English English | French French
 

Unique Registration Hash

How to protect our Web Sites. Discussions, Methods, Things you should not do.

Moderator: Moderators

Post a reply

Unique Registration Hash

Postby JanoF » Thu Oct 19, 2006 7:12 pm

Code: Select all
##############################################################
## MOD Title: Unique Registration Hash
## MOD Author: pentapenguin < n/a > (Jeremy Conley) http://www.pentapenguin.com
## MOD Description: This MOD changes the "agreed=true" part of the registration
## form to a unique identifier to help stop spam bots from registering.
##
## MOD Version: 0.1.0
##
## Installation Level: Easy
## Installation Time: 5 Minutes
## Files To Edit: 1
## includes/usercp_register.php
##
## Included Files: N/A
## License: http://opensource.org/licenses/gpl-license.php GNU General Public License v2
##############################################################
## For security purposes, please check: http://www.phpbb.com/mods/
## for the latest version of this MOD. Although MODs are checked
## before being allowed in the MODs Database there is no guarantee
## that there are no security problems within the MOD. No support
## will be given for MODs not found within the MODs Database which
## can be found at http://www.phpbb.com/mods/
##############################################################
## Author Notes:
##
## Support for this MOD may be found at http://www.pentapenguin.com
## This MOD is EasyMOD friendly! (http://area51.phpbb.com/phpBB/viewforum.php?f=17)
##
##############################################################
## MOD History:
##
##   2006-08-19 - Version 0.1.0
##   - Initial release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################


#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_register.php


#
#-----[ FIND ]------------------------------------------
#
$unhtml_specialchars_replace = array('>', '<', '"', '&');


#
#-----[ AFTER, ADD ]------------------------------------------
#

// Begin Unique Registration Hash MOD by pentapenguin (http://www.pentapenguin.com)
$registration_hash = md5($userdata['session_ip'] . $userdata['session_id']);
// End Unique Registration Hash MOD by pentapenguin


#
#-----[ FIND ]------------------------------------------
#
   global $userdata, $template, $lang


#
#-----[ IN-LINE FIND ]------------------------------------------
#
$phpEx


#
#-----[ IN-LINE AFTER, ADD ]------------------------------------------
#
, $registration_hash


#
#-----[ FIND ]------------------------------------------
#
      "U_AGREE_OVER13" => append_sid("profile.$phpEx


#
#-----[ IN-LINE FIND ]------------------------------------------
#
agreed=true


#
#-----[ IN-LINE REPLACE WITH ]------------------------------------------
#
agreed=$registration_hash


#
#-----[ FIND ]------------------------------------------
#
      "U_AGREE_UNDER13" => append_sid("profile.$phpEx


#
#-----[ IN-LINE FIND ]------------------------------------------
#
agreed=true


#
#-----[ IN-LINE REPLACE WITH ]------------------------------------------
#
agreed=$registration_hash


#
#-----[ FIND ]------------------------------------------
#
if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )


#
#-----[ IN-LINE FIND ]------------------------------------------
#
!isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed'])


#
#-----[ IN-LINE REPLACE WITH ]------------------------------------------
#
$HTTP_POST_VARS['agreed'] != $registration_hash && $HTTP_GET_VARS['agreed'] != $registration_hash


#
#-----[ FIND ]------------------------------------------
#
   $s_hidden_fields = '<input type="hidden"


#
#-----[ IN-LINE FIND ]------------------------------------------
#
name="agreed" value="true"


#
#-----[ IN-LINE REPLACE WITH ]------------------------------------------
#
name="agreed" value="' . $registration_hash . '"


#
#-----[ DIY INSTRUCTIONS ]------------------------------------------
#
If you have CyberAlien's eXtreme Styles MOD (http://www.phpbb.com/phpBB/viewtopic.php?t=125251), you can copy
the file in contrib/admin/xs_unique_registration_hash.cfg to admin/xs_unique_registration_hash.cfg and you will
be automatically notified if there's an update available when you use the "check for updates" function.


#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
User avatar
JanoF
 
Posts: 43
Joined: Tue May 30, 2006 4:01 pm
Top

Advertisement

Postby dcz » Fri Oct 20, 2006 10:09 am

Yes, this one is a great addition to fight against spam for phpBB forums.

In case there is an update, please check : http://www.phpbb.com/phpBB/viewtopic.php?t=430710

++
Useful links :
SEO Forum || SEO Directory || SEO phpBB || Search
____________________

Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Recherche
dcz
Admin
Admin
 
Posts: 21291
Joined: Fri Apr 28, 2006 9:03 pm
Top

Postby ultimatehandyman » Mon Mar 19, 2007 6:40 pm

I have just installed this mod myself :wink: I'm not normally any good at installing mods, but I have installed the bots online mod and this one today :shock:

Not sure if it's working or not as nothing seems to have changed, but I'll let you know if it stops the spammers :wink:
ultimatehandyman
PR2
PR2
 
Posts: 250
Joined: Thu Mar 15, 2007 12:55 am
Top

Postby dcz » Mon Mar 19, 2007 10:56 pm

Good job :D

This one is really easy to install really.

Make sure you try registering to make sure you did not do anything wrong that could break the registering process.

It's not the mod to have any bug, but oh well, the worst mistake we do are always the dumbest so :roll:

As a good practice, never save a backups, always do full backups (files + db, it's not big deal in this case more is better) before you apply mods, so that you can easily go back to normal if you messed up.

A local test board is wise and fun too ;)

++
Useful links :
SEO Forum || SEO Directory || SEO phpBB || Search
____________________

Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Recherche
dcz
Admin
Admin
 
Posts: 21291
Joined: Fri Apr 28, 2006 9:03 pm
Top

Postby ultimatehandyman » Mon Mar 19, 2007 11:04 pm

dcz wrote:Good job :D

This one is really easy to install really.

Make sure you try registering to make sure you did not do anything wrong that could break the registering process.

It's not the mod to have any bug, but oh well, the worst mistake we do are always the dumbest so :roll:

As a good practice, never save a backups, always do full backups (files + db, it's not big deal in this case more is better) before you apply mods, so that you can easily go back to normal if you messed up.

A local test board is wise and fun too ;)

++


Following your advice by PM the other day- I am going to install a test board and then I can practice :wink:

As for backups, I do them regularly but I can not back up my database from the mysql side of the database as I can't seem to do it and so I always use the backup function within phpbb.

I have tried to register and it still works :wink:

Thanks

chez
ultimatehandyman
PR2
PR2
 
Posts: 250
Joined: Thu Mar 15, 2007 12:55 am
Top
Post a reply

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest


 
Powered by phpBB © phpBB Group

phpBB SEO
Time : 0.075s | 16 Queries | GZIP : Off