Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 01:03 pm EDT

Geeklog Forums

chatterblock spam


garapata

Anonymous
i have a chatterblock plugins and recently i was flooded with spam messages..how's that?

is there a way to fix this. i checked my spamx plugin and it is only for spam comments.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
The Chatterblock could just as well use Spam-X to filter the posts. Seems it currently doesn't do that, though.

As a short-term measure, you could hide the Chatterblock from anonymous users.

bye, Dirk
 Quote

garapata

Anonymous
thankz dirk!
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
i got the same problem also, everyday there will be a new post as spam...

so what i did was some modification on chatterblock code so that it deletes whenever a string mark as spam detected.

as an interim solution i guess, while waiting for chatterblock to incorporate SpamX module.


Smile
 Quote

Status: offline

drafty

Forum User
Junior
Registered: 09/05/07
Posts: 16
That sounds interesting..............do you wanna share the code changes here ??
"Patience is never more important than when you're at the edge of losing it !!"
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
basically i just add more keyword matches for the COM_checkWords() function.

and a sql query to delete any matches to the post marked as spam.

my site is very simple and for me, i don't need people to paste urls or any html in my chatterblock.

this is quite aggresive, it will delete the post if any matches were found .

that's it. Nothin more.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by: hacker20id

basically i just add more keyword matches for the COM_checkWords() function.


I haven't looked at the Chatterblock's source code, but you should be able to do something like
Text Formatted Code
$result = PLG_checkforSpam($newpost, $_CONF['spamx']);
if ($result > 0) {
    echo 'Spam detected!';
    exit;
}

Much simpler and automatically uses any of the Spam-X modules.

bye, Dirk
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
artistic
Thanks Dirk.... i'll look into it.

that might just help.

 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
artistic
OK, the objective of this is to delete spam from anonymous users in chatterblock.

This is what i did, edit the cb_main.php, in public_html\chatterblock

Find
Text Formatted Code

$message = addslashes(COM_checkHTML(COM_checkWords($HTTP_POST_VARS['cb_message'])));
 

exactly below it, add this.
Text Formatted Code

$result = PLG_checkforSpam($message, $_CONF['spamx']);
if ($result > 0) {
    echo COM_refresh ($_CONF['site_url'] . '/index.php?msg='
                      . $result . '&plugin=spamx');
    exit;
}
 


Thanks to Dirk, this works for me. :banana:

Actually, this was also in the chatterblock's Developer.txt.... i didn't look at it before till Dirk mention about it. Thanks
 Quote

Status: offline

jmucchiello

Forum User
Full Member
Registered: 08/29/05
Posts: 985
I don't use the block but you should move the addslashes to after the spam check:

COM_checkWords
COM_checkHTML
PLG_checkforSpam
if () ....
then addslashes
then I'm guessing it goes into the database.

Doing it the other way, theoretically a well constructed attack could defeat the addslashes and harm your database. (It's unluckly really, but why take the chance.)
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
Text Formatted Code

$message = addslashes(COM_checkHTML(COM_checkWords($HTTP_POST_VARS['cb_message'])));    
 


based on this code, shouldn't this is enough?

Why do we need to addslashes 2 times?

The PLG_CheckForSpam() will check $message that have already been addslashes.

please explain. Thanks.
 Quote

Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
Location:Canada
I have a new version of chatterblock that I was getting a few of my site members to test out which includes a number of changes including SPAMX filtering. Have a read of this post and in there you will see the link to the download. This is not an official release - that will come shortly.
Geeklog components by PortalParts -- www.portalparts.com
 Quote

Status: offline

jmucchiello

Forum User
Full Member
Registered: 08/29/05
Posts: 985
Quote by: hacker20id

Why do we need to addslashes 2 times?

The PLG_CheckForSpam() will check $message that have already been addslashes

Does addslashes appear twice in my example?

I'm saying don't addslashes before calling PLG_checkForSpam(). Call it afterward. The point of addslashes is to make sure the text can't harm the database. If you modify the text AFTER addslashes, you can no longer guarantee you won't harm the database.

Text Formatted Code

    $message = COM_checkHTML(COM_checkWords($_POST['cb_message'])));
    $result = PLG_checkforSpam($message, $_CONF['spamx']);
    if ($result > 0) {
        echo COM_refresh ($_CONF['site_url'] . '/index.php?msg='
                          . $result . '&plugin=spamx');
        exit;
    }
    $message = addslashes($message);  // only call immediately before saving
    DB_save(however this works);
 
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
oh ok... i see... Thanks.. I just wanted to see how it is done.

Thanks to blaine also for the unofficial release of Chatterblock.

 Quote

Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
Location:Canada
Err .. I made an official release of Chatterblock 3.1 a few days ago Confused
Geeklog components by PortalParts -- www.portalparts.com
 Quote

Status: offline

hacker20id

Forum User
Newbie
Registered: 07/13/07
Posts: 8
Location:Malaysia
Quote by: Blaine

Err .. I made an official release of Chatterblock 3.1 a few days ago Confused



really? yay! hahaha thanks.

:banana: :banana: :banana:
 Quote

hacker20id

Anonymous
artistic
installed and tested the latest version of chatterblock. on my site of geeklog 1.4.1

Well what can i say, the integration with spamx module works perfectly! :banana: :banana:

I did receive a load of spam messages but they all are intercepted.

:kickcan:

Thanks. It really helps.
 Quote

All times are EDT. The time is now 01:03 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content