Version: 1.3, by Zabadab
Developer Last Online: Nov 2013
Version: 3.5.4
Rating:
Released: 05-01-2006
Last Update: 05-05-2006
Installs: 8
Additional Files
No support by the author.
Warning: Aparently this does not work with the latest vBulletin.
What is it? One line summary: This "hack" allows you to ban publically shared accounts that come from a website called BugMeNot
More detailed summary: People visit BugMeNot to share accounts from websites that require registration. While this is great for websites such as the New York Times' site (which requires log-in to read articles), it is heavily annoying for forum communities as users will usually use these accounts to grab a bunch of attachments and will never actually contribute anything useful.
What does this script do?
I have written a scheduled task that will visit BugMeNot and retrieve a list of all shared accounts for your forum. All users on this list will then be banned. This is useful for two reasons:
You don't need to visit BugMeNot constantly to manually ban the accounts.
If you enabled attachments, you will be able to cut down on leeching.
What's new? Version 1.3
FIXED: Infinite loop due to BugMeNot changing account listing URL with 301 redirect.
ADDED: Option for extra verboseness.
Version 1.2
FIXED: Infinite loop when no accounts found due to BugMeNot now returning 404 response code.
FIXED: allow_url_fopen php.ini setting is now no longer required to be enabled.
FIXED: Rewritten BugMeNot parser to use custom-coded HTML downloader.
Version 1.1
Almost a total rewrite incorporating most feedback.
Will ban more than the first five accounts now.
PHP4 compatibility now. Added a replacement function for array_combine(...)
Added checking for safe_mode and allow_url_fopen
Version 1.0
Initial Release
System Requirements
PHP >= 4.3.0, PHP >= 5.1.2 recommended.
safe_mode off
allow_url_fopen on
How do I install this?
Installation is very easy. The following may look like a lot, but they're all very simple steps. Here's what you have to do:
Download the script.
Edit the configuration variables in the file (see the next section)
Extract banbmn.php to your vBulletin "includes/cron/" directory.
Search the Admin CP menu for "Add New Scheduled Task" and click it.
Enter "Ban BugMeNot" in the "Title" field.
Change the hour field to the time your site is the least busy. (4am or something) - Leave all other date/time fields alone.
Enter the path ("./includes/cron/banbmn.php") to the script in the "Filename" field.
Click "Save"
Now run the task for the first time:
In the AdminCP menu, click "Scheduled Task Manager"
Next to the entry "Ban BugMeNot", click on "Run Now"
Wait for the task to finish; the more accounts on your forum are shared, the longer it takes.
Check your scheduled task log for details on what was done.
What can I configure?
Inside the script file is a configuration section where you can configure a variety of options that direct how the script will operate.
PHP Code:
// Usergroup to ban shared accounts to. This needs to be a "bannable group."
$banto = 8;
This is the group all shared accounts will be banned into. You can find the Group ID with the "Usergroup Manager"
PHP Code:
// Ban reason
$banreason = 'How about you sign up for your own account instead of using a shared one?';
This is the reason shared accounts are banend with. People who try to use these accounts will see this message.
PHP Code:
// Custom Title (CT) for someone who is banned
$banct = 'Banned BugMeNot Account';
If you want to change the users title along with the ban, you can set the title in this variable. If you leave it blank the title will not be changed.
PHP Code:
// Do you want extra verboseness?
$beverbose = FALSE;
This will make the script write many more messages into the scheduled task log. You can turn this on when testing the script, but you should turn it off once everything works.
PHP Code:
// Do you want even MORE verboseness? (This will log the returned HTML too!)
// (I added this mainly for me to test if BugMeNot is trying to break my hack again.)
$moreverbose = FALSE;
Do not enable this. It will make your scheduled task log grow very large. The reason this exists as a setting at all is so you can try and find out why the script locks up. It will log the current loop iteration and the HTML code returned.
PHP Code:
// Check password too?
