modifying action=register or action=register2

Started by linear, June 30, 2006, 12:34:02 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

linear

June 30, 2006, 12:34:02 PM Last Edit: June 30, 2006, 12:40:30 PM by linear
Hi,

I'm sure that if you've got a SMF that's in the search engines, then you're starting to get a lot of automated signups from scripts like I am. Most aren't getting through the email confirm process, but a few are, and I'm unwilling to turn on admin approval to catch those few, due to the inconvenience on the innocent bystanders.

So what I'd like to do is replace action=register everywhere with action=foo. This should be enough to break the scripts out there, and if each of us did this, replacing foo with a locally selected unique value, we'd all be immune for these script attacks.

So my question is, where are all the necessary places to make this change?
I have found in Register.template.php, and index.template.php for each relevant theme. I remember seeing a big code block that handles all the different actions, but I don't remember where this is. The "monstrous $_REQUEST['action'] array" is in the top level index.php.

Any other places I need to make the substitution?

Thanks for the assistance.

Edit: answered part of my own question already

linear

#1
June 30, 2006, 01:05:31 PM
languages/index.english.php (amend as applicable) also has the code that prints the register link on each page, so it needs changing.

I'm working this out on a test install, so I'll probably have the answer myself before too long.

linear

#2
July 07, 2006, 10:10:08 AM Last Edit: July 07, 2006, 10:14:56 AM by linear
Here's my guide to doing this mod: (I'm replacing register with signup--I suggest you alter your value to be locally unique)

Back up your files! Then

in index.php (top level):
find
Code Select
elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('login', 'login2', 'register', 'register2', 'reminder', 'activate', 'help', '.xml'))))

and replace with
Code Select
elseif (empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && (!isset($_REQUEST['action']) || !in_array($_REQUEST['action'], array('login', 'login2', 'signup', 'signup2', 'reminder', 'activate', 'help', '.xml'))))


find
Code Select
'register' => array('Register.php', 'Register'),
'register2' => array('Register.php', 'Register2'),

and replace with
Code Select
'signup' => array('Register.php', 'Register'),
'signup2' => array('Register.php', 'Register2'),


in Themes/default/index.template.php: (and for every relevant theme)
find
Code Select
<a href="', $scripturl, '?action=register">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/register.gif" alt="' . $txt[97] . '" style="margin: 2px 0;" border="0" />' : $txt[97]), '</a>';

and replace with
Code Select
<a href="', $scripturl, '?action=signup">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/register.gif" alt="' . $txt[97] . '" style="margin: 2px 0;" border="0" />' : $txt[97]), '</a>';


in Themes/default/languages/index.english.php (alter as applicable):
find
Code Select
$txt['welcome_guest'] = 'Welcome, <b>' . $txt[28] . '</b>. Please <a href="' . $scripturl . '?action=login">login</a> or <a href="' . $scripturl . '?action=register">register</a>.';

and replace with
Code Select
$txt['welcome_guest'] = 'Welcome, <b>' . $txt[28] . '</b>. Please <a href="' . $scripturl . '?action=login">login</a> or <a href="' . $scripturl . '?action=signup">register</a>.';


in Sources/Register.php:
find
Code Select
redirectexit('action=regcenter;sa=signup');

and replace with
Code Select
redirectexit('action=regcenter;sa=signup');


find
Code Select
redirectexit('action=signup');

and replace with
Code Select
redirectexit('action=signup');


in Themes/default/Register.template.php:
find
Code Select
<form action="', $scripturl, '?action=signup2" method="post" name="creator" onsubmit="return defaultagree();">

and replace with
Code Select
<form action="', $scripturl, '?action=register2" method="post" name="creator" onsubmit="return defaultagree();">


find
Code Select
<a href="', $scripturl, '?action=regcenter;sa=register">', $txt['admin_browse_register_new'], '</a>

and replace with
Code Select
<a href="', $scripturl, '?action=regcenter;sa=signup">', $txt['admin_browse_register_new'], '</a>


find
Code Select
<form action="', $scripturl, '?action=regcenter;sa=register2" method="post" name="creator">

and replace with
Code Select
<form action="', $scripturl, '?action=regcenter;sa=signup2" method="post" name="creator">
Print
Go Up Pages1
User actions
Advertisement: