Jump to content


Anti Spam :-(

  • Please log in to reply
3 replies to this topic

#1 gausie

  • Members
  • PipPipPip
  • Advanced Member
  • 40 posts
  • LocationA Syntax Error

Posted 02 July 2006 - 07:22 PM

I'm having a bit of trouble. I made a website for the birth of my baby cousin and made my own guestbook for it. http://www.anouskat.com. However, the guesbook is being flooded with spam. I've tried to filter out words but it doesn't help because there is some spamming with no words I can pick up safely. Can someone help me with an antispam script?

Here is the "add a guestbook entry" script that I wrote (a long time ago):



function validemail($email) { 
  if(eregi("^[a-z0-9._-]+@+[a-z0-9._-]+.+[a-z]{2,3}$", $email)) return TRUE; 
  else return FALSE; 

	header("Location: guestbook.php");

if((empty($_REQUEST['name'])) || (empty($_REQUEST['email'])) || (empty($_REQUEST['comment']))){
	header("Location: guestbook.php?error=empty");

	header("Location: guestbook.php?error=email");

$name = $_REQUEST['name'];
$email = $_REQUEST['email'];

$timeout = 60 * 60 * 24 * 30;

	setcookie("anouskaname", "$name", time()+$timeout);
	setcookie("anouskaemail", "$email", time()+$timeout);
		setcookie("anouskaname", "", time()-$timeout);
		setcookie("anouskaemail", "", time()-$timeout);

if(eregi("viagra|cialis|anal|mortgage|levitra|fuck|shit|cunt|pussy|casino|vagina|drug|forex|tramadol|carisprodol|gambling|lesbian|porn|sexy|hentai|cock|voyeur|threesome|amateur|phentermine|cheap|passport", $_REQUEST[comment])){

$time = time();
@mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO anouskat VALUES ('','$name','$email','$_REQUEST[comment]','$_REQUEST[commenton]','$time','$_SERVER[REMOTE_ADDR]','')";

header("Location: guestbook.php");


Please someone help. Perhaps a new post every 24 hours or something?


Inner Dreams My pen is there always - as inner dreams

Just remember: united, we are an idiot

#2 corbin

  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 02 July 2006 - 07:36 PM

When someone posts store the time in a table that matches with their IP and make them only be able to post every like 4 hours or something?  Or maybe make it 3 coulmns and make them be able to post like 3 times a day?  I made a logging scripts for use on some of my sites and it has a line that is like...

$minvar = "5";
$minvar2 = $minvar * 100;

$query = "SELECT * from $table1 where main = 'yes'";
$action = mysql_query($query);
$totalvisnum = mysql_result($action,0,'total');
$totalvis = $totalvisnum + 1; 
$month = date(m);
$day = date(d);
$hour = date(h);
$minute = date(i);
$seconds = date(s);
$time = "$month$day$hour$minute$seconds";
$visnum = mysql_query("Select * from $table2 where ip = '$ipaddr'");
@$visnum2 = mysql_result($visnum,0,'ip');
if($visnum2 != $ipaddr)
$query = "INSERT INTO $table2 (ip,time,visits,banned) VALUES ('$ipaddr','$time','1','no')";
mysql_query("UPDATE total_visits set total = '$totalvis'");
elseif($visnum2 == $ipaddr) 
$vistime = mysql_result($visnum,0,'time');
$time2 = $time - $minvar2;
if($time2 >= $vistime) 
		$vis1 = mysql_query("Select * from $table2 where (ip='$ipaddr')");
		$vis2 = mysql_result($vis1,0,'visits');
		$vis3 = $vis2 + 1;
		$query = "UPDATE $table2 set visits = '$vis3', time = '$time' Where (ip='$ipaddr')";
		mysql_query("UPDATE $table1 set total = '$totalvis'");
mysql_query($query) or die(mysql_error());

It checks if the current time is X minutes ahead of the stored time, and if it is it updates the database to reflect them visiting the page again.  You could use it in a similiar way, and have it let them post, or not post dependant upon the time difference...

(PS with that script times are stored like.... 0702023414.  that would be July (07) 2nd (02) at 2 (02) 34 (34) and 14 (14) seconds)  So the script would say 5 minutes * 100 = 500, so if the current time in that format was >= 0702023914 it would count them.. And you could maybe use a similiar method to let them post or not?

Gah sorry for some of my random rambling in this post.
Why doesn't anyone ever say hi, hey, or whad up world?

#3 karthikeyan_coder

  • Members
  • PipPipPip
  • Advanced Member
  • 201 posts

Posted 02 July 2006 - 08:35 PM

yeah... simply ip filtering... session filtering , cookies checking... time deay...

1. 1 post per day in each ip address. //store poster ip address in  guestbook entries table and check it
2. set one intervel for each posts... based on ip address....

have fun...

Thank you,

#4 gausie

  • Members
  • PipPipPip
  • Advanced Member
  • 40 posts
  • LocationA Syntax Error

Posted 02 July 2006 - 11:40 PM

Thanks everyone!

Looking at all your input, I'm thinking of maybe setting a cookie with a timestamp? If the spammers are determined enough to then clear cookies before each post, I'll make a table with IP against timestamp.

Thanks again

Inner Dreams My pen is there always - as inner dreams

Just remember: united, we are an idiot

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users