Jump to content

Recommended Posts

Hi this is my friend's website http://www.babysam.info/index.php

 

On the lower left corner on this page there's a light-a-candle script where the public can post their messages simply by clicking on Submit, nothing else required.  The big problem is spammers keep on bombarding it with viagra, cialis and stuff. :-\

 

Is there a code that filters out these text? Or do you have a suggestion? Hmm this is not my site, so the appearance and layout has to remain the same.. 8)

 

Thanks in advance for your help!!! :-*

 

This is what I found in the source code of the page [javascript]

function validate_form_candle()

{

var ctr="";

if(document.form_candles.fname.value==""){ctr=ctr+"Insert First name\n";}

if(document.form_candles.lname.value==""){ctr=ctr+"Insert First name\n";}

if(document.form_candles.message.value==""){ctr=ctr+"Insert Message\n";}

 

}

Link to comment
https://forums.phpfreaks.com/topic/37273-spamming-in-public-message-board/
Share on other sites

check the post to see if it contains a url - if so don't allow it to be processed. You will need a regular expression for this something like

 

<?php

$string = $_POST['message'];

if (preg_match('/(a href)|(www\.(.*)?\.)/',$string)
{
// url detected - don't process.
// maybe record ip address and ban it from entering site again.
}
else
{
// message ok write to database so it is included..
}

?>

 

Something like that - someone will be able to come up with a far more elegant and sopisticated regular expression for your needs though. CAPTCHA is an option but perhaps a little overkill for your needs.

Haha thanks for the info guys, but how do I implement em. Well, hope this will help, i found in on the source code of the main page:

 

1. I guess this is the form

 

<td align="center"><form name="form_candles" method="post" onSubmit="return " action="validate.php?add=message">

<table cellpadding="0" cellspacing="2" border="0" class="candle-form">

<tr>

<td align="left"><strong class="candle-font">First Name:</strong></td>

</tr>

<tr>

<td><input type="text" name="fname"></td>

</tr>

<tr>

<td align="left"><strong class="candle-font">Last Name:</strong></td>

</tr>

<tr>

<td><input type="text" name="lname"></td>

</tr>

<tr>

<td align="left"><strong class="candle-font">Message:</strong></td>

</tr>

<tr>

<td><textarea name="message" rows="5" cols="10"></textarea></td>

</tr>

<tr>

<td align="center"><input type="submit" name="submit" value="submit" style="width:70px; cursor:hand; cursor:pointer;"></td>

</tr>

</table></form></td>

 

 

2. See up there the "candle-form" ?

 

I think it links here to the candle-form.js source is

function validate_form_candle()

{

var ctr="";

if(document.form_candles.fname.value==""){ctr=ctr+"Insert First name\n";}

if(document.form_candles.lname.value==""){ctr=ctr+"Insert First name\n";}

if(document.form_candles.message.value==""){ctr=ctr+"Insert Message\n";}

 

}

 

_________________________________________

 

Okay can anybody tell me how I can add this into the script??

 

<?php

 

$string = $_POST['message'];

 

if (preg_match('/(?:<a.*?href|www\.)/is',$string)

{

// url detected - don't process.

// maybe record ip address and ban it from entering site again.

}

else

{

// message ok write to database so it is included..

}

 

?>

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.