Jump to content


Photo

txt Guestbook. How to block spam.


  • Please log in to reply
6 replies to this topic

#1 mcfly

mcfly
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 02 August 2006 - 09:54 PM

Hi, see below..
This is a php file that writes guestbook info to a txt file. I have a problem with spam in my guestbook, and I wonder if anyone knows about a "tag" that can block web addresses entered in the "comment field"
F.ex. If you enter "http://www" in the comment field, you will get blocked...

Just take a look at this site, and you'll know what i mean;
http://slap-madcap.com/guestbook.php

Thanks
--- Erik

<?php

while(list($key, $val) = each($HTTP_POST_VARS))

{ $val = str_replace("<", "&lt;", $val);

$HTTP_POST_VARS[$key] = str_replace(">", "&gt;", $val);

}

$date = date("d. m. Y H:i:s");

$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["name"]."<br>".
"<b>Time:</b> $date<br>".

"<b>Comment: </b>".$HTTP_POST_VARS["comment"]." <br><hr> \n";






$logit = stripslashes($logit);
$fp = fopen ("innlegg.txt", "r+") or die("Error, somthing is wrong.");
$Old = fRead ($fp, filesize("innlegg.txt"));
fclose ($fp);
$fp = fopen ("innlegg.txt", "w") or die("Error, somthing is wrong.");
fwrite ($fp, $logit);
fwrite ($fp, $Old);
fclose ($fp);
header("Location: guestbook.php");

?>
edit(shoz): Edited for language

#2 legohead6

legohead6
  • Members
  • PipPipPip
  • Advanced Member
  • 434 posts

Posted 02 August 2006 - 10:16 PM

you could set up a database with unallowed addresses then see if the comment relates to those.. ...... also theres a code to turn to lower case so someone can fool it like that...
"Syntax error" .. WHERE THE **** IS IT?!

#3 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 02 August 2006 - 10:31 PM

use regular expressions

or str_replace for certain sites
Tell me the problem, I will try tell you the solution

#4 AndyB

AndyB
  • Staff Alumni
  • Advanced Member
  • 5,465 posts
  • LocationToronto

Posted 02 August 2006 - 10:59 PM

This works for me:

// function to check for all our favorite penis extenders and other spam trash
function flag_spam($text) {
	$total_matches = 0;
	$trash = array();

	// Count the regular links
	$regex = "/<\\s*a\\s+href\\s*=\\s*/i";
	$total_matches += preg_match_all($regex, $text, $trash);
    
	// Count the PHPBB links
	$regex = "/[\\s*/\\s*url\\s*]/i";
	$total_matches += 5 * preg_match_all($regex, $text, $trash); 

	// Check for common spam words
	$words = array('phentermine', 'viagra', 'cialis', 'vioxx', 'oxycontin', 'levitra', 'ambien', 'xanax', 'paxil', 'casino', 'slot-machine','texas-holdem','ringtones');
    
	foreach ($words as $word) {
   		$word_matches = preg_match_all('/' . $word . '/i', $text, $trash);
   		$total_matches += 5 * $word_matches;
	}
    
	if ($total_matches > 4) {
   		return TRUE;
	}
	return FALSE;
}  

// abstract data sent from form
.....
$comments = trim($_POST['comments']);

if (flag_spam($comments)) {
    die("SPAM = LOSER"); // gotcha!
}
// comments not null so continue processing form by removing tags, slashes, etc.
$comments = strip_tags($comments);

Legend has it that reading the manual never killed anyone.
My site

#5 mcfly

mcfly
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 05 August 2006 - 03:51 PM

OK, thanks, folks! But I can't get it to work.. Excactly where shall I write it?
Could anyone just edit the code for me and post it here?

(I'm not a web-dude at all, I was just left alone trying to fix my own page)

Thanks!
Erik


<?php

while(list($key, $val) = each($HTTP_POST_VARS)) 

{ $val = str_replace("<", "&lt;", $val); 

$HTTP_POST_VARS[$key] = str_replace(">", "&gt;", $val); 

} 

$date = date("d. m. Y H:i:s");

$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>".
"<b>Time:</b> $date<br>".

"<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";



$logit = stripslashes($logit);
$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");
$Old = fRead ($fp, filesize("innlegg.txt"));
fclose ($fp);
$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");
fwrite ($fp, $logit);
fwrite ($fp, $Old);
fclose ($fp); 
header("Location: crapbook.php");

?>


#6 leeming

leeming
  • Members
  • PipPipPip
  • Advanced Member
  • 93 posts

Posted 05 August 2006 - 03:58 PM

OK, thanks, folks! But I can't get it to work.. Excactly where shall I write it?
Could anyone just edit the code for me and post it here?

(I'm not a web-dude at all, I was just left alone trying to fix my own page)

Thanks!
Erik


<?php

while(list($key, $val) = each($HTTP_POST_VARS)) 

{ $val = str_replace("<", "&lt;", $val); 

$HTTP_POST_VARS[$key] = str_replace(">", "&gt;", $val); 

} 

$date = date("d. m. Y H:i:s");

$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>".
"<b>Time:</b> $date<br>".

"<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";



$logit = stripslashes($logit);
$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");
$Old = fRead ($fp, filesize("innlegg.txt"));
fclose ($fp);
$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");
fwrite ($fp, $logit);
fwrite ($fp, $Old);
fclose ($fp); 
header("Location: crapbook.php");

?>





add the code AndyB said... like this


<?php

// function to check for all our favorite penis extenders and other spam trash
function flag_spam($text) {
	$total_matches = 0;
	$trash = array();

	// Count the regular links
	$regex = "/<\\s*a\\s+href\\s*=\\s*/i";
	$total_matches += preg_match_all($regex, $text, $trash);
    
	// Count the PHPBB links
	$regex = "/[\\s*/\\s*url\\s*]/i";
	$total_matches += 5 * preg_match_all($regex, $text, $trash); 

	// Check for common spam words
	$words = array('phentermine', 'viagra', 'cialis', 'vioxx', 'oxycontin', 'levitra', 'ambien', 'xanax', 'paxil', 'casino', 'slot-machine','texas-holdem','ringtones');
    
	foreach ($words as $word) {
   		$word_matches = preg_match_all('/' . $word . '/i', $text, $trash);
   		$total_matches += 5 * $word_matches;
	}
    
	if ($total_matches > 4) {
   		return TRUE;
	}
	return FALSE;
}  

//$_POST['comments'], change this to what ever your field name is for the message in the guest book.
$comments = trim($_POST['comments']);

if (flag_spam($comments)) {
    die("SPAM = LOSER"); // gotcha!
}
// comments not null so continue processing

while(list($key, $val) = each($HTTP_POST_VARS)) 

{ $val = str_replace("<", "&lt;", $val); 

$HTTP_POST_VARS[$key] = str_replace(">", "&gt;", $val); 

} 

$date = date("d. m. Y H:i:s");

$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>".
"<b>Time:</b> $date<br>".

"<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";



$logit = stripslashes($logit);
$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");
$Old = fRead ($fp, filesize("innlegg.txt"));
fclose ($fp);
$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");
fwrite ($fp, $logit);
fwrite ($fp, $Old);
fclose ($fp); 
header("Location: crapbook.php");

?>

just see the php note i added... i hope that works
Im not perfect ;) lol

#7 mcfly

mcfly
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 06 August 2006 - 03:19 PM

Thanks a lot! It works perfectly!

Erik




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users