[Finished: 31-MAR-2012] Calling all mySQL / PHP programmers to help with spam control

Also, i dont know what version you're using...

---------------------------------------------------

Drupal 7

No plans are in place for porting this to Drupal 7. If you need a module like this for Drupal 7 you can try out Node Limit.

-----------------------------------------------------

http://drupal.org/project/node_limit

Posted by davedelong on March 3, 2009 at 2:09am

The Node Limit module allows administrators to restrict the number of nodes of a specific type that roles or users may create. For example, if a site has an "Advertiser" role that can create "advertisement" nodes, then the node limit administrator can restrict all users in that role to a specific number of nodes. He may also restrict users on a per-user basis.

Although other node limitation modules exist (such as create quota (Abandonned), user quota (D6), and node limitnumber(D6)), Node Limit offers features not available in all of those modules, such as:

  • Per-role node limits
  • Per-user node limits
  • Per-organic group node limits (Dropped)
  • Per-time interval node limits
  • Per-time frame node limits (Dropped)
  • Per-taxonomy term node limits (Coming soon)
  • Any combination of the above
  • Drupal 6 & 7 compatibility
  • Requires no programming on the part of the administrator

Wow, I'm impressed you found that one. :) I looked for days and finally stumbled across it. But unfortunately it doesn't work. The problem is that it will accept the post but then un-publish it, so if legitimate users post 3 posts in one minute (which some do) their post will be accepted but then immediately un-published. What we need is a method where it checks before accepting the post so that fails at the POST step and the user can simply wait a bit longer and hit SAVE again.

Like i said, im not an expert on it in any way, but it may be possible to set up some type of rules based system. There has to be a way to set it up for newer users, or not have it get applied to users with x amount of posts or something.

I'm very sorry they aren't being more helpful with you. Perhaps you could speak with the designers of the plugin module?


I won't add any more comments to this thread because I really have no experience in the matter and I'm not sure I'm helping :)

You're right, this part is possible. I have thought about doing that, but I don't really want to invest time if we can quickly implement a superior solution.

Thanks a lot for your comments, I do appreciate them.

Mr Admin,

i do believe you want a trigger. Do you know the table the posts get saved to?

Could you please run the command:

show create table tlb_posts and PM me the result? I could try to write a trigger that would do just that - fail the insert command.

edit - You must replace tbl_posts with the correct table name in the command above.

Thanks very much! With this method would it be possible to return the user back to the post editor with a "Please try again in 30 seconds" error message and preserve the form contents?

Have you tried question and answer based CAPTCHAs? The blurry text can be hacked with OCR and the Math is pretty easy for computers. Q and A can be pretty effective because even if humans set up an account they generally might not understand English.

Hmm, not a bad idea. I think I might try that.

Ok, here's a test of the new CAPTCHA.

I already like the new captcha!

Thanks for the link! I am considering using Bad Behavior, which doesn't analyze post content but rather post method and post origin. But it's only a secondary line of defense. The most important will still be our community moderated anti-spam system.

Works... An extra step, but better than Spam...

Should help slow them down at least...

With the trigger in place the database would return the insert error to the forum.

I could not control the message displayed by the forum. You could even get an "internal error", depending on how Drupal handles DB errors (and I'm not an expert in Drupal)

Hmmm, any other suggestions to work around that with a bit of PHP code?

Thanks a ton for looking into this.

I'm looking at one of the new CAPTCHA's - "Do you hate spam?" What if a user does like spam? What if a user (ie. newbie) thinks "spam" is referring to the food? Also, I guess uppercase/lowercase doesn't matter on the answers, right?

Great work SB!

-Garry

I can do it with PHP but unfortuantely I know next to nothing about Drupal.

The problem is getting the right event to trigger the function that will, for example, return true if the user has posted in the last time interval. Then you could try to display an error yourself - but I cannot help you there.

Back to my original solution, I don't see a big problem with displaying "internal error" messages, especially if all human users are aware of the motive. If someone hits F5 and the time interval is set to 30 seconds it will probably refresh with the comment correctly posted. And it will probably cause a robot to give up it's attack.

Anyway, the trigger could be set as a last line of defense - say it only block posts 10 seconds apart. The good news is that triggers are usually pretty fast. Bad news is there will be an extra select on a large table for every comment posted.
Feel free to contact me if the new captcha fails...

I just wanted to see if I could answer the spam question

I mentioned this in another thread: would it be possible to set the need of "solving" the CAPTCHA to every 10th (or a random number) post instead of one at the beginning of each session? By doing so the robots might be halted in their spamming.

If it's easy to do it could be a quick fix until your plan works out.

I like the easy question CAPTCHA, though not for every post. The Captcha Riddler module lets you come up with a few different questions to ask and have them rotate. Other easy questions:

Write the word blank in the box below.

In BLF's motto at the top of the page, what meets with flashlight? (variations for meets and flashlight)

I've only seen two - the spam one (seen once) and the "b" one (seen every time apart from once).

I'd think you need more though maybe you don't. I have no problem with filling the box for every post though.

I've always liked the picture ones where you have to choose which one isn't a kitten or I suppose for here, "Which of these is not a flashlight"

But what I know about implementing such stuff could easily be printed out in a large font and inserted in my eye with no discomfort....