Simple Machines Community Forum

[Link to the mod](https://custom.simplemachines.org/index.php?mod=4311)

# Stop Forum Spam
### Description
This customization adds support for detecting spam by using the [Stop Forum Spam](https://www.stopforumspam.com/) API.

### SMF Version support
This supports SMF 2.0.x and 2.1.x

### Sections checked
On registration this can check the following fields:
- Username
- Email Address
- IP Address

On Posts this can check the following fields
- Username
- Email Address
- IP Address

On Search this can check:
- IP Address

On Report(ing) posts this can check:
- Email
- IP Address

This can also check custom forms by specifying the id of the field in a comma separated list into the extra fields options.

### Setup
Out of the box this has a default configuration of checking only usernames.  Additionally the confidence level for username can be adjusted.

This can also block TOR as reported to the Stop Forum Spam database.

The Verification Options section controls on which controls we are enforcing these checks again.

### Compatibility
This has some setting compatibility with the original Stop Forum Spam as I was using it when I developed this.  The biggest difference is this supports SMF 2.1 and does not use any edits.  This version includes logging, bulk checks and the ability to check non standard SMF verification fields.

I've just noticed four packages with the same name but with different extensions and size, I think it could be confusing.

sfs_packages.jpg

Sorry thats a bug with the customize site.  I've fixed it manually.

Quote from: SleePy on March 21, 2022, 12:11:09 AMThis customization adds support for detecting spam by using the Stop Forum Spam API.

I don't see an option to add my API#. Do we not need that anymore?

I really liked the ability to check each member individually in the 2.0 version! Any chance to bring that back, I mean add it to the 2.1 version?

Thanks,
Shades 8)

You only need a API key to add submissions, not query them.

I didn't need the ability to check each member, but it could be done.

I like that mod!

But I also miss the ability to check and report members in the member list.
I had that built in the old mod, but the function to check multiple members I failed for 2,1,x.
Maybe you can implement that.

I have installed the mod for SMF 2.0.19. Unfortunately it does not work. It installs without error messages, but the settings are missing.
The log_sfs table was created.
In the package-info.xml is that:
<require-file name="StopForumSpam.php" destination="$sourcedir" />However, the file StopForumSpam.php does not exist in the package.

I forgot to reset 2.0 after I renamed the files.  I'm working on the ability to submit and view from the profile.  I ran out of time to finish up testing, but should have something soon.  Can been seen here: https://github.com/jdarwood007/smfmod_sfs

I have installed the version 1.1 for SMF 2.0.19
The installation works, but when it redirects to the settings page after installation I get a white screen and this error:
Parse error: syntax error, unexpected ':', expecting ';' or '{' in /var/www/vhosts/sntest01.schreibs.net/httpdocs/Sources/SFS.php on line 46

What version of PHP do you have?

Unfortunately an old
5.5.38

I thought that 2.0.19 had a minimum version of 5.6 anyway.....

Quote from: Kindred on March 29, 2022, 08:34:23 AMI thought that 2.0.19 had a minimum version of 5.6 anyway.....

According to the requirements page, 2.0.19 can run on a php version starting from 5.3.

https://download.simplemachines.org/requirements.php

Quote from: Matthias on March 29, 2022, 06:53:02 AMUnfortunately an old
5.5.38

I have not seen the code for this mod, but from the error message you are getting it looks like it does not support the php version that you are using.

A bit off topic, but may I ask why you are running such an older version of php? It contains many security issues, not to mention the bugs.

On the server I can no longer update the PHP version. I need a new server.
Until now everything has always worked, so I said to myself, I'll do sometime...

Return type declarations were introduced in PHP 7, so the error is indeed due to an old version of PHP.

Yea, I have return types in here and a few other PHP 7 features.  I would recommend upgrading to at least 7.1.  SMF 2.0 will work all the way up to 7.4.

Under Profile>Track Stop Forum Spam "IP Address" is showing twice...

sfs.png

Technically no.  There is ip_address and ip_address2 (proxy check ip).  I can in a future update maybe have it show the IP in parenthesis.

SMF 2.0.19; Mod Version 1.1

Here's what I noticed:
There is an input field, but no description of what the field is for.

(https://up.picr.de/43540170jo.jpg)

Quote from: Matthias on May 04, 2022, 07:15:00 AMThere is an input field, but no description of what the field is for.

Good catch! I have the same in 2.1.1! ???

All fixed up.  It was a rename of things due to a complex SMF bug that won't be fixed in 2.1..

OK so I am running httpBL (but thats becoming problematic so I have been looking for alternatives especially for when I upgrade to 2.1)

Is anyone running this succesfully with demonstrated results on 2.0.19?
If so I may install this on the existing forum. 

Is this mod (v1.2) also compatible with SMF 2.1.2?

I am not aware of any compatibility issues.

Hi, Really appreciating this Mod, on the whole it works great.

However, I recently had a person want to use the username Jason and it wouldn't let him.

It led me to realise I didn't understand this setting:

(https://www.simplemachines.org/community/proxy.php?request=http%3A%2F%2Fmetaltype.co.uk%2Fforum22%2Fsfs.png&hash=32eb88469e9c990263d6ba675de6ae25f630ead3)

I've now disabled the check username option to allow him to use the board.

Would changing that number do anything?

Would checking the box further down in the settings that says ignore wildcard username checks be a better option than disabling username checks?

Sorry to ramble on a bit, just wondering what the best option is.

?? ??

You can set reserved names in the core software. Separate from this mod

https://www.stopforumspam.com/search?q=Jason

You can see that "Jason" has been reported many times.  The Confidence level is returned by the API for how much it believes "Jason" is likely a spammer.  I realize that the Stop Forum web site doesn't show the confidence level, only the API.

http://api.stopforumspam.org/api?username=Jason&json

You can see by the API test, it is reporting it as 72.73 right now.  You can set it to 75 right now and it would let Jason through.  If you notice more spammers are getting through using more common spammer names, you can lower the threshold.

If you check the ignore wildcard usernames, it sends to the API to do exact match for "Jason", but it doesn't seem to change anything here.

If you are wondering more about data that is received by the mod, you can enable the debugging of SFS requests, to see all the data as returned by the API.  This is not really meant to run in production, but can help answer questions about the data being received.
Screen Shot 2022-05-17 at 6.56.32 PM.png

Thanks for the prompt reply. Changed setting to 75, everything OK for now.
Thanks

Is not the default setting for the box labeled 'Check Username?' set to unchecked?

And if so, wouldn't it let anyone's names through provided the other criteria aren't met?

And lastly, do you recommend leaving the box unchecked?

Its not checked by default.  As seen, it can produce false positives.  But if you are getting hit hard, it may be worth trying to enable it and see if it helps curve spammers.  You may want to disable the wildcard matching as I indicated, it will match any name on partials.

Thanks SleePy.  :)

For SMF 2.0 this mod cannot be uninstalled because of an error in the package file 'sfs_hooks_remove.php' - there is a comma missing at the end of the second last hook name.

The only way I could uninstall the mod was to delete the previous package file from the './Packages' directory/folder and upload a new package file that contains a fixed version of 'sfs_hooks_remove.php'.

Find:
    'integrate_manage_logs' => 'SFSA::hook_manage_logs'
Replace with
    'integrate_manage_logs' => 'SFSA::hook_manage_logs',

All fixed up in v1.3  Fixed a issue with the tracking page as well not showing details like it was supposed to and a undefined index issue on logs.

Right after I install this mod I got this error:
Parse error: syntax error, unexpected ':', expecting ';' or '{' in /home/me/forum/Sources/SFS.php on line 46How do I fix this, or how do I uninstall this mod manually? Can't find install guide anywhere.

2.0.19, PHP 7.3.27.

Quote from: Мel on June 24, 2022, 01:28:26 PMRight after I install this mod I got this error:

Code Select Expand

Parse error: syntax error, unexpected ':', expecting ';' or '{' in /home/me/forum/Sources/SFS.php on line 46How do I fix this, or how do I uninstall this mod manually? Can't find install guide anywhere.

2.0.19, PHP 7.3.27.

A mod broke my forum (https://wiki.simplemachines.org/smf/A_mod_broke_my_forum)

Also, can you bump up your PHP any higher than 7.3.x?

Quote from: Doug Heffernan on June 24, 2022, 01:47:40 PM

Quote from: Мel on June 24, 2022, 01:28:26 PMRight after I install this mod I got this error:

Code Select Expand

Parse error: syntax error, unexpected ':', expecting ';' or '{' in /home/me/forum/Sources/SFS.php on line 46How do I fix this, or how do I uninstall this mod manually? Can't find install guide anywhere.

2.0.19, PHP 7.3.27.

A mod broke my forum (https://wiki.simplemachines.org/smf/A_mod_broke_my_forum)

Somehow it's not fixing the issue, tried it several times.

Quote from: Steve on June 24, 2022, 01:57:54 PMAlso, can you bump up your PHP any higher than 7.3.x?

I can ask my hosting provider. Should it work?

I don't know that it has anything to do with it but you're on a deprecated version.

Likely the mod requires 7.4 for its new features. Can't confirm as on mobile but the error is suggestive to me.

I see.

Quote from: Steve on June 24, 2022, 01:57:54 PMAlso, can you bump up your PHP any higher than 7.3.x?

Good catch there @Steve. I missed that part about the php version.

Quote from: Мel on June 24, 2022, 02:58:47 PMI can ask my hosting provider. Should it work?

Do you have cPanel? Most cPanels allow for changing of php versions. And yes, that will work.

Well it would be erroring on the return type, but I thought return types where in 7.1

Return types are in 7.0, void and nullable came in 7.1, expansions to contravariant returns in 7.4.

But what I see now I can see the source... suggests a lack of the above user having PHP 7.0 at all.

Quote from: Doug Heffernan on June 24, 2022, 05:04:44 PMDo you have cPanel? Most cPanels allow for changing of php versions. And yes, that will work.

I do, but I'm not sure how to do so.

Piece of cake. Log in to your cPanel and then scroll to the 'Software' section. Click on the 'Multi-PHP Manager' and it's pretty self-explanatory from there.

Quote from: Steve on June 27, 2022, 03:11:44 PMPiece of cake. Log in to your cPanel and then scroll to the 'Software' section. Click on the 'Multi-PHP Manager' and it's pretty self-explanatory from there.

Thanks, seems easy. It's marked as "inherited" and it looks that I can up it to any version till 7.4. If I do that, is there any chance that the forum will crash or something else would happen?) Or is it smooth sailing?

No chance that I know of so it should be smooth sailing. There's always that dreadful minuscule chance something could go wrong so back everything up first.

Yeah, everything seems fine, yet there are some mistakes like
Call to a member function versionCheck() on nullI'll try to reinstall this mod a bit later.
Thanks.

Can't use admin panel with this error :(

Any advice please?

I could not reproduce the issue with 2.0.19 and PHP 7.4

You can delete all related intergrate_* from the settings table and it will remove all hooks that power the customization.  If other customizations are using the hook, you need to delete it carefully, its a comma delimited list.

Not quite got it. Maybe there is an installation manual for this mod, so I can backtrace all the changes and remove it?

I restored the backup, everything seems fine, thanks.

Perfect example of why everyone should do backups, backups, backups before installing any mod or making any other changes to your forum.  :)

Hi, any help how to fix?
Captura de pantalla 2022-09-12 165334.png

Quote from: XVenomX on September 12, 2022, 03:57:27 PMHi, any help how to fix?
Captura de pantalla 2022-09-12 165334.png

It looks like the language files have not been added. Uninstall it, and then re-install it again.

Agreed.  Looks like the language files did not deploy.  Your languages directory (/Themes/default/languages) needs to be writable.  You can check the StopForumSpam.english.php language file there.

Thanks  :)
For some reason the files were not extracted and the folder was writable so I did it manually, thanks a lot.

Running SMF 2.1.2, Installed version of this mod is 1.3.

I cannot find any options to either check a member or submit a member to the SFS database? We have an API key, and in the previous version of SMF, we could do the above.

Quote from: SulevFan on October 11, 2022, 06:17:06 PMRunning SMF 2.1.2, Installed version of this mod is 1.3.

I cannot find any options to either check a member or submit a member to the SFS database? We have an API key, and in the previous version of SMF, we could do the above.

Could someone perhaps at least screenshot the user Interface of how these actions are being done in the new version? Thanks? Little bit lost here.

Hi,

I'm unable to delete SFS log file entries with v1.3 and SMF 2.0.19. After clicking the Delete button, all entries are still there and nothing has been deleted.

Did you do a hard refresh on your browser?

Quote from: SulevFan on October 12, 2022, 02:34:11 PMCould someone perhaps at least screenshot the user Interface of how these actions are being done in the new version? Thanks? Little bit lost here.

It's under the users profile (see attachment)

SPS.PNG

Oh man, and there it is, plain as the nose on my face. Thank you.

Quote from: PeakFox on October 17, 2022, 11:39:53 AMHi,

I'm unable to delete SFS log file entries with v1.3 and SMF 2.0.19. After clicking the Delete button, all entries are still there and nothing has been deleted.

There is a safety function that retains the logs for 24 hours.  Anything older than 24 hours can be deleted
https://github.com/jdarwood007/smfmod_sfs/blob/63df68b38ecccc6cb432346713a8b3f434cc8911/SFS-Subs-Logs.php#L832
https://github.com/jdarwood007/smfmod_sfs/blob/63df68b38ecccc6cb432346713a8b3f434cc8911/SFS-Subs-Logs.php#L859

Quote from: SleePy on October 17, 2022, 07:04:30 PMThere is a safety function that retains the logs for 24 hours.  Anything older than 24 hours can be deleted

Aha I see, thanks. Just checked again and it worked after 24h.

Hi Sleepy
I added this info to your Github page but I am posting it here also in case others are interested in this also.

---

On my forum, I get assaulted by known spammers every day
This morning, there were 10 attempts to register that all had two or more spam data base hits

I would like to be able to set my registration parameters to not allow registering if the IP AND Email are in the spam data base.
There's no reason I would ever allow any of these attempts to become forum members

On my web site, I send IP's that are trying to abuse PHP scripts to a 404 page.
The attempts from that IP stop after that

User name is not important to me because the Name BOB is in the spam database, but if that user name is not taken, I would allow BOB to join the forum if his IP and Email were not in the spam data base.

My registration rule would be something like this
If the IP and Email are in the spam database, send the spammer to some other page
Maybe even report them so that the username gets tagged also in case that was not in the spam data base

Look at the screen shot from this mornings registration attempts

---

ForumSpammers.png

And here is the next morning - Spammers trying to register

Note that all of these would have been rejected except Michaelmot
But when I looked up the IP, it was in Russia
I would have manually rejected Michaelmot

If IP and Email are in the spam data base = reject registration

ForumSpammers2.png

Are you sure you're posting in the right thread? This looks like the 2.0 version here (https://custom.simplemachines.org/index.php?mod=1547)! ;)

Hi Shades
My forum is 2.0.19

Quote from: EL34 on January 06, 2023, 01:08:39 PMHi Shades
My forum is 2.0.19

Right but this mod doesn't have the options you posted in your screenshot as far as I know. That's why I posted the other link here (https://custom.simplemachines.org/index.php?mod=1547)! 8)

What options?

Sleepy said a while back that he may look into adding some options
I am just updating info so he can see this is really needed.

I haven't had time to look into this.  I've had personal things to attend to.  Its tracked so I can when I get time.

Waiting for update on this version for 2.1.3

Quote from: Sudhakar Arjunan on March 13, 2023, 02:20:00 PMWaiting for update on this version for 2.1.3

Why? It works just fine on my 2.1.3 ...

Quote from: Steve on March 13, 2023, 07:29:00 PM

Quote from: Sudhakar Arjunan on March 13, 2023, 02:20:00 PMWaiting for update on this version for 2.1.3

Why? It works just fine on my 2.1.3 ...

Oh you have upgraded with emulator or how did you get it worked after 2.1.3 upgrade.
I get install error after trying to install it using emulator for 2.1.3

Quote from: Sudhakar Arjunan on March 15, 2023, 04:45:12 PMI get install error after trying to install it using emulator for 2.1.3

You should not have to use Emulate to install this mod on 2.1.3!

1. What errors are you getting when you try to install?
2. What other mods do you have installed?

I've just installed Stop Forum Spam v1.4 on SMF 2.0.19. When I try to use the "Test SFS" function I get the error message "Unsupported operand types: array + null"

Hi,

Open $sources/SFS-Subs-Admin.php.php

Find:
// Parse all the responses out.
foreach ($this->context['sfs_checks'] as $key => &$res)
$res[0] += $response[$key][0];

Replace with:
// Parse all the responses out.
foreach ($this->context['sfs_checks'] as $key => &$res)
$res[0] += $response[$key][0] ?? [];


@SleePy - Is that something we should all do or is that tailored to a specific poster's problem?

You can do it.  Its fixing a issue where the data is returning null rather than an array and PHP is more strict about type handling, throwing a error about merging an array and null.  I have a update I was working on that I will release someday soonish that will include the fix. https://github.com/jdarwood007/smfmod_sfs/pull/16/commits/08fc46565e7bb35f3ce87c3d566a02308cfcf743

I believe that PHP 8.2+ complains, so if your on 8.1 or below, you shouldn't get the error.

There is a conflict between this mod and the Topic Participants mod. I posted about the problem here: https://www.simplemachines.org/community/index.php?msg=4159497 but found out that if I remove this mod and then add the Topic Participants one, the error I was getting goes away.

Just making you aware of it.

I'm not getting the error.

Your steps are to
1. Go to ACP > Error Log
2. Truncate Error Log
3. Navigate to Home

running smf 2.1.4 just uninstlled SFS 1.4 and tried to install 1.5.1 and it hoses the board.

during the install the screen changed to:

"This page isn't working right nowwww.brfff.com can't currently handle this request.
HTTP ERROR 500"


Help!

@SleePy, for reference regarding @woolly bugger's post: Installing mod hosed my board? (https://www.simplemachines.org/community/index.php?topic=586931.0)

I can't reproduce that.  I uninstalled the 1.4 and installed the 1.5.1 without any errors.

You can use repair_settings.php tool (on downloads page) to remove hooks.  Upon removal of hooks you can uninstall the mod and reinstall it.  You could also try fix_packages tool but it may not load if SMF isn't working.

Quote from: SleePy on September 11, 2023, 08:32:36 PMI can't reproduce that.  I uninstalled the 1.4 and installed the 1.5.1 without any errors.

You can use repair_settings.php tool (on downloads page) to remove hooks.  Upon removal of hooks you can uninstall the mod and reinstall it.  You could also try fix_packages tool but it may not load if SMF isn't working.

i think it was a PHP version problem -- up graded to 8.2 but now I see that the errors I was getting may need to downgrade to 8.1?? to eliminate errors.

What errors are you getting?
PHP 8.2 just complains a bit more about type juggling.  Mostly it shouldn't cause issues, just warnings.  SMF has been fixing issues regarding this.

ERROR messages after install,

Hook call: function "SFS::hook_pre_profile_areas" in file /home/XXXXX/public_html/forum could not be called.


mods instslled
mods9-23.jpg

I fixed it up in 1.5.2.

typos in SFS-Admin.php :

$config_vars = $this->getConfiguraiton();

$this->saveConfiguraiton($config_vars);

have errors this mod

PHP Parse error:  syntax error, unexpected 'array' (T_ARRAY), expecting variable (T_VARIABLE) in Sources/StopForumSpam.php on line 16

line 16:
private array $changedSettings = [];

Can you upgrade your PHP? The latest update seems to have introduced changes that break on older PHP.

Yes, the type hints are PHP 8.0.  You should upgrade your php to a supported release: https://www.php.net/supported-versions.php
Also note that 8.0 is also no longer getting security fixes in one month.  However some distros will backport security fixes still.

Your web hosting company just give instruction on how to update it, I just had to click on a button in my client area.

Any chance of you adding an option to disable the "logAction" part?

It's making me think there are actual forum errors, when it's just a block notice.

The logs in "SFS Logs" is more than enough for me.

Sorry, I meant "fatal_error".

An option to turn this :

fatal_error($this->txt('sfs_request_blocked'));
in to this :

fatal_error($this->txt('sfs_request_blocked'), false);

I've updated to 1.5.3 which fixes that.  if you applied that change, you don't need to upgrade.  Only other change was a typo correction.

Thanks!

This might be just a personal preference, but you may want to open links in a new window when clicking on the IP addresses in the SFS logs section.

I added 'target="_blank" to the links on lines 701, 702, 732, 734, 736 and it's working just fine.

Thanks again for all your hard work. This mod is working really well on my forum.

Or you just could 'ctrl + click' on the link ...

True, but that requires 2 extra steps - one to hold [CTRL] and another to click on the new tab to view it.

My method automatically brings the new tab in to view. Again, just a personal preference.

Middle click also works if you have a mouse with that (scroll wheel is sometimes middle click).

much errors have this mod:
PHP Parse error:  syntax error, unexpected 'array' (T_ARRAY), expecting variable (T_VARIABLE) in /Sources/StopForumSpam.php on line 16

line 16:
private array $changedSettings = [];

You are using a older version of PHP.  The error is related to a new feature in PHP 8.0 and higher.  Ask your host to move you to a PHP 8.0 or higher release.  Some hosts allow you to change this in your control panel as well.

PHP 8.2.x
SMF 2.1.4
SFS 1.5.3 (only 'Check Email? (Recommended)' is active; 'Checks Required' is at 'Email & IP Address')

This Mod generates permanently errors at the registration prozess:
Undefined array key "ip"Backtrace information see attach.

Another special error:
SFS Failed as no data was sent:https://api.stopforumspam.org/api?json¬orexit&expire=90Backtrace information see attach.
I think, the session was ended while the user write the post. And as he send the post, he was redirected to login, at which loosing sfs the data.

Looks like no data is being sent back.  Which is odd.  What is the IP address that registers the error?  It must be in a invalid format for the API to reject.

With setting 'Checks Required' at 'Any [Email or Username | IP] (Default)' i get no more
Undefined array key "ip" errors. Imho it's a mod bug.

The error
SFS Failed as no data was sent:https://api.stopforumspam.org/api?json¬orexit&expire=90occurred for the second time today.
The error occure, if the login session has expiried before the user has send the post.
With this, if the user submit the post, he will be redirected to the login page first and has to log in again before the post was send.
During this process SFS apparently loses the data.

Give me more error details.  File and line number also help.

What I'm seeing so far is the API is not responding.  The undefined ip could be a lots of things.  A users session timeout would not break the mod. It does not use any session data.  SMF however does do session checks of its own.

For more error details look the first attachment in #106.

Quote from: SleePy on December 16, 2023, 11:52:57 AMA users session timeout would not break the mod.

Yes, it does.

The user has logged in.
While the user writes the post, the session time expires.
Then, if the user sends the post, he was redirected to the login.
At that the mod loses the variables and/or their values.
Therefore the mod sends empty variables, what triggers the error.
I have reproduce the error several times now and that's exactly what happened.

I still can't reproduce this or get this error.

Using a test account, I got to make a post, I modified the HTML code with dev tools and changed the hidden session data being passed in the form (triggers a session failed check).  I got the SFS response that my post was blocked because it was found in the SFS database.  I checked the SFS logs, and saw it logged the data:
Username:test
Email:[email protected]
Ip:127.0.0.1
Ip:127.0.0.1

I checked the error logs, no errors were registered.  I even tested this as a guest, doing the same page manipulation on the registration page and getting the session timeout error.  No errors were logged.

There are no variables maintained in the session for this.  The mod will grab the IP from the $user_info['ip'] before sending it, which SMF has already set from QueryString.php logic to determine the REMOTE_ADDR.  The email for a registered user is passed from $user_info['email'].  Username also passes from $user_info['name'].  For guests, it handles it via the submitted $_POST data.  At no time is this mod using session data to handle the checks.  You can see the Code (https://github.com/search?q=repo%3Ajdarwood007%2Fsmfmod_sfs%20session&type=code) and the only session checks are for the logs and handling submission to SFS.  SMF 2.0 does modify the existing verification code to add in code calls for SFS, but 2.1 uses a Hook.

I'm not able to figure out where it comes from if you are seeing that.

What version of PHP do you have?
What version of SMF are you running?
What does your SFS settings page look like?  You can blur out the API key, I don't need that.  I need to see all the other settings, so I can configure my test environment to match and try to reproduce it.
What other mods are you running?

Look at the attached debug info, Member ist 'Guest', but Username and Email are empty, does that cause the error?
In StopForumSpam.php the code in line 255 grabs Username and Email from $_POST data. But there is no data because the user is no Guest, it's a member, and posting for guests is not allowed.
All Anti-Spam Verification options are set.

PHP 8.2.x
SMF 2.1.4
SFS 1.5.3

Do you have the setting enabled called 'Do not show the email field for guests' posts'? (ACP > Forum > Posts and Topic > Post Settings)  That setting allows email to not be submitted.

Digging into the code, SMF does seem to check the verification first, so that is fun.  It should be checking the basic things first before checking the verification stuff.  Looks like the best option is to move the hook.  Let me think about this.

In the short term, if you check IPs, the error would stop, it would only be checking IPs, but if they are not sending a username or email, it should fail anyways, just passes these checks otherwise.

The setting 'Do not show the email field for guests posts' isn't enabled.


If the User click "preview" the post, the error was logged in the SFS Log too. But in this cases ("preview"), the error was only logged in the SFS Log, not in the Forum SMF Logs.

Try this.
In StopForumSpam.php

Find:
$guestname = !isset($_POST['guestname']) ? '' : trim($_POST['guestname']);
$email = !isset($_POST['email']) ? '' : trim($_POST['email']);

Replace:
$guestname = !isset($_POST['guestname']) ? '' : trim(normalize_spaces(sanitize_chars($_POST['guestname'], 1, ' '), true, true, array('no_breaks' => true, 'replace_tabs' => true, 'collapse_hspace' => true)));
$email = !isset($_POST['email']) ? '' : trim($_POST['email']);

// SMF will take care of these if we are checking them.
if (!empty($this->modSettings['sfs_emailcheck']) && empty($modSettings['guest_post_no_email']) && empty($email))
return false;
else if (!empty($this->modSettings['sfs_usernamecheck']) && empty($guestname))
return false;

It should stop the API from being requested but depends on SMF processing its own checks to reject the submission for an empty username and empty email.

Another thing to note is these are most likely bots, as the UI has a required attribute on the email and username boxes, which should prevent the browser from accepting the post filling them in.

Hi Sleepy,

SMF has removed the ability to use wildcards in email address to ban accounts on registration in v2.1 like the follow as v2.0 used to do: *@*.*.someserver.net.

Does this mod allow you to do that? There are a lot of hackers/bots that are using this along with suspected email accounts. Am I missing something, or should I report this to Stop Forum Spam instead?

Quote from: SleePy on January 05, 2024, 07:11:28 PMTry this.

I will try this, thank you.

Quote from: SleePy on January 05, 2024, 07:11:28 PMAnother thing to note is these are most likely bots

I checked the IPs, all errors are caused by users.

Quote from: Skhilled on January 09, 2024, 08:24:17 PMHi Sleepy,

SMF has removed the ability to use wildcards in email address to ban accounts on registration in v2.1 like the follow as v2.0 used to do: *@*.*.someserver.net.

Does this mod allow you to do that? There are a lot of hackers/bots that are using this along with suspected email accounts. Am I missing something, or should I report this to Stop Forum Spam instead?

I wasn't aware of any change regarding that.  It may have been accidental with changes regarding alignment to RFC if we did anything.

This mod won't change anything in regards to that, it is checking the Stop Forum Spam (https://www.stopforumspam.com/) API.  So if the email is registered in that API, then it would stop it.  It can optionally even ban them to stop more attempts.

If you want to ban the wildcard usage, you can add a ban for that.  MySQL and PostgreSQL both use % and _ for wildcards, so you can use * safely in your ban.  SMF otherwise will do a lookup for email matching.

Try banning %@%.%.someserver.net  and it should work

It will not allow me to do it. I've tried on several SMF forums as well as one without any mods on it...only themes are on it. They all say, "Please enter an email address." This happens whether I use a "%, *, or _" with wildcards. And, StopForumSpam is only installed on the first site I mentioned, not any of the others. This was happening before I installed StopForumSpam. I installed it in hopes that it would help.

I'm having issues where this is triggering an error in the logs

Type of error: Undefined
2: Undefined array key "sfs_verOptionsMembers"
Seems to be happening when the user is registered and trying to send a pm

Quote from: Skhilled on January 16, 2024, 07:52:04 PMIt will not allow me to do it. I've tried on several SMF forums as well as one without any mods on it...only themes are on it. They all say, "Please enter an email address." This happens whether I use a "%, *, or _" with wildcards. And, StopForumSpam is only installed on the first site I mentioned, not any of the others. This was happening before I installed StopForumSpam. I installed it in hopes that it would help.

Use * as the wild card. *.*@gmail.com for example works.

Quote from: erich199 on January 19, 2024, 03:06:12 PMI'm having issues where this is triggering an error in the logs

Code Select Expand

Type of error: Undefined
2: Undefined array key "sfs_verOptionsMembers"
Seems to be happening when the user is registered and trying to send a pm

Do you have any options set for members?

Quote from: SleePy on January 05, 2024, 07:11:28 PMTry this.
In StopForumSpam.php

Find:

Code Select Expand

            $guestname = !isset($_POST['guestname']) ? '' : trim($_POST['guestname']);
            $email = !isset($_POST['email']) ? '' : trim($_POST['email']);

Replace:

Code Select Expand

            $guestname = !isset($_POST['guestname']) ? '' : trim(normalize_spaces(sanitize_chars($_POST['guestname'], 1, ' '), true, true, array('no_breaks' => true, 'replace_tabs' => true, 'collapse_hspace' => true)));
            $email = !isset($_POST['email']) ? '' : trim($_POST['email']);

            // SMF will take care of these if we are checking them.
            if (!empty($this->modSettings['sfs_emailcheck']) && empty($modSettings['guest_post_no_email']) && empty($email))
                return false;
            else if (!empty($this->modSettings['sfs_usernamecheck']) && empty($guestname))
                return false;

It should stop the API from being requested but depends on SMF processing its own checks to reject the submission for an empty username and empty email.

Another thing to note is these are most likely bots, as the UI has a required attribute on the email and username boxes, which should prevent the browser from accepting the post filling them in.

I changed the code 2 weeks ago, until now there where no new error messages about SFS in the SMF-Logs and no Debug entries in the SFS-Logs.
I'll report again in a few weeks.

Thanks for the update. https://github.com/jdarwood007/smfmod_sfs/commit/fcfedc9dfddc37fab8583b67b6ab32772557277e

I will get it in the package officially in a few days when I have time to do some last-minute checks for other things I need to update.

HELP!
I installed this mod & it crashed my site. I can't even get into the forums to uninstall it.
I just get a "This page isn't working - HTTP ERROR 500".
The installation didn't have any errors.
SMF: 2.0.19
PHP: 7.4.22
SFS: 1.5.4

I tried restoring the backup file: https://wiki.simplemachines.org/smf/A_mod_broke_my_forum.
But it didn't help. I still get the same error: "This page isn't working - HTTP ERROR 500".

Ask your host how to upgrade to PHP 8.0.

I would also recommend upgrading to SMF 2.1 when you can, but check your mod compatibility.  SMF 2.1 supports PHP 8.1 and higher.

Yes once installed on my fresh upgraded smf 2.1.4 the install page blanks out and completely cashes my Forum.

I've found ound out the the problems I were having was from Google's recaptcha and not StopForumSpam. Once I've disabled Google's recaptcha the problems went away. ;)

It may be possible that they are incompatible somehow???

Hi, I installed this mod, it works but I get a lot of errors like this:
2: Undefined array key "username"
/home/ddcrewne/public_html/forum/Sources/StopForumSpam.php (Linea 457)
Tipo di errore
Undefined_vars
Messaggio di errore
2: Undefined array key "username"
File
/home/ddcrewne/public_html/forum/Sources/StopForumSpam.php
Linea
457
URL della pagina che ha causato l'errore
https://dd-crew.net/forum/index.php?action=signup2
Informazioni di backtrace
#0: smf_error_handler()
Chiamata da /home/ddcrewne/public_html/forum/Sources/StopForumSpam.php nella linea 457
#1: sfsCheckMultiple()
Chiamata da /home/ddcrewne/public_html/forum/Sources/StopForumSpam.php nella linea 391
#2: sfsCheck()
Chiamata da /home/ddcrewne/public_html/forum/Sources/StopForumSpam.php nella linea 178
#3: checkRegisterRequest()
Chiamata da /home/ddcrewne/public_html/forum/Sources/StopForumSpam.php nella linea 146
#4: hook_register()
Chiamata da /home/ddcrewne/public_html/forum/Sources/Subs.php nella linea 5787
#5: call_integration_hook()
Chiamata da /home/ddcrewne/public_html/forum/Sources/Subs-Members.php nella linea 696
#6: registerMember()
Chiamata da /home/ddcrewne/public_html/forum/Sources/Register.php nella linea 531
#7: Register2()
Chiamata da /home/ddcrewne/public_html/forum/index.php nella linea 184
How can I solve it?

Thank you

@Lucarella,

Open the Sources/StopForumSpam.php

Find:
$test = call_user_func([$this, 'sfsCheck_' . $key], $response[$key], $area);
Replace:
$test = call_user_func([$this, 'sfsCheck_' . $key], $response[$key] ?? [], $area);
@Skhilled,
Are you on SMF 2.0?  Recaptcha is built into 2.1.  I haven't tested it with 2.0 and the Recpatcha mod installed.

No, I'm on 2.1 and was using Google's recaptcha and added their keys. When I removed it it worked better. :)

Quote from: SleePy on February 17, 2024, 10:39:32 AM@Lucarella,

Thanks for your help

The mod can't be downloaded

An error has occurred
This package appears to have been removed from the remote host. Please contact the mod/theme author to correct.

It works just fine for me Kitty.

Very strange i tried another browser and the same result. Firefox and Chrome.

Try it now.  Something was odd with GitHub and it stopped wanting to serve the file.

Quote from: SleePy on February 18, 2024, 01:39:48 PMTry it now.  Something was odd with GitHub and it stopped wanting to serve the file.

Yes now it's working thanks.

I've run into an error with our forum upon trying to install the package. I'm getting the HTTP Error 500 as noted above.  I looked in the error log and it's noting this as the only error for today:

[26-Mar-2024 21:58:37 Africa/Abidjan] PHP Parse error:  syntax error, unexpected '|', expecting variable (T_VARIABLE) in /*****/**********/public_html/*********/forum/Sources/StopForumSpam.php on line 1023

I'm not sure on the Africa/Abidjan as the server is located in the Eastern U.S.  I blanked out the server related info and site name info. in the above shared error log comment.

I also can't run fix_packages.php either (it doesn't seem to access it when pointed at it in a browser despite it being in the root of the forum directory with the SSI and Settings.php files) so kind of stuck at the moment. It's an old forum (not active for a # of years) that I just recently updated to 2.0.19 but I'm not sure what version of PHP and MySQL we're on as it's basically been running for awhile with minimal updates.  I have ran into a lot of spammers just recently and disabled registrations. 

I'd like to revert back but obviously (and quite stupidly) I didn't back things up because... why would I? *SMDH*  Hoping I can just get it to uninstall but not sure if there's a means to?

Quote from: SleePy on January 20, 2024, 12:58:17 PM

Quote from: erich199 on January 19, 2024, 03:06:12 PMI'm having issues where this is triggering an error in the logs

Code Select Expand

Type of error: Undefined
2: Undefined array key "sfs_verOptionsMembers"
Seems to be happening when the user is registered and trying to send a pm

Do you have any options set for members?

I got the same issue here, any solution? Maybe it has to do with the Europe setting since line the error i got is related to line 904 and that is the beginning of the host setting:
/forum/Sources/StopForumSpam.php (Line 904)
2: Undefined array key "sfs_verOptionsMembers"

Also, there is a typo on line 917 from StopForumSpam.php
Is now: 'host' => 'eruope.stopforumspam.org',Should be: 'host' => 'europe.stopforumspam.org',

Quote from: TheBom on April 27, 2024, 02:25:38 PM

Quote from: SleePy on January 20, 2024, 12:58:17 PM

Quote from: erich199 on January 19, 2024, 03:06:12 PMI'm having issues where this is triggering an error in the logs

Code Select Expand

Type of error: Undefined
2: Undefined array key "sfs_verOptionsMembers"
Seems to be happening when the user is registered and trying to send a pm

Do you have any options set for members?

I got the same issue here, any solution? Maybe it has to do with the Europe setting since line the error i got is related to line 904 and that is the beginning of the host setting:
/forum/Sources/StopForumSpam.php (Line 904)
2: Undefined array key "sfs_verOptionsMembers"

OK, i found the solution, its in the config of SFS, by default there is no

QuoteMember Verification Sections

selected, when you select " Posting " the error is gone and people can send a PM.

Quote from: IVIIVI4ck3y27 on March 26, 2024, 06:12:07 PMI've run into an error with our forum upon trying to install the package. I'm getting the HTTP Error 500 as noted above.  I looked in the error log and it's noting this as the only error for today:

Code Select Expand

[26-Mar-2024 21:58:37 Africa/Abidjan] PHP Parse error:  syntax error, unexpected '|', expecting variable (T_VARIABLE) in /*****/**********/public_html/*********/forum/Sources/StopForumSpam.php on line 1023

I'm not sure on the Africa/Abidjan as the server is located in the Eastern U.S.  I blanked out the server related info and site name info. in the above shared error log comment.

I also can't run fix_packages.php either (it doesn't seem to access it when pointed at it in a browser despite it being in the root of the forum directory with the SSI and Settings.php files) so kind of stuck at the moment. It's an old forum (not active for a # of years) that I just recently updated to 2.0.19 but I'm not sure what version of PHP and MySQL we're on as it's basically been running for awhile with minimal updates.  I have ran into a lot of spammers just recently and disabled registrations. 

I'd like to revert back but obviously (and quite stupidly) I didn't back things up because... why would I? *SMDH*  Hoping I can just get it to uninstall but not sure if there's a means to?

I've got the same error.  Deleting /Sources/StopForumSpam.php and the /Sources/StopForumSpam folder will let you back into the admin area.  Can't figure out how to get the mod to work, though.

Update: Updating my PHP to the latest (8.3) fixed the problem.

No version of smf currently supports php 8.3

To be clear, SMF 2.1 doesn't officially support PHP 8.3, yet.  However, I currently don't know of any major issues with 8.3. We recommend at least 8.0.  8.1 and 8.2 are supported.  As PHP has stopped support for 8.0, you are welcome to use 8.1 or 8.2.  I don't know of any security issue in 8.0 since they stopped supporting it that would be of concern for SMF.  Maybe that will change someday and maybe that affects other software on your site.  This mod is using PHP code that requires 8.0.  Thus this mod requires PHP 8.0.  I tagged the mod on the site to show it needs 8.0.

Also this only covers 2.1.  2.0 and 3.0 both have separate supported versions.

Just started using this new version since I upgraded to SMF 2.1.4.

Here are some of my observations using this newer version.

1. Selecting entries in the SMF log and then clicking "Delete selected" doesn't do anything.

2. When a spammer is blocked, they see "Your request was denied as your email, username and/or IP address is listed in the Stop Forum Spam database". This is too much information IMHO as the spammer now knows where to look to bypass the check. I changed my language to simply state that "your email, username and/or IP has been flagged as being that of a potential spammer". Now the spammer has no idea what was used to trigger the detection.

Overall, I really like the plugin, thanks!

I can't reproduce the first issue, the log function does however prevent deleting logs that are less than 24 hours old.

I realize it may provide lots of information to a spammer, but if they are in the database and a legit user, it can help them request removal with no action on your part.

I uninstalled the mod in order to install an update.

Got a 500 error.
Server side

Quote[11-Aug-2024 00:27:15 Australia/Brisbane] PHP Parse error:  syntax error, unexpected 'array' (T_ARRAY), expecting function (T_FUNCTION) or const (T_CONST) in /home2/gsxowner/public_html/forum/Sources/StopForumSpam.php on line 16

Perhaps someone can explain this to me?


I was on PHP 7.x and upgraded to 8.0 "server busy" error.
Upgraded to 8.1 - can get back into forum.

BUT my admin password doesn't seem to work - unsure if related.

Please ignore my previous post (that's sorted)

Now trying to install v 1.5.5

errors:

2.   Extract File   ./Sources/StopForumSpam.php   
3.   Extract Tree   ./Sources/StopForumSpam   File not found
4.   Extract File   ./Themes/default/StopForumSpam.template.php   
5.   Extract File   ./Themes/default/languages/StopForumSpam.english.php   File not found
6.   Extract File   ./Themes/default/languages/StopForumSpam.finnish.php   File not found

How to proceed?

Are you uninstalling or upgrading?

Quote from: Mooby The Golden Sock on June 21, 2024, 10:34:59 AM

Quote from: IVIIVI4ck3y27 on March 26, 2024, 06:12:07 PMI've run into an error with our forum upon trying to install the package. I'm getting the HTTP Error 500 as noted above.  I looked in the error log and it's noting this as the only error for today:

Code Select Expand

[26-Mar-2024 21:58:37] PHP Parse error:  syntax error, unexpected '|', expecting variable (T_VARIABLE) in /*****/**********/public_html/*********/forum/Sources/StopForumSpam.php on line 1023

Update: Updating my PHP to the latest (8.3) fixed the problem.

Yes today I have tried updating the mod after 6 months, and found the forum crashed with blank page.
Without stressing out, checked the error log via cpanel file manager and found same error as you received, so I have seen your solution that on upgrading php version from 7.4 to 8.3 completely via cpanel - php version changer and also deleted cache folder having all old cache files had cleared.

Then the forum loaded with php 8.3, installed mod in a second without any issues.
Settings of stop forum spam is done with the api key as planned by @SleePy

The mod worked like wow, stopped almost 4 blocks in less than a minutes.

Quote from: Sudhakar Arjunan on February 10, 2024, 06:07:15 PMYes once installed on my fresh upgraded smf 2.1.4 the install page blanks out and completely cashes my Forum.

The mod worked like wow, stopped almost 4 blocks in less than a minutes.
Waited for this mod for last 7 months after upgrading smf to 2.1.4
Thank you smf community and mod developer @SleePy

Hi there, are there instructions on how to manually uninstall this mod?

I am running 2.0.4 and PHP 7.4, and unfortunately I was an idiot and installed it without seeing that it uses 8. (I have it on another forum and installed it I believe last year, aaaand since I worked then I was big dumb and didn't check.)

So my forum won't work, and I don't have a backup. x_x Help?

SMF 2.0.4 doesn't even support PHP 7 so that could also be your issue.

You can uninstall the mod by removing the various hooks it calls.  your smf_settings table has various integration_* variables with values mentioning calls to the mod.  Removing those will remove the hooks.  You can also use repair_settings.php which has a link to remove the hooks.

You want to upgrade that forum asap due to the security issues present in previous versions of SMF.  Your admin center should have a prompt to download those and it can walk you through patching.  As mentioned since SMF 2.0.4 doesn't support PHP 7, you may have trouble with this.  We have a tool showing the manual edits you must make to upgrade to each version.  This will be tedious as there were many changes to 2.0 to add support for newer PHP versions. https://custom.simplemachines.org/index.php?action=patches

If you have no other mods/code changes installed, you could just upload the large upgrade file for 2.0, but it removes all changes.

The poster is actually on 2.1.4

Ahh well, that can also be fixed by the method to disable hooks. Or if the host supports it, enable a newer version of PHP.

Now I'm annoed enough that I sent in a pull request to address this issue.

Thanks, I really should have done that a while ago.  Who knew so many people are still running PHP below 8.0.  I released 1.5.6, which just adds your message.

Following a series of troubled upgrades, downgrades, upgrades from 2.0.19 to 2.1.4, as advised in another thread I finally did a 'clean files' install of 2.1.4. It wasn't without it's issues but I eventually succeeded in establishing a clean, error free, install. Once satisfied everything was working I installed the Stop Forum Spam mod. This seems to be working perfectly except that I am getting the following Critical error in my logs.

JSON decode error: Syntax error, malformed JSON
The error is generated in /Sources/ManageServer.php at line 1264. The error occurs as soon as I land on the SFS settings page.

I'd be very grateful for any suggestions as to how to fix this. Thank you.

In addition to the above, whenever a potential spammer gets blocked I receive an entry in the error log. Being new to 2.1.4 I assumed this was just a way of logging bans, however, I'm now wondering if this is in fact an error that needs fixing.

Quote from: JWJ on October 30, 2024, 10:02:53 AMFollowing a series of troubled upgrades, downgrades, upgrades from 2.0.19 to 2.1.4, as advised in another thread I finally did a 'clean files' install of 2.1.4. It wasn't without it's issues but I eventually succeeded in establishing a clean, error free, install. Once satisfied everything was working I installed the Stop Forum Spam mod. This seems to be working perfectly except that I am getting the following Critical error in my logs.

Code Select Expand

JSON decode error: Syntax error, malformed JSON
The error is generated in /Sources/ManageServer.php at line 1264. The error occurs as soon as I land on the SFS settings page.

I'd be very grateful for any suggestions as to how to fix this. Thank you.

Looks like its a bug caused from upgrading from 2.0 to 2.1.
You can clear it by simply setting the Guest Verification options.

You can also run this update file, place in your SMF root: https://github.com/jdarwood007/smfmod_sfs/blob/0cdc09095beab1b1bd315b82b41d81adc354cb2c/upgrade_sfs.php

I will look at publishing a new version, once we check your other error.

Quote from: JWJ on October 31, 2024, 07:32:57 AMIn addition to the above, whenever a potential spammer gets blocked I receive an entry in the error log. Being new to 2.1.4 I assumed this was just a way of logging bans, however, I'm now wondering if this is in fact an error that needs fixing.

What sort of error is logged?  I can be PMed if you feel its sensitive 

Thanks for the information SleePy.

I unset Guest Verification (it was already set on) but as soon as I landed on the SFS settings page I received the malformed JSON error. I ran the upgrade_sfs file as instructed and that seems to have cleared the problem.

I've attached screen shots of the other error. I hadn't previously looked at the backtrace information but I can see that refers to a fatal error.SFS_error_entry.pngSFS_error_backtrace.png

Is that an older error?  The call it is making is no longer used.  Perhaps it is a older hook?

No, that's a new error. When I upgraded I did have a number of issues although I finally followed the instructions for a clean install. Is there anything I can do to check the hooks?

Sorry to come back on this one but I'm concerned that the Mod isn't reporting spammers to the SFS database. Is there any way I check for sure? Is it possible that the error I'm getting is causing the mod to fail before it completes the reporting step? Is there anything I can do to collect more useful information?

SMF doesn't have a good way to check for hooks.  You could uninstall the mod then go to Admin > Maintenance > Forum Maintenance > Integration hooks.  Then look for any hooks with 'SFS' in the name.

If you setup an API key with the Stop Forum Spam database, you can log into your account on their site and see all submissions.

I have my API key set up and have checked the Stop Forum Spam database. None of the spammers I am currently getting have been logged in the database and I'm having to add them manually. I thought the SFS mod submitted the spammer details automatically. The mod seems to be blocking spammers already in the database but not adding new ones.

I'll uninstall the mod, remove any hooks with SFS in them and re-install. Thank you.

Okay, I uninstalled the mod and when I checked for hooks SMF reported there were none. I reinstalled the mod and now I have 9 hooks, all associated with SFS, as attached.

I'm sorry to be a pain but since uninstalling and reinstalling the mod I've started to get a new error. Whenever I go to "SFS logs" I get 4 errors logged. They are all the same error, repeated 4 times. I've attached screenshots of one of the errors and a view of the Backtrace information. I ran the upgrade_sfs.php file but it's made no difference. Is there anything else I can try?

Rechecking back through everything I noticed that my SFS version wasn't the latest. I uninstalled it, deleted the files, and then installed the latest v1.5.6 version. The problem still exists.

Quote from: JWJ on November 13, 2024, 05:05:38 AMI have my API key set up and have checked the Stop Forum Spam database. None of the spammers I am currently getting have been logged in the database and I'm having to add them manually. I thought the SFS mod submitted the spammer details automatically. The mod seems to be blocking spammers already in the database but not adding new ones.

I'll uninstall the mod, remove any hooks with SFS in them and re-install. Thank you.

You have to tell it to submit a spam post
Screen Shot 2024-11-15 at 4.47.23 PM.png

Quote from: JWJ on November 15, 2024, 03:58:34 AMRechecking back through everything I noticed that my SFS version wasn't the latest. I uninstalled it, deleted the files, and then installed the latest v1.5.6 version. The problem still exists.

Did the error location change?  The error does not align with the code you provided for those files/lines.

Firstly, my bad with regards to reporting to SFS. I hadn't spotted that the reporting had been moved from where it was in my previous 2.0.19 version.

With regards to the "SFS Logs" error, I don't know what you mean by "does not align". I've created a new error and taken screenshots of all 4 log entries. The only difference I can see between them are the last 2 words of the error description, the 1st and 3rd entries referring to 'string given', entry 2 'int given' and entry 4 'float given'. I've also attached the Backtrace information from the 1st entry and again, I can see no difference in the backtrace for each of the 4 entries.

That helps, now the code is matching up to the error logged.

I think its some older log entries.  But we can make the code compatible.

Try opening $sourcedir/StopForumSpam/SFS-Logs.php

Find:
foreach ($checksDecoded as $ckey => $vkey) {
foreach ($vkey as $key => $value) {
$checks .= ucfirst($key) . ':' . $value . '<br>';
}
}

Replace:
foreach ($checksDecoded as $ckey => $vkey) {
if (is_array($vkey)) {
foreach ($vkey as $key => $value) {
$checks .= ucfirst($key) . ':' . $value . '<br>';
}
} else {
$checks .= ucfirst($ckey) . ':' . $vkey . '<br>';
}
}


That's brilliant!!! Everything is working fine now. Thank you very much for your considerable time.... much appreciated.

I'm probably a little over my head trying to use this mod. So I have some very newbie type of questions.

On the Mod Settings > SFS, under Verification Options, I could probably not be more confused! The instructions say

QuoteThese options require Anti-Spam Verification options to be setup and configured. Disabling verification options or not requiring them in specific sections will override these options.

We do have Admin > Configuration > Anti-Spam set up with some verification options set up and configured (on registration only). But we don't want to use verification for other things. At least not yet.

To me, the instructions sound like they are saying that if we disallow verification, it will somehow change what we have set on Anti-Spam settings. But that does not entirely make sense to me. Is it trying to say that the settings on Verification Options need to be parallel with the settings on Anti-Spam? ("on" on both pages or "off" on both pages, i.e.)

It's also possible that I don't understand the Verification Options section correctly. Does clicking/highlighting options in those boxes allow or disallow verification on those things? It seems like the tradition is that clicking on something chooses it, but maybe it's choosing it for a different reason than I thought?

I tried un-highlighting Posting in the Guest Verification section (because we do not even allow guest posting, so why would we need verification), but it does not stay un-highlighted after I click Save. So I think I must have a misunderstanding somewhere  ::)

Or it's also possible that I don't understand the highlighting. When I open the page fresh, under Guest Verification, Posting has a gray background (highlight) with black text. But if I click on it, it changes to my theme highlight, which is dark blue background with white text. So maybe the gray highlight does not mean it's actually selected??? Could it be only a suggestion??

Thanks for your patience  :)

Quote from: brynn on March 07, 2025, 11:44:07 AMI'm probably a little over my head trying to use this mod. So I have some very newbie type of questions.

On the Mod Settings > SFS, under Verification Options, I could probably not be more confused! The instructions say

QuoteThese options require Anti-Spam Verification options to be setup and configured. Disabling verification options or not requiring them in specific sections will override these options.

We do have Admin > Configuration > Anti-Spam set up with some verification options set up and configured (on registration only). But we don't want to use verification for other things. At least not yet.

To me, the instructions sound like they are saying that if we disallow verification, it will somehow change what we have set on Anti-Spam settings. But that does not entirely make sense to me. Is it trying to say that the settings on Verification Options need to be parallel with the settings on Anti-Spam? ("on" on both pages or "off" on both pages, i.e.)

The basis of the mod hooks into SMF's verification system to extend the checks it performs.  So you need to ensure that SMF is running its verification system.  Checking things such as " Require verification on registration page", then triggers SMF to perform its verification system.

You can leave image, questions and recaptcha off and it should still run the Stop Forum Spam system.  Although I would say in today's environment, adding it onto those will help keep bots at bay.

Quote from: brynn on March 07, 2025, 11:44:07 AMI tried un-highlighting Posting in the Guest Verification section (because we do not even allow guest posting, so why would we need verification), but it does not stay un-highlighted after I click Save. So I think I must have a misunderstanding somewhere  ::)

By selecting it, the SFS logic is performed on that section.  So if you remove it, SFS is not performed.

Quote from: brynn on March 07, 2025, 11:44:07 AMOr it's also possible that I don't understand the highlighting. When I open the page fresh, under Guest Verification, Posting has a gray background (highlight) with black text. But if I click on it, it changes to my theme highlight, which is dark blue background with white text. So maybe the gray highlight does not mean it's actually selected??? Could it be only a suggestion??

Thats all going to be up to how your browser handles displaying the field.  Its a Mutli-select input box in HTML.  Most browsers will show it greyed out because its not a active input box.  When selecting it, the color should change to the highlight color.  But clicking on a item will change with items are selected.  You typically use a modifier key + click to select multiple.

Thanks for your comments!

QuoteOn the Mod Settings > SFS, under Verification Options, I could probably not be more confused! The instructions say

QuoteThese options require Anti-Spam Verification options to be setup and configured. Disabling verification options or not requiring them in specific sections will override these options.

So disabling verification options (in the mod settings) overrides Anti-Spam Verification options (in Anti-Spam settings)? Is that what it means?

QuoteMost browsers will show it greyed out because its not a active input box.

Ooooohhh, the gray highlight means it's grayed out?! That's why I'm so confused! I've never seen "grayed out" look like that before. Usually when something is grayed out, the text itself is gray, rather than the gray background highlight. No wonder I can't de-select it!  Haha!

One last question. We do not seem to be getting any entries in the SFS logs. Does that mean I have something wrong with the settings? Or does it only log suspicious visitors? (We only opened the forum recently, so it's not getting many visits yet.)

Thanks.

Quote from: brynn on March 14, 2025, 05:16:57 AMThanks for your comments!

So disabling verification options (in the mod settings) overrides Anti-Spam Verification options (in Anti-Spam settings)? Is that what it means?

SFS is setup to extend SMF's Anti-spam verification system.  Think of it like a new section.

QuoteOne last question. We do not seem to be getting any entries in the SFS logs. Does that mean I have something wrong with the settings? Or does it only log suspicious visitors? (We only opened the forum recently, so it's not getting many visits yet.)

You should be getting logs, but only about where it took action to block.  Most likely means that it isn't running like you expect if you have a lot of spam still getting through.  You can enable debug logs and it will produce much more verbose logging about what is going on, including logging all queries it sends over to SFS API

Ok, I think I understand. Thank you very much!

Hi,

Firstly, thanks for creating this great mod. I would like to report a couple of bugs:

If you use the "Stop Forum Spam" option on a guest post and then click "SUBMIT TO STOP FORUM SPAM", you end up adding yourself to the SFS database! Submitting guest info probably isn't a good idea anyway (the email address hasn't been verified), so rather than try modifying the submission code, I've just disabled the option on guest posts like this:

    public static function hook_prepare_display_context(&$output, &$message, $counter): void
    {
        global $smcFunc, $scripturl, $context;

        if ($output['member']['id']) // not a guest
            $output['quickbuttons']['more']['sfs'] = [
                'label' => $smcFunc['classSFS']->txt('sfs_admin_area'),
                'href' => $scripturl . '?action=profile;area=sfs;u=' . $output['member']['id'] . ';msg=' . $output['id'],
                'icon' => 'sfs',
                'show' => $context['can_moderate_forum'],
            ];
    }

The other issue is that the "Guest Verification Sections" and "Member Verification Sections" options cannot be set to empty if they aren't already empty. This actually appears to be an SMF bug (in the saveDBSettings function) affecting all multi-select options, but thought I'd mention it here anyway since it affects this mod.

Any documentation on this? The settings seem kinda obtuse or opaque (words are hard). What happens to a member who's registration is caught as spam?

Words are hard, I'm a software engineer, not an English professor.  I would appreciate it if anyone has better words to clean up the confusion.  Grammarly helps me in posts, but I haven't bothered to add it into my coding process because it generally just gets confused.

During registration, if they are found in the Stop Forum Spam response for checks (like IP, username, email) and above confidence thresholds (for usernames), it will block the registration and present a warning to them that the information provided was found in the Stop Forum Spam database.

No documentation exists yet.  I should work on that.  If I did, I would just wiki it over on the GitHub page. https://github.com/jdarwood007/smfmod_sfs

"Words are hard": a reference to me potentially using a wrong word in my post above.

Request: A way to delete all spammers in one go! The button Check these Members only asks confirmation but then nothing happens.
Thanks.