Prevent Spam on PunBB

One of the main problems with PunBB is that its very prone to spam. While there are some plugins out there that deal with this, I prefer to use my own little hacks instead.

Open up post.php and find some code that looks like this:

// Validate BBCode syntax
if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
{
require PUN_ROOT.'include/parser.php';
$message = preparse_bbcode($message, $errors);
}

Below that code add the following


if ($pun_user['is_guest'])
{
$temp_message = strtolower($message);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_message, 'http://') !== false) || (strpos($temp_message, 'https://') !== false) || (strpos($temp_message, '[url') !== false) || (strpos($temp_message, '[img]') !== false) || (strpos($temp_message, '[email') !== false) || (strpos($temp_message, 'www.') !== false) || (strpos($temp_message, '@') !== false))
$errors[] = $lang_post['Guest spam protection'];
}
else if ($pun_user['num_posts'] < = 5)
{
$temp_message = strtolower($message);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_message, 'http://') !== false) || (strpos($temp_message, 'https://') !== false) || (strpos($temp_message, '[url') !== false) || (strpos($temp_message, '[img]') !== false) || (strpos($temp_message, '[email') !== false) || (strpos($temp_message, 'www.') !== false) || (strpos($temp_message, '@') !== false))
$errors[] = $lang_post['New Member spam protection'];
}

If you allow guests to post it will look to see if they are posting a link, image or a email address. It might seem like double work to test for http:// and [url but a lot of spam bots are stupid and will attempt to put bbcode on blogs, email forms and all over the web. I've found sometimes they wont even put the http:// but put in the bbcode [url]. Don’t ask me why, but thats how some spam bots were programmed and so you might as well filter them all. Its a good idea to filter for the @, I’ve gotten some spam where a bot put up a work at home post and had their email address for a contact. Sometimes they will just try to put in www. hoping the forum will pick it up and turn it into a link. You might also add a test for some TLDs (top-level domains, such as .com, .net, .org), incase they leave off all the prefixes. I’ve yet to see bots do that, but I’m sure they probably will, good thing is, that its a easy addition. ;)

If you don’t allow guests don’t worry, this code will still work. The code also tests for registered users and sees if they have more than five posts (feel free to increase or decrease that amount) and if so they will be allowed to post links, images and email addresses. Most bots out there sign up once and spam the message board one time. And later on they will re-register and put up another post, I’ve yet to see any spam bots use the same login to spam some more.

Open up \lang\English\post.php and after

'Edit redirect' => 'Post updated. Redirecting . . .'

Add a comma at the end of that line and then add


'New Member spam protection' => 'New Members can not post links, images or email addresses until they become more active.',
'Guest spam protection' => 'Guests can not post links, images or email addresses.'

You will want to add the spam protection to edit.php also, so open that up and after


// Validate BBCode syntax
if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
{
require PUN_ROOT.'include/parser.php';
$message = preparse_bbcode($message, $errors);
}

Add the following (its pretty much the same as the post.php uses except there is no test for guests since guests can’t edit posts anyway).


if ($pun_user['num_posts'] < = 5)
{
$temp_message = strtolower($message);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_message, 'http://') !== false) || (strpos($temp_message, 'https://') !== false) || (strpos($temp_message, '[url') !== false) || (strpos($temp_message, '[img]') !== false) || (strpos($temp_message, '[email') !== false) || (strpos($temp_message, 'www.') !== false) || (strpos($temp_message, '@') !== false))
$errors[] = $lang_post['New Member spam protection'];
}

And now you have spam control. Granted its a hack and not a plugin, it works pretty good. :)

Tags: ,

This entry was posted on Monday, May 7th, 2007 at 8:01 pm and is filed under PunBB. You can follow any comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Pinging is currently not allowed.

7 Comments to “Prevent Spam on PunBB”

  1. 1 · Alan of Phone Discuss says:

    Hi Buddy,
    Have you tried the Akismet spam blocker for PunBb? It works for me. But i still love your code. Thank you.

    May 18, 2007 at 6:23 pm
  2. 2 · blogger says:

    I haven’t tried that plugin. I’m not sure if forum posts are just blocked, deleted or if there is any moderation queue. I find it easier to maintain my own little hacks than plugins. :p

    May 19, 2007 at 11:34 am
  3. 3 · Anonymous says:

    I have put your code in all my forums and am in peace now. Nice job done. Really easy to implement also.

    Aug 3, 2007 at 12:09 am
  4. 4 · cstef says:

    Really nice, thanks for the simple solution! Works Great!

    Jan 28, 2008 at 2:02 pm
  5. 5 · Erik says:

    Sweet and Easy!

    This was exactly what I was looking for, works like a charm. Thanks.

    Mar 3, 2008 at 6:25 pm
  6. 6 · M says:

    This is ingenius. I am getting slammed with porn on my new site (www.reelcomix.com) I have just installed this to see how it helps. I have tried other solutions with mixed results. Nice job on this code!

    Mar 7, 2008 at 6:26 pm
  7. 7 · Chris says:

    Thanks for the code, been having a nightmare just recently.

    Keep up the excellent work

    Oct 3, 2008 at 9:30 am

Leave a Comment

Comments are reviewed before publishing to prevent spam.