GuestPost v1.3

Dinoboff

You should tried to add a key to the form that is different for each user and hard to guess and that you save in the user session. To validate the post, compare the key that you received in the form with the one in the session. if it fail, the user didn't user the form. it is a bot. The now need to visit your pages. The one that visit your page and fill the form, can be cough with a honey-pot. You add field that you hide with css. The bot try to fill everything, if he fill the honey pot you know it is a bot.

Wanderer

Dinoboff, the script I just sent Minisweeper does just that! (Apart from the CSS stuff)

Posted: Thursday, 8 March 2007 at 8:52AM (AEDT)

Minisweeper

Errr, sorry Wanderer that email address i put in doesnt actually exist. Can you forward it to the one in my profile?

Wanderer

Doh, I knew that!

Minisweeper

Got it. I dont want to launch into this now cause i should be heading to bed soon but keep on my back about it...

Wanderer

Quote: Myself
This extension works well if the username and password boxes are left empty, or a valid combination is entered.
However, an invalid username or password results in this error written to the top of the page...

Warning: Missing argument 2 for forceincomingstring() in /forum/library/Framework/Framework.Functions.php on line 340

I fixed, or rather avoided this problem by hiding the username and password fields, (using input type="hidden") this ensures nothing gets typed in them. Members know to sign in before they post.

Posted: Thursday, 8 March 2007 at 12:26PM (AEDT)

jpsloshua

Ok hope you got something to show soon because the spammers are back with a vengance. I have just closed my forum after deleting over 200 comments.

Wanderer

Yes me too mate, SPAMmers are a scourge, banning their IP address using .htaccess does not work either.

Posted: Wednesday, 14 March 2007 at 7:57PM (AEDT)

Minisweeper

So Wanderer out of the stuff you sent me which bits do i actually need and how do i validate that the input was correct?

Wanderer

You really only need the js and the codes (gifs)

How it works...
The JavaScript (placed inside the form) displays a random code image and creates a hidden field (called "very" short for verify) containing the corresponding code.

The validation compares the contents of the hidden field "very" with the input by the user.

If they match, the form is submitted, if not... a polite "get stuffed" message is displayed.

There's currently only 10 different code gifs to keep things simple but these could easily be increased.

Posted: Thursday, 15 March 2007 at 12:32PM (AEDT)

Minisweeper

So i have to do the validation on the back end?

Wanderer

Yes, wherever Vanilla does its stuff, that's where I fall down flat on my face.
I'm able to create PHP code to validate but not integrate it with the Vanilla code.

Posted: Thursday, 15 March 2007 at 12:46PM (AEDT)

Minisweeper

Lets take this official!

jpsloshua

Love it. Thanks a million. One problem though. There seems to be some collision with the Notify 0.2 Extension. I could really care less though as i would rather have yours any day. Have a good rest.

sstawarz

Anyone still using this? When I try to hit a discussion that is marked for members only, and I'm not logged in: I get the following error: Notice: Trying to get property of non-object in /forum/extensions/GuestPost/default.php on line 32 Anyone have a suggestion?

Minisweeper

What do you mean marked for members only?

sstawarz

Certain discussion categories can be given access to various roles. so, I have a few discussion categories that are only available to members and not to the general public. So, when I am a guest in the guest role, I try to hit a post that is not available to the general, public I get that error.

Minisweeper

But surely if you're a guest you cant view the stuff which isnt available to the public anyway so you cant post in it?

Hamed

yeah but i think he does not want to get the error he probably just wants a simple notice bar popping up ======================= anyway i can take off 'type in the following code? part of this extension?"

Minisweeper

I'm pretty sure I made that an optional thing didnt i? It's called a captcha.