Search - Unclassified NewsBoard

topic: Massive Automated Spam (two features I'd like to see implemented against this) in the forum: Support › Ideas and suggestions

splitbrain

2011-12-04, 11:34 #1

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

I wrote a plugin to implement rate limiting: https://github.com/splitbrain/unb-plugin-ratelimit

I'm not so sure about the chosen limits... feedback welcome.

forum.dokuwiki.org

topic: Massive Automated Spam (two features I'd like to see implemented against this) in the forum: Support › Ideas and suggestions

splitbrain

2011-12-04, 09:13 #2

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: Massive Automated Spam

Hi,

we've been hit by automated spam attacks twice in the recent days. A spammer registered and then posted hundreds of spam messages automated.

I had to delete the posts from the database as there is no way to remove all posts when deleting a user. This would be a very welcome feature because I do have a few moderators with admin permissions on the board but nobody has access to the database. Maybe just a second button next to the "remove user" button saying "remove user and all his posts".

The second option I'd like to see is some rate limiting. Looking at the logs, the spammer created one post about every second. Automatically blocking someone who posts in an unreasonable speed would help to keep the amount of spam posts down.

Andi

forum.dokuwiki.org

topic: Hack to avoid spammers using the messaging system in the forum: Customising UNB › Modifications and plug-ins

splitbrain

2011-07-28, 15:31 #3

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 10860

I don't have guest posting enabled, so I didn't look into it.

There is one thing I'd love to have for the stopforum plugin:

Each post should have a link called [Delete Spammer] (only available to admins of course) that would do three things:

delete all posts the author of this post made

delete the author's account

report his user name, registration ip and email address to stopforumspam.com

As far as I can see there's no easy way to implement that in a plugin currently.

forum.dokuwiki.org

topic: Users without email addresses (how can this happen?) in the forum: Support › General support

splitbrain

2011-06-02, 13:03 #4

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: Users without email addresses

Hi,

Running a database check I noticed that I have a bunch of users without an email address. Can someone explain how this might happen? Emails are required to sign up - is it possible for registered users to remove the email later? Is it possible to forbid this?

forum.dokuwiki.org

topic: Hack to avoid spammers using the messaging system in the forum: Customising UNB › Modifications and plug-ins

splitbrain

2011-06-02, 10:45 #5

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 10832

Quote by Yves on 2011-05-27, 20:05:
It features two things, both relevant to this thread, so I'll mention them here. First, we have a new plug-in hook to verify user registrations. This can be used for the things we talked in this thread.

Very cool. I created a very simple plugin for hooking this event to stopforumspam.com: https://github.com/splitbrain/unb-plugin-stopforumspam

forum.dokuwiki.org

topic: Hack to avoid spammers using the messaging system in the forum: Customising UNB › Modifications and plug-ins

splitbrain

2011-01-09, 13:00 #6

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: Hack to avoid spammers using the messaging system

We had a few cases where spammers used the "send email" function to spam registered forum members. As a quick fix I changed the function to give access to active members only (registered for more than 14 days, at least one post). This should keep most of the spammers out. At least for the messaging function.

--- cp.inc.php.bak 2011-01-09 13:40:32.000000000 +0100
+++ cp.inc.php 2011-01-09 13:40:46.000000000 +0100
@@ -1470,6 +1470,14 @@
 $error .= $UNB_T['error.access denied'] . ' ';
 }

+
+ // ANDI
+ if( (time() - $UNB['LoginUser']->GetRegDate()) < 60*60*24*14 ||
+ !UnbGetLastPost("User=".(int) $UNB['LoginUserID']) ) {
+ $error .= $UNB_T['error.access denied'] . ' ';
+ }
+
+
 if (($_POST['id'] == '' || trim($_POST['Msg']) == ''))
 {
 $error .= $UNB_T['cp.error.form not complete'] . ' ';
@@ -3085,8 +3093,19 @@
{
 if ($_REQUEST['action'] == 'email' || $_REQUEST['action'] == 'sendemail')
 {
- EMailForm($userid);
- UteRemember('userprofile.html', $TP);
+ // ANDI
+ if( (time() - $UNB['LoginUser']->GetRegDate()) < 60*60*24*14 ||
+ !UnbGetLastPost("User=".(int) $UNB['LoginUserID']) ) {
+
+
+ $TP['errorMsg'] .= $UNB_T['error.access denied'] . ' '.
+ 'You\'re not allowed to use the email system, yet. ';
+ $TP['headNoIndex'] = true;
+ }else{
+ EMailForm($userid);
+ UteRemember('userprofile.html', $TP);
+ }
+
 }
 elseif ($_REQUEST['action'] == 'emailsuccess')
 {

forum.dokuwiki.org

topic: fastcgi freezing caused by UNB in the forum: Support › Bug reports and troubleshooting

splitbrain

2009-12-19, 20:25 #7

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: fastcgi freezing caused by UNB

I'm running 20090606-dev on a Debian Lenny machine with PHP 5.2.11-0.dotdeb.1 and lighttpd 1.4.19-5. PHP is run via fastCGI.

I frequently experience lockups of fastCGI processes. After some research I believe it is caused by PHP Bug 45254.

The thing is, that the very same server runs quite a few different PHP applications and rarely triggers that bug. Only the forum fastCGI processes trigger it very frequently.

Additionally this was not happening with the UNB version I ran previously, which was 1.6.4.

Unfortunately the lockup is not easily reproducible. But from my experience it usually happens on posting. To be more exact, the post seems to be saved correctly, but the lockup happens somewhere after that.

My first idea was that this might be a problem with doing output or processing after sending a redirect header. So I patched unb_lib/common_out.lib.php around line 1813:

if (!rc('no_forward'))
{
// make absolute URL because this doesn't care about the <base href> attribute
if (!preg_match('_^([a-z]+):_i', $url) && rc('home_url'))
{
$baseUrl = TrailingSlash(rc('home_url'));
$baseUrl = preg_replace('_^https:_', 'http:', $baseUrl);
if ($_SERVER['HTTPS'] == 'on')
$baseUrl = preg_replace('_^http:_', 'https:', $baseUrl);
$url = $baseUrl . $url;
}
// Problems with duplicate Status header for PHP/FastCGI
#header('Status: 303'); // HTTP/303 "See other"
header('HTTP/1.1 303 See other');
header('Location: ' . $url);
exit(); ### PATCH code should immediatly exit after redirect ###
}

This seems to have lowered the number of lockups a bit but did not fix the issue completely.

I realize that this is probably a really hard to track down issue, since it only happens with a certain not too common setup and even then is not easily reproducible.

However I'd appreciate any hints on what was changed between 1.6.4 and 20090606-dev that would be run after saving a post and that would somehow might abort the browser connection but keeps the PHP script going (which is what seems to trigger the PHP bug).

PS: Now that I reread my post, I notice the comment about "Problems with duplicate Status header for PHP/FastCGI". Could that be related?

forum.dokuwiki.org

topic: UTF-8 display problem in post titles in the forum: Support › Bug reports and troubleshooting

splitbrain

2007-07-28, 21:55 #8

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 8908

Strange... now I don't see it either anymore. Probably a browser related problem then. Sorry.

forum.dokuwiki.org

topic: UTF-8 display problem in post titles in the forum: Support › Bug reports and troubleshooting

splitbrain

2007-07-28, 13:12 #9

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: UTF-8 display problem in post titles

Hi!

There seems to be a problem with displaying UTF-8 chars in post titles. Have a look at http://forum.dokuwiki.org/post/3612 - the chars are correct in the main title headline, but in the post it self only ??? are displayed. Is this a known bug? Is there a fix available? A quick search here in the forum did not reveal anything...

Andi

forum.dokuwiki.org

topic: RSS feeds and Google Reader in the forum: Support › Bug reports and troubleshooting

splitbrain

2007-05-05, 18:56 #10

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 8590

Okay, I thought so. Thanks for your answer. I changed it to always use $url as guid.

forum.dokuwiki.org

topic: RSS feeds and Google Reader in the forum: Support › Bug reports and troubleshooting

splitbrain

2007-05-05, 12:11 #11

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: RSS feeds and Google Reader

I recently switched to Google Reader as my feed reader of choice and noticed that the RSS feed produced by UNB do not work correctly in it. Google Reader seems to use the guid attribute of the feed item for linking instead of the link attribute. Unfortunately the guid attribute contains an invalid link resulting in a 404. I'm not sure if this is a problem with UNBs feed or with Google Reader.

My feed: http://forum.dokuwiki.org/forum.php?req=rss

forum.dokuwiki.org

topic: strpos(): Empty delimiter warning (in abbc.lib.php) in the forum: Support › Bug reports and troubleshooting

splitbrain

2007-03-01, 21:35 #12

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

Subject: strpos(): Empty delimiter warning

Hi!

I found some occurances of the following warning in my logs:

PHP Warning: strpos(): Empty delimiter. in /www/dwforum/unb-1.6.3/unb_lib/abbc.lib.php on line 202

I'm not sure how to reproduce it. Somehow there must be empty fields in the looped array I guess. I added the following in the loop, just to be sure:

if(!$word) continue;

If you need it: lighttp, fast-cgi, PHP 4.3.10-18 (debian)

forum.dokuwiki.org

topic: Right-To-Left (RTL) support for subforum only (having an Arabic or Hebrew subforum) in the forum: Support › General support

splitbrain

2007-02-18, 11:41 #13

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 8188
Subject: solution

Okay, I found a method which seems to work, though it's probably not the best place to put it in.

In common_out.lib.php I added the following line to the UnbShowPath function (around line 2479):

$UNB['TP']['mysubforum'] = $id;

in designs/modern/tpl/_head.html I changed the body line to

<body{if $headSimple} class="simple"{endif} id="subforum{$mysubforum}">

and in designs/modern/user.css.php I added the following (Forum 17 is the Arabic forum):

body#subforum17 div.post_container div.post_subject,
body#subforum17 div.post_container div.post_body,
body#subforum17 div.path div.thread,
body#subforum17 div.path div.desc,
body#subforum17 div.editor_container div.editor_head input,
body#subforum17 div.editor_container textarea,
body#subforum17 div.thread_container div.thread_data a,
body#subforum17 div.thread_container td.desc
{
direction: rtl;
}

Seems to work so far :-)

forum.dokuwiki.org

topic: Right-To-Left (RTL) support for subforum only (having an Arabic or Hebrew subforum) in the forum: Support › General support

splitbrain

2007-02-18, 10:40 #14

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 8187

Hmm the link above unfortunately doesn't tell me about the available template variables. Anyway I found something with a little bit grepping the sources.

The following already works for post viewing and editing:

<body{if $headSimple} class="simple"{endif} id="subforum{$posteditorForumId}">

But the $posteditorForumId isn't set in the thread list and I couldn't find another working variable there. The needed ID is used multiple times on the page for various links but it seems it isn't assigned as a single template variable anywhere!?

Andi

forum.dokuwiki.org

topic: Right-To-Left (RTL) support for subforum only (having an Arabic or Hebrew subforum) in the forum: Support › General support

splitbrain

2007-02-18, 10:05 #15

Member since Sep 2006 · 18 posts · Location: Berlin, Germany
Group memberships: Members

Show profile ·

Link to this post

In reply to post ID 8185

Okay I found out about usercss being independent already ;-)

.

Now I'm looking at tpl/_head.html. What I need is a way to get the ID of the current subforum (eg. for this very post you're looking at it would be 3 for the "General Support" forum) and use it to add it as CSS id to the body tag. Eg. the current page should have <body id="sub_forum3"> - then I could apply different CSS for different subforums.

Unfortunately _head.html isn't PHP but a template file AFAIK and I haven't found out how to get a list of a available template variables, yet.

forum.dokuwiki.org

All posts by splitbrain (18)

Special queries