41
chippyash
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2006/10/22 13:24

  • chippyash

  • Friend of XOOPS

  • Posts: 501

  • Since: 2004/1/29


@Tobias

Can you post your hacks for CBB please 'cus I'm just updating a site that will use it.

Regards
akitson

42
Tobias
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2006/10/22 20:16

  • Tobias

  • Not too shy to talk

  • Posts: 172

  • Since: 2005/9/13


Quote:
@Tobias Can you post your hacks for CBB please 'cus I'm just updating a site that will use it.

Sure, the problem being that I implemented the thing before DuGris came up with his new version for PhP 5+. So I haven't tested whether it actually works this way, but I wouldn't see why not. The code to be dropped into the files is from the hack for the contact module DuGris has posted a few days back.

It's two steps: Generate the image and display it in the form, and verify the user has entered the correct code. In CBB3, at least when you're admitting quick reply, you'll have two different places at which to display security images. For quick reply, it's in viewtopic.php, for full reply in include/forumform.inc.php. Both times, you will want to put the code for the security image before the "submit" button. Verification in post.php. Makes three files to hack.

In viewtopic.php, around line 608:
$forum_form->addElement(new XoopsFormHidden('notify', -1));
[
color=CC0000]// Hack SecurityImage by DuGris
if (defined('SECURITYIMAGE_INCLUDED')) {
  
$security_image = new SecurityImage_SECURITYIMAGE_GETCODE );
  if (
$security_image->render()) {
    
$forum_form->addElement($security_imagetrue);
  }
}
// Hack SecurityImage by DuGris[/color]
$forum_form->addElement(new XoopsFormHidden('contents_submit'1));
$submit_button = new XoopsFormButton('''quick_submit'_SUBMIT"submit");

In include/forumform.inc.php, around line 262:
$forum_form->addElement(new XoopsFormHidden('op'$op));
[
color=CC0000]// Hack SecurityImage by DuGris
if (defined('SECURITYIMAGE_INCLUDED')) {
  
$security_image = new SecurityImage_SECURITYIMAGE_GETCODE );
  if (
$security_image->render()) {
    
$forum_form->addElement($security_imagetrue);
  }
}
// Hack SecurityImage by DuGris[/color]
$button_tray = new XoopsFormElementTray('');

$submit_button = new XoopsFormButton('''contents_submit'_SUBMIT"submit");

And to check whether the user has entered the correct code, in post.php, around line 135:
if(empty($message)){
        
redirect_header("javascript:history.go(-1);"1);
        exit();
    }
[
color=CC0000]    // Hack SecurityImage by DuGris
    
include_once(XOOPS_ROOT_PATH ."/class/xoopsformloader.php");
    if ( 
defined('SECURITYIMAGE_INCLUDED') && !SecurityImage::CheckSecurityImage() ) {
        
redirect_header'javascript:history.go(-1)' 1_SECURITYIMAGE_ERROR ) ;
    }
    
// Hack SecurityImage by DuGris[/color]

if ( !empty($isedit) && $post_id>0) {

        
$uid is_object($xoopsUser)? $xoopsUser->getVar('uid'):0;

There're, in fact, various parts inside post.php where I imagine the securityimage code would make sense. Depending on the order of the several verification steps to be performed. I'm not claiming that this is the most appropriate point to drop in the code, but it's working fine for me. It's here after it's established there's some content in the post at all. If anyone has a better idea or knows a reason why my method is not good, please let me know.

Oops: "tamairanslip" in the code above, I take, stands for j a v a s c r i p t : and is sanitized by this XOOPS here. Please substitute, without the spaces of course.

43
DuGris
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2006/10/22 23:07

  • DuGris

  • Core Developer

  • Posts: 67

  • Since: 2004/3/14


for CBB, replace
$contact_form->addElement($security_imagetrue);


by

$forum_form->addElement($security_imagetrue);



the hack for cbb 1.16 : here in english

44
Tobias
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2006/10/23 2:56

  • Tobias

  • Not too shy to talk

  • Posts: 172

  • Since: 2005/9/13


Oops, sorry! I knew there was something I had overlooked. That's what happens when you just copy & paste. I've changed it above in my original post. Thanks by the way, DuGris, for your great work.

45
chippyash
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2006/10/23 8:09

  • chippyash

  • Friend of XOOPS

  • Posts: 501

  • Since: 2004/1/29


And don't forget to turn off the cache for whatever module you are using this hack with, else you are not going to get the results you expect.

46
ianez
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2007/3/23 10:39

  • ianez

  • Not too shy to talk

  • Posts: 188

  • Since: 2006/1/26


@Tobias
I update this thread about captcha..
the code you posted some posts back for CBB it's ok for fast reply.. but it'n not working on main form for new/reply post.
Simply nothing happen and the image is not loaded, no php error or else, the control on post php is working and ask me for correct security code.
Working on CBB 3.08, last framework, just tried to change the code position of the code in forumforminc.php but nothing changes.... the security module is working ok on general comments

any idea?
thanx

Ian

47
ianez
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2007/3/23 11:50

  • ianez

  • Not too shy to talk

  • Posts: 188

  • Since: 2006/1/26


well I find the workaround..
it was an include missing because in cbb fomr is loaded via Frameworks files.

So after making the normal step suggested by Tobias you should add this line in Frameworks/xoops22/class/xoopsformloader.php right before the end
include_once XOOPS_ROOT_PATH."/class/xoopsform/securityimage.php";


and you're ok , you can test it on my site here
http://xoopsworks.isgreat.org/ where this great hack/module is added to CBB 3.08 and XOOPS comments

ciao

Ian

48
Tobias
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2007/3/23 15:26

  • Tobias

  • Not too shy to talk

  • Posts: 172

  • Since: 2005/9/13


Oh yeah, sorry. I thought that was part of the general installation of DuGris's captcha thing, not of the module specific hack.

Phppp seems to be cooking some native captcha support for CBB. At least, he's included what looks like a relatively slight modification of DuGris's work in his latest Framework package. Still has to be hacked into the module, much the same way as DuGris's. I think you can get the new CBB to redirect the user to the preview page with the post filled in, instead of giving him or her a blank submission form, in case the Captcha check goes wrong. I don't quite remember where I found the instructions, but they must be somewhere around on this site.

I'm not using that with CBB, but I think it should be relatively easy to adapt the Akismet check hack we've discussed here to send your posts through Akismet. In combination with Netquery module's Bad Behavior and perhaps XOOPS Protector's new function to filter posts on the basis of the number of URLs that come sent in it, that might do the job even without Captcha.

49
ianez
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2007/3/26 17:04

  • ianez

  • Not too shy to talk

  • Posts: 188

  • Since: 2006/1/26


well the frameworks little addition was not mentioned in the installation instructions on Dugris's site..

Yes I know of captcha include in cbb version 4, hope it'll be vailable soon and, most of all, next XOOPS core will implement many of the useful add made by phppp or gjoe for example

anyway now all is working good and I have captcha for comments and CBB posts
thanx for the help

Ian

50
Totoro
Re: NewBB Spam Posts - Any simple challenge hack avail?
  • 2007/4/16 7:48

  • Totoro

  • Just popping in

  • Posts: 9

  • Since: 2002/9/1 2


Quote:

ianez wrote:
well I find the workaround..
it was an include missing because in cbb fomr is loaded via Frameworks files.

So after making the normal step suggested by Tobias you should add this line in Frameworks/xoops22/class/xoopsformloader.php right before the end
include_once XOOPS_ROOT_PATH."/class/xoopsform/securityimage.php";


and you're ok , you can test it on my site here
http://xoopsworks.isgreat.org/ where this great hack/module is added to CBB 3.08 and XOOPS comments

ciao

Ian


To be complete (and to get it work with XOOPS 2.0.16), you also have to add this code in [www XOOPS root]/class/xoopsformloader.php

Login

Who's Online

174 user(s) are online (77 user(s) are browsing Support Forums)


Members: 0


Guests: 174


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits