1. Commentics Forum
  2. General
  3. Feature Requests
This is the community forum. For a developer response use the Client Area.
Follow us on Facebook, Twitter and YouTube!

Trap Value
Chafik
Member
**
Posts: 36
Threads: 9
Joined: Nov 2010
#1

25-Jan-2011, 02:16 PM
Commentics has a anti-spam feature, Trap Value
From time to time, as an admin, I get email notification about Banned users due to Trap Value
But, the email does not inform me about the exact value of this Trap Value !! what is the value of this variable? knowing this, I will ensure that script is not misbehaving by banning good comment writers.
I mean, what this banned user had written?
Find
Reply
Steven
Administrator
*****
Posts: 2,894
Threads: 59
Joined: Jun 2010
#2

25-Jan-2011, 05:19 PM
Ok, this is for Commentics v1.3.5

In comments/includes/app/processor.php, replace this:
PHP Code:
<?php 

/* Check Trap */

if ($settings->check_trap) {

    if (!isset($_POST['fax']) || !isset($_POST['phone'])) { //no trap data submitted

        cmtx_ban(CMTX_BAN_REASON_NO_TRAP); //ban user for no trap data

    } else { //if trap data submitted

        if (!empty($_POST['fax']) || !empty($_POST['phone'])) { //trap data contains value

            cmtx_ban(CMTX_BAN_REASON_TRAP_VALUE); //ban user for trap value

        }

    }

}

With:
PHP Code:
<?php 

/* Check Trap */

if ($settings->check_trap) {

    global $fax, $phone;

    if (!isset($_POST['fax']) || !isset($_POST['phone'])) { //no trap data submitted

        cmtx_ban(CMTX_BAN_REASON_NO_TRAP); //ban user for no trap data

    } else { //if trap data submitted

        if (!empty($_POST['fax']) || !empty($_POST['phone'])) { //trap data contains value

            if (!empty($_POST['fax'])) { $fax = $_POST['fax']; }

            if (!empty($_POST['phone'])) { $phone = $_POST['phone']; }

            cmtx_ban(CMTX_BAN_REASON_TRAP_VALUE); //ban user for trap value

        }

    }

}

Then, in comments/includes/functions/processor.php, replace this:
PHP Code:
<?php 

function cmtx_ban ($reason) { //ban user



    global $mysql_table_prefix, $settings, $ip_address, $is_admin; //globalise variables

With:
PHP Code:
<?php 

function cmtx_ban ($reason) { //ban user



    global $mysql_table_prefix, $settings, $ip_address, $is_admin, $fax, $phone; //globalise variables

    

    if ($reason == CMTX_BAN_REASON_TRAP_VALUE && strlen($fax) < 100 && strlen($phone) < 100) {

        $fax = cmtx_sanitize($fax, true, true, true);

        $phone = cmtx_sanitize($phone, true, true, true);

        $reason .= " Fax: \"" . $fax . "\" Phone: \"" . $phone . "\"";

    }
Have you completed the interview?
Find
Reply
Norbs
Senior
***
Posts: 99
Threads: 30
Joined: May 2011
#3

15-Jun-2011, 05:22 AM
Hm... good idea. But, what is this notice really worth if I don't have an email?

I mean it is certainly good to know whether or not the banned poster was really a badder or gooder (hee, hope these expressions make it into the dictionary). But not every good one will tell you. Some may just leave. Whereas if you got their email, you could (if you really wanted) at least email back after you lifted the ban and invite him/her back ... ?

Cheereoh
Website Find
Reply
Norbs
Senior
***
Posts: 99
Threads: 30
Joined: May 2011
#4

15-Jun-2011, 09:21 PM
Need to add on more.

Based on "my" experience in this short time I use Commentics review software now, is that - yes, basically 100% of these Trap-Value bans belong to some people you better don't know.

We've got a quite good Brut-Force protection setup and comparing the IP from the banned Trap Values with the Brut Force attackers on our server ... ALL of them go together.

Is Steven's Trap-Value setup effective and good to have?

YOU BET IT IS! 101%

Thanks Steven. You saved us from a lot of unwanted headache! For that alone you deserve a medal.
Website Find
Reply
Jordann
Member
**
Posts: 38
Threads: 3
Joined: Jul 2011
#5

06-Feb-2012, 10:24 PM
(25-Jan-2011, 05:19 PM)Steven Wrote:  Ok, this is for Commentics v1.3.5


Hi Steven,

Will this fix work for v1.5?
Find
Reply
Steven
Administrator
*****
Posts: 2,894
Threads: 59
Joined: Jun 2010
#6

07-Feb-2012, 03:00 PM
Yes it will work fine.
Have you completed the interview?
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. Commentics Forum
  2. General
  3. Feature Requests