Jump to content


This topic is now archived and is closed to further replies.


Anti Spam :-(

Recommended Posts

I'm having a bit of trouble. I made a website for the birth of my baby cousin and made my own guestbook for it. [url=http://www.anouskat.com]http://www.anouskat.com[/url]. However, the guesbook is being flooded with spam. I've tried to filter out words but it doesn't help because there is some spamming with no words I can pick up safely. Can someone help me with an antispam script?

Here is the "add a guestbook entry" script that I wrote (a long time ago):



function validemail($email) {
  if(eregi("^[a-z0-9._-]+@+[a-z0-9._-]+.+[a-z]{2,3}$", $email)) return TRUE;
  else return FALSE;

header("Location: guestbook.php");

if((empty($_REQUEST['name'])) || (empty($_REQUEST['email'])) || (empty($_REQUEST['comment']))){
header("Location: guestbook.php?error=empty");

header("Location: guestbook.php?error=email");

$name = $_REQUEST['name'];
$email = $_REQUEST['email'];

$timeout = 60 * 60 * 24 * 30;

setcookie("anouskaname", "$name", time()+$timeout);
setcookie("anouskaemail", "$email", time()+$timeout);
setcookie("anouskaname", "", time()-$timeout);
setcookie("anouskaemail", "", time()-$timeout);

if(eregi("viagra|cialis|anal|mortgage|levitra|fuck|shit|cunt|pussy|casino|vagina|drug|forex|tramadol|carisprodol|gambling|lesbian|porn|sexy|hentai|cock|voyeur|threesome|amateur|phentermine|cheap|passport", $_REQUEST[comment])){

$time = time();
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO anouskat VALUES ('','$name','$email','$_REQUEST[comment]','$_REQUEST[commenton]','$time','$_SERVER[REMOTE_ADDR]','')";

header("Location: guestbook.php");


Please someone help. Perhaps a new post every 24 hours or something?



Share this post

Link to post
Share on other sites
When someone posts store the time in a table that matches with their IP and make them only be able to post every like 4 hours or something?  Or maybe make it 3 coulmns and make them be able to post like 3 times a day?  I made a logging scripts for use on some of my sites and it has a line that is like...

$minvar = "5";
$minvar2 = $minvar * 100;

$query = "SELECT * from $table1 where main = 'yes'";
$action = mysql_query($query);
$totalvisnum = mysql_result($action,0,'total');
$totalvis = $totalvisnum + 1;
$month = date(m);
$day = date(d);
$hour = date(h);
$minute = date(i);
$seconds = date(s);
$time = "$month$day$hour$minute$seconds";
$visnum = mysql_query("Select * from $table2 where ip = '$ipaddr'");
@$visnum2 = mysql_result($visnum,0,'ip');
if($visnum2 != $ipaddr)
$query = "INSERT INTO $table2 (ip,time,visits,banned) VALUES ('$ipaddr','$time','1','no')";
mysql_query("UPDATE total_visits set total = '$totalvis'");
elseif($visnum2 == $ipaddr)
$vistime = mysql_result($visnum,0,'time');
$time2 = $time - $minvar2;
if($time2 >= $vistime)
$vis1 = mysql_query("Select * from $table2 where (ip='$ipaddr')");
$vis2 = mysql_result($vis1,0,'visits');
$vis3 = $vis2 + 1;
$query = "UPDATE $table2 set visits = '$vis3', time = '$time' Where (ip='$ipaddr')";
mysql_query("UPDATE $table1 set total = '$totalvis'");
mysql_query($query) or die(mysql_error());[/code]

It checks if the current time is X minutes ahead of the stored time, and if it is it updates the database to reflect them visiting the page again.  You could use it in a similiar way, and have it let them post, or not post dependant upon the time difference...

(PS with that script times are stored like.... 0702023414.  that would be July (07) 2nd (02) at 2 (02) 34 (34) and 14 (14) seconds)  So the script would say 5 minutes * 100 = 500, so if the current time in that format was >= 0702023914 it would count them.. And you could maybe use a similiar method to let them post or not?

Gah sorry for some of my random rambling in this post.

Share this post

Link to post
Share on other sites
yeah... simply ip filtering... session filtering , cookies checking... time deay...

1. 1 post per day in each ip address. //store poster ip address in  guestbook entries table and check it
2. set one intervel for each posts... based on ip address....

have fun...

Thank you,

Share this post

Link to post
Share on other sites
Thanks everyone!

Looking at all your input, I'm thinking of maybe setting a cookie with a timestamp? If the spammers are determined enough to then clear cookies before each post, I'll make a table with IP against timestamp.

Thanks again


Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.