You are not logged in.
In order for email/usernames to be correctly added to the database when POSTing data, they must be correctly encoded.
For PHP, then means submitting the details using the urlencode() function
eg
"username=" . $urlencode($username) . "&email=" . urlencode($email)
We are seeing an increased amount of submissions where the data is not correctly encoded, the main issue being that + signs are not being encoded correctly but being left as + signs. This means that a space is inserted in the email (eg) instead of a + sign.
Offline
This will also work:
$p = http_build_query(
array(
'username' => 'spammer',
'ip_addr' => '172.16.20.99',
'email' => 'spammer@stinkyspam.com',
'api_key' => 'xxxxxxxxxx'
)
);php.net wrote:
Generates a URL-encoded query string from the associative (or indexed) array provided.
Offline
i am attempting to add this into my PHPBB board so that whenever i ban someone by IP, it also submits to you guys.
I have added the following under what is executed upon selecting an IP Ban from the admin panel:
$php_load_options = array(
'return_info' => true,
'method' => 'post'
);
$php_load_url = 'http://www.stopforumspam.com/post.php?username='.$user->lang['USERNAME'].'&ip_addr='.$user->lang['IP_HOSTNAME'].'&email='.$user->lang['EMAIL_ADDRESS'].'&api_key=XXXXXXXX';
$php_load_result = load($php_load_url,$php_load_options);the php_load_options is a custom script that is supposed to load the URL, and i assume i set that up correctly.
Am I missing something?
Offline
I'm not familiar with phpbb, but this is what I'm using to submit via the WordPress comments page.
function submit_spam($uname, $ip, $em) {
$postdata = http_build_query(
array(
'username' => $uname,
'ip_addr' => $ip,
'email' => $em,
'api_key' => 'abcdefg123456')
);
$opts = array(
'http' => array(
'method' => 'POST',
'header' => 'Content-type: application/x-www-form-urlencoded',
'content' => $postdata
)
);
$context = stream_context_create($opts);
$result = file_get_contents('http://www.stopforumspam.com/post.php', false, $context);
return $result;
}To execute the function, I just click a link...
/?uid=SpammerName&uip=SpammerIP&uem=SpammerEmail
Which, if all the variables exist, runs:
submit_spam($uid, $uip, $uem);
Porting that to phpbb shouldn't be too much trouble.. Keep us posted.
Guy
www.nullamatix.com
Offline
Mast3rpyr0 wrote:
Am I missing something?
yes, the several other threads that exactly the same thing has been solved.
You POST to post.php
You GET to add.php
but as I dont have the rest of the functions, I cant help out. The certainly isnt how you build a post form though, change it to add.php and post to get
And for the love of god
DO NOT POST YOUR API KEY in the forums
Because you did, I had to delete the API key incase someone decided to start using it. Youll need to get another one
Offline
LOL are you actually saying that this poor API key was actually used? (abcdefg123456)? Talk about weak passwords, Anyone using such deserves to be hacked.
Passwords should be a minimum of 10 characters long and contain upper/lower case characters, numbers and *%$) symbols too. It's the only way to help ensure your sites safety.
Offline
no, one that I editted and replaced with XXXXXXXXXX
Offline
Hehe thank god, I actually thought someone was dense enough to use something like that 
(No offense intended to nullamatix.com as it was not your doing).
Offline
nullamatix.com wrote:
I'm not familiar with phpbb, but this is what I'm using to submit via the WordPress comments page.
Code:
function submit_spam($uname, $ip, $em) { $postdata = http_build_query( array( 'username' => $uname, 'ip_addr' => $ip, 'email' => $em, 'api_key' => 'abcdefg123456') ); $opts = array( 'http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata ) ); $context = stream_context_create($opts); $result = file_get_contents('http://www.stopforumspam.com/post.php', false, $context); return $result; }To execute the function, I just click a link...
/?uid=SpammerName&uip=SpammerIP&uem=SpammerEmail
Which, if all the variables exist, runs:Code:
submit_spam($uid, $uip, $uem);Porting that to phpbb shouldn't be too much trouble.. Keep us posted.
Guy
www.nullamatix.com
Where do you add that in wordpress? I'd like a simple way to report comments via the wordpress page.
I found your plugin on your website. Can you add an option to this plugin that will allow the data to be sent to stopforumspam.com with my API key just by clicking a link. This would save the trouble of having to copy and paste. Perhaps tying it into the existing "Report & Delete" of wordpress?
Last edited by Odis (2010-01-27 7:10 pm)
Offline
Hey guys,
You might want to make mention of the GET method (and URL) on the API page. The existing POST info with URL is a little misleading since you don't actually POST with the URL variables in the string.
I was a little confused as to why my information wasn't auto-submitting for confirmed spammers till I realized it had to be POST and not GET for the example info on the API page.
Offline
I know, Ive updated it on the new code that will be rolled out soon. There is a large chunk of updates as you can post data in this format or in json and php serialize as well.
Offline
