Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x
Author Message
kguske
Site Admin



Joined: Jun 04, 2004
Posts: 6433

PostPosted: Sat Jan 24, 2015 2:08 pm Reply with quote

I've noticed an increase in spammers using endless variations of subdomains (e.g. 5o.kinefi.pl and 5p.kinefi.pl) in the email address used to register. Instead of blocking these subdomains individually, it would be better to block them at the domain level. So I enhanced the mail check functions in RNYA to allow subdomain blocking (which essentially enables blocking at the TLD level, too).

Check out the article here, and add your comments to this post.

_________________
I search, therefore I exist...
nukeSEO - nukeFEED - nukePIE - nukeSPAM - nukeWYSIWYG
 
View user's profile Send private message
neralex
Site Admin



Joined: Aug 22, 2007
Posts: 1774

PostPosted: Sun Jan 25, 2015 6:39 am Reply with quote

Intresting but you have some PHP errors in the last 3 numrows if-statements in both functions.

in function ya_mailCheck find:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . addslashes($user_email) . ''')) > 0) $stop = _EMAILREGISTERED . '<br />';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . md5($user_email) . ''')) > 0) $stop = _EMAILNOTUSABLE . '<br />';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email='' . addslashes($user_email) . ''')) > 0) $stop = _EMAILREGISTERED . '<br />';


replace it with:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $stop = _EMAILREGISTERED . '<br />';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . md5($user_email) . '\'')) > 0) $stop = _EMAILNOTUSABLE . '<br />';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $stop = _EMAILREGISTERED . '<br />';


in function ya_mailCheckB find:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . addslashes($user_email) . ''')) > 0) $return = 'false';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . md5($user_email) . ''')) > 0) $return = 'false';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email='' . addslashes($user_email) . ''')) > 0) $return = 'false';


replace it with:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $return = 'false';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . md5($user_email) . '\'')) > 0) $return = 'false';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $return = 'false';

_________________
Github: RavenNuke 
View user's profile Send private message
kguske







PostPosted: Sun Jan 25, 2015 8:05 am Reply with quote

Thanks, neralex. That code didn't change, but the backslashes were stripped out when saving the article. I need to look into that, but have since updated the article with the correction.
 
spasticdonkey
RavenNuke(tm) Development Team



Joined: Dec 02, 2006
Posts: 1693
Location: Texas, USA

PostPosted: Mon Jan 26, 2015 8:03 am Reply with quote

makes sense to me, cool stuff
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©