Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x
Author Message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6380

PostPosted: Sat Jan 24, 2015 2:08 pm Reply with quote

I've noticed an increase in spammers using endless variations of subdomains (e.g. 5o.kinefi.pl and 5p.kinefi.pl) in the email address used to register. Instead of blocking these subdomains individually, it would be better to block them at the domain level. So I enhanced the mail check functions in RNYA to allow subdomain blocking (which essentially enables blocking at the TLD level, too).

Check out the article Only registered users can see links on this board! Get registered or login!, and add your comments to this post.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
neralex
The Mouse Is Extension Of Arm


Joined: Aug 22, 2007
Posts: 1275
Location: Germany

PostPosted: Sun Jan 25, 2015 6:39 am Reply with quote

Intresting but you have some PHP errors in the last 3 numrows if-statements in both functions.

in function ya_mailCheck find:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . addslashes($user_email) . ''')) > 0) $stop = _EMAILREGISTERED . '<br />';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . md5($user_email) . ''')) > 0) $stop = _EMAILNOTUSABLE . '<br />';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email='' . addslashes($user_email) . ''')) > 0) $stop = _EMAILREGISTERED . '<br />';


replace it with:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $stop = _EMAILREGISTERED . '<br />';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . md5($user_email) . '\'')) > 0) $stop = _EMAILNOTUSABLE . '<br />';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $stop = _EMAILREGISTERED . '<br />';


in function ya_mailCheckB find:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . addslashes($user_email) . ''')) > 0) $return = 'false';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email='' . md5($user_email) . ''')) > 0) $return = 'false';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email='' . addslashes($user_email) . ''')) > 0) $return = 'false';


replace it with:

php Code:
	if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $return = 'false';

if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users WHERE user_email=\'' . md5($user_email) . '\'')) > 0) $return = 'false';
if ($db->sql_numrows($db->sql_query('SELECT user_email FROM ' . $user_prefix . '_users_temp WHERE user_email=\'' . addslashes($user_email) . '\'')) > 0) $return = 'false';
 
View user's profile Send private message
kguske
PostPosted: Sun Jan 25, 2015 8:05 am Reply with quote

Thanks, neralex. That code didn't change, but the backslashes were stripped out when saving the article. I need to look into that, but have since updated the article with the correction.
 
spasticdonkey
RavenNuke(tm) Development Team


Joined: Dec 02, 2006
Posts: 1692
Location: Texas, USA

PostPosted: Mon Jan 26, 2015 8:03 am Reply with quote

makes sense to me, cool stuff
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©