f91f,ffd0525739,3538bcb17a,0412a5cf9e,ae9db879ab,96ba27e997,47a0029852,df98ccce08,fbc5c7ca17,94b84758a5,7ad43fe06f,6cf5c1ec9c,a85beba152,1a687ab867,66e2ba2d45,25b44d2233,4b6720dad8,254609d6c3,dcb107ead4,370f14fc1f,702e5587aa,8691826563,a879972343,a18268b66a,5182fde070,6cf69c4d0d,05fa914555,94ccba9a27,263fa995d7,6b0b16ca4b,6fbdcffa8f,c2af542f85,d2b13c17a3,e1e163b0f9,8aa5ea3e9b,278449f11d,aadf3f9016,14ceaee3f4,396852ee5c,77abfe2f35,f489ca9a1a,b2ec4f9e06,166cbc88d0,b89fb2ec40,5796292fcd,04c8ceaef9,2167f1a3ba,497fbbd983,db21bdd61b,2be6bec32f,997feaf3dc,5796292fcd,0facb735fd,64fbc454c2,91a5c9054e,b73e4da4fa,c3a335f3ae,7b0ab6bcb8,5ed6a22ced,f60d5b740c,c11a56d822,db87412606,778c72120c,9a380bcb89,d32b37fd63,e8c3c15586,c750910429,c8bc49b610,5ae79dbd02,b2e2db54ce,6647f1b68d,40e557916b,0dda7317a7,5516a3e3b8,2b9267057a,287042798e,f0730c397e,d2b13c17a3,d9d9a9b96e,eae2c93470,7686ffe6a5,7193ae67b3,3529ccde96,05f5eac99f,1323193a8a,f95bd2cfca,9585490a12,7bcff9822c,7ad43fe06f,e3b7ae015a,a8f2d70ed5,4f6eed83bf,5ae79dbd02,a8d3dc2601,94a4b1b15b,0f8acb7970,c339c4b564,8e05f8acf5,b7cf1c28e6,392c8dcaef,1f286013ef,1ba2aaba59,ea8d855d21,a25302547b,23cf2b34ed,b703ea4444,dcd88b6168,ada07200de,5920744da4,67b0fd6190,8fe0c4320c,26a093d487,18338dcd9b,d1ea34141a,369240df30,555ae5671b,913afec5be,d9d9a9b96e,38e82ece61,a9b6559287,bdb88e5891,e22a052fa2,94f6c5452c,ecb825eb07,8d88384730,b990900a3c,e24eddf4fd,6c3e33729c,bed9fbcdc5,99be2a5102,1fa127f885,f31a3d8bf4,497fbbd983,91dab6ea27,51cf2b5077,efd149c64b,e42e788edb,54ea751b40,fb8e296e50,a89183b68b,a9b6559287,64fbc454c2,5478922908,2236bc2514,f5a165b11d,778c72120c,981e7ca850,01e77e73bc,fd3e863823,87196299f8,351902d15d,ecb825eb07,c1970b4126,22f29fee1c,5ae79dbd02,83d1e88e9a,1aa2ebe9fc,02e2584ef7,531650e38b,ece8b85c82,5b9fb47340,5796292fcd,74b83cf69b,f27025cc6d,a1d3fdc3e0,b64013e359,c339c4b564,a879972343,bdb88e5891,301b69e345,5cdfc1807f,9e25981f02,d9d9a9b96e,150fb9e8bc,9fbdb80787,c146799fb6,dce8d82289,c146799fb6,828e4c597d,5b9fb47340,67b0fd6190,497fbbd983,e1e163b0f9,6ebd49cfd3,1219677b92,92f8df5b53,d1ea34141a,2b9267057a,c146799fb6,b624160b10,eae7d945c0,f7e781e966,152a29029e,244281c406,4a2ca91fc8,f2b298e89b,7f85cb5b17,f3c806dcc0,2167f1a3ba,5796292fcd,94ccba9a27,111bf8a169,b990900a3c,00184a64ea,1f7707a098,6fbf843ba9,5516a3e3b8,df36f2da14,a7a33872ea,a46abbd989,317b6429b4,dbbd2a12c0,bdb88e5891,5ddd8293f5,6876836d0d,b7cf1c28e6,87196299f8,be185c818e,20aeb4fa97,5b9fb47340,091a36a2be,bdb88e5891,95882020f8,f542943224,2198c16888,b10c27d1f0,942103fa03,369bf130c1,1ff7ca0b0d,18d0846360,728699041e,24a558fc7e,14ceaee3f4,c9cf2b2cf5,c27e6eb2e4,9642c2d273,4c992ad22e,244281c406,ecb825eb07,5516a3e3b8,5516a3e3b8,72e82f53c1,24a558fc7e,6e0a6d00c4,d6b9f97ba9,92117680e7,4b6720dad8,d6b9f97ba9,a8f2d70ed5,5516a3e3b8,9c3fa62253,89ed33a135,b2e2db54ce,0a8736e9dc,cbfef8acc3,dc2130ffd0,ea8d855d21,390636a7b0,e22a052fa2,7f85cb5b17,050a6be134,94ccba9a27,271f318404,5aa41a2539,6cd647ce4d,ada07200de,27995e29f2,828e4c597d,ac1301da96,5aa41a2539,32a95ea49e,18d0846360,85182b0f16,a8f2d70ed5,571eeccaa3,6647f1b68d,70126bf083,15de14576e,12634af390,702e5587aa,c11a56d822,7f85cb5b17,841a622cb6,a783c73b50,79f971913e,6549bdf944,18338dcd9b,2167f1a3ba,676ae68305,677a7b21ec,02e2584ef7,8e82760e04,9fbdb80787,8b6e2869e2,b719d84270,31bae6dd69,a8f2d70ed5,a879972343,95882020f8,dcc195239f,71f4223780,48e3bcb44f,caf14edff8,07f8cadf70,f60d5b740c,9f8b8fcc03,c816b502ec,110aaaedf7,8aa5ea3e9b,e7559c2aa8,776087c82e,050a6be134,ad1e79e42c,3fef712200,d8679af5c5,4725975214,43854bc248,0facb735fd,8b808f3ce0,11a5343131,00184a64ea,74b83cf69b,34ab8dc0b0,981e7ca850,9063787c79,36f8487b92,c750910429,c3a335f3ae,20a8ef3340,eda9c8d1e7,04504f201c,fb8e296e50,244281c406,8dc9095959,fc80411e9a,e7559c2aa8,34c6b28811,776087c82e,8aa5ea3e9b,18338dcd9b,87162d37ae,7686ffe6a5,9e665f471c,acaf8d863a,2bc26f7ed9,7686ffe6a5,fb18cd9776,34c6b28811,9063787c79,72febbc5f4,7ec279aa37,fc950445b2,89ce254a4e,9562db1b12,287c133ecc,48e3bcb44f,afc5db2673,ec9c5fe741,71f4223780,f12fd5f172,fbc3a1369d,79f971913e,cca1e87d53,c5833c5a0a,4f18a7f1be,ff318d98d8,e9b05bd389,c894268ca5,9585490a12,5eb3ae7588,8417c67c58,dea711518a,71f4223780,1219677b92,3054ba9200,21654bad68,7d593e9447";
    $save_comment_array = explode(',',$save_comment_array);
        for ($k=0;$k<count($save_comment_array);$k++){    
                $save_comment_array[$k] .= base64_encode($pixelpost_site_title);}
    //$valid_savecomment = FALSE;
    if (isset($_GET['x'])){
    
        for ($k=0;$k<count($save_comment_array);$k++){    
            if (isset($_POST['parent_id'])&&is_numeric($_POST['parent_id'])&&
            $_GET['x']==$save_comment_array[$k].$_POST['parent_id']){
            //$valid_savecomment = TRUE;        
            $save_comment_str = $save_comment_array[$k].$_POST['parent_id'];                        
            break;            
            } // end if            
        }// end for k    
} 


just right below the line reads
} // end refererlog

replace every instance of 'save_comment' and "save_comment" with $save_comment_str inside index.php

3- in your template (where comment form exists) add these lines after </form>

HTML Code:

  <script type="text/javascript">
   trueAction = "index.php?x=<SAVE_COMMENT_COMMAND>"+"<IMAGE_ID>";
   document.forms.commentform.action = trueAction;
  </script>

sample comment_template.html for simple template is included

4- it's all done.

[pennyjack]

Thanks for the mod. It is up and running now. I was going to put it in tomorrow and then I got 50+ spam in the last hour! I figured no better time than now. I'll let you know how it goes! Thanks!!!!!!!

[pennyjack]

I am getting a 404 reply....

The site and comment field work just fine. On clicking to send comment I get this message...

Not Found
The requested URL /index.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Thoughts?

[sentinel]

<ignore>
hmm take a look at line 157

Code:

if (isset($_GET['x'])&& $_GET['x']!='atom' && $_GET['x']!='rss' && $_GET['x']!='save_comment' ){

add your $save_comment variable name / $_GET value when saving comments.
(as far as i saw at quick review you're not using 'save_comment' as GET[x] value)
</ignore>

//edit: duh sorry.. just checked the index.php in the .zip .. $save_comment_str is included in the check there.. sry .. i'll get another coffee now i think

[raminia+]

Quote:

Originally Posted by pennyjack

I am getting a 404 reply....

The site and comment field work just fine. On clicking to send comment I get this message...

Not Found
The requested URL /index.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Thoughts?

give me a link to your photoblog an I'll figure out what's the problem.

[raminia+]

Quote:

Originally Posted by sentinel

<ignore>
hmm take a look at line 157

Code:

if (isset($_GET['x'])&& $_GET['x']!='atom' && $_GET['x']!='rss' && $_GET['x']!='save_comment' ){

add your $save_comment variable name / $_GET value when saving comments.
(as far as i saw at quick review you're not using 'save_comment' as GET[x] value)
</ignore>

//edit: duh sorry.. just checked the index.php in the .zip .. $save_comment_str is included in the check there.. sry .. i'll get another coffee now i think

Thanks for the note, I forgot to mention that you should
replace every instance of 'save_comment' and "save_comment" with $save_comment_str inside index.php if you are going to change your index.php manually.

[pennyjack]

Thanks so much for the help. My blog is www.pixperiment.com. I will try the changes you suggested this afternoon, unfortunately I must go to work now :-)

[fofie]

pennyjack, your photos are just beautiful!