How to prevent URL's in post subject?

Started by BSD2000, July 13, 2017, 08:18:12 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

BSD2000

July 13, 2017, 08:18:12 AM
My forum has been flooded with spammers lately and I installed a few anti-spam measures to slow them down, including preventing them from posting URL's in the body of the message, but they are getting around that by posting spam URL's in the subject line.

I've searched high and low and I can't find a mod that prevents 'http://' URL's from being entered in the subject line. Is there a small bit of code I could add in the post template that would show an error message if a URL is entered as the subject?

vbgamer45

#1
July 13, 2017, 10:08:58 AM
Open sources/Post.php

Find
Code Select

// You are not!
if (isset($_POST['message']) && strtolower($_POST['message']) == 'i am the administrator.' && !$user_info['is_admin'])
fatal_error('Knave! Masquerader! Charlatan!', false);

Add after
Code Select

if (substr_count($_POST['subject'],"http://") > 0 || substr_count($_POST['subject'],"https://") > 0)
{
fatal_error('You are not allowed to use that subject line', false);
}
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

BSD2000

#2
July 13, 2017, 10:15:37 AM
Works perfectly! Thank you so much!  :)

vbgamer45

#3
July 13, 2017, 10:19:20 AM
Glad to help
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

BSD2000

#4
July 13, 2017, 11:09:56 AM
I made one small change - I added strtolower() to force the subject text to all lowercase, just in case they try to bypass it using uppercase letters:

Code Select
if (substr_count(strtolower($_POST['subject']),"http://") > 0 || substr_count(strtolower($_POST['subject']),"https://") > 0)
{
fatal_error('You are not allowed to use that subject line', false);
}

Works even better now.  :)

BSD2000

#5
July 13, 2017, 11:29:20 AM
Now that I think about it, you could add a new error message in the file /Themes/default/languages/Errors.english.php file, like this:

Code Select
$txt['error_bad_subject'] = 'You are not allowed to use that subject line.';

Then change the code in /Sources/Post.php to:

Code Select
    // HTTP not allowed!
    if (substr_count(strtolower($_POST['subject']),"http://") > 0 || substr_count(strtolower($_POST['subject']),"https://") > 0)
        {
       $post_errors[] = 'bad_subject';
        }


And it will produce an error message that stays focused on the post, but lets them know there's a problem with the subject text, like the attached photo.  :)

vbgamer45

#6
July 13, 2017, 11:31:02 AM
Yup that is the best way!
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Kindred

#7
July 13, 2017, 07:15:27 PM
Or, even better... prevent them from reistering in the first place.

See the FAQ entry on how to prevent spammers
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

GerryM

#8
November 04, 2017, 08:56:04 AM
Quote from: Kindred on July 13, 2017, 07:15:27 PM
See the FAQ entry on how to prevent spammers

Which FAQ?
Print
Go Up Pages1
User actions
Advertisement: