Gossamer Forum
Home : Products : Links 2.0 : Customization :

Alternativ Solution to Antibot?

(Page 2 of 4)
> > > >
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
Leonard thanks very much, here's my add.cgi

#!/bin/perl
# -------------
# Links
# -------------
# Links Manager
#
# File: add.cgi
# Description: Adds a record marked unvalidated to the database and
# optionally emails someone.
# Author: Alex Krohn
# Email: alex@gossamer-threads.com
# Web: http://www.gossamer-threads.com/
# Version: 2.01
#
# (c) 1998 Gossamer Threads Inc.
#
# This script is not freeware! Please read the README for full details
# on registration and terms of use.
# =====================================================================
#
# Setup Notes:
# Make sure the require statement below points to the config file.
# Required Librariers
# --------------------------------------------------------
eval {
($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX /
($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \
require "admin/links.cfg"; # Change this to full path to links.cfg if you have problems.
require "$db_lib_path/db_utils.pl";
require "$db_lib_path/links.def";
$build_use_templates ?
require "$db_lib_path/site_html_templates.pl" :
require "$db_lib_path/site_html.pl";
};
if ($@) {
print "Content-type: text/plain\n\n";
print "Error including libraries: $@\n[/url]";
print "Make sure they exist, permissions are set properly, and paths are set correctly.";
exit;
}
# ========================================================
eval { &main; }; # Trap any fatal errors so the program hopefully
if ($@) { &cgierr("fatal error: $@"); } # never produces that nasty 500 server error page.
exit; # There are only two exit calls in the script, here and in in &cgierr.
sub main {
# --------------------------------------------------------
local (%in) = &parse_form;
# We are processing the form.
if (keys %in != 0) {
$in{'captcha'} ? &captcha : &site_html_add_failure("You are attempting to bypass our security.") and return;
}
# Otherwise we are displaying the form (in site_html.pl).
else {
if ($db_single_category) {
my %is_valid = map { $_ => 1 } &category_list;
$ENV{'HTTP_REFERER'} =~ s,/[^/]+\.[^/]+$,,;
$ENV{'HTTP_REFERER'} =~ m,$build_root_url/(.+?)/?$,;
$is_valid{$1} ? &site_html_add_form ($1) : &site_html_add_form ();
}
else {
&site_html_add_form ();
}
}
}
sub create_captcha_form {
#-----------------------------------------------------------
# Create the form for add.cgi security
require "admin/captcha/captcha.pl"; # This is the path from add.cgi, not from db_utils.pl!
$crypt = &generateCode(8);
if ($crypt){
$i_width = $captcha_length*$captcha_width;
$output = qq|<img src="$captcha_webfolder/$crypt.png" width="$i_width" height="$captcha_height" border="0"><br>
<input type="hidden" name="crypt" value="$crypt">
Enter the characters you see in the image:
<input type="text" name="code" value=""><br>
Note: the numbers zero (0) and one (1) do not appear in the image.
Refresh/reload this page for a new image. If you are uncertain of a character, take your best guess.|;
return $output;
}
else{
&site_html_add_failure("Code not generated (file error)! Check to be sure that the script is properly configured.") and return;
}
}
sub process_form_1 {
# --------------------------------------------------------
($key, $status);


# Check the referer.
if (@db_referers and $ENV{'HTTP_REFERER'}) {
$found = 0;
foreach (@db_referers) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");
return;
}
}

open (ID, "<$db_links_id_file_name") or &cgierr("error in process_form. unable to open id file: $db_links_id_file_name. Reason: $!");
$in{$db_key} = <ID> + 1; # Get next ID number
close ID;

# Validate the form input..
$status = &validate_record(%in);
if ($status eq "ok") {

# Send the visitor to the Add Confirm page.
&site_html_add_confirm;
}
else {
&site_html_add_failure($status);
}
}
sub process_form_2 {
# --------------------------------------------------------
($key);


# This will set system fields like Validated to their proper values.
foreach $key (keys %add_system_fields) {
$in{$key} = $add_system_fields{$key};
}

# Set date variable to today's date.
$in{$db_cols[$db_modified]} = &get_date;

# Update the counter.
open (ID, ">$db_links_id_file_name") or &cgierr("error in get_defaults. unable to open id file: $db_links_id_file_name. Reason: $!");
flock(ID, 2) unless (!$db_use_flock);
print ID $in{$db_key}; # update counter.
close ID; # automatically removes file lock

# Print out the validate input to a "validation database" where it is stored until
# the admin decides to add it into the real database.
open (VAL, ">>$db_valid_name") or &cgierr("error in add_record. unable to open validate file: $db_valid_name. Reason: $!");
flock(VAL, 2) unless (!$db_use_flock);
print VAL &join_encode(%in);
close VAL; # automatically removes file lock

# Send the admin an email message notifying of new addition.
&send_email;
# Send the visitor to the success page.
&site_html_add_success;
}

sub send_email {
# --------------------------------------------------------
# Sends an email to the admin, letting him know that there is
# a new link waiting to be validated. No error checking as we don't
# want users to see the informative &cgierr output.
# Check to make sure that there is an admin email address defined.
$db_admin_email or &cgierr("Admin Email Address Not Defined in config file!");
my $to = $db_admin_email;
my $from = $in{$db_cols[$db_contact_email]};
my $subject = "Addition to Database: $in{'Title'}\n";
my $msg = qq|
The following link is awaiting validation:
Title: $in{'Title'}
URL: $in{'URL'}
Category: $in{'Category'}
Description: $in{'Description'}
Contact Name: $in{'Contact Name'}
Contact Email: $in{'Contact Email'}

Remote Host: $ENV{'REMOTE_HOST'}
Referer: $ENV{'HTTP_REFERER'}

To validate, please go to:
$db_script_url

Sincerely,
Links Manager.
|;
# Then mail it away!
require "$db_lib_path/Mailer.pm";
my $mailer = new Mailer ( { smtp => $db_smtp_server,
sendmail => $db_mail_path,
from => $from,
subject => $subject,
to => $to,
msg => $msg,
log => $db_mailer_log
} ) or return;
$mailer->send or return;
}
Quote Reply
Re: [robah] Alternativ Solution to Antibot? In reply to
Go through the instructions again, and you will see a problem: you put the sub create_captcha_form in the add.cgi, when it should be in db_utils.pl. You need to put the new sub captcha in add.cgi.


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
Leonard, thanks for your time. that was a bit stupid of me .... but it was late.
I removed it from add.gid, and made sure it was in db_utils.pl, and tried again. Got this error message when i press submit.


CGI ERROR
==========================================
Error Message : fatal error: Undefined subroutine &main::captcha called at /kunden/homepages/0/d125879489/htdocs/at/cgi-bin/links/add.pl line 55.

Script Location : /kunden/homepages/0/d125879489/htdocs/at/cgi-bin/links/add.pl
Perl Version : 5.006001

Form Variables

So i'm guessing I am still missing something.
For the moment, having no form is kinda good, as I was getting 1500 spams a day, so at least thats killed that for now, but i do need to get the form up and running again

Rob
Quote Reply
Re: [robah] Alternativ Solution to Antibot? In reply to
Leonard, been having another go, have this error now which doesn't sound so bad

Unkown Tag: captcha_form
Quote Reply
Re: [robah] Alternativ Solution to Antibot? In reply to
You need to put the new sub captcha in add.cgi (step #3).
The unknown tag is caused by missing or making an error in step #4.


