How to Stop Spam On phpBB Forums
Dec 21st, 2006 by thesamet
The idea is to ask the spam bot a question which it does not expect, but it will be no problem for the users to answer. I’ve added to the registration form the question “How much is 5+2 ?”. Most of the new forum members were able to answer it on the first attempt. But spam bots had no clue.
So until someone bothers to write a spam bot specifically for my forums – I am okay. When it happens, I’ll just change the question. It can be many things: “What was the color of the white horse of Hammurabi?” or “How long did the six-day war lasted?” and so on. You got the point.
Here is how to do it.
In the template directory, edit profile_add_body.tpl, and add a new row the the form:
<td class="row1"><span class="gen">How much is 5+2 *</span></td>
<td class="row2">
<input type="text" class="post" style="width: 200px" name="math_question" size="6" maxlength="6" value="" />
</td>
</tr>
Browse to the registration page on your forum to see that it looks right.
In includes/usercp_register.php, look around line 260, and add the condition that checks if the question was answered properly:
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ‘<br />’ : ” ) . $lang[‘Fields_empty’];
};
if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘<br/>’ : ”) . "Incorrect answer to the mathematical question…";
}
}
Until a spammer will use “Ask Jeeves” to bypass this also…
Or,….
Hire humans to answer your registration questions…
Or… Trick humans into answering your registration question… Automatically
As long as it is possible for legitimate human beings to register and post, it is *possible* for spammers to find a way to get in and do that. If they can hire humans – then it would be hard to tell apart if the human is legitimate or not.
But in practice (and that’s what important in this case), spam is so ineffective, that in order to make a positive return of investment they must be able to spread their message across thousands of forums at low cost. It is highly unlikely that someone would program a bot specifically for my forums.
And if a spammer found an automated way to get answers from AskJeeves for any question a registration form poses, then he can make much more money doing other things but spam.
i have put the first part of the fix in and it works however i’m having problems getting the second part working. i saved a copy of the “includes/usercp_register.php” as “includes/usercp_registerold.php” so that i always have the original code to go back to but all the things i’ve tried with the “includes/usercp_register.php” continue to give me an error when i try to go do a test registration. this is what im getting: Parse error: syntax error, unexpected ‘>’ in /mnt/w0602/d09/s48/b02c4332/www/mineralareamusic.com/forum/includes/usercp_register.php on line 278
I’ve seen some other people on the forum having the same or similar problems but i havent really found the answer to how to fix it.
thanks a load in advance.
Scott
Hey,
Thanks a lot for this just installed it there, hopefully will stop all these damn annoying registrations!
Cheers
Mark
woops, the software parsed the MOD script so it is not displaying correctly. You might as well delete it…
You could use this link for the MOD script.
Nightrider, Thanks for implementing this as a mod (and for giving the credit)!
Ironically, the spam filter of this blog suspected that your first post is a spam and asked me to manually approve it.
Well, I stumbled on this post looking for a way around the bots. I know this is an older post, but seems like a much easier fix than the rest. I’ll try it, and let you all know how it worked on my forum. One question, does this code have to be added to ALL the templates? I have several besides the sub silver as default.
Thanks!
Hi Peggy,
The profile_add_body.tpl has to be modified in all templates. Let us know if it works well for you!
Would anyone be willing to help me install this MOD onto our site. I tried to follow the directions but i couldn’t even find the sercp_register.php doc.
Thanks so much
Would anyone be willing to help me install this MOD onto our site? I am not good at code issues etc? I tried to follow the directions, but i couldn’t even find the sercp_register.php doc. If anyone is willing to help out, please mail me at cinetarr@yahoo.com.
Thanks so much,
Lisa
Would anyone be willing to help me install this MOD onto our site? I am not good at code issues etc. I tried to follow the directions, but i couldn’t even find the sercp_register.php doc. If anyone is willing to help out, please mail me at cinetarr@yahoo.com.
Thanks so much,
Lisa
Hi,
Well, I can’t believe it, feel like I am dreaming, but, NO bots since I installed this! (Not any new members either, sure hope they can add!) Thank you SO much. This has saved me and others tons of work!
On the templates, I had recently over-rode the templates to just use sub-silver, so I am trying it without changing them all. It seems to be working, or do I still need to do it in order not to mess something else up?
Thank you, thank you, thank you!
Can new users uses other templates when they register? If the answer is yes — then you must do it for the other templates. The problem is that all other templates will not show the question to the user, and therefore they will be unable to register.
It’s great to hear that it is working for you!
Hmmm, good point. I’m not quite sure. When I go to the forum, and try registering as a new member, it shows sub-silver, and the question is there on the registration page. That is the page where they can choose another template, not after they register, so I am a little confused about that.
Thanks for your help, I was just about ready to shut the whole dang thing down!
Since I wasn’t sure, I went ahead and added that to all templates, to be on the safe side. Still no bots!
THanks again.
[...] Re: Stop (Most) Spam Bot Registrations on phpBB Another easy way to stop spam is to ask a simple question like "How much is 5+2?". I’ve written in my blog an explanation how to stop spam on phpbb forums. [...]
One old american man win in lotto 250 000 000$.
I want win money too!!!!!!!!!!a-a-a-a
Give me money!
…and Wordpress comment spam is another issue
Great Thanks! Hopefully this should work before I throw in the towl and sign up for Vbulletin
Just installed your changes and so far no spam registrations .
I dont suppose you could write a similar script that could be incorporated into guest posting ……..:)
i.e each guest posting would have to answer a maths question before thier comment was accepted
I think there is not a problem doing that in the same technique. Just add the math question to the comment form (in posting_body.tpl), and make sure it is displayed only for guest users (it will annoy the registered ones otherwise).
Then, validate it in posting.php.
This WORKS! Thank you sooooo much. I was getting sick of deleting sooo many bot entries.
Is there a way to put this onto the Posting.php page, to stop automated posts? My boards need to be non-registration required.
Please let me know how to do that.
Thanks!
Simple and effective. Thank you for sharing!
[...] How to Stop Spam On phpBB Forums · Nadav Samet’s Blog I am running several phpBB-based forums, and they all started receiving serious amounts of spam recently. It seems that the spammers are now able to break the captcha in the registration and even pass the e-mail activation. I found a very simple solution (tags: phpbb antispam howto) [...]
How do you access the template directory? I’m running phpBB 2.0.20
Thank you for the tip. I also added a language variable for the error message.
[...] in December I’ve posted about the technique I use to stop spam on phpBB forums. The following enhancement of this idea appeared today on xkcd webcomic [...]
thanks for this man, it is working superbly so far!
When I try and put the code in the usercp_register.php file, I get this message when I go to register:
Parse error: syntax error, unexpected ‘>’ in /home/thinkth1/public_html/forum/includes/usercp_register.php on line 271
I don’t get what’s going wrong with it. Do I just add in the code, or do I have to replace something with it?
In the code there were accidentally backticks: ‘. You have to change them to ‘
I’ll fix that.
I don’t understand what you mean by “backticks.” And if you fixed it already, it’s giving me the same error message as before.
I’m confused.
Hi Michael, I just fixed it now. Let me know if it works for you.
Works like a charm now. All I need to do now is wait and see if any spambots pop up.
Thank you so much for this!
I forgot to ask, but do you plan on altering this so it works with phpBB3 if in fact phpBB3 requires it? Or would the coding and such you have provided not need to change?
I have not tried phpBB3 yet, but when I’ll have to upgrade my forums I’ll come into that.
Can’t thank you enough for this solution. A custom question and answer is so superior to CAPTCHA for this application, I can hardly believe PHPBB hadn’t implemented it long ago. Why fool around with a n easily cracked technology when it would be impossible to circumvent a simple custom question (or set of revolving questions and answers) so long as each administrator implemented their own unique set.
Simply brilliant in it’s simplicity. Sure, if you’re the admin of an uber-popular board, a spammer might go to the effort of setting up special circumstances for your board, but these bots are only ‘useful’ if they can operate on thousands of sites. Certainly not practical with this scheme.
You have my thanks…
Exactly!
For best results, I recommend everyone to customize the question.
This post became quite popular and some spammers are already solving some basic arithmetic.
We should start asking about colors of fruits or something
If red riding hood wore a blue hood, what color hood would red riding hood be wearing?
They can solve math, let them work that out…:)
Wow, what a find! I got a link to this page via another forum. I was getting such a huge amount of junk on my forum that I was wondering whether to shut it down or not. Your coding seems to have solved it. Great! Thanks a lot, people like you on the net are worth gold… especially for a programming-amateur like me…
If you are interested in aviation, please do have a look on my site!
AWESOME! My friend saw this and she added to my forums and 2 days now and I haven’t had to delete any bots!!!
THANK YOU SOOOOOO MUCH!!!!
This is great… thanks. Only one thing, is there a way to hide the question when users are editing their profile? I guess the field will need to be there as a hidden field though.
Hey thank you very much! It installed properly, I hope I get don’t receive any spam in the future.
Thanks again.
Vic
>In includes/usercp_register.php, look around line 260, and add the condition that checks if the question was answered properly:
I installed this but when i checked it didn’t make any difference if I answered correctly or not, i was still able to register. Also, when do you start counting the lines, I noticed there are a few lines of introductory text in the usercp_register.php do you start at the top or after the introductory text?
I am counting lines from the beginning of the file. You probably didn’t add it in the right place. The first few lines of the second code snippet should already be in usercp_register.php. It should help you locate the right spot easily.
Thanks, I found it after finding the code snippet in the original code. Installed it and it works. And I know nothing about php or html.
Immeasurable Gratitude,
bob
Hi, I tried to use your code and have managed to muck it up. The first part worked fine but when i tried to insert the second code i ended up with the following error.
Parse error: parse error, unexpected ‘=’ in /includes/usercp_register.php on line 214
I have removed your code but the problem is still peristing. I have pasted my code that is giving the error below but have removed your code.
