EternalSorrow Posted May 22, 2010 Share Posted May 22, 2010 I've recently found that spammers have been using my open submit system on a website to input their trashy links into my database, and thus my website. I was thinking about implementing a blacklist (because visitors could possibly put in both numbers and letters, so a whitelist doesn't seem practical) which would identify "http" or "href" in the input information and return an error message rather than insert into the db. I've found several useful posts on this site, but I have the worst time (and rusty skills) in implementing the needed code into my current layout. Any help, advice, or comments on changing the code would be most welcome. Here's my current (overly-simplified and insecure) code for reference: <? if ($_POST["submit"]) { $id = $_POST["id"]; $author = $_POST["author"]; $title = $_POST["title"]; $summary = mysql_real_escape_string ($_POST["summary"]); $datetime = $_POST['date("d/m/y H:i:s")']; $sql = sprintf("UPDATE archives SET `summary`='$summary',datetime=NOW() WHERE `id`= '$id' ", mysql_real_escape_string($author), mysql_real_escape_string($title)) or die(mysql_error()); $result = mysql_query($sql) or die(mysql_error()); echo "<a href=\"info.php?author=$author&title=$title\">Refresh the page</a> to view the edited content."; } ?> Link to comment https://forums.phpfreaks.com/topic/202603-blacklist-help-adjusting-code/ Share on other sites More sharing options...
Tonic-_- Posted May 23, 2010 Share Posted May 23, 2010 IF users are spamming your post form why not setup a captcha/recaptcha form to verify the user is infact human. Link to comment https://forums.phpfreaks.com/topic/202603-blacklist-help-adjusting-code/#findComment-1062103 Share on other sites More sharing options...
EternalSorrow Posted May 23, 2010 Author Share Posted May 23, 2010 Unfortunately I know less about implementing a captcha code into my current script than I do about the blacklist. Any ideas on what captcha to use and tips on how to use it? Link to comment https://forums.phpfreaks.com/topic/202603-blacklist-help-adjusting-code/#findComment-1062107 Share on other sites More sharing options...
Tonic-_- Posted May 23, 2010 Share Posted May 23, 2010 Umm I found a captcha script awhile ago, I don't have the exact files on my hard drive anymore but I do have them on my server i'll download them and .zip them together and will edit the post on what to do. Ah, the source has a link URL. http://www.white-hat-web-design.co.uk/articles/php-captcha.php Just edit the main .php file and set the session settings to what you want. Link to comment https://forums.phpfreaks.com/topic/202603-blacklist-help-adjusting-code/#findComment-1062109 Share on other sites More sharing options...
EternalSorrow Posted June 2, 2010 Author Share Posted June 2, 2010 After a few unsuccessful tries, I'm back to step one with even more spam building in my database. Does anyone know how to create a blacklist with my above sample code, or at least show me a good, working example somewhere on the tubes? Link to comment https://forums.phpfreaks.com/topic/202603-blacklist-help-adjusting-code/#findComment-1066875 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.