| View previous topic :: View next topic |
| Author |
Message |
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
 Posted: Sat Nov 27, 2004 4:05 am Post subject: [Hack] Word Verifier for Comments |
 |
|
Have your commenters type in the first word of your post to comment with this hack.
In the "b2comments.post.php" file after the "comment_post_ID" variable, put the following:
| Code: | $word = strtolower(trim($HTTP_POST_VARS["word"]));
$postdata = get_postdata($comment_post_ID);
$content = strip_tags($postdata["Content"]);
eregi("[a-z0-9\-]+", $content, $matches);
if (empty($word) || $word != strtolower($matches[0])) {
setcookie("comment",$comment, time()+30000000);
echo "Error: the word you entered do not match or is empty.";
echo "\n<br><br>\n<a href=\"javascript:history.go(-1);\">go back</a>\n\n";
exit;
} elseif (isset($HTTP_COOKIE_VARS["comment"])) {
setcookie("comment","", time()-30000000);
} |
Then on top of your comment page(s):
| Code: | | $comment = (empty($HTTP_COOKIE_VARS["comment"])) ? "comment" : $HTTP_COOKIE_VARS["comment"]; |
right after
| Code: | | $comment_author_url = (empty($HTTP_COOKIE_VARS["comment_author"])) ? "url" : trim($HTTP_COOKIE_VARS["comment_author_url"]); |
Then in your comment form:
| Code: | | Please enter the <b>first word</b> of this post: <input type="text" name="word" size="10"> |
And in between the textarea tag:
| Code: | | <?php echo $comment ?> |
_________________
Michael P.
Last edited by Cyberian75 on Sat Dec 11, 2004 1:07 am; edited 6 times in total |
|
| Back to top |
|
 |
kiss
Joined: 09 Sep 2004
Posts: 63
Location: Brooklyn
|
| Posted: Sat Nov 27, 2004 9:24 am Post subject: |
|
|
| Awwww Mike you're a genius!!! It works perfectly. Funny thing is I forgot to add <?php echo $comment ?> but it still works. Is that alright? |
|
| Back to top |
|
|
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
| Posted: Sat Nov 27, 2004 7:35 pm Post subject: |
|
|
Yes. 
_________________
Michael P.
|
|
| Back to top |
|
|
papervixen
Joined: 02 Feb 2003
Posts: 4
Location: Toronto, ON
|
| Posted: Sat Nov 27, 2004 7:40 pm Post subject: |
|
|
| Thanks so much for this! I hope it will help with the 900+ spam e-mails I'm getting a day. *shakes fist* |
|
| Back to top |
|
|
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
| Posted: Sat Nov 27, 2004 7:49 pm Post subject: |
|
|
_________________
Michael P.
Last edited by Cyberian75 on Sat Nov 27, 2004 9:45 pm; edited 1 time in total |
|
| Back to top |
|
|
Sigg3
Joined: 03 Jul 2003
Posts: 906
Location: Oslo, Norway
|
|
| Back to top |
|
|
papervixen
Joined: 02 Feb 2003
Posts: 4
Location: Toronto, ON
|
| Posted: Sat Nov 27, 2004 7:54 pm Post subject: |
|
|
| Thank you so much! I'll look into those right away. |
|
| Back to top |
|
|
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
| Posted: Sat Nov 27, 2004 8:17 pm Post subject: |
|
|
This should be more accurate...
| Code: |
$word = strtolower(trim($HTTP_POST_VARS["word"]));
$postdata = get_postdata($comment_post_ID);
$content = $postdata["Content"];
eregi("^[a-z0-9]+", $content, $matches);
if (empty($word) || $word != strtolower($matches[0])) {
setcookie("comment",$comment, time()+30000000);
echo "Error: the word you entered do not match or is empty.";
echo "\n<br><br>\n<a href=\"javascript:history.go(-1);\">go back</a>\n\n";
exit;
} elseif (isset($HTTP_COOKIE_VARS["comment"])) {
setcookie("comment","", time()-30000000);
}
|
Could someone test this out?
_________________
Michael P.
|
|
| Back to top |
|
|
evelyne
Joined: 12 Dec 2002
Posts: 23
Location: Delft - The Netherlands
|
| Posted: Sun Nov 28, 2004 11:37 am Post subject: testing |
|
|
| I've implemented it at one of my logs. Let you know if there are any troubles. It seem to work for now. |
|
| Back to top |
|
|
evelyne
Joined: 12 Dec 2002
Posts: 23
Location: Delft - The Netherlands
|
| Posted: Sun Nov 28, 2004 12:07 pm Post subject: error |
|
|
the check gives an error when there is no first word, but an image first. Using the first word (which isn't the image for the readers, but the first word after the html) wouldn't work than
_________________
--
Anything About Everything (in Dutch)
http://www.veel-in-een.nl |
|
| Back to top |
|
|
evelyne
Joined: 12 Dec 2002
Posts: 23
Location: Delft - The Netherlands
|
| Posted: Sun Nov 28, 2004 12:36 pm Post subject: just a thought |
|
|
I thought stripping the html would work, with something like this:
| Code: | $search = array ("'<script[^>]*?>.*?</script>'si", // Strip out javascript
"'<[\/\!]*?[^<>]*?>'si", // Strip out HTML tags
"'([\r\n])[\s]+'", // Strip out white space
"'&(quot|#34);'i", // Replace HTML entities
"'&(amp|#38);'i",
"'&(lt|#60);'i",
"'&(gt|#62);'i",
"'&(nbsp|#160);'i",
"'&(iexcl|#161);'i",
"'&(cent|#162);'i",
"'&(pound|#163);'i",
"'&(copy|#169);'i",
"'&#(\d+);'e"); // evaluate as php
$replace = array ("",
"",
"\\1",
"\"",
"&",
"<",
">",
" ",
chr(161),
chr(162),
chr(163),
chr(169),
"chr(\\1)");
$content = preg_replace($search, $replace, $content); |
Just after:
| Code: | | $content = $postdata["Content"]; |
But I think I miss something, because it isn't working. Someone knows what I miss (echo the $content gives me the content without the html, so it should have worked) |
|
| Back to top |
|
|
evelyne
Joined: 12 Dec 2002
Posts: 23
Location: Delft - The Netherlands
|
| Posted: Sun Nov 28, 2004 12:55 pm Post subject: another small bug |
|
|
when the first word contains a "-", it will only check for the letters before this sign. The logs I administrate are in dutch. For dutch people something like:
"log-aanbieding"
would be one word. But the check will only work after entering:
log
not with
log-aanbieding
The solution for the problems with the image:
for now I'm not checking on the first word of the content, but the first word of the title. It works for me, because the log where I'm testing uses titles all the time. |
|
| Back to top |
|
|
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
| Posted: Sun Nov 28, 2004 7:15 pm Post subject: |
|
|
"[a-z0-9\-]+" would work.
_________________
Michael P.
|
|
| Back to top |
|
|
kiss
Joined: 09 Sep 2004
Posts: 63
Location: Brooklyn
|
| Posted: Mon Nov 29, 2004 12:32 am Post subject: |
|
|
| Umm...which one is better then? The first one or the second one that was posted? |
|
| Back to top |
|
|
Cyberian75
Joined: 26 Sep 2002
Posts: 1285
Location: Oregon
|
| Posted: Mon Nov 29, 2004 12:52 am Post subject: |
|
|
The last one.
_________________
Michael P.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
