Guests may post XX times before needing to register

[Paul]

Hi guys,

We've been having a problem on our forum with guests flooding the forum with abusive messages. Unfortunately, we are not able to restrict posting to members due to the nature of the forum. What we would like to do is have the ability to restrict users from being able to post any further without registering after X number of posts. For example, if set to 5, then a guest could post 5 messages. After that, when they returned to the site and attempted to post again, it would show them the registration page and require them to register before being able to post more messages (making banning and deleting a lot easier

Any ideas on how to do this?
Thanks!
Paul

Edit: The following thread looks like a start on how to approach it: https://vborg.vbsupport.ru/showthrea...threadid=40107

[hypedave]

I need something like this as well

[Paul]

The problem with the thread I referenced above is that it uses the number of posts a user makes on the forum as a check for permission to post. I don't think that vbulletin keeps track of the number of posts any one guest might make.

Is this information in the cookie it sends out? What would be a good way to keep track of this? I assume somehow through the session, if cookies weren't enabled on the browser.

[Paul]

Well, silly me. I didn't remember that there is a session database. Would adding a field such as 'numofposts' be a good way of doing this that would work for both cookied and non-cookied users? Then just increment that value and do a check to see if userid=0 and numofposts=y where y is the predefined number of posts allowed before registration is required whenever someone tries to reply or post a new thread?

This seems like it would work. Are there any security issues I should be considering here?

Paul

[Paul]

For those interested, I will try creating this hack, however my experience with hacking vbulletin is very small. If anyone else could help out, I'd appreciate it. I've created a field in the session table called numofposts (int-10, unsigned, default=0) and plan on incrementing that number each time a new topic or reply is made. I also want to figure out how to store this number in the cookie and grab it for those who have cookies enabled when they return. Therefore:

1. A user who has no cookies enabled will be limited to xx posts/session before being required to register
2. A user who allows cookies will be limited to xx posts total before being required to register.

[Paul]

I hate to keep replying to my own thread, but I've reached a point where I'm not really sure how to go about doing this hack. Anyone out there that could help me with this?

Paul

[g-force2k2]

I really don't think its possible... because the only thing you have on the user is his/her ip logged... that really won't do anything if they don't have a consistent ip number ;\ so i doubt it'll be fairly accurate... then again i am new at coding as well so i don't know much

g-force2k2

[Logician]

g-force2k2 is right.

You cant trust their IP because most of the users have dynamic IPs, so everytime they connected to the internet, their IP will change.

You cant trust to cookies either, because some may disable it, or can disable whenever they want to pass your restriction.

So even though you design a system for this, it would be quite awkard and not very efficient.

One solution would be to restrict guest posts to X posts in Y hours but this restriction cant apply to a specific guest but all guests instead. For example if you limit it to 5 posts per day, guest X can post 5 and no other guests cant post anymore for that day. A basic IP check can work to restrict guest X post to eg.1 only, but this again wouldnt be very trustworthy for the reasons I mentioned above.

I suggest putting the guests' posts in moderation if you cant disable them alltogether. Most efficient solution IMO..

[Paul]

Hi,

Quote:

I really don't think its possible... because the only thing you
have on the user is his/her ip logged... that really won't do anything
if they don't have a consistent ip number ;\ so i doubt it'll be fairly
accurate...

Well, I'm not looking for total accuracy. This would be stored via the
session and carried via a cookie. Those that have cookies disabled
wouldn't see it unless they posted xx posts in one session. Chances are
if you're posting that many messages to a forum (say 5, for example)
you'll want to register anyway to get e-mail notification, etc.

I'm just trying to encourage registration and prevent few people from posting a large number of messages at once. This shouldn't be based on IP address, rather via a number stored in the session table and on the user's cookie (if they have cookies enabled). At the very least, regardless of whether or not a person accepts cookies, they would not be able to post more than xx posts per session.

Thanks,
Paul

[g-force2k2]

i'd probably follow logician's lead and go with moderating unregs posts i mean i'll help you if needed... but if your looking for that kind of registration then just disable the email notification... and use a quick register type form

g-force2k2