Leonard
aka PerlFlunkie

Last edited by:

PerlFlunkie: Apr 5, 2007, 7:17 PM
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
its there, isn;t it? I think going mad might be good

#!/bin/perl
# -------------
# Links
# -------------
# Links Manager
#
# File: add.cgi
# Description: Adds a record marked unvalidated to the database and
# optionally emails someone.
# Author: Alex Krohn
# Email: alex@gossamer-threads.com
# Web: http://www.gossamer-threads.com/
# Version: 2.01
#
# (c) 1998 Gossamer Threads Inc.
#
# This script is not freeware! Please read the README for full details
# on registration and terms of use.
# =====================================================================
#
# Setup Notes:
# Make sure the require statement below points to the config file.
# Required Librariers
# --------------------------------------------------------
eval {
($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX /
($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \
require "admin/links.cfg"; # Change this to full path to links.cfg if you have problems.
require "$db_lib_path/db_utils.pl";
require "$db_lib_path/links.def";
$build_use_templates ?
require "$db_lib_path/site_html_templates.pl" :
require "$db_lib_path/site_html.pl";
};
if ($@) {
print "Content-type: text/plain\n\n";
print "Error including libraries: $@\n[/url]";
print "Make sure they exist, permissions are set properly, and paths are set correctly.";
exit;
}
# ========================================================
eval { &main; }; # Trap any fatal errors so the program hopefully
if ($@) { &cgierr("fatal error: $@"); } # never produces that nasty 500 server error page.
exit; # There are only two exit calls in the script, here and in in &cgierr.
sub main {
# --------------------------------------------------------
local (%in) = &parse_form;

# We are processing the form.
if ((keys %in != 0) && ($in{'do'} eq 'confirm')) {
&process_form_1;
}
elsif ((keys %in != 0) && ($in{'do'} eq 'add')) {
&process_form_2;
$in{'captcha'} ? &captcha : &site_html_add_failure("You are attempting to bypass our security.") and return;
}

# Otherwise we are displaying the form (in site_html.pl).
else {
if ($db_single_category) {
my %is_valid = map { $_ => 1 } &category_list;
$ENV{'HTTP_REFERER'} =~ s,/[^/]+\.[^/]+$,,;
$ENV{'HTTP_REFERER'} =~ m,$build_root_url/(.+?)/?$,;
$is_valid{$1} ? &site_html_add_form ($1) : &site_html_add_form ();
}
else {
&site_html_add_form ();
}
}
}
sub captcha {
#------------------------------------------
require "admin/captcha/captcha.pl";
$code = ($in{'code'});
$crypt = ($in{'crypt'});
if ($code && $crypt){
# check code
$result = &checkCode($code,$crypt);
if ($result == 1){
&process_form;
}
elsif ($result == -1){
&site_html_add_failure("<b>Failed!</b> Reason: code expired. Possible cause: code was issued too long ago. Try the new code below.") and return;
}
elsif ($result == -2){
&site_html_add_failure("<b>Failed!</b> Reason: invalid code (not in database). Possible causes: code already used or expired. Try the new code below.") and return;
}
elsif ($result == -3){
&site_html_add_failure("<b>Failed!</b> Reason: invalid code (code does not match crypt). Possible cause: characters not entered correctly. Try the new code below.") and return;
# note - once a solution is tried it is expired, even if it failed
}
else {
&site_html_add_failure("You did not enter the security code.") and return;
}
}
} # end sub
sub process_form_1 {
# --------------------------------------------------------
($key, $status);


# Check the referer.
if (@db_referers and $ENV{'HTTP_REFERER'}) {
$found = 0;
foreach (@db_referers) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");
return;
}
}

open (ID, "<$db_links_id_file_name") or &cgierr("error in process_form. unable to open id file: $db_links_id_file_name. Reason: $!");
$in{$db_key} = <ID> + 1; # Get next ID number
close ID;

# Validate the form input..
$status = &validate_record(%in);
if ($status eq "ok") {

# Send the visitor to the Add Confirm page.
&site_html_add_confirm;
}
else {
&site_html_add_failure($status);
}
}
sub process_form_2 {
# --------------------------------------------------------
($key);


# This will set system fields like Validated to their proper values.
foreach $key (keys %add_system_fields) {
$in{$key} = $add_system_fields{$key};
}

# Set date variable to today's date.
$in{$db_cols[$db_modified]} = &get_date;

# Update the counter.
open (ID, ">$db_links_id_file_name") or &cgierr("error in get_defaults. unable to open id file: $db_links_id_file_name. Reason: $!");
flock(ID, 2) unless (!$db_use_flock);
print ID $in{$db_key}; # update counter.
close ID; # automatically removes file lock

# Print out the validate input to a "validation database" where it is stored until
# the admin decides to add it into the real database.
open (VAL, ">>$db_valid_name") or &cgierr("error in add_record. unable to open validate file: $db_valid_name. Reason: $!");
flock(VAL, 2) unless (!$db_use_flock);
print VAL &join_encode(%in);
close VAL; # automatically removes file lock

# Send the admin an email message notifying of new addition.
&send_email;
# Send the visitor to the success page.
&site_html_add_success;
}

sub antibot {
#------------------------------------------
use Digest::MD5;
if ($in{'sequence'}) {
$seq = ($in{'sequence'});
$realseq = ($in{'realsequence'});
$context = Digest::MD5->new;
$context->add($seq);
$seq = $context->hexdigest;
if ($realseq eq $seq) {
&process_form;
}
else {
&site_html_add_failure("You entered the wrong security code.") and return;
}
}
else {
&site_html_add_failure("You did not enter the security code.") and return;
}
}
sub send_email {
# --------------------------------------------------------
# Sends an email to the admin, letting him know that there is
# a new link waiting to be validated. No error checking as we don't
# want users to see the informative &cgierr output.
# Check to make sure that there is an admin email address defined.
$db_admin_email or &cgierr("Admin Email Address Not Defined in config file!");
my $to = $db_admin_email;
my $from = $in{$db_cols[$db_contact_email]};
my $subject = "Addition to Database: $in{'Title'}\n";
my $msg = qq|
The following link is awaiting validation:
Title: $in{'Title'}
URL: $in{'URL'}
Category: $in{'Category'}
Description: $in{'Description'}
Contact Name: $in{'Contact Name'}
Contact Email: $in{'Contact Email'}

Remote Host: $ENV{'REMOTE_HOST'}
Referer: $ENV{'HTTP_REFERER'}

To validate, please go to:
$db_script_url

Sincerely,
Links Manager.
|;
# Then mail it away!
require "$db_lib_path/Mailer.pm";
my $mailer = new Mailer ( { smtp => $db_smtp_server,
sendmail => $db_mail_path,
from => $from,
subject => $subject,
to => $to,
msg => $msg,
log => $db_mailer_log
} ) or return;
$mailer->send or return;
}
Quote Reply
Re: [robah] Alternativ Solution to Antibot? In reply to
Well, now it is... What error are you getting? I suggest starting over, following the instructions step-by-step, and make sure you paste the code in the right places. I will not be online again until Monday, so Happy Easter...


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
In Reply To:
Well, now it is... What error are you getting? I suggest starting over, following the instructions step-by-step, and make sure you paste the code in the right places. I will not be online again until Monday, so Happy Easter...


Hi Leonard,

I just went through my system, and reuploaded the entire free links 2 system again, after having it on my site for years. I had turned it off after getting tremendous spam growth in a short time.

Just got back around to reinstalling it, then remembered the spamming, and came to this forum looking for help, and found this thread.

I made all the edits you've suggested in this thread, resolved the same db_utils.pl issues, and solved that fatal error.

Now, I'm getting this error...

Unkown Tag: Contact Email

in the page...

http://www.survivalring.org/cgi-bin/links/add.cgi

Could I bug you to maybe help me resolve this issue?

Any help would be appreciated. Let me know if you'd like me to post my add.cgi.

Thanks for all your work on this project.

Here is another possible opportunity at resolving spam issues in a global way. The developers of Wordpress created the Akismet system here...
http://akismet.com/development/api/

Might be a different method to solve spam issues.

Rich
Quote Reply
Re: [rafleet] Fixing Captcha...semi working In reply to
Hello, again...

Still getting the Tag problem for email, but I did look into the /captcha/ folder off of the /links/pages/ folders, and the script IS generating a code...

thusly...



but still getting the error "Unkown Tag: Contact Email" on the
http://www.survivalring.org/cgi-bin/links/add.cgi
page. Help!

Rich
Quote Reply
Re: [rafleet] Alternativ Solution to Antibot? In reply to
Try adding:

sub site_html_add_form {
# --------------------------------------------------------
# This routine determines how the add form page will look like.
&html_print_headers;
my $get_captcha_form = &create_captcha_form; #in db_utils.pl
my $category = shift;
$category ?
($category = qq~$category <input type=hidden name="Category" value="$category">~) :
($category = &build_select_field ("Category", "$in{'Category'}"));

print &load_template ('add.html', {
Category => $category,

Contact Email => $in{'Contact Email'},
captcha_form => $get_captcha_form,
%globals
});


...or something similar...


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
In Reply To:
Try adding:

sub site_html_add_form {
# --------------------------------------------------------
# This routine determines how the add form page will look like.
&html_print_headers;
my $get_captcha_form = &create_captcha_form; #in db_utils.pl
my $category = shift;
$category ?
($category = qq~$category <input type=hidden name="Category" value="$category">~) :
($category = &build_select_field ("Category", "$in{'Category'}"));

print &load_template ('add.html', {
Category => $category,

Contact Email => $in{'Contact Email'},
captcha_form => $get_captcha_form,
%globals
});


...or something similar...


Thanks Leonard,

Tried that, and got this...

Error including libraries: syntax error at /home/surviva/public_html/cgi-bin/links/admin/site_html_templates.pl line 172, near "Contact Email" Compilation failed in require at add.cgi line 33. Make sure they exist, permissions are set properly, and paths are set correctly.

This affected both the ADD.CGI and MODIFY.CGI files...both gave exactly the same error.

Hmmm...seems to be JUST the ADD.CGI file itself...I'll post it here to see if I missed a piece of code somewhere...again, thank you....

Rich

Code:

#!/usr/bin/perl
# -------------
# Links
# -------------
# Links Manager
#
# File: add.cgi
# Description: Adds a record marked unvalidated to the database and
# optionally emails someone.
# Author: Alex Krohn
# Email: alex@gossamer-threads.com
# Web: http://www.gossamer-threads.com/
# Version: 2.0
#
# (c) 1998 Gossamer Threads Inc.
#
# This script is not freeware! Please read the README for full details
# on registration and terms of use.
# =====================================================================
#
# Setup Notes:
# Make sure the require statement below points to the config file.
# Required Librariers
# --------------------------------------------------------
eval {
($0 =~ m,(.*)/[^/]+,) && unshift (@INC, "$1"); # Get the script location: UNIX /
($0 =~ m,(.*)\\[^\\]+,) && unshift (@INC, "$1"); # Get the script location: Windows \
require "admin/links.cfg"; # Change this to full path to links.cfg if you have problems.
require "$db_lib_path/db_utils.pl";
require "$db_lib_path/links.def";
$build_use_templates ?
require "$db_lib_path/site_html_templates.pl" :
require "$db_lib_path/site_html.pl";
};
if ($@) {
print "Content-type: text/plain\n\n";
print "Error including libraries: $@\n[/url]";
print "Make sure they exist, permissions are set properly, and paths are set correctly.";
exit;
}
# ========================================================
eval { &main; }; # Trap any fatal errors so the program hopefully
if ($@) { &cgierr("fatal error: $@"); } # never produces that nasty 500 server error page.
exit; # There are only two exit calls in the script, here and in in &cgierr.
sub main {
# --------------------------------------------------------
local (%in) = &parse_form;
# We are processing the form.
if (keys %in != 0) {
$in{'captcha'} ? &captcha : &site_html_add_failure("You are attempting to bypass our security.") and return;
}
# &process_form;
# }
# Otherwise we are displaying the form (in site_html.pl).
else {
if ($db_single_category) {
my %is_valid = map { $_ => 1 } &category_list;
$ENV{'HTTP_REFERER'} =~ s,/[^/]+\.[^/]+$,,;
$ENV{'HTTP_REFERER'} =~ m,$build_root_url/(.+?)/?$,;
$is_valid{$1} ? &site_html_add_form ($1) : &site_html_add_form ();
}
else {
&site_html_add_form ();
}
}
}
sub captcha { #------------------------------------------
require "admin/captcha/captcha.pl";
$code = ($in{'code'});
$crypt = ($in{'crypt'});
if ($code && $crypt){
# check code
$result = &checkCode($code,$crypt);
if ($result == 1){
&process_form;
}
elsif ($result == -1){
&site_html_add_failure("<b>Failed!</b> Reason: code expired. Possible cause: code was issued too long ago. Try the new code below.") and return;
}

elsif ($result == -2){
&site_html_add_failure("<b>Failed!</b> Reason: invalid code (not in database). Possible causes: code already used or expired. Try the new code below.") and return;
}

elsif ($result == -3){
&site_html_add_failure("<b>Failed!</b> Reason: invalid code (code does not match crypt). Possible cause: characters not entered correctly. Try the new code below.") and return;
# note - once a solution is tried it is expired, even if it failed
}
else {
&site_html_add_failure("You did not enter the security code.") and return;
}
}
} # end sub

sub process_form {
# --------------------------------------------------------
my ($key, $status, $line, $output);
# Check the referer.
if (@db_referers and $ENV{'HTTP_REFERER'}) {
$found = 0;
foreach (@db_referers) {
$ENV{'HTTP_REFERER'} =~ /$_/i and $found++ and last;
}
if (!$found) {
&site_html_add_failure ("Auto submission is not allowed in this directory. Please visit the site to add your entry.");
return;
}
}
# This will set system fields like Validated to their proper values.
foreach $key (keys %add_system_fields) {
$in{$key} = $add_system_fields{$key};
}

# Set date variable to today's date.
$in{$db_cols[$db_modified]} = &get_date;

open (ID, "<$db_links_id_file_name") or &cgierr("error in process_form. unable to open id file: $db_links_id_file_name. Reason: $!");
$in{$db_key} = <ID> + 1; # Get next ID number
close ID;
# Validate the form input..
$status = &validate_record(%in);
if ($status eq "ok") {
# Update the counter.
open (ID, ">$db_links_id_file_name") or &cgierr("error in get_defaults. unable to open id file: $db_links_id_file_name. Reason: $!");
flock(ID, 2) unless (!$db_use_flock);
print ID $in{$db_key}; # update counter.
close ID; # automatically removes file lock
# Print out the validate input to a "validation database" where it is stored until
# the admin decides to add it into the real database.
open (VAL, ">>$db_valid_name") or &cgierr("error in add_record. unable to open validate file: $db_valid_name. Reason: $!");
flock(VAL, 2) unless (!$db_use_flock);
print VAL &join_encode(%in);
close VAL; # automatically removes file lock
# Send the admin an email message notifying of new addition.
&send_email;
# Send the visitor to the success page.
&site_html_add_success;
}
else {
&site_html_add_failure($status);
}
}
sub send_email {
# --------------------------------------------------------
# Sends an email to the admin, letting him know that there is
# a new link waiting to be validated. No error checking as we don't
# want users to see the informative &cgierr output.
# Check to make sure that there is an admin email address defined.
$db_admin_email or &cgierr("Admin Email Address Not Defined in config file!");
my $to = $db_admin_email;
my $from = $in{$db_cols[$db_contact_email]};
my $subject = "Addition to Database: $in{'Title'}\n";
my $msg = qq|
The following link is awaiting validation:
Title: $in{'Title'}
URL: $in{'URL'}
Category: $in{'Category'}
Description: $in{'Description'}
Contact Name: $in{'Contact Name'}
Contact Email: $in{'Contact Email'}

Remote Host: $ENV{'REMOTE_HOST'}
Referer: $ENV{'HTTP_REFERER'}

To validate, please go to:
$db_script_url

Sincerely,
Links Manager.
|;
# Then mail it away!
require "$db_lib_path/Mailer.pm";
my $mailer = new Mailer ( { smtp => $db_smtp_server,
sendmail => $db_mail_path,
from => $from,
subject => $subject,
to => $to,
msg => $msg,
log => $db_mailer_log
} ) or return;
$mailer->send or return;
}
Quote Reply
Re: [rafleet] Alternativ Solution to Antibot? In reply to
That looks OK... What does your add.html template look like? And the corresponding subroutine from site_html_templates.pl?


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
In Reply To:
That looks OK... What does your add.html template look like? And the corresponding subroutine from site_html_templates.pl?



Leonard,

Here's the add.html template...mainly the form..the only thing edited...

Code:
<form action="<%db_cgi_url%>/add.cgi" method="POST">
<p>Please fill out the form completely, and we'll add your resource as soon as possible.</p>
<div class="margin">
<table border ="0" cellspacing="0" cellpadding="0">
<tr><td align="right" valign="top">Title:</td>
<td><input name="Title" size="50"></td></tr>
<tr><td align="right" valign="top">URL:</td>
<td><input name="URL" size="50"></td></tr>
<tr><td align="right" valign="top">Category:</td>
<td><%Category%></td></tr>
<tr><td align="right" valign="top">Description:</td>
<td><textarea wrap="virtual" name="Description" value="" rows="3" cols="42"></textarea></td></tr>
<tr><td align="right" valign="top">Contact Name:</td>
<td><input name="Contact Name" value="" size="40"></td></tr>
<tr><td align="right" valign="top">Contact Email:</td>
<td><input name="Contact Email" value="<%Contact Email%>" size="40"></td></tr>
<tr><td align="right" valign="top">Security:</td>
<td><%captcha_form%></td></tr>
<tr><td></td><td><input type="SUBMIT" value="Add Resource" name="captcha"></td></tr>
</table>
</div>
</form>



and here's the corresponding subroutine from site_html_templates.pl

Code:


sub site_html_add_form {
# --------------------------------------------------------
# This routine determines how the add form page will look like.
#
&html_print_headers;
my $get_captcha_form = &create_captcha_form; #in db_utils.pl
my $category = shift;
$category ?
($category = qq~$category <input type=hidden name="Category" value="$category">~) :
($category = &build_select_field ("Category", "$in{'Category'}"));

print &load_template ('add.html', {
Category => $category,
captcha_form => $get_captcha_form,

%globals
});
}

and the add_failure sub....

Code:

sub site_html_add_failure {
# --------------------------------------------------------
# This routine determines how the add failure page will look like.
my ($errormsg) = shift;
my $get_captcha_form = &create_captcha_form; # in db_utils.pl
$in{'Category'} ?
($in{'Category'} = qq~<input type=hidden name="Category" value="$in{'Category'}">$in{'Category'}~) :
($in{'Category'} = &build_select_field ("Category"));

&html_print_headers;
print &load_template ('add_error.html', {
error => $errormsg,

captcha_form => $get_captcha_form,

%in,
%globals
});
}



Thanks again...

Rich
Quote Reply
Re: [rafleet] Alternativ Solution to Antibot? In reply to
I see a problem in your add form; you're trying to pre-fill the field, which cannot be done on the add form, since the link info is not yet in the database:

<td><input name="Contact Email" value="<%Contact Email%>" size="40"></td></tr>

Make the value null:
<td><input name="Contact Email" value="" size="40"></td></tr>


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
Hi, Leonard,

That fixed it! Nulled out the value="<%Contact Name%>" and it works like a champ.

Appreciate your help on this very much.

Rich
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
I just wanted to give kudos and a thank you to "PerlFlunkie" for helping us lackies with the code. I got it working based on your instructions - thank you so much!!!Smile
Quote Reply
Re: [Karl] Alternativ Solution to Antibot? In reply to
I've tried this but my page just doesn't show up. Just a blank page. I've followed this step by step.
Quote Reply
Re: [LordStryfe] Alternativ Solution to Antibot? In reply to
I'm in my third day and have redone it completely 4 times.. Same problem...

From the Logs: Error:
Premature end of script headers: add.cgi, referer: http://links.guidetophils.com/
File does not exist: /home/whatever/links.guidetophils.com/internal_error.html, referer: http://links.guidetophils.com/

Also I have the File: "Core with 87.5 MB shows up in my Folder" As does the site from Ireland, that actually works!

I am trying to figure out how to do this so I can try it on my Gossamer Links done..

My add.cgi change:
sub captcha { #------------------------------------------
require "admin/captcha/captcha.pl"; $code = ($in{'code'}); $crypt = ($in{'crypt'});
if ($code && $crypt){ # check code $result = &checkCode($code,$crypt);
if ($result == 1){ &process_form; } elsif ($result == -1){
&site_html_add_failure("<b>Failed!</b> Reason: code expired. Possible cause: code was issued too long ago.
Try the new code below.") and return; } elsif ($result == -2){
&site_html_add_failure("<b>Failed!</b> Reason: invalid code (not in database).
Possible causes: code already used or expired. Try the new code below.") and return;
} elsif ($result == -3){ &site_html_add_failure("<b>Failed!</b>
Reason: invalid code (code does not match crypt). Possible cause: characters not entered correctly.
Try the new code below.") and return; # note - once a solution is tried it is expired,
even if it failed } else {
&site_html_add_failure("You did not enter the security code.") and return; } } } # end sub


I have tried all the minor modes also:
if (keys %in != 0) {
($in{'code'} ne '') ? &captcha : &site_html_add_failure("You did not enter the security code.") and return;
}


A Team FOG
Quote Reply
Re: [AteamFog] Alternativ Solution to Antibot? In reply to
Make sure your public cgi directory and the add.cgi are set to 755 (chmod): http://www.gossamer-threads.com/...?post=204859#p204859

Also make sure you upload in ascii, not binary.


Leonard
aka PerlFlunkie
Quote Reply
Re: [robah] Alternativ Solution to Antibot? In reply to
Thank you PerlFlunkie! This is one of the best mods yet! My site was getting inundated with 15 spam adds a day by a Russian script somewhere. This has stopped all of that.
Quote Reply
Re: [solokron] Alternativ Solution to Antibot? In reply to
Still not loading; here's my add page
Quote Reply
Re: [LordStryfe] Alternativ Solution to Antibot? In reply to
bump
Quote Reply
Re: [LordStryfe] Alternativ Solution to Antibot? In reply to
For starters, replace this...

Code:
# We are processing the form.
if (keys %in != 0) {
$in{'captcha'} ? &captcha : &site_html_add_failure("You are attempting to bypass our security.") and return;
}

with this...

Code:

# We are processing the form.
if (keys %in != 0) {
# >>> Captcha Mod next line
($in{'code'} ne '') ? &captcha : &site_html_add_failure("You did not enter the security code.") and return; # <<<
}

Also check the permissions on add.cgi.


Leonard
aka PerlFlunkie
Quote Reply
Re: [PerlFlunkie] Alternativ Solution to Antibot? In reply to
PerlFlunkie wrote:
For starters, replace this...

Code:
# We are processing the form.
if (keys %in != 0) {
$in{'captcha'} ? &captcha : &site_html_add_failure("You are attempting to bypass our security.") and return;
}


with this...

Code:

# We are processing the form.
if (keys %in != 0) {
# >>> Captcha Mod next line
($in{'code'} ne '') ? &captcha : &site_html_add_failure("You did not enter the security code.") and return; # <<<
}


Also check the permissions on add.cgi.


Permission is 755. Made the change but still a blank page
Quote Reply
Re: [LordStryfe] Alternativ Solution to Antibot? In reply to
Send me a copy of your user.cgi, add.cgi, and site_html_templates.pl, I'll look them over.

Also noted on your login form, there is no null value for password. Not likely a problem, though...

<input type="text" id="Username" name="Username" value="" class="text" />
<input type="password" id="Password" name="Password" class="password" />


Leonard
aka PerlFlunkie
> > > >