Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

How does BotStop know which question was asked?

I've been looking at the BotStop plug-in's code, and I was wondering if anyone might be able to tell me how it knows which question was asked to the user? This is the code that it uses to get the answer that was given and the allowed answers:

$test = $Sender->EventArguments['User']['BotCheck'];
$a1 = C('Plugins.BotStop.Answer1');
$a2 = C('Plugins.BotStop.Answer2');

It then goes on to do a simple check. That's fine, but how does it know what question was presented to the user and thus which answers are valid front he list of possible answers?

Does C (which I realise the configuration getter) do some magic here? I don't see anything in the plug-in code that sets a specific question in the session information to know which question was asked, which is sort of what I was expecting?



  • Options

    Looking at the code it doesn't. As far as I can see there is only only question with two possible answers.

    This isn't going to stop much for long, no unless you are constantly changing the question and answers.

    The only thing it has got going for it is possible unfamiliarity to the spam software.

    grep is your friend.

  • Options

    Ah! Suddenly the pieces fall into place. Thanks makes sense - thanks! Time for a little bit of an upgrade to the script then - I'll post a gist or mini repo with the changes I make if anyone else is interested in them.


Sign In or Register to comment.