Miscellaneous Hacks - ajaxReg - Ajax Registration, with instant field checking

[hr]value[/hr]

. . . . . . . . Brought to you by

. . . http://www.Scriptasy.com

[hr]value[/hr]

Live Demo: ajaxReg 4.0.0

Installation Time: < 2 mins
Files: 3
Product: 1
VB Version: 3.X.X

• v3.0.1
  • fixed the apostrophe issue
• v3.0.2
  • added banned username check
  • fixed image url
• v3.0.3
  
  • fixed banned username check for people that don't have banned phrases
• v3.0.4
  • fixed the apostrophe issue for real instead of just not letting it be used
  • uses your username min character settings
  • uses your regex for usernames if set in the registration settings
  • (fixed for forums that have unregistered users set to cant view forum, look below for more info, its red.)
• v3.0.5
  • fixed minor issue
  • added vbsettings option
• v3.0.6
  • fixed slashes error
• v3.0.7
  • fixed email match
  • added email in use check
• v3.0.8
  • added password strength meter *requested
• v3.0.9
  • removed email is taken by "username" *requested
  • fixed [manual template edits]
• v3.1.0
  • fixed ajax vulnerabilities *
  • added captcha check, thats right
• v3.1.1
  • added captcha check to all captcha fields.

Description:
This hack uses AJAX to check if the user name is taken and also displays errors and reasons why the user messed up on the registration form. Look at attached example picture.

Installation Instructions:
(If you don't have the unregistered usergroup set to Can View Forum = YES then you will have to follow the normal steps then apply this fix: https://vborg.vbsupport.ru/showpost....&postcount=136)

1) Import the Product (make sure you have an original register template, or use the [manual edits])
2) Upload the images and javascript
3) Also Add these to your Additional CSS Definitions for your style:

Code:

.inputgood {
    width: 211px;
    border: 1px solid Green;
}
.inputbad {
    width: 211px;
    border: 1px solid Red;
}

If you like then [Mark As Installed]

[zglows]

this is so nice!

[Fifthe1ement]

Lol, everyone is still waiting on an update from three months ago.. Uninstall and make him update!

Fifth

[TheMilkCarton]

It would be nice to add support for custom profile field checking, e.g. I have a profile field that is *required* at registration AND has a regexp, so if a person doesn't fill it out correctly they'll get an error message and have to go back and fill out the info again.

I'm not sure how easy that'd be to implement, though... so for now I've just made that field optional (which sort of defeats the purpose of the field in the first place) I guess a simple query to check for profile fields that are required at registration, and that have a regexp filled out would be able to grab the correct info, but I'm not exactly the best with coding for vBulletin.

I also had an idea to add a bot-preventative measure to all this... well, two ideas actually.

1) Currently, when you incorrectly fill out a CAPTCHA, it simply clears the field for you and refreshes the image. I doubt bots would ever adapt to this and be able to "brute force" the CAPTCHA box, but I thought an extra level of protection would be nice, say something like an error message that requires a response/click to refresh the CAPTCHA image and clear the input field.

2) Banned email checking. Entering a blacklisted email could either (a) throw an error message saying the domain's been banned or (b) cause the page to redirect to an error message upon entering the banned email.

2a would work perfectly with your idea a few posts ago to grey out the Submit button until all fields are correctly filled out.. This could keep a lot of bots from even getting past the Submit button since their email boxes won't even fill out.. Although, I do think a lot of bots probably bypass the actual form altogether with all that special software they use. haha.

[Coders Shack]

its been kind of busy for me lately i would love to release an update but the problem is i have a full time job @ the moment and am taking 14 college units. (aka I'm also a full time student).

As for bots, turning a capatcha is all you would need to do to prevent a bot. Bots don't use the actual form, well a good bot wouldn't. When you get spammed user sign ups its usually people manually signing up then they add the accounts to a spam list and run a bot that logs in and spams the forum.

hopefully i can find time to release a new one, if you look at the one on Scriptasy it implements the grayed out box.

[TheMilkCarton]

No need to explain yourself... they were just suggestions.

As for bots, I figure that most do bypass the form altogether, but I thought a measure like disallowing banned emails from being entered could at least prevent some bots from ever submitting the form, and maybe even stop some manual spammers in their tracks (the ones who normally get through CAPTCHA).. but I realize that if they're determined they'll just keep entering emails until they find one that's not banned.

[Coders Shack]

if i do have the time to update this hack, ill look into the banned email addresses.

bots cant bypass the captcha, as for emails if the "spammer" is determined he will just find the list of emails that are OK. But i will look into adding the check. I do know that spammers do use temp email services, such as http://2prong.com/ which is a great service (they make a new domain like every day).

[Lea Verou]

Quote:

Originally Posted by Coders Shack

if i do have the time to update this hack, ill look into the banned email addresses.

bots cant bypass the captcha, as for emails if the "spammer" is determined he will just find the list of emails that are OK. But i will look into adding the check. I do know that spammers do use temp email services, such as http://2prong.com/ which is a great service (they make a new domain like every day).

If you release an update, please please please try to solve the issue with some languages (eg greek). I can't use the hack because of that problem and so do a lot other greek admins that I know of I love this hack, and I can't use it

I don't mean to put pressure on you, I am also a student and I work full time at the same time, so I understand what you mean What I'm trying to say is that, please don't forget us!

[TheMilkCarton]

Quote:

Originally Posted by Coders Shack

bots cant bypass the captcha, as for emails if the "spammer" is determined he will just find the list of emails that are OK. But i will look into adding the check. I do know that spammers do use temp email services, such as http://2prong.com/ which is a great service (they make a new domain like every day).

I know bots can't bypass CAPTCHA..

I was talking about bots bypassing the actual FORM (as in they wouldn't actually be limited by something like disabling the Submit button, although I still think it'd be a nice feature ), and "manual" spammers being the ones "bypassing" the CAPTCHA (being human and all).

But I do agree with you, a very determined spammer would just keep cycling through email domains til they find the right one... but honestly, I think they'd much rather just move onto another board that will take the email address that they've been spamming other boards with, instead of sitting around trying to hack into the site.

[Coders Shack]

Quote:

Originally Posted by Michelle

If you release an update, please please please try to solve the issue with some languages (eg greek). I can't use the hack because of that problem and so do a lot other greek admins that I know of I love this hack, and I can't use it

I don't mean to put pressure on you, I am also a student and I work full time at the same time, so I understand what you mean What I'm trying to say is that, please don't forget us!

I still have no idea why it doesn't work with other languages. I wish i did!

[Lilyandy]

"Username Regular Expression" PCRE After setting, can't use!

Excuse me, how solve?

The eyes ground hopes and may forbid Chinese, Japanese, …etc. the 2 bit word dollar register.

Thank you! ^_^

DEMO：http://www.lilyandy.com/vbb/register.php