Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2007-03-07 15:17:41

Neko
Member
Registered: 2004-03-18
Posts: 458

SPAM prevention based on commenter's "Web" field

Is there a plug-in that checks if certain strings are present in commenter’s name and/or email and/or URL and automagically marks comment as SPAM?

Thanks.

Last edited by Neko (2007-03-07 18:48:52)

Offline

#2 2007-03-07 15:45:53

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: SPAM prevention based on commenter's "Web" field

Offline

#3 2007-03-07 15:50:08

Neko
Member
Registered: 2004-03-18
Posts: 458

Re: SPAM prevention based on commenter's "Web" field

Thanks, ruud, but I think that doesn’t work the way I meant, unless I’m missing something. Anyway I modified said plug-in so now it only checks if the spammy/undesired URL is present within the commenter’s website field.

Here it is.

You have to specify any URL variation, like site.com, www.site.com, http://www.site.com and so on. If someone more skilled than me wants to add some PHP magic, so you just need to enter site.com (or just a word, like “somesite”), is more than welcome.

Last edited by Neko (2007-03-07 17:49:02)

Offline

#4 2007-03-07 16:28:43

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: SPAM prevention based on commenter's "Web" field

Just ‘site.com’ will do, because the stristr function doesn’t need an exact match, the substring just has to be part of the string you’re comparing it to.

Offline

#5 2007-03-07 16:35:06

Neko
Member
Registered: 2004-03-18
Posts: 458

Re: SPAM prevention based on commenter's "Web" field

Stellar, thanks.

Offline

#6 2007-03-07 16:46:45

Neko
Member
Registered: 2004-03-18
Posts: 458

Re: SPAM prevention based on commenter's "Web" field

Version 0.2 (ROTFL), added the “Help” section.

Offline

#7 2007-04-17 17:22:46

The-Exit
Member
From: Berlin
Registered: 2005-07-16
Posts: 175
Website

Re: SPAM prevention based on commenter's "Web" field

hi!

i installed today this plugin. i entered the following rules:

$finder[] = ‘members.aol.com/pokersp​el/’;
$finder[] = ‘http://members.aol.com/pokersp​el/loan/construction-loans.htm​l​’;
$finder[] = ‘http://members.aol.com/pokersp​​el/loan/life-insurance-rate​.ht​ml​​’;
$finder[] = ‘http://members.aol.com/pokersp​el/loan/student-loan-consolidation-program.html​’;
$finder[] = ‘http://members.aol.com/pokersp​el/loan/home-refinance.html​’;

unfortunatelly, the plugin does only work for the urls which are detailled specified. the more general url is neglected. can you give advice?

Offline

#8 2007-04-17 17:49:03

Neko
Member
Registered: 2004-03-18
Posts: 458

Re: SPAM prevention based on commenter's "Web" field

I have the very same spammer after my site. In my case I simply entered:

	$finder[]  = 'members.aol.com;

and all of his comments are correctly marked as spam.

Last edited by Neko (2007-04-17 17:55:28)

Offline

#9 2007-04-17 17:54:47

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: SPAM prevention based on commenter's "Web" field

I think Matthias has the ‘mrw_spamkeywords_urlcount’ plugin installed, which doesn’t check URLs.
I’ve modified that plugin as follows to check not just the message, but also the email address, URL and name. Also it’s filtering out messages that start with 4 or 5 uppercase letters or digits.
It’s currently catching all spam comments at textpattern.org at the moment (approx. 100 each day).

register_callback('mrw_checkcomment','comment.save');
function mrw_checkcomment()
{

// If you want to change the tolerance, just change the number.
	$moderate_count_limit = 2; // more than 2 links = moderation
	$spam_count_limit = 5; // more than 5 links = spam

// These are the blacklist the plugin searches for before choosing flag the comment or not. It's up to you to add or delete from this list. If you feel like the word "llama" shouldn't appear in the comments, then just add another line that says $finder[] = 'llama';

	$finder[] = 'bad credit';
	$finder[] = 'cialis';
	$finder[] = 'credit card';
	$finder[] = 'credit repair';
	$finder[] = 'debt';
	$finder[] = 'consolidate';
	$finder[] = 'consolidation';
	$finder[] = 'refinance';
	$finder[] = 'insurance';
	$finder[] = 'interest';
	$finder[] = 'loans';
	$finder[] = 'mortgage';
	$finder[] = 'payday loan';
	$finder[] = 'porn';
	$finder[] = 'viagra';

// Don't edit below this line -----------------

	$form_array = getComment();
	$checking =  $form_array['message'];

# Ruud, 13 apr 2007, check all form fields, not just the message
foreach(array('message','web','name','email') as $var) {
	$checking = $form_array[$var];
	foreach($finder as $x)
	{
		$found = stristr($checking, $x);
		if($found) { break 2; }
	}
}

# Ruud, 13 apr 2007, message begins with a 4 or 5 uppercase/digit word -> spam
if (preg_match('/^\s*[A-Z0-9]{4,5}(\b|$)/', $form_array['message'])) $found = true;

	$needle = "http://";
	$urlcount = substr_count($checking,$needle);
	if($urlcount > $spam_count_limit)
		{ $spam=1; }
	if($urlcount > $moderate_count_limit && $urlcount < $spam_count_limit)
		{ $moderate=1; }


	// We get the evaluator instance. You always need this.
	$evaluator =& get_comment_evaluator();

	// However we want to mark wrong answers as spam
	if (($found) || $spam==1)
		$evaluator -> add_estimate(SPAM, 0.6);
	if ($moderate==1)
		$evaluator -> add_estimate(MODERATE, 0.6);
}

Last edited by ruud (2007-04-17 17:58:28)

Offline

#10 2007-04-17 21:54:35

Neko
Member
Registered: 2004-03-18
Posts: 458

Re: SPAM prevention based on commenter's "Web" field

Neat, thanks ruud.

Do you know if it’s possible to have the plug-in directly delete comments instead of marking them as spam?

Offline

#11 2007-04-17 23:05:00

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,068
Website

Re: SPAM prevention based on commenter's "Web" field

A quick fix could be changing:

$evaluator -> add_estimate(SPAM, 0.6);

into:

$evaluator -> add_estimate(RELOAD, 1, 'looks like spam');

If I understand correctly, this would show the comment form to the spammer so they can correct their mistakes (difficult or impossible for automatic spammers), while showing an error ‘looks like spam’. The spam comment would never be stored, so there’s no need to delete anything ;)

Offline

#12 2007-04-17 23:25:08

zem
Developer emeritus
From: Melbourne, Australia
Registered: 2004-04-08
Posts: 2,579
Website

Re: SPAM prevention based on commenter's "Web" field

The way Textpattern handles spam estimates is a bit limited, so I’m open to suggestions on how to improve it. A couple of possibilities:

  • Store the message(s) in the comment table when saving it, and perhaps remove the evaluator log
  • Don’t send an email to the author when a comment is marked as spam, or at least make it optional
  • Include the evaluator messages in the comment email

Alex
tstate

Offline

Board footer

Powered by FluxBB