HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

First step to writing this pluging?

Hi all,

I want to write a plugin for my own use for Vanilla forums. I've noticed a very specific pattern my spam registrations follow, and I want to try to break it.

What I want to do is:

  1. Once a day, scan my registrations
  2. Anyone who has registered but not appeared again within x days has their "member" role removed, and replaced with "suspicious." The suspicious role is set up so all posts have to be manually approved until I say, okay, you're fine.
  3. Once I say "okay, you're fine" this never happens again.

In a pinch, I could remove the "once a day" thing and just make it a button I push on dashboard... but what I'm having trouble finding is how I might go about scanning the database, adding a flag for "You're fine", and changing the role. Can anyone point me toward the proper place in the documentation?


  • R_JR_J Ex-Fanboy Munich Admin

    I would write the plugin like that:

    1. Create a role for "Suspicious" (though I would give it a friendlier name) that has Vanilla Approval Required "permission" checked
    2. Write a plugin that adds a column to the User table "TrustedMember" with default to "false"
    3. Hook UserModels event UpdateVisit and compare the new value for the field DateLastActive with the session users field DateLastActive
    4. Compare date diff and if below threshold mark user as TrustedMember.
    5. If date diff is above, change role to Suspicious.

    By hooking the event mentioned in 3) the check would have made whenever a user visits your page. Therefore you wouldn't need cron or something like that for it.
    Don't forget your current members! Either set them with an SQL as trusted members or do an extra check before changing their role (e.g. discussion + comment + message count > 0)

    That said, have you considered creating a "Freshman" role for new members that requires moderation? I think you better should do it like that and maybe write a plugin that changes role on first approved discussion/comment.

Sign In or Register to comment.