[MOD] Antispam

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • [MOD] Antispam

      hi guys, yesterday my game has been spammed by Thranduil .

      so i decided to make a little mod for us, wich blocks spammers.
      the tool simply searches all POST and GET inputs from the user for predefined substrings.

      to protect your game make a file called "antispam.php" in basedirectory of your game

      PHP Source Code: antispam.php

      1. <?php
      2. $blocklist = array(//add strings to block in this array you can use full url or just parts of it
      3. 'eogame.eu',
      4. 'ogamex.eu',
      5. 'ogamex',
      6. 'eogame'
      7. );
      8. function array_search_partial($arr, $keyword) {
      9. foreach($arr as $index => $string) {
      10. if (strpos(strtolower($string), $keyword) !== FALSE)
      11. return $index;
      12. }
      13. }
      14. foreach($blocklist as $spam){
      15. if(array_search_partial($_POST, $spam) != '' || array_search_partial($_GET, $spam) != '')
      16. die('Spam');
      17. }
      Display All


      then insert following into game.php and index.php and chat/index.php after <?php

      PHP Source Code

      1. include 'antispam.php';

      thats it, this protects from all inputs you added to the blocklist. you can also use parts of the url.
      don't use this mod, it is uncompleat and will cause errors, new mod will be published soon
      hope you enjoy. :D
    • Hey Mimikri,

      Your code looks a little bit similar as mine at the begin. Anyway, for the ease of use of this module, i did finaly create a database table containing blacklisted words to easily add and remove words from adminpanel..

      I did aswell some other improvements to be sure i can catch most of the spam

      ///OLD VERSION ( I HAVE A NEW MORE OPTIMISED WRITTEN NOW)
      $mystring = str_replace(" ", "", $messageCheck);
      $mystring = preg_replace('/[^A-Za-z0-9\-]/', '', $mystring); // Removes special chars.
      $mystring = strtolower($mystring);

      foreach($blackList as $word){
      if(strpos($mystring, $word['blackText']) !== false){
      $tmpBanned = 1;
      $blackWord = $word['blackText'];
      }
      }

      i would aswell remove space alot of spam happen as follow "w w w . x x x x x . c o m"
      "



      as for @bombo450

      You can use this

      1. if(array_search_partial($_POST, $spam) != ''" || array_search_partial($_GET, $spam) != "''){
      2. $text= makebr($text);
      3. PlayerUtil::sendