Stop Forum Spam

[MobileCS]

This might be just a personal preference, but you may want to open links in a new window when clicking on the IP addresses in the SFS logs section.

I added 'target="_blank" to the links on lines 701, 702, 732, 734, 736 and it's working just fine.

Thanks again for all your hard work. This mod is working really well on my forum.

[Steve]

Or you just could 'ctrl + click' on the link ...

[MobileCS]

True, but that requires 2 extra steps - one to hold [CTRL] and another to click on the new tab to view it.

My method automatically brings the new tab in to view. Again, just a personal preference.

[SleePy]

Middle click also works if you have a mouse with that (scroll wheel is sometimes middle click).

[ZabiinoOo]

much errors have this mod:
PHP Parse error:  syntax error, unexpected 'array' (T_ARRAY), expecting variable (T_VARIABLE) in /Sources/StopForumSpam.php on line 16

line 16:

Code Select Expand

private array $changedSettings = [];

[SleePy]

You are using a older version of PHP.  The error is related to a new feature in PHP 8.0 and higher.  Ask your host to move you to a PHP 8.0 or higher release.  Some hosts allow you to change this in your control panel as well.

[Ottokar]

PHP 8.2.x
SMF 2.1.4
SFS 1.5.3 (only 'Check Email? (Recommended)' is active; 'Checks Required' is at 'Email & IP Address')

This Mod generates permanently errors at the registration prozess:

Code Select Expand

Undefined array key "ip"Backtrace information see attach.

Another special error:

Code Select Expand

SFS Failed as no data was sent:https://api.stopforumspam.org/api?json¬orexit&expire=90Backtrace information see attach.
I think, the session was ended while the user write the post. And as he send the post, he was redirected to login, at which loosing sfs the data.

[SleePy]

Looks like no data is being sent back.  Which is odd.  What is the IP address that registers the error?  It must be in a invalid format for the API to reject.

[Ottokar]

With setting 'Checks Required' at 'Any [Email or Username | IP] (Default)' i get no more

Code Select Expand

Undefined array key "ip" errors. Imho it's a mod bug.

The error

Code Select Expand

SFS Failed as no data was sent:https://api.stopforumspam.org/api?json¬orexit&expire=90occurred for the second time today.
The error occure, if the login session has expiried before the user has send the post.
With this, if the user submit the post, he will be redirected to the login page first and has to log in again before the post was send.
During this process SFS apparently loses the data.

[SleePy]

Give me more error details.  File and line number also help.

What I'm seeing so far is the API is not responding.  The undefined ip could be a lots of things.  A users session timeout would not break the mod. It does not use any session data.  SMF however does do session checks of its own.

[Ottokar]

For more error details look the first attachment in #106.

A users session timeout would not break the mod.

Yes, it does.

The user has logged in.
While the user writes the post, the session time expires.
Then, if the user sends the post, he was redirected to the login.
At that the mod loses the variables and/or their values.
Therefore the mod sends empty variables, what triggers the error.
I have reproduce the error several times now and that's exactly what happened.

[SleePy]

I still can't reproduce this or get this error.

Using a test account, I got to make a post, I modified the HTML code with dev tools and changed the hidden session data being passed in the form (triggers a session failed check).  I got the SFS response that my post was blocked because it was found in the SFS database.  I checked the SFS logs, and saw it logged the data:

Code Select Expand

Username:test
Email:[email protected]
Ip:127.0.0.1
Ip:127.0.0.1

I checked the error logs, no errors were registered.  I even tested this as a guest, doing the same page manipulation on the registration page and getting the session timeout error.  No errors were logged.

There are no variables maintained in the session for this.  The mod will grab the IP from the $user_info['ip'] before sending it, which SMF has already set from QueryString.php logic to determine the REMOTE_ADDR.  The email for a registered user is passed from $user_info['email'].  Username also passes from $user_info['name'].  For guests, it handles it via the submitted $_POST data.  At no time is this mod using session data to handle the checks.  You can see the Code and the only session checks are for the logs and handling submission to SFS.  SMF 2.0 does modify the existing verification code to add in code calls for SFS, but 2.1 uses a Hook.

I'm not able to figure out where it comes from if you are seeing that.

What version of PHP do you have?
What version of SMF are you running?
What does your SFS settings page look like?  You can blur out the API key, I don't need that.  I need to see all the other settings, so I can configure my test environment to match and try to reproduce it.
What other mods are you running?

[Ottokar]

Look at the attached debug info, Member ist 'Guest', but Username and Email are empty, does that cause the error?
In StopForumSpam.php the code in line 255 grabs Username and Email from $_POST data. But there is no data because the user is no Guest, it's a member, and posting for guests is not allowed.
All Anti-Spam Verification options are set.

PHP 8.2.x
SMF 2.1.4
SFS 1.5.3

[SleePy]

Do you have the setting enabled called 'Do not show the email field for guests' posts'? (ACP > Forum > Posts and Topic > Post Settings)  That setting allows email to not be submitted.

Digging into the code, SMF does seem to check the verification first, so that is fun.  It should be checking the basic things first before checking the verification stuff.  Looks like the best option is to move the hook.  Let me think about this.

In the short term, if you check IPs, the error would stop, it would only be checking IPs, but if they are not sending a username or email, it should fail anyways, just passes these checks otherwise.

[Ottokar]

The setting 'Do not show the email field for guests posts' isn't enabled.


If the User click "preview" the post, the error was logged in the SFS Log too. But in this cases ("preview"), the error was only logged in the SFS Log, not in the Forum SMF Logs.

[SleePy]

Try this.
In StopForumSpam.php

Find:

Code Select Expand

$guestname = !isset($_POST['guestname']) ? '' : trim($_POST['guestname']);
$email = !isset($_POST['email']) ? '' : trim($_POST['email']);

Replace:

Code Select Expand

$guestname = !isset($_POST['guestname']) ? '' : trim(normalize_spaces(sanitize_chars($_POST['guestname'], 1, ' '), true, true, array('no_breaks' => true, 'replace_tabs' => true, 'collapse_hspace' => true)));
$email = !isset($_POST['email']) ? '' : trim($_POST['email']);

// SMF will take care of these if we are checking them.
if (!empty($this->modSettings['sfs_emailcheck']) && empty($modSettings['guest_post_no_email']) && empty($email))
return false;
else if (!empty($this->modSettings['sfs_usernamecheck']) && empty($guestname))
return false;

It should stop the API from being requested but depends on SMF processing its own checks to reject the submission for an empty username and empty email.

Another thing to note is these are most likely bots, as the UI has a required attribute on the email and username boxes, which should prevent the browser from accepting the post filling them in.

[Skhilled]

Hi Sleepy,

SMF has removed the ability to use wildcards in email address to ban accounts on registration in v2.1 like the follow as v2.0 used to do: *@*.*.someserver.net.

Does this mod allow you to do that? There are a lot of hackers/bots that are using this along with suspected email accounts. Am I missing something, or should I report this to Stop Forum Spam instead?

[Ottokar]

Try this.

I will try this, thank you.

Another thing to note is these are most likely bots

I checked the IPs, all errors are caused by users.

[SleePy]

Hi Sleepy,

SMF has removed the ability to use wildcards in email address to ban accounts on registration in v2.1 like the follow as v2.0 used to do: *@*.*.someserver.net.

Does this mod allow you to do that? There are a lot of hackers/bots that are using this along with suspected email accounts. Am I missing something, or should I report this to Stop Forum Spam instead?

I wasn't aware of any change regarding that.  It may have been accidental with changes regarding alignment to RFC if we did anything.

This mod won't change anything in regards to that, it is checking the Stop Forum Spam API.  So if the email is registered in that API, then it would stop it.  It can optionally even ban them to stop more attempts.

If you want to ban the wildcard usage, you can add a ban for that.  MySQL and PostgreSQL both use % and _ for wildcards, so you can use * safely in your ban.  SMF otherwise will do a lookup for email matching.

Try banning %@%.%.someserver.net  and it should work

[Skhilled]

It will not allow me to do it. I've tried on several SMF forums as well as one without any mods on it...only themes are on it. They all say, "Please enter an email address." This happens whether I use a "%, *, or _" with wildcards. And, StopForumSpam is only installed on the first site I mentioned, not any of the others. This was happening before I installed StopForumSpam. I installed it in hopes that it would help.