// Otherwise, a username will be banned regardless of the fact the password is wrong.
// You WANT to leave this set to TRUE unless you have a GOOD REASON not to.
$checkpass = TRUE;
This setting controls if you want the password of an account to be verified as well. You should really leave this setting alone because if you disable it, anyone can add a valid username to the BugMeNot database (recall that BugMeNot is public and open to anyone) and it will be banned regardless of whether the login information is correct.
PHP Code:
// Don't ban moderators?
// Probably not a good idea seeing as their accounts were shared.. >>;;
$dontbanmods = FALSE;
If you do not want to ban Administrators, Super Moderators, or Moderators, set this to TRUE. The default value of FALSE is fine, especially if you left password checking enabled.
PHP Code:
// URL to your forums. (The thing you enter on BugMeNot to see accounts for it!) Set
// to AUTO to use what you set in Admin CP.
$bburl = 'AUTO';
This is the URL that is checked on BugMeNot. The default value of 'AUTO' is fine.
PHP Code:
// Can the script sleep a bit?
// Tnabling this will make it seem less like a bot to the BugMeNot admins. DO NOT TURN
// THIS ON FOR LOADED SITES!
$dosleep = FALSE;
This determines if the script will wait between accessing URLs on BugMeNot. If you have a large forum do not turn this on. If you have a low-traffic forum (less than 300 members), you can turn this on to make it less likely that BugMeNot bans you.
PHP Code:
// How long can it sleep?
// 3 - 5 seconds are good values. Anything bigger is dangerous and anything smaller useless.
$sleepmax = 3;
This determines how long the script waits between accessing URLs. The default value is fine.
Support & Beta Version Infos Support: I am a fairly busy server administrator but I will try my best in supporting this script. The only thing I ask for is for people to click install.
Beta Version Infos: I could only do limited testing. Reports on how it works (positive and negative) would be nice. Also, please don't be "pissed off" immediately if the script does not work for you. Tell me that it is broken and I will fix it as soon as possible!
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
Showing passwords in plain text might be considered a bit of a security risk tho.
I don't think that is much of an issue as it seems to only display the BMN publicly available password anyway. It does not seem to display a password of the account if it does not match, only the wrong password. I really think that the password check is a must and should not even be an option since anyone could simply add a bogus entry at BMN with a wrong password and get that user banned.
I don't think I would need this, but the concept is pretty good.
**on a side note**
Lil Ripsta must have one of the most heavily modified sites on the net. Everytime I open a thread on vb.org, he is installing the modification. lol
It seems like it only grabs first 5 users from a particular domain. BMN only displays 5 usernames at a time. If you click on "No" to all of them, new usernames appear, which are not caught by this script. Hmm, I wonder how you'd go about this problem. Hack is well written, but without fixing this issue, its pretty much useless.
Sorry, I am kind of busy you know, and vBulletin was nice enough not to send me topic reply notifications. -.-;
Quote:
Originally Posted by Kihon Kata
Wow cool! Great hack for us busy forums! One problem, it didn't work LOL
Fatal error: Call to undefined function: array_combine() in /home/httpd/vhosts/SITEHERE.com/httpdocs/forums/includes/cron/banbmn.php on line 179
help?
array_combine is only available starting PHP5. I should have made that more clear and will in the next update.
Quote:
Originally Posted by Aurous
It seems like it only grabs first 5 users from a particular domain. BMN only displays 5 usernames at a time. If you click on "No" to all of them, new usernames appear, which are not caught by this script. Hmm, I wonder how you'd go about this problem. Hack is well written, but without fixing this issue, its pretty much useless.
I didn't know that. o_o;; Pretty easy to fix though. They use AJAX to "cast votes" for logins. So I can use GET requests to vote no on all accounts retrieved and do this until it no longer returns accounts. That will be implemented in the next version then I guess.
Scheduled Task to Ban BugMeNot Details »»
About Developer
Additional Files 
No support by the author.
05-02-2006, 06:27 AM
