Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.5 > vBulletin 3.5 Add-ons

Reply
 
Thread Tools
Contacts Spam Filter Details »»
Contacts Spam Filter
Version: 1.1.0.2, by y2ksw y2ksw is offline
Developer Last Online: Feb 2023 Show Printable Version Email this Page

Version: 3.5.4 Rating:
Released: 06-25-2006 Last Update: 01-02-2007 Installs: 22
Uses Plugins
 
No support by the author.

This little product/plugin disallows automatic sending of spam through the Contact Us page.

Notes to version 1.1.0.0

Due to an almost personal battle against some spammers - intended as: high spam update rate, specially in the weekends when both me and spammers have nothing to do - I added an option to check the allowed number of hyperlinks in the message body, which makes this spam filter a little more intelligent.

The default number of allowed links is set to 12, which appears to be the lower limit from the latest research.

For customizing the message and the number of allowed hyperlinks, an option interface was added, which appears right below the vBulletin Options list - Site Name / URL / Contact Details, as 'Contact Us' Spam Filter Settings.

Version History
1.1.0.2 Additional recognition strings (repetitive 'http://')
1.1.0.1 FIX: Hyperlinks count bug.
1.1.0.0 Additional recognition strings; check of allowed number of hyperlinks in the message body; options interface

1.0.1.10 Additional recognition string
1.0.1.9 Additional recognition string (not published)
1.0.1.8 Additional recognition string (not published)
1.0.1.7 Additional recognition string
1.0.1.6 Additional recognition string (not published)
1.0.1.5 Additional recognition string (not published)
1.0.1.4 Additional recognition string
1.0.1.3 Additional recognition string
1.0.1.2 Additional recognition string
1.0.1.1 Full vBulletin integration, updateable
1.0.0.0 Basic Spam Filter

Supporters / CoAuthors

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 06-26-2006, 12:36 AM
moonclamp's Avatar
moonclamp moonclamp is offline
 
Join Date: May 2004
Location: London
Posts: 516
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How does it?

Can you give us some more information on what this does that the image verification doesn't do?
Reply With Quote
  #3  
Old 06-26-2006, 03:01 AM
COBRAws's Avatar
COBRAws COBRAws is offline
 
Join Date: Oct 2002
Location: Buenos Aires
Posts: 864
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

more info?

Ok, by reading the XML i found out that if someone goes directly to the sendmessage.php without coming from any of the forums page, the Contact form is not displayed.
Reply With Quote
  #4  
Old 06-26-2006, 08:20 AM
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Location: Italy
Posts: 1,418
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If the referring page is not the one you specified in the CP options, normally http://www.domain.tld/sendmessage.php, an automated script with the POST / GET commands will receive an essentially blank page, and the mail is not sent.

This is useful only to sites, like mine, where image verification is not appliable.

PHP Code:
$MyMessageURL $vbulletin->options['bburl'] . '/' $vbulletin->options['contactuslink'];
if(
$_SERVER['HTTP_REFERER'] != $MyMessageURL)
{
die(
'Spam filter: Please send your message through the appropriate message form.');

Sooner or later the spam bots will be updated to send also the referrer header, but until then this one works pretty well ...

When this will happen, an additional test may be to add a host IP comparison.
Reply With Quote
  #5  
Old 06-29-2006, 05:57 PM
Snake's Avatar
Snake Snake is offline
 
Join Date: Mar 2005
Location: Cleveland, OH
Posts: 3,832
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great hack!
Reply With Quote
  #6  
Old 06-29-2006, 07:14 PM
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Location: Italy
Posts: 1,418
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Here is an update, which does some extra work against automated browsers, and thus has become pretty safe and easy to update.
PHP Code:
<?php
$MyDieMessage 
'Spam filter: Please send your message through the appropriate message form.';

// Make sure the form was sent from a browser
if(!$_SERVER['HTTP_USER_AGENT'])
{
    die(
$MyDieMessage);
}

// Make sure the form was POSTed
if(!$_SERVER['REQUEST_METHOD'] == 'POST')

    die(
$MyDieMessage);


// Allow only the sendmessage script
$MyReferrer strtolower($_SERVER['HTTP_REFERER']);
$MyURL strtolower($vbulletin->options['bburl'] . '/' $vbulletin->options['contactuslink']);
if(
$MyReferrer != $MyURL)

    die(
$MyDieMessage);


// Filter header injections
$MyHeaders = array(
    
"Content-Type:"
    
"MIME-Version:"
    
"Content-Transfer-Encoding:"
    
"bcc:"
    
"cc:"
    
);

// Loop through each POST item and check for the headers
foreach($_POST as $MyKey => $MyPostItem)
{
    
$MyTempItem strtolower($MyPostItem);
    foreach(
$MyHeaders as $MyHeader)
    {
        if(
strpos($MyTempItemstrtolower($MyHeader)) !== FALSE)
        {
            die(
$MyDieMessage);
        }
    }
}

// Check for '9c53d2119880d95e96e1a71e3a6c8340' in the message body.
// This string is found in automated browsers (all yet) at the bottom.
// For completeness we parse all post variables for this string.
// Prepared for more recognition strings.
$MyStrings = array(
    
'9c53d2119880d95e96e1a71e3a6c8340',
    
'dc64615b0a1e1bd3cb2689bf82248b5c'              // 2006-06-27
    
);

// Loop through each POST item and check for the headers
foreach($_POST as $MyKey => $MyPostItem)
{
    
$MyTempItem strtolower($MyPostItem);
    foreach(
$MyStrings as $MyString)
    {
        if(
strpos($MyTempItemstrtolower($MyString)) !== FALSE)
        {
            die(
$MyDieMessage);
        }
    }
}

// Cleanup
unset($MyDieMessage$MyReferrer$MyURL$MyHeaders$MyKey$MyPostItem$MyTempItem$MyHeader$MyStrings$MyString);
?>
Reply With Quote
  #7  
Old 07-01-2006, 12:05 AM
Sergio68's Avatar
Sergio68 Sergio68 is offline
 
Join Date: Nov 2001
Location: Italy
Posts: 100
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Here comes Giovanni :banana:
Reply With Quote
  #8  
Old 07-03-2006, 09:00 AM
Gn_Snake Gn_Snake is offline
 
Join Date: Feb 2006
Location: Italy
Posts: 358
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

very good...thx
Reply With Quote
  #9  
Old 07-05-2006, 04:01 PM
navajotex navajotex is offline
 
Join Date: May 2005
Posts: 5
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

good really OK splendid compliments is then I have read you from some part I do not remember where to here on the Sergio & Danny Ciaooooooooo Vbulletin.it by
Reply With Quote
  #10  
Old 08-02-2006, 09:34 PM
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Location: Italy
Posts: 1,418
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I think the latest version has finally made it - no spam is passing through the filters
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:18 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08041 seconds
  • Memory Usage 2,311KB
  • Queries Executed 24 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete