Posted on: 04/07/07 12:28am
By: Anonymous (garapata)
i have a chatterblock plugins and recently i was flooded with spam messages..how's that?
is there a way to fix this. i checked my spamx plugin and it is only for spam comments.
Re: chatterblock spam
Posted on: 04/07/07 03:17am
By: Dirk
The Chatterblock could just as well use Spam-X to filter the posts. Seems it currently doesn't do that, though.
As a short-term measure, you could hide the Chatterblock from anonymous users.
bye, Dirk
Re: chatterblock spam
Posted on: 04/07/07 12:08pm
By: Anonymous (garapata)
thankz dirk!
Re: chatterblock spam
Posted on: 09/10/07 08:45pm
By: hacker20id
i got the same problem also, everyday there will be a new post as spam...
so what i did was some modification on chatterblock code so that it deletes whenever a string mark as spam detected.
as an interim solution i guess, while waiting for chatterblock to incorporate SpamX module.
Re: chatterblock spam
Posted on: 09/11/07 12:33pm
By: drafty
That sounds interesting..............do you wanna share the code changes here ??
Re: chatterblock spam
Posted on: 09/14/07 12:10pm
By: hacker20id
basically i just add more keyword matches for the COM_checkWords() function.
and a sql query to delete any matches to the post marked as spam.
my site is very simple and for me, i don't need people to paste urls or any html in my chatterblock.
this is quite aggresive, it will delete the post if any matches were found .
that's it. Nothin more.
Re: chatterblock spam
Posted on: 09/14/07 02:29pm
By: Dirk
Quote by: hacker20idbasically i just add more keyword matches for the COM_checkWords() function.
I haven't looked at the Chatterblock's source code, but you should be able to do something like
Text Formatted Code
$result = PLG_checkforSpam($newpost, $_CONF['spamx']);
if ($result > 0) {
echo 'Spam detected!';
exit;
}
Much simpler and automatically uses any of the Spam-X modules.
bye, Dirk
Re: chatterblock spam
Posted on: 09/16/07 10:51am
By: hacker20id
Thanks Dirk.... i'll look into it.
that might just help.
Re: chatterblock spam
Posted on: 09/18/07 11:58pm
By: hacker20id
OK, the objective of this is to delete spam from anonymous users in chatterblock.
This is what i did, edit the cb_main.php, in public_html\chatterblock
Find
Text Formatted Code
$message = addslashes(COM_checkHTML(COM_checkWords($HTTP_POST_VARS['cb_message'])));
exactly below it, add this.
Text Formatted Code
$result = PLG_checkforSpam($message, $_CONF['spamx']);
if ($result > 0) {
echo COM_refresh ($_CONF['site_url'] . '/index.php?msg='
. $result . '&plugin=spamx');
exit;
}
Thanks to Dirk, this works for me. :banana:
Actually, this was also in the chatterblock's Developer.txt.... i didn't look at it before till Dirk mention about it. Thanks
Re: chatterblock spam
Posted on: 09/19/07 12:36am
By: jmucchiello
I don't use the block but you should move the addslashes to after the spam check:
COM_checkWords
COM_checkHTML
PLG_checkforSpam
if () ....
then addslashes
then I'm guessing it goes into the database.
Doing it the other way, theoretically a well constructed attack could defeat the addslashes and harm your database. (It's unluckly really, but why take the chance.)
Re: chatterblock spam
Posted on: 09/19/07 02:40am
By: hacker20id
Text Formatted Code
$message = addslashes(COM_checkHTML(COM_checkWords($HTTP_POST_VARS['cb_message'])));
based on this code, shouldn't this is enough?
Why do we need to addslashes 2 times?
The PLG_CheckForSpam() will check $message that have already been addslashes.
please explain. Thanks.
Re: chatterblock spam
Posted on: 09/20/07 02:24pm
By: Blaine
I have a new version of chatterblock that I was getting a few of my site members to test out which includes a number of changes including SPAMX filtering. Have a read of
this post[*1] and in there you will see the link to the download. This is not an official release - that will come shortly.
Re: chatterblock spam
Posted on: 09/20/07 02:43pm
By: jmucchiello
Quote by: hacker20idWhy do we need to addslashes 2 times?
The PLG_CheckForSpam() will check $message that have already been addslashes
Does addslashes appear twice in my example?
I'm saying don't addslashes before calling PLG_checkForSpam(). Call it afterward. The point of addslashes is to make sure the text can't harm the database. If you modify the text AFTER addslashes, you can no longer guarantee you won't harm the database.
Text Formatted Code
$message = COM_checkHTML(COM_checkWords($_POST['cb_message'])));
$result = PLG_checkforSpam($message, $_CONF['spamx']);
if ($result > 0) {
echo COM_refresh ($_CONF['site_url'] . '/index.php?msg='
. $result . '&plugin=spamx');
exit;
}
$message = addslashes($message); // only call immediately before saving
DB_save(however this works);
Re: chatterblock spam
Posted on: 09/26/07 01:09am
By: hacker20id
oh ok... i see... Thanks.. I just wanted to see how it is done.
Thanks to blaine also for the unofficial release of Chatterblock.
Re: chatterblock spam
Posted on: 09/26/07 06:59pm
By: Blaine
Err .. I made an official release of Chatterblock 3.1 a few days ago
Re: chatterblock spam
Posted on: 09/26/07 10:24pm
By: hacker20id
Quote by: BlaineErr .. I made an official release of Chatterblock 3.1 a few days ago
really? yay! hahaha thanks.
:banana: :banana: :banana:
Re: chatterblock spam
Posted on: 10/31/07 10:08am
By: Anonymous (hacker20id)
installed and tested the latest version of chatterblock. on my site of geeklog 1.4.1
Well what can i say, the integration with spamx module works perfectly! :banana: :banana:
I did receive a load of spam messages but they all are intercepted.
:kickcan:
Thanks. It really helps.