If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Messages posted by: lloyd_borrett
Forum Index » Profile for lloyd_borrett » Messages posted by lloyd_borrett
Author Message
G'day,

One of the effective ways I've found to fight entry and comment spam on my advanced guestbook is to use a good list of censor words.

The result is that the comment and data tables end up with entries in them containing the string "#@*%!".

I then use phpMyAdmin to search those tables for entries with that string and delete the entries I find. It's a lot faster than using Easy Admin.

Best Regards, Lloyd.
They were easy to follow, and I did so meticulously. But I got errors everywhere and had to switch back.

Probably something to do with all of the changes I'd made previously.

Regards, Lloyd.
It's not something I'm proud of, but my Advanced Guestbook has been under constant attack for months now. Yesterday alone, I cleaned out some 500 spam comment entries alone.

I tried to implement Carbonize's human verification mod way back when, but had problems and didn't have any time to work on sorting them out. (My implementation is pretty modified.) And moving to the new version of Advanced Guestbook from Carbonize would take me even longer.

What I've found is that even with HTML and AGCode dissabled, they find a way of getting their non-working link details into the comments and guestbook entries.

Using the censor words like:
http://
href=
url=
does help as a deterent because it makes even those sort of entries look pretty meaningless.

Because I get so many spam entires, I find the easiest way to clean them out is to use phpMyAdmin to locate and delete them from the book_com and book_data tables.

It's obvious that these spammers put a fair bit of effort into doing it. What I fail to understand is how they think it will really benefit them.

Best Regards, Lloyd.
You should also make that same code change in the file comment.class.php if you want to be able to see the actual IP address there as well.
I think ET might have missed something.

Using rel="nofollow" on links means that those links won't be followed, indexed and used to calculate rankings by the search engines. It will have NO effect on the search engine indexing and ranking of your web site and your site content.

Sure it won't stop spam entries. But it will help to prevent spam entries from ranking highly in search engines. And that is a good thing.

Best Regards, Lloyd.
G'day Carbonize,

If you are going to support theme templates as a part of your new version of Advanced Guestbook, I'd be happy to produce a new AG template along the lines of my current live version. (See http://www.borrett.id.au/guestbook/.)

My version is based on the phpBB subSilver theme.

Best Regards, Lloyd.
G'day Carborize,

I got rid of the PHP notification errors by changing the error handling and logging setting in my php.ini file to:


So now I don't get the notices and get the confirmation code graphic image is being displayed.

However, if I enter a valid confirmation code, the page refreshes and the error message that the code is incorrect is displayed at the very top of the page. (Not quite where I'd like it to be, but that's another issue.) The addentry form now has a different confirmation code displayed, plus values in the code entry box. The rest of the form is blank. That is, the values the user filled into the form with are no longer there.

If I don't enter a confirmation code, I get the pop up error box. So that bit seems to be working okay.

Unfortunately, this version is running on my internal test system, so I can't give you access to it to look at it. But you can see the live version without verification that I've started from at http://www.borrett.id.au/guestbook/.

As you can see, I have a footer for my site.

In your instruction, you make reference to:

If you use a footer file for your site place the include code between the echo $gb_post->process; and the die();

Are you refering to the templates/footer.php file or something else?

I'm not sure quite what you mean by that instruction. Perhaps that's what I'm doing wrong. Could you please expand on what you mean?

I've created a small Zip file with my versions of the verify.php, verifyimage.php, addentry.php, form.php and addclass.php files that can be downloaded from http://www.borrett.id.au/downloads/lrb-verify.zip

Any help would be greatly appreciated. I'm getting regular spam entries that are becoming tedious to remove.

Best Regards, Lloyd.
G'day there,

Yesterday I upgraded my test system (Windows XP and IIS) from MySQL 4.0.18 to 4.1.7.

Suddenly I could not access Advanced Guestbook or phpBB. It turns out the later versions of MySQL handle database passwords differently. There are instructions on how to overcome this on the MySQL web site.

But even when I could access the databases and Advanced Guestbook was running again, I still couldn't logon as the guestbook administrator.

Jam'n's methods of using phpMyAdmin to reset the admin password also wouldn't work. The values given for the various passwords are based on the old MySQL password method. Different values are required for the new MySQL password method.

Fortunately, the reset.php script from Carbonize did work. Many thanks mate.

Best Regards, Lloyd.
G'day there,

There is one thing about the Easy Admin section of Advanced Guestbook Administration that has always frustrated me. You have to scroll back up the web page to use the navigation bar to move on to the top, next and/or previous page.

Finally I did something about it.

Open admin/panel_easy.php

Look for:

at the very bottom of the file.

Replace those lines so that you now have:


Save the changes and give it a try.

You should now have a new navigation bar at the bottom of your list of guestbook entries.

Note: I deliberately decided not to repeat the "Jump to record" element of the navigation bar, as I find I rarely use it. But it would be easy to do that also by just repeating the appropriate code, should you wish to do so.

Best Regards, Lloyd.
G'day there,

Using the META tag

or equivalent robots.txt file entries means the search engines will not index or follow EVERY link on the web page. That's not something I would want to happen with my guestbook pages.

Using the rel="nofollow" option on individual links on web pages means that the search engines are being told not to follow and rank the subject of those specific links.

These are two very different outcomes.

Sure the rel="nofollow" won't stop spam entries getting into my guestbook, but it will help to make those spam entries less beneficial to the spamers. And anything to hinder spamers, in my book, is beneficial.

It would seem most of the major blog engines have already endorsed this move by Google, so they must all see some good in it. I expect most guestbook and forum engines will follow this lead in due course.

After all, this move doesn't really hurt legitimate users. Certainly I don't add my URL to guestbook, blog or forum entries as a means of increasing my search engine rankings. I do it so others can simply use the link should they wish to find out more.

By the way JTD, the meta tag

is a bit of a fallacy. None of the major search engines support it. My understanding is that it was introduced by one obscure Canadian search engine and is not used by any others. Indeed, some of the search engine optimisation associations won't let people who have that tag on their web pages join their associations. They think it shows a lack of fundamental knowledge of SEO factors. That said, it's on almost all of the pages on my sites, because I didn't know that at the time, and I haven't got around to doing anything about it.

Best regards, Lloyd.
G'day there,

Some of you may be aware of the recent move by Google to combat spam links. This initiative is now also being supported by MSN Search and Yahoo! See http://www.google.com/googleblog/2005/01/preventing-comment-spam.html

If you're a blogger (or a blog reader), you're painfully familiar with people who try to raise their own websites' search engine rankings by submitting linked blog comments like "Visit my discount pharmaceuticals site." This is called comment spam, we don't like it either, and we've been testing a new tag that blocks it. From now on, when Google sees the attribute (rel="nofollow") on hyperlinks, those links won't get any credit when we rank websites in our search results. This isn't a negative vote for the site where the comment was posted; it's just a way to make sure that spammers get no benefit from abusing public areas like blog comments, trackbacks, and referrer lists.


While this antispam initiative is focused on blogs, it is also appropriate to support the initiative in guestbooks. Thus I decided to work out what changes would be needed for Advanced Guestbook 2.3.1 to support this initiative.

To add the attribute (rel="nofollow") on hyperlinks in Advanced Guestbook, you just have to make a simple change to your templates/url.php file.

Change:


To:


If you have HTML Codes and/or AGCodes enabled, then there are probably other places changes would need to be made. But for security reasons, I don't enable those features and thus haven't bothered to work out the required changes.

Best Regards, Lloyd.
I've just had a go at adding the Verification mods from Carbonize to my test system guestbook. I'm getting the following errors from addentry.php



The test system platform is PHP 4.3.7 and MySQL 4.0.18-max-debug running under Windows XP with IIS.

What have I done wrong?
Certainly Advanced Guestbook could be installed to work with a CPG-Nuke implementation. But I'm thinking more along the lines of someone making Advanced Guestbook an installable module of CPG-Nuke.
It would seem you are running my implementation of Advanced Guestbook 2.3.1 without changing my header and footer files.

Thus you are accessing image, css and script files etc. from my web site. Thus it is bound to be a lot slower.

I suspect that once you replace my header and footer elements with your own versions that get the files from your own host server, everything should speed up considerably.

Best Regards, Lloyd.

P.S.

I have just built a new web site at www.deepdenebears.com for a friend's cricket club using CPG-Nuke (see www.cpgnuke.com). It would be great if someone with more knowledge of PHP and MySQL than me could adapt Advanced Guestbook to work with CPG-Nuke.
G'day Roy,

Never did come across anything, and haven't had the time to try doing it myself. If you come up with something, I'd certainly be interested.

Best Regards, Lloyd.
 
Forum Index » Profile for lloyd_borrett » Messages posted by lloyd_borrett
Go to:   
Based on the open source JForum