________________________________________________
else if ( $mode == ‘register’ )
{
if ( empty($username) || empty($new_password) || empty(irongron_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Fields_empty'];
}
}
this is where i inserted and removed your code from
if ($board_config['enable_confirm'] && $mode == ‘register’)
{
if (empty($HTTP_POST_VARS['confirm_id']))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Confirm_code_wrong'];
}
else
{
$confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
if (!preg_match(‘/^[A-Za-z0-9]+$/’, $confirm_id))
{
$confirm_id = ”;
}
$sql = ‘SELECT code
As the error indicates something about line 214, it might worth to look around there. Maybe you’ve accidentally changed that line as well?
Thanks for this, I’ve been deleting spam user registrations from my singer friend’s fan forum for months now and hopefully this will stop them getting through. I just changed the question to something only his real fans will know LOL !
It worked like a dream when I tested it so it will be interesting to see if the spambots can get round it.
I have another way how to get rid of automatic registrations. See here: PHPBB Anti Spam Bots
works quite fine, no disturbance yet. And is really easy to do.
Thanks very much. I instaled your alterations without problems and unwarranted posts stoped straight away. It’s been 72 clean hours now, I would have normally expected about 15 bad posts by now.
Thanks, your the coolest ! No more drugs crap on my site hopefully.
thanks!
hope it works
thank you nadav for a great mod you have! now we dont have spam bots in our forum
I think, that is interesting for all.
Hi all
i would like to get this mod working as i have a lot of youngsters on my forum and im getting a hell of a lot of spam most very unsuitable for kids.
but i get this error
Parse error: parse error, unexpected T_ELSE in /phpBB2/includes/usercp_register.php on line 208
not sure how to correct it as im new to php.
any help would be appreciated.
If i was already using the “i’m human mod” would i still need to adjust the usercp_register.php?
I put the origanal usercp_register.php back in went to register as a new member and the 5+2 quistion is there and i had no errors.
Thanks for the code…you’ve saved me daily headaches. You post is much appreciated by myself and all the other board administrators dealing with daily pornography and virus spam.
I just applied your measures to my new forum. Hopefully I’ll never see a spambot registering on my forum for a long time.
This information rocks! I was so impressed and it worked so well I was actually compelled to come back and post my thanks’. It’s been 4 days sense I incorporated these changes and I went from 3-8 spam accounts per day to……ZERO!!!
Thank you for posting this information!
Awesome !
I was thinking along the same lines but you saved me hours trawling through the code to find the bits I needed.
I’ve added a check for capitalisation for those who want to use words instead of number questions.
What colour is blood? *
else if ( $mode == 'register' )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '' : '' ) . $lang['Fields_empty'];
};
// -----------------------------------------------------------------------------------
// Insert code below
// -----------------------------------------------------------------------------------
//set humaniser
$answer = "";
if (isset($_POST['math_question'])) {
$answer = $_POST['math_question'];
$answer = strtolower($answer);
}// end if isset
if ($answer != 'red') {
$error = TRUE;
$error_msg .= (isset($error_msg) ? '' : '') . "Incorrect answer to the colour of blood question...";
}// end if $answer
// end humaniser
}
// -----------------------------------------------------------------------------------
//end insert
// -----------------------------------------------------------------------------------
if ($board_config['enable_confirm'] && $mode == 'register')
{
if (empty($HTTP_POST_VARS['confirm_id']))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '' : '' ) . $lang['Confirm_code_wrong'];
}
Nice one mate, I was thinking vaguely of doing something like this but you just saved me several hours, not one spam user since implementing it. Thanks!
Ok…it looks good so far! I tested it out and it won’t let registration go through unless you have the correct answer. Thank you….I was SOOOO tired of deleting spam users from my board!
Sweet.I am hoping that it will stop the spam-bots.It took like 2 months after changing the site’s url to a new one to show up on google and start getting hit again.I even banned the google bots ip trying to stop it…lol
Hoho. It’s like Christmas and Birthday all rolled into one. A simple and effective customisable solution. Thanks.
I got the question on the registration page but i can still register without answering it, what have i done wrong?
Hi Jim, Check carefully that you added the code in usercp_register.php without errors and in the right place.
Hi thanks for the reply. ive been looking at it and i just cannot get it right.
I get error on line 214.
This sounds so simple to do, If i add the code at line 260 the error is on 214 if i move the code up the error line moves.
Would someone be willing to help via MSN?
Hi Jim.
Send me your msn username and we can try to troubleshoot your errors.
I’ve gone two weeks totally bot free and it really does make it a pleasure to be Admining.
Just wanted to come back and tell you that I am still bot free, thanks to your mod!
I was like a lot of others, ready to shut it all down. I was spending more time deleting posts than I was on the forum itself!
Once again, thanks so much!
Hi Peggy,
I’m really happy that it is working for you! Let’s hope that from now on, spam will only appear in your forums as a receipe ingredient.
Nadav
Thanks! Hmmmm…wonder if I have a recipe using spam? Probably so!
That was funny, thanks, I needed the laugh!
thesamet….I love you as much as one man can love another without being gay.
Hi my msn name
jimbo204@hotmail.com
Thanks in advanve for any help you can give.
OK. I added you to msn and sent an invite.
Hi,
This sounds like a great solution, i did add the code at my test board, it does ask me the question at the register form but it doesn’t work. It doesn’t matter if i will fill in the box or leave it empty nor giving an wrong awnser. It will say it created a new account which needs to be activated after i press the register button. any Ideas??
Thank in adv..!!!!
Jim’s all up and running at his forum now so I’ll be willing to take a look at how you’ve configured yours.
Do you have Xfire or msn?
Hey arramus
So far so good on the forum, I have not had a spambot yet.
Want to thank you again for the help you gave me really appreciate it.
Hey, this is actually what I was looking for. Can’t wait to install it. Does it take a long time?? Our forum is new and I want to prevent spams before it gets too bad…
I have put in the code, but it doesn’t matter whether or not I answer the question at all!
The question appears, but I can leave it blank and it still allows me to register.
Is there anyone that would be able to help me? I’ve tried moving the code around, but I’ve only gotten errors or no change at all.
My e-mail is Overswarm@gmail.com
Hi, it worked immediatley on mine….believe me, it works! I was spending more time deleting spam bots than I was on the forum itself! I can’t believe the good fortune to run across this blog, and am still so thankful for it. I was ready to shut mine down.
I consider myself pretty good at PHP, just not figuring out the PHPBB system with all the .tpl files, etc. So the second part I got working fine, add a second conditional statement during the registration process. I can’t get the simple part to work.
So I went into the templates directory then into the subSilver directory since I have never messed with the templates, I only use the default. Opened profile_add_body.tpl and added the following…..
Oh..wait, n/m. Thought about it while doing this. It should be placed at the end, after the confirmation part. I was trying to put it immediately after the Username and it wasn’t showing up. Now it’s in there…let’s see how it works to control the spam now. Thanks for this!
12 days out and still holding strong….not a single spam registration!
This worked!
you have saved me minutes every day
Thanks
Hi,
I still have not managed to solve my problem, i have send my msn through the contact form but somehow i get the feeling it didn’t get delivered.
Can somebody help me, my msn:
rudolf_phpbb@hotmail.com
Thanks in adv!!
I wish I could help, but not really all that good at this. I did manage to install it on my forum, and everything is working great! Sounds like to me you may have put something in the wrong place, maybe missed it by a line or something? Hopefully someone can help you figure it out!
I run PPHPBB2 and have zero knowledge of PHP but managed to do this modification via my Cpanel controls on my server
The changes are simple and you don’t have confusing questions for people it just runs quietly hidden away and has stopped 100% of those bots logging in the use ICQ numbers always
the link to it is here http://www.burg.in/en/tutorials/php/phpantispam.html
Installed in 10 minutes !
I tried this mod and it did not work..
In essence added the line to the template file ( field shows A okay) does it matter where it is located on the form? I put it at the bottom just above the submit.
added it to uscercp_register.php.
In essence it never triggered
Not sure whether it is because i require user activation from admin?
Please advise as i am running a small closed forum and the bot registrations are driving me insane
Thanks
Thanks so much for posting this. We tried various methods on our developer board and nothing really worked until this one. Haven’t got a spam since!
Thanks again.
If spambot can read image (CAPTCHA) verification that is part of phpBB signup, it will be too easy for them to bypass this simple addition ?
They have to be programmed to solve it. If someone writes a program that solves it, then you can change to any other question, like “What color is the sky?” and so on.
Instead of writing a sophisticated program to solve all possible questions (I am willing to pay for it if anyone has it
), Spammers will just go to spam somewhere else, and will not focus on your forum.
Fantastic. Thanks so much for this….
Brilliant. Not a single spam registration in over 3 months.
I used this mod over the last 3 months and works well. However, this past week ran into a problem.
When I went to update my profile to change my avatar it comes back with “You have answered the mathmatical question incorrectly. ”
Has any one else incountered this problem?
Thanks,
Matt
You have to answer the question when you change your profile too. A small inconvience for getting rid of all the spam bots,
I do not see the question on the profile page???
It’s on my profile page, top section near the bottom…
Hi
I tried to implement this mod but when I try to register and hit ’submit’, it comes back with the error:
“You must fill in the required fields.”
And the email field remains filled with the address. I had a look through all of these other posts and couldn’t find an answer. Can anyone help, I’m desperate to get this mod put in.
Colin
Strange?
It does not show up on the profile update page anywhere. When changing email, avatar, etc. I get the message Incorrect answer to the math question.
New register works fine however.
Any ideas ???
It’s been 5 days with no new spammers on mine!
Wow very good. This worked. Only I did other numbers and named them out. I had a real person test it out and he got in. So it works but bots can’t get in now.
