You are not logged in.
- Topics: Active | Unanswered
#1 2017-04-30 4:11 am
- NeoFox
- Member
- From: WI, USA, Earth
- Registered: 2013-09-26
- Posts: 830
- Website
I need some help with my HP...if I'm to do as suggested here.
So I somehow missed the replies to my topic I originally posted here but I would like some feedback on how to handle those spammers that are somehow posting blank forms on my $evidence field
I currently have three checks:
null, $evidence == '', and $evidence == 0 (cause I don't know what else to do) but even those 3 checks there are still blank forms being sent.
Is there something else I can check for?!
I'm kinda at a loss here folks.
Blue
Offline
#2 2017-04-30 8:38 am
- Alex Kemp
- Moderator
- From: Nottingham, England
- Registered: 2009-12-02
- Posts: 2,422
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
Hi BlueSage
I used to use the empty check. Give me a minute... http://php.net/manual/en/function.empty.php ...although that is *much* better when you want a positive test for something being one of absent or actually present but empty. One of the values of empty is that it will NOT throw an error if the value is missing (not set at all), and instead gives TRUE. Otherwise use http://php.net/manual/en/function.isset.php.
It's a pain, but you often simply need to go through a full sequence...
IF isset() do-something
ELSEIF empty() do-something-else
ELSEIF do-it
ENDIF
empty() normally allows you to replace the first two lines with just "IF empty() THEN".
Caveat: all of my practical PHP experience is back in the days of PHP4/5.
Offline
#3 2017-04-30 8:38 am
- Maikuolan
- Member
- From: Perth, Western Australia
- Registered: 2011-08-09
- Posts: 799
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
Could try something like strlen($evidence) < 1, maybe?
Offline
#4 2017-04-30 8:45 am
- pedigree
- uıɐbɐ ʎɐqǝ ɯoɹɟ pɹɐoqʎǝʞ ɐ buıʎnq ɹǝʌǝu ɯ,ı
- From: New Zealand
- Registered: 2008-04-16
- Posts: 7,055
Re: I need some help with my HP...if I'm to do as suggested here.
or strlen(trim($evidence))
Offline
#5 2017-05-01 10:30 pm
- NeoFox
- Member
- From: WI, USA, Earth
- Registered: 2013-09-26
- Posts: 830
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
Each and every time the bots were posting 3 of this:
[a space] [a line return]
Thought I'd pass it on so the team knows what's up.
So now that I know what's up is that strlen option the best choice here?
EDIT: But they aren't normal spaces...they are all in encoded characters. Notepadd++ has them as funky characters. What gives?
So in Notepadd++ this is what the blank reports look like:
[CR]
[CR]
[CR]
Last edited by NeoFox (2017-05-01 10:43 pm)
Offline
#6 2017-05-02 12:15 am
- kpatz
- Member
- Registered: 2008-10-09
- Posts: 1,437
Re: I need some help with my HP...if I'm to do as suggested here.
The php trim() function will work.
trim
(PHP 4, PHP 5, PHP 7)
trim — Strip whitespace (or other characters) from the beginning and end of a string
Description
string trim ( string $str [, string $character_mask = " \t\n\r\0\x0B" ] )
This function returns a string with whitespace stripped from the beginning and end of str. Without the second parameter, trim() will strip these characters:
" " (ASCII 32 (0x20)), an ordinary space.
"\t" (ASCII 9 (0x09)), a tab.
"\n" (ASCII 10 (0x0A)), a new line (line feed).
"\r" (ASCII 13 (0x0D)), a carriage return.
"\0" (ASCII 0 (0x00)), the NUL-byte.
"\x0B" (ASCII 11 (0x0B)), a vertical tab.
So, something like:
if (strlen(trim($evidence)) > 0)
do_submit();
else
dont_submit();
Last edited by kpatz (2017-05-02 12:16 am)
Spam happens when greed meets stupidity.
Offline
#7 2017-05-02 1:16 am
- NeoFox
- Member
- From: WI, USA, Earth
- Registered: 2013-09-26
- Posts: 830
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
So far so good thanks.
Offline
#8 2017-05-02 1:23 am
- Alex Kemp
- Moderator
- From: Nottingham, England
- Registered: 2009-12-02
- Posts: 2,422
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
EDIT: But they aren't normal spaces...they are all in encoded characters. Notepadd++ has them as funky characters. What gives?
At a guess, one of the unicode space specials:
U+0020 (SPACE)
U+00A0 (NO-BREAK SPACE) (really useful)
U+1680 (OGHAM SPACE MARK)
U+2000 (EN QUAD)
U+2001 (EM QUAD)
U+2002 (EN SPACE)
U+2003 (EM SPACE)
U+2004 (THREE-PER-EM SPACE)
...and so it goes on & on - I've listed these before.
Offline
#9 2017-05-02 1:44 am
- NeoFox
- Member
- From: WI, USA, Earth
- Registered: 2013-09-26
- Posts: 830
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
Per: http://www.stopforumspam.com/evidence/150015079 it's still going on!
I'll try to restart php. Maybe that page's been cached? (Loudly yells "cash-ayed!") :-D
Offline
#10 2017-05-02 12:48 pm
- Alex Kemp
- Moderator
- From: Nottingham, England
- Registered: 2009-12-02
- Posts: 2,422
- Website
Re: I need some help with my HP...if I'm to do as suggested here.
Re: “evidence”:–
Honeypot Spam TS:2
That's not evidence; that's a line of text as a header (I'm not complaining as a mod; it's a honeypot, so the simple fact that they post makes it spam, regardless of content; I'm jus' saying).
Isn't there a title for the post? (suggestion: enter “Title: (no title)” if not).
Added later:
It honestly doesn't matter if the post is blank when you are running a honeypot. That statement is completely otherwise for normal forums, blogs, etc. where the post MUST contain links (or telephone numbers, etc., etc.) to count as spam. But not for your HP. So, why not do something like the following pseudo-code:–
$EVIDENCE = "Honeypot Spam $HP_reference\n\n";
$TITLE = ( empty( $title_text)) ? "(no title)" : "$title_text";
$POST = ( empty( $post_text)) ? "post is empty)" : "$post_text";
$EVIDENCE .= "Title: $TITLE\nText: $POST\n";
Now you are both honest with those that read the evidence & do not care if the spammer makes a tricky-dicky post.
Offline