nukeSPAM: Bug while passing errormsg

registered · Site Admin Joined: Aug 22, 2007 Posts: 1775

I have catched a issue while passing the errormsg in new_confirm.php of Your_Account, when the registration was blocked by nukeSPAM. The whole error-message with all the javascript is passed in a input hidden field and the sentinel block this pass with 'Abuse script' after i have clicked on 'Go Back'! kguske have currently not the time to check it so i have tried to find a solution.

I followed an idea to split the return of NukeSPAM in a array and pass only the language constants without the js-code.

open modules/NukeSPAM/nukeSPAM.php and find:

php Code:

	if ($spambot === true) return _SPAM_BLOCKED.'


<script type="text/javascript">


//<![CDATA[


eAdd="'.$eAdd.'" 


eDom = "'.$eDom.'"


document.write(\'<A href="mailto:\' + eAdd + \'@\' + eDom + \'">\' + eAdd + \'@\' + eDom + \'<\/a><span style="display:none">\')


//]]>


</script>


'._SPAM_NOSCRIPT.'


<script type="text/javascript">


//<![CDATA[


document.write(\'<\/span>\')


//]]>


</script>


<br />';


	else return '';


}

i have it changed to:

php Code:

	if ($spambot === true) {


		$constant = _SPAM_BLOCKED;


		$constant_ext1 = ': ';


		$constant_ext2 = '!';


		$jsadress = '<script type="text/javascript">' . PHP_EOL


				  . '//<![CDATA[' . PHP_EOL


				  . 'eAdd="' . $eAdd . '"' . PHP_EOL


				  . 'eDom = "' . $eDom . '"' . PHP_EOL


				  . 'document.write(\'<a href="mailto:\' + eAdd + \'@\' + eDom + \'">\' + eAdd + \'@\' + eDom + \'<\/a><span style="display:none">\')'


				  . '//]]>' . PHP_EOL


				  . '</script>' . PHP_EOL


				  . '<script type="text/javascript">' . PHP_EOL


				  . '//<![CDATA[' . PHP_EOL


				  . 'document.write(\'<\/span>\')' . PHP_EOL


				  . '//]]>' . PHP_EOL


				  . '</script>' . PHP_EOL


				  . '<br />' . PHP_EOL;





		$return = array(


			'constant' => $constant,


			'constant_ext1' => $constant_ext1,


			'constant_ext2' => $constant_ext2,


			'eAdd' => $eAdd,


			'eDom' => $eDom,


			'jsadress' => $jsadress


		);





	} else {


		$constant = '';


		$constant_ext1 = '';


		$constant_ext2 = '';


		$jsadress = '';


		$return = '';


	}


	return $return;


}

After that i have splitted the return in the new_confirm.php. One part to show the error-message and the other part to pass it into the hidden field.

open modules/Your_Account/public/new_confirm.php and find:

php Code:

// BEGIN:  nukeSPAM(tm)


if ( function_exists('nukeSPAM') and empty($errormsg) and empty($stop)) $errormsg .= nukeSPAM($ya_username, $ya_user_email);


// END:  nukeSPAM(tm)

i have it changed to:

php Code:

// BEGIN:  nukeSPAM(tm)


if ( function_exists('nukeSPAM') and empty($errormsg) and empty($stop)) {	


	$nukeSPAM = nukeSPAM($ya_username, $ya_user_email);


	$errormsg = $nukeSPAM;


} else {


	$nukeSPAM = array();


}


// END:  nukeSPAM(tm)

find in the same file:

php Code:

} else {


	OpenTable();


	echo '<div><form action="modules.php?name=' . $module_name . '&amp;op=new_user" method="post">';


	echo '<div class="text-center title"><strong>' . _ERRORREG . '</strong></div><br /><br />' . $errormsg;


	$errormsg = htmlentities($errormsg);


	echo '<input type="hidden" name="errormsg" value="' . $errormsg . '" /><br />';


	echo '<input type="hidden" name="op" value="new_user" />';


}

i have it changed to:

php Code:

} else {


	OpenTable();


	echo '<div><form action="modules.php?name=' . $module_name . '&amp;op=new_user" method="post">';


	echo '<div class="text-center title"><strong>' . _ERRORREG . '</strong></div><br /><br />';


	if (function_exists('nukeSPAM')) {


		echo '<div class="text-center title">' . $nukeSPAM['constant'] . $nukeSPAM['constant_ext1'] . $nukeSPAM['jsadress'] . '</div>'


		   , '<input type="hidden" name="errormsg" value="' . htmlspecialchars($nukeSPAM['constant'] . $nukeSPAM['constant_ext2'], ENT_QUOTES, _CHARSET) . '" /><br />';


	} else {


		echo '<div class="text-center title">' . $errormsg . '</div>';


		$errormsg = htmlentities($errormsg);


		echo '<input type="hidden" name="errormsg" value="' . $errormsg . '" /><br />';


	}


	echo '<input type="hidden" name="op" value="new_user" />';


}

open modules/NukeSPAM/language/lang-english.php and find:

php Code:

define('_SPAM_BLOCKED', 'ERROR: Your registration has been blocked by our spam filter. If you feel this is incorrect, please contact the site administrator for resolution: ');

i have it changed to:

php Code:

define('_SPAM_BLOCKED', 'ERROR: Your registration has been blocked by our spam filter. If you feel this is incorrect, please contact the site administrator for resolution');

Unfortunately, after that we have no more the email-adress in the error-message after the user has seen the message in the new_confirm.php, clicked on 'Go Back' and came back to the new_user.php. But is it really needed to have the email-addy here again? If yes, then someone have maybe a cool idea for the email-adress on this place.

But i have seen the same return is used in the admin-area of NukeSPAM. Here i have used the same way with a little change:

open modules/NukeSPAM/admin/nukeSPAMCheck.php and find:

php Code:

else echo $error;

i have it changed to:

php Code:

else echo $error['constant'] . $error['constant_ext1'] . $error['jsadress'];

I have moved the topic from nukeseo.com here in these forums because in the nukeseo.com forums i can't post the full code. Somehow is the code in the brackets filtered out.

Wink

Posted: Thu May 16, 2013 1:54 pm

Parse error: syntax error, unexpected end of file in /www.bestbuildpc.org/modules/nukeSPAM/nukeSPAM.php on line 106.

I added at the end

Code:

         }


         return $return;


   }

Now it works

Posted: Thu May 16, 2013 2:09 pm

Yes it was a copy&paste error. the last bracket was not there. I have added the closing bracket in my topic.

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

neralex, thank you (and hicux) for this. It came in handy today after a significant increase in attempted spammer registrations. It wasn't bad that the nukeSPAM block also resulted in a NukeSentinel block, since many of the requests came from the same IP address. But that also wasn't the intended behavior. I will incorporate this into the next version of nukeSPAM, and update the instructions for modifying the RavenNuke Your Account module.

Involved Joined: Nov 19, 2003 Posts: 282

I've applied all the fixes listed here but _EVERYONE_ still gets blocked.

http://www.fspamlist.com/xml.php?key=XXXXXX&spammer=t-d%40xentrex.com,24.166.68.133,jackson4
DEBUG: <?xml version="1.0"?> <spammers><spammercheck> <spammer>t-d@XXXXXXX.com</spammer> <isspammer>false</isspammer> <lastseen>-</lastseen> <timesreported>-</timesreported> </spammercheck> <spammercheck> <spammer>24.166.XX.XXX</spammer> <isspammer>false</isspammer> <lastseen>-</lastseen> <timesreported>-</timesreported> </spammercheck> <spammercheck> <spammer>jackson4</spammer> <isspammer>false</isspammer> <lastseen>-</lastseen> <timesreported>-</timesreported> </spammercheck> </spammers>
email no 0 ip no 0 username no 0
SFS username: False
SFS email: False
SFS ip: False
http://botscout.com/test/?multi&key=37XXXXXMFC9ivm&mail=t-d%40XXXXXX.com&ip=24.166.68.133&name=jackson4
SENT: http://botscout.com/test/?multi&key=37XXXXXXFC9ivm&mail=t-d%40XXXXXX.com&ip=24.166.68.133&name=jackson4
RECEIVED: N|MULTI|IP|0|MAIL|0|NAME|0
133.68.166.24.drone.abuse.ch.
133.68.166.24.httpbl.abuse.ch.
133.68.166.24.spam.abuse.ch.
133.68.166.24.ipbl.zeustracker.abuse.ch.
133.68.166.24.dnsbl.ahbl.org.
AHBL (127.0.0.2 - Open Relay)
133.68.166.24.all.bl.blocklist.de
133.68.166.24.dnsbl.dronebl.org.
133.68.166.24.rbl.efnetrbl.org.
133.68.166.24.l2.spews.dnsbl.sorbs.net.
133.68.166.24.problems.dnsbl.sorbs.net.
133.68.166.24.zen.spamhaus.org.
133.68.166.24.bl.spamcop.net.
133.68.166.24.opm.tornevall.org.
133.68.166.24.80.104.161.233.64.ip-port.exitlist.torproject.org.
TRUE

Registration Error!

ERROR: Your registration has been blocked by our spam filter. If you feel this is incorrect, please contact the site administrator for resolution:

Posted: Wed Jul 08, 2015 11:30 am

Check out this article: http://nukeseo.com/modules.php?name=News&file=article&sid=180

Looks like you need to disable the AHBL blocker

Posted: Wed Jul 08, 2015 12:10 pm

Yeah that does sound like the problem. Thank you! Smile

Posted: Wed Jul 08, 2015 2:27 pm

Does anyone know - does the module report to botscout?

Posted: Thu Jul 09, 2015 5:08 am

If configured, it checks Botscout to see if the registering user is a know spammer. But it does not report anything.