A very big thank you!
-Raymond Day
Amerikanische Firma „ACG Logistics“ sucht nach Mitarbeiter in Europa fuer die Arbeit im Logistikbereich. Interessanter Job mit guter Verdienstmoeglichkeit.
[b]Schicken Sie bitte Ihre Bewerbung an info@acglogistics.biz[/b]
Thanks for this. I am beyond appreciative for this effort and am so lucky to have found this today.
I had a hard time figuring out how to modify the includes/… file but once I figured that out, it seems to be working perfectly. I deleted over 250 fake registrants in the past several days – over the past year and a half I can’t even imagine the hours I’ve spent deleting them all.
Death to spammers.
D
Thanks so much!! This is just fantastic and saves me a lot of crap!! Again thanks.
WxWitch
Thanks alot, I really appreciate it.
Excellent script thank you! Included it and tested it without any problems. Have been hit by spam users ever since I set the forum up and was getting in excess of 20 ‘new’ members a day! So far I haven’t had any spammers since I integrated your script!
Hi,
I can’t edit the profile section either. It reports that the maths question aint answered but I don’t see it anywhere on the profile page.
The rest of the soloution is working superbly
Anyone have any ideas about the profile section?
I’m in the same boat with the profile issue – if you submit changes to your profile an error comes up saying you haven’t answered the question, even though the question isn’t displayed anywhere!
Anyone know how to either disable the spam filter on the profile page or make the question appear on the profile page?
Thank you very much. my forums are @ http://www.secfootballblogger.com/forums/ . Now I do not have to worry about spam and porn on my forums. this idea was simply genius. Thank again.
This approach saved my Forum. I was getting so many spambot members that I spend most of my time deleting them. Since I added this question, no spambot members. Thanks!!!!!
hi, i have php nuke in my site and , i was looking for an antispam , i and i came here, when i read , the aritmetic question , y said “is a good idea” but , what if we insert a picture or any letter with a diferent color , o think the spam have no eyes to see the color o the picture, example ¨WHAT COLOR IS THIS(color text)? or WHAT DO YOU SEE IN THE PICTURE(PICTURE)?
do you think is a good idea?
sorry about my english
Well, this is great stopper for email registrations, but I am still getting about 5 postings/day from the spammers.
How do I stop them from making comments if they are not registrered? They have a name, but are listed as a guest.
I seem to missing a (“radio”) button somewhere that allows comments with or without registration. Or else they are bypassing a checkpoint somehow.
Thanks for your help!
Pacific
I am trying this out on my Safety Forum, (BrassardSecurity.com)
Thank you for the post!
I’ll let you know how it works out for me.
Ken
Twenty-four hours now and not one spam post or account.
Seems to work GREAT !!!
Thanks !!!!!!!!!!!
Ken
I have been reading up on several ways to prevent spambots from spamming web forms. I came up with a simple technique that doesn’t use image validation but simple number validation. Each time a user enters my form, I generate a unique ID and a 5-7 digit number code. I save this unique ID to a database and its associated number code. When the form is submitted, if hidden field unique ID is the same and number code that you typed is correct then it submits the info and deletes the record, otherwise it will assume spam and not submit info. Again, it can be broken but that come into how complex I display the 5-7 digit code.
ATK Contact Form is an example. So far it has worked!
ATK Solutions
Samet, you totally rock. Bless your heart. We’ve held up launching our smoking cessation support website because of the spambot issue.
Tried changing the folder from “forum” to something else. That failed, of course. Found a photo verification MOD on both phpBB and phpBBhacks web sites. Tried to implement it, but could not find where to place some of the code and questions on both forums went unanswered (’cause nobody knew the answer?). Neither my wife or I know php and were feeling quite frustrated and generally PO’d at the so-called experts.
Tonight she found this blog and our site is ready to launch. Took about 10 minutes to make the changes and test them out. You know, the simplest solutions are the most elusive.
I really like Varmint’s idea of using an all word question and answer, too.
Bless your heart, Samet. Thank you very much.
Shevlin Ryan
Co-Owner/Co-Adminstrator
Wholistiquit.com
How do I access the templates you mentioned? I use phpbb1
Hi, Dee. I just dropped by to add more praises and saw your post. I hope you haven’t given up and are still checking for answers.
Download the 2 files and use Notepad or any other TEXT editor to make the edits. I use Notepad++, a freeware program.
It’s now 11 days and not one spambot registration. A friend registered and it went smooth & easy.
I’m totally sold on this.
Shevie
Hi,
I run an automobile forum using phpBB. Spamming was off the hook. Around 20 registration per day and nasty posts. Looked for solution for ever on google. with no luck i tried this myself and reduced spamming 99 % for phpBB. Adding to what Mike at the top does this solution has few more steps. Check it out at http://appleicase.com/board.htm
Cheers
You are the man!
I just started my forum a week ago and got hit right away.
Your fix works like a charm and very easy to do!
I’m definately going to give you some link love.
How did you get it to work for your blog comments?
I run my own wordpress blog. Check it out!
Thanks
Where in the profile_add_body.tpl file do I insert the paragraph:
”
How much is 5+2 *
”
And WHY hasn’t any of the other hundred people here asked this question already? It should be the most obvious and fundamental question that should have been asked first. Shouldn’t you tell someone WHERE they should insert something in a file?
Thanks,
W
http://www.happierabroad.com
Where in the profile_add_body.tpl file do I insert the paragraph:
How much is 5+2 *
And WHY hasn’t any of the other hundred people here asked this question already? It should be the most obvious and fundamental question that should have been asked first. Shouldn’t you tell someone WHERE they should insert something in a file?
Thanks,
W
http://www.happierabroad.com
Put it around line 60.
Here is the code around that area from MY site, to help you locate where to put it in YOUR site.
Hope this helps.
Ken
{L_NEW_PASSWORD}: *
{L_PASSWORD_IF_CHANGED}
{L_CONFIRM_PASSWORD}: *
{L_PASSWORD_CONFIRM_IF_CHANGED}
How much is 5+2 *
{L_CONFIRM_CODE_IMPAIRED}{CONFIRM_IMG}
{L_CONFIRM_CODE}: * {L_CONFIRM_CODE_EXPLAIN}
Sorry, but the code got taken out in my earlier post.
Again, around Line 60 you should see where it goes then test the page to see ifm it’s where you want it.
You put it where you desire the question to show up. In my case, I wanted it to be just before code for the CAPTCHA visual confirmation box.
It is inserted directly above:
which about line 58, or so.
You can see what it looks like at http://wholistiquit.com/forum/
Shevie
Apparently I can’t just copy code to these comments.
It goes in directly above two comment lines that mark the beginning of the CAPTCHA code. One says “Visual Confirmation”, the next one says “BEGIN switch_confirm”. That will place the question on top of the CAPTCHA box.
I also changed the numbers just in case some smart-a$$ed spammer reads this thread and thinks to get around it. You can make the question anything you want, you just have to make the accommodation for the right response in the includes/usercp_register.php file.
Shevie
Ok I finally got it to work. I think it’s better to put the “how much is 5+2″ question at the top of the registration page though, right above the “Username” field, rather than the bottom, so that human users will be likely to see it and not skip it.
One more question. If I wanted to let the system accept both “7″ and “seven” as the correct answer, how would I do that? In the second code, would I put — = ‘7′ or ’seven’ — ?
And if I wanted to change the question to something else, how would I do that exactly?
Thanks,
WuMaster
http://www.happierabroad.com
You should be able to OR in another response for ’seven’.
OK, one more try at posting code here.
if (!isset($_POST['math_question']) || $_POST['math_question'] != '7' || $_POST['math_question'] != 'seven')Ah, so that’s how it’s done
Actually, you probably meant:
if (!isset($_POST['math_question']) || ($_POST['math_question'] != '7' && $_POST['math_question'] != 'seven'))(as the condition you suggested will always evaluate to True)
Oops. Yep. Boolean bites me from time to time.
Thanks.
I can’t seem to make mine to work. Even when I typed in the wrong answer I managed to register. The second part of the code I inserted in line 260 exactly of usercrp register php. Am I doing the right thing? I swear a few days ago I tested it and it worked. It refused to register and said I had given the wrong code. But I was still getting the usual spambots so I decided to test again and found out it is not working anymore.
It’s me again. I just tried to register without answering the maths question and managed to register even though there is an asterisk to say the field must be filled. Obviously I am not doing something right here. When I checked into Admin index I could see about 50 guests online all of the same IP address!!! Guests are not allowed to read or post but I can stil see them in my admin index as being online browsing my forum. Can someone please enlighten me on this?
Hi, Dee. I just checked mine and I must put the right answer in or I get an error. A wrong answer or no answer will fault the registration process. Something must have changed. Did you add any mods or upgrades or restore from a backup?
Yes I recently updated from 2.0.21 to 2.0.23
Since the question is apparently showing as it should, then I’d look at the includes/usercp_register.php file to see if that file’s part in this was mod’d correctly. That’s where the user input is taken and processed.
I’m sorry to tell you but this doesn’t really work anymore
The spam seem to be too advanced or something. On my forum i added the above script (tested n working) while i already had visual & email verification enabled for the registration process.
Those god damned spambots kept registering and posting in the usual rates! :/
Btw those rates have been very highly increased since a month or something ago. I have an average of around 50 new registrations per day!!!!!!!!!! Fortunately not all of the spambots post, cause in that case i would be f**k*d!
So… any more help?;P
I have had one bogus registration since I installed this the end of January this year. Before that I was getting an average of about 5 per day.
You can change the formula and answer, which is what I did, or you can require a text answer to the formula, or you can really mix it up as Varmint suggested (If red riding hood wore a blue hood, what color hood would red riding hood be wearing?).
What I’d really like to see is a box where the applicant must fill out why they desire to join my site and that information sent in the registration request e-mail I receive. Unfortunately, I haven’t seen a mod that will do that.
so what u suggest is that i change the question? ok, i’ll try that and may god help me ;P
I had suggested something like “If you are in Denver, what state are you in?”, but then it occurred to me that there are many who may not know the answer, even people here in the US (maybe even in Colorado). And, of course, there is the spelling issue.
That’s what’s nice about Varmint’s suggestion, the correct answer is in the question. However, a slick programmer could code an intelligent enough program to extract it.
There is a suggestion on another board to reject any registrations that are submitted if the selected time zone is GMT – 12 because that is the middle of an ocean where nobody lives. The explanation says that bots tend to take the first selection in a drop-down and that is the first time zone selection. Easy enough for another slick programmer to get around, though.
Maybe something like “What is this rock we are on? Has h in it.” Answer, of course, is earth. I do believe that would be hard to anticipate and code for.
This is awesome, dOOd THANKX a Zillion! installed
like butta….now we shall see the final test, NO FLIPPIN BOTS signing up….
Much <3
This worked beautifully (ran for a month) until yesterday and today. Looks like I need to rotate the math question or change it to text form like this blog (t w o + f o u r) and make the answer in text form (six). That should stop them for a while!
Thanks!! I have a friend who runs a forum for a band and she was overcome by spammers. As the forum is run off of my website, I used the code and it works great
I did the math in text form, as suggested by the later posts. Thanks again!!
Sweet This worked ALMOST perfect… Had to rearrange where you put it and remove some things, but it works perfect.
This would be great for my website, as our members are becoming very offended. Is there anyway you could give me instructions on how to implement this into a phpNuke site?
Rab
PS I am willing to beg if needed
I have been using this fix on my forum for quite a while now, and it’s worked great, thanks! Recently I had some bots starting to come back, I just changed the question and answer, works wonderful, thanks so much again!
This is a great idea for the Registration, but I have bots that post on my forum that bypass the registration process.
I have the setting “do not allow postings without registration” checked, (no anonymous postings)
Did you double check all of your categories to make sure they all were set to “do not allow postings without registration” ? I know I had missed a few, and that is how some bots on my forum were posting without registering.
Help!!!! I updated the profile_ad… file no problem, i figured out where i wanted the question to go and bang it was great.
Now onto the second part of this mod.the usercp_… part
as soon as i added the script into like 260 and uploaded back to my server it went coocoo.
Now when i open my regi-page its all the code, and i dunno what to do now,
i have undo done the changes and reuploaded the file, but still it has the same damn issuse.
HEEEEEEEEEEEEEEELLLP
thanks.
okay so i found out i needed a php editor.
so now here is the next issue
Parse error: syntax error, unexpected T_ELSE in /mnt/w0301/d12/s14/b02d048b/www/twistedmuscle/twistedmuscle/forum/includes/usercp_register.php on line 260
now can someone help me
Sounds like you pasted it incorrectly because php has found an else statement where it wasn’t expecting one.
This was the part you should have pasted in, (make sure you didn’t overwrite a curly brace “}”
if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘’ : ”) . "Incorrect answer to the mathematical question…";
}
}
Thanks Cody
I just tried what u said and still no luck here is the next error
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /mnt/w0301/d12/s14/b02d048b/www/twistedmuscle/twistedmuscle/forum/includes/usercp_register.php on line 287
if u have MSN ADD me on it
shawnfernandez@hotmail.com
that could be alot faster than this.
The T_CONSTANT_ENCAPSED_STRING error is again because php is getting an instruction where it is not expecting one. It’s caused by a syntax error in the code so you need to check the code immediately before the point of the error.
That error frequently occurs when you miss out a semi colon ;
The semi colon tells php that it has reached the end of an instruction and the following code should be treated as a new one.
If you paste the code here that surrounds the error it will help us find it for you.
if ( isset($HTTP_POST_VARS['submit']) )
{
include($phpbb_root_path . ‘includes/usercp_avatar.’.$phpEx);
// session id check
if ($sid == ” || $sid != $userdata['session_id'])
{
$error = true;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Session_invalid'];
}
$passwd_sql = ”;
if ( $mode == ‘editprofile’ )
{
if ( $user_id != $userdata['user_id'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Wrong_Profile'];
}
}
else if ( $mode == ‘register’ )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Fields_empty'];
}
}
if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘’ : ”) . “Incorrect answer to the mathematical question…”;
}
}
if ($board_config['enable_confirm'] && $mode == ‘register’)
{
if (empty($HTTP_POST_VARS['confirm_id']))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Confirm_code_wrong'];
}
else
{ This line is 295
The following code is wrong Chevy;
$error_msg .= ( ( isset($error_msg) ) ? '' : '' ) . $lang['Fields_empty'];
}
}
It should be;
$error_msg .= ( ( isset($error_msg) ) ? " : " ) . $lang
[‘Fields_empty’];
};
thanks Cody
But it still hasnt changed it at all.
im about to lose it. LOL
anymore suggestions
Click on my name above to go to my website; contact me via the form on the contact page; I’ll send you my email address and then you can send me the whole file.
I hate spammers, and can’t wait to install some scripts to get rid of them. The online pharmacy industry, porn, and ring tones are the most common kind of spam I have been getting. It used to be really bad on my blog before I installed askimet, now I am about to try some similar methods, (perhaps the one you mentioned) to get rid of spamming on my forum.
I have a great banlist here:
World’s Greatest phpBB Banlist
I’ve personally banned hundreds and hundreds of IPs that generated spam on my phpBB forum. Just copy and paste it into your banlist, and cut the spam by 90% (according to a few people that told me of the results they had from doing it).
Chances that any of these IPs are dynamic or are used by someone who is legit, are about the same as winning the lottery.
I don’t use captcha or email verification (both of which are useless for stopping spam, and only annoy real users), and I am down to one spam per week on my main forum!
Note: A couple hundred of the IPs on the list came from other forum-masters who gave their banlists to me and in one case, a list of spam-generating IPs were captured in a sort of spider-trap forum designed to trick spammers into posting there. I just don’t want to take credit for the whole thing.
Hello everyone,
First step is great but second step results in:
Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING in /var/www/html/phpbb/includes/usercp_register.php on line 279
Line 279 is the following:
if ($board_config['enable_confirm'] && $mode == ‘register’)
Please help
Thanks in advance
the code:
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Fields_empty'];
};
if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘’ : ”) . “Incorrect answer to the mathematical question…”;
}
}
if ($board_config['enable_confirm'] && $mode == ‘register’)
{
if (empty($HTTP_POST_VARS['confirm_id']))
{
$error = TRUE;
I applied the spam list in batches of 500 or 600 as the server took over 30 seconds to accept higher numbers than that.
There are about 5000 IP address in that list. Thank you for offering it.
However, it didn’t seem to put a dint in the spam I receive. Spammers are making comments withuot signing up as a member, I have the setting set to ‘members only’ can make a comment.
hey ive installed the script just like you said but all i seem to get is a blank page when i click my link to register. any idea why?
cheers
Anyone get this error?
Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/crivals/public_html/smacktalk/includes/usercp_register.php on line 283
I updated to phpBB 3.0.2 and now can’t do this because it don’t have a usercp_register.php in it.
I thought the update my have somthing like this all ready. But after a long time I am getting spam on my phpBB board again now.
Is there something like this for phpBB 3.0.2 ?
-Raymond Day
This MOD is great. No registrations from bots since…. THANKS!!!
3.0.2 does have a built in checker. Got to:
Administration Control Panel
Then the “General” tab at the top.
On the left side under “BOARD CONFIGURATION” click on “Visual confirmation settings”
Make sure the Enable visual confirmation for registrations and guest postings are clicked on to “Enabled” and save.
I did this a wile ago and have got no spam yet.
-Raymond Day
3.0.2 does have captcha as already established it doesnt work! hence this series of posts. Or am i wrong. I have had visual confirmation enabled since i first start my forum and now i get around 30 or more spammers registering every day! Is it possible to use this is php3.0 ? as i am getting pretty cheesed off with these numpties.
i have put the first part of the fix in and it works however i’m having problems getting the second part working. i saved a copy of the “includes/usercp_register.php” as “includes/usercp_registerold.php” so that i always have the original code to go back to but all the things i’ve tried with the “includes/usercp_register.php” continue to give me an error when i try to go do a test registration. this is what im getting: Parse error: syntax error, unexpected ‘>’ in /mnt/w0602/d09/s48/b02c4332/www/mineralareamusic.com/forum/includes/usercp_register.php on line 278
I’ve seen some other people on the forum having the same or similar problems but i havent really found the answer to how to fix it.
thanks a load in advance.
Scott
I’m also getting the ” Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING”
Here is the code:
else if ( $mode == ‘register’ )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ” : ” ) . $lang['Fields_empty'];
};
if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘’ : ”) . “Incorrect answer to the mathematical question…”;
}
}
I used this link” from nightrider above and it worked.
Hello,
I could use this helpful tool, but…
I’m using mxpublisher style, phpbb 3.0.3 and I have the “includes” directory, but no usercp_register.php. I don’t have the templates directory, but have the styles directory, but I don’t see the profile_add_body.tpl anywhere in there.
any clues?
also, as instructed in the mod, I looked at http://www.phpbb.com/mods/ and don’t find and hit searching on “math question during registration”
any help appreciated, thanks.
I would love to have this tool – thanks – but…
I have phpbb 3.0.3, and using mxpublisher style. I have the “includes” directory, but no usercp_register.php. I see no “templates” directory, but have the “styles” directory with mxpublisher (and others), but no profile_add_body.tpl to be found.
any clues?
Incidentally, I followed the instuctions in the mod to “Please Check: http://www.phpbb.com/mods/ for the latest version of this MOD.” but do not find “Math Question During Registration” mod there.
Any help appreciated!