Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 03-17-2003, 12:39 PM
Davey Davey is offline
 
Join Date: Nov 2002
Location: England
Posts: 383
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Preventing automated registrations: Last idea.

This is "the" last idea I could think of.
It's simply a case of switching a few current things around.
Here it goes:
Quote:
Idea
  1. Use email authorization as step 1 instead of after filling out the form.
  2. When the link is activated from the email, the user can then continue registration process.
  3. This way, the user can start posting immediately without the frustration of waiting for an email.
How does it sound?
And now, will it go okay? Can it be carried out?

Dave.

PS: Notes:
Quote:
  • Perhaps allow for 3 days waiting for activation rather than 1 (to allow for slow email accounts).
  • Do not mark the user as registered in any way until email confirmation (so that the boards cannot be flooded excessively, and I'm not saying the sending emails cannot be flooded, but this would be only minor next to 1000 queries being made immediately, look at the difference).
  • Remember stuff like email bans, IP bans, etc., so that this cannot be bypassed before the user knows (i.e.: after confirming).
That is all.
Reply With Quote
  #2  
Old 03-17-2003, 12:52 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What's the difference between sending the e-mail before registration and sending it after? It will still take the same amount of time.
Reply With Quote
  #3  
Old 03-17-2003, 12:58 PM
Davey Davey is offline
 
Join Date: Nov 2002
Location: England
Posts: 383
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It's not time though, is it.
The hacker flooding with bots is not interested in time, he's interested in flooding your server.
So you're authorizing before the board knows the user is there, then once activated correctly, all will be added.
Okay then maybe it's not quicker for the user, but it should save your server heaps of bother.
And hey, isn't it better than the current methods/not?

Dave.
Reply With Quote
  #4  
Old 03-17-2003, 02:09 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I guess I don't get what you're saying then...
Reply With Quote
  #5  
Old 03-17-2003, 08:56 PM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How can a person post immediately without waiting for the registration email? I don't understand.
Reply With Quote
  #6  
Old 03-17-2003, 10:26 PM
Abbas Abbas is offline
 
Join Date: Nov 2001
Posts: 57
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why is this still being discussed? The latest version of vB (2.3.0) comes with image verification anyway. Perhaps not everyone can support it.... but most servers should.
Reply With Quote
  #7  
Old 03-17-2003, 10:33 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't know about you but in the US we have the first amendment to the constitution.

Okay, lame comparison, but bots always find a way.
Reply With Quote
  #8  
Old 03-18-2003, 02:11 PM
Davey Davey is offline
 
Join Date: Nov 2002
Location: England
Posts: 383
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Simple terms: How can a bot authorize an email?
Not possible.
You are placing authorization BEFORE signing up in order to secure your forum being flooded with new registrations.
Users can post straight away (unless you change the permissions to make them very tight).
But the main thing about this hack is authorizing before signing up.
If the user's email is not legitimate, they cannot verify can they?
Therefore they aren't actually added to the database and displayed on the homepage until they have proven themselves.
Get it now?

Dave.

PS:
@Abbas: You said it straight away.
Not everyone can support image verification.
And I cannot, since I am running it on Windows.
But the bottom line is, this has to be a method EVERYONE can use. Otherwise it's not fair.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:04 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04176 seconds
  • Memory Usage 2,227KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete