====== Overview ====== This is a little hack to hopefully stop some of the spam that gets posted into a phpBB forum. It uses javascript to dynamically set a cookie and a hidden token on the browser that is then checked by the server. * Downside * Javascript must by enabled on the client's browser * Spam Checks * The hidden tag is present * The hidden tag’s value matches a ‘token’ stored as a cookie by your visitor’s browser * The timestamp for the hidden tag hasn’t expired * http://15daysofjquery.com/safer-contact-forms-without-captchas/11/ ===== File Changes ===== ==== jquery.php ==== * Download the latest jQuery.js file * http://jquery.com/ * Place file in the base of the phpBB ==== token.php ==== * Location: Base of the phpBB install ==== posting.php ==== * Location: Base of the phpBB install -- find -- prepare_post($mode, $post_data, $bbcode_on, $html_on, $smilies_on, $error_msg, $username, $bbcode_uid, $subject, $message, $poll_title, $poll_options, $poll_length); -- add below -- #Spam Hack if ( $error_msg == '' ) { $proceed = false; $seconds = 60*10; // 10 minutes //echo '

Testing:

Cookie: '.$_COOKIE['token'].'
Timestamp: '. $_POST['ts'].'

'; if(isset($_POST['ts']) && isset($_COOKIE['token']) && $_COOKIE['token'] == md5('some random value'.$_POST['ts'])) $proceed = true; if(!$proceed) { $error_msg = 'Form processing halted for suspicious activity'; } if(((int)$_POST['ts'] + $seconds) < mktime()) { $error_msg = 'Too much time elapsed'; } } #Spam Hack ==== posting_body.tpl ==== * Location: phpBB_base\templates\subSilver -- find --
-- replace with --