I need some help with my HP...if I'm to do as suggested here.

NeoFox · 2017-04-30 4:11 am

So I somehow missed the replies to my topic I originally posted here but I would like some feedback on how to handle those spammers that are somehow posting blank forms on my $evidence field

I currently have three checks:

null, $evidence == '', and $evidence == 0 (cause I don't know what else to do) but even those 3 checks there are still blank forms being sent.

Is there something else I can check for?!

I'm kinda at a loss here folks.
Blue

Alex Kemp · 2017-04-30 8:38 am

Hi BlueSage

I used to use the empty check. Give me a minute... http://php.net/manual/en/function.empty.php ...although that is *much* better when you want a positive test for something being one of absent or actually present but empty. One of the values of empty is that it will NOT throw an error if the value is missing (not set at all), and instead gives TRUE. Otherwise use http://php.net/manual/en/function.isset.php.

It's a pain, but you often simply need to go through a full sequence...

IF isset() do-something
ELSEIF empty() do-something-else
ELSEIF do-it
ENDIF

empty() normally allows you to replace the first two lines with just "IF empty() THEN".

Caveat: all of my practical PHP experience is back in the days of PHP4/5.

Maikuolan · 2017-04-30 8:38 am

Could try something like strlen($evidence) < 1, maybe?

pedigree · 2017-04-30 8:45 am

or strlen(trim($evidence))

NeoFox · 2017-05-01 10:30 pm

Each and every time the bots were posting 3 of this:

[a space] [a line return]

Thought I'd pass it on so the team knows what's up.

So now that I know what's up is that strlen option the best choice here?

EDIT: But they aren't normal spaces...they are all in encoded characters. Notepadd++ has them as funky characters. What gives?

So in Notepadd++ this is what the blank reports look like:

 [CR]
 [CR]
 [CR]

Last edited by NeoFox (2017-05-01 10:43 pm)

kpatz · 2017-05-02 12:15 am

The php trim() function will work.

trim

(PHP 4, PHP 5, PHP 7)
trim — Strip whitespace (or other characters) from the beginning and end of a string

Description

string trim ( string $str [, string $character_mask = " \t\n\r\0\x0B" ] )
This function returns a string with whitespace stripped from the beginning and end of str. Without the second parameter, trim() will strip these characters:

" " (ASCII 32 (0x20)), an ordinary space.
"\t" (ASCII 9 (0x09)), a tab.
"\n" (ASCII 10 (0x0A)), a new line (line feed).
"\r" (ASCII 13 (0x0D)), a carriage return.
"\0" (ASCII 0 (0x00)), the NUL-byte.
"\x0B" (ASCII 11 (0x0B)), a vertical tab.

So, something like:

  if (strlen(trim($evidence)) > 0)
     do_submit();
  else
     dont_submit();

Last edited by kpatz (2017-05-02 12:16 am)

NeoFox · 2017-05-02 1:16 am

So far so good thanks.

Alex Kemp · 2017-05-02 1:23 am

BlueSage wrote:

EDIT: But they aren't normal spaces...they are all in encoded characters. Notepadd++ has them as funky characters. What gives?

At a guess, one of the unicode space specials:

U+0020 (SPACE)
U+00A0 (NO-BREAK SPACE) (really useful)
U+1680 (OGHAM SPACE MARK)
U+2000 (EN QUAD)
U+2001 (EM QUAD)
U+2002 (EN SPACE)
U+2003 (EM SPACE)
U+2004 (THREE-PER-EM SPACE)
...and so it goes on & on - I've listed these before.

NeoFox · 2017-05-02 1:44 am

Per: http://www.stopforumspam.com/evidence/150015079 it's still going on!

I'll try to restart php. Maybe that page's been cached? (Loudly yells "cash-ayed!") :-D

Alex Kemp · 2017-05-02 12:48 pm

Re: “evidence”:–

Honeypot Spam TS:2

That's not evidence; that's a line of text as a header (I'm not complaining as a mod; it's a honeypot, so the simple fact that they post makes it spam, regardless of content; I'm jus' saying).

Isn't there a title for the post? (suggestion: enter “Title: (no title)” if not).

Added later:
It honestly doesn't matter if the post is blank when you are running a honeypot. That statement is completely otherwise for normal forums, blogs, etc. where the post MUST contain links (or telephone numbers, etc., etc.) to count as spam. But not for your HP. So, why not do something like the following pseudo-code:–

$EVIDENCE  = "Honeypot Spam $HP_reference\n\n";
$TITLE     = ( empty( $title_text)) ? "(no title)"     : "$title_text";
$POST      = ( empty( $post_text))  ? "post is empty)" : "$post_text";
$EVIDENCE .= "Title: $TITLE\nText: $POST\n";

Now you are both honest with those that read the evidence & do not care if the spammer makes a tricky-dicky post.

#1 2017-04-30 4:11 am

I need some help with my HP...if I'm to do as suggested here.

#2 2017-04-30 8:38 am

Re: I need some help with my HP...if I'm to do as suggested here.

#3 2017-04-30 8:38 am

Re: I need some help with my HP...if I'm to do as suggested here.

#4 2017-04-30 8:45 am

Re: I need some help with my HP...if I'm to do as suggested here.

#5 2017-05-01 10:30 pm

Re: I need some help with my HP...if I'm to do as suggested here.

#6 2017-05-02 12:15 am

Re: I need some help with my HP...if I'm to do as suggested here.

#7 2017-05-02 1:16 am

Re: I need some help with my HP...if I'm to do as suggested here.

#8 2017-05-02 1:23 am

Re: I need some help with my HP...if I'm to do as suggested here.

#9 2017-05-02 1:44 am

Re: I need some help with my HP...if I'm to do as suggested here.

#10 2017-05-02 12:48 pm

Re: I need some help with my HP...if I'm to do as suggested here.

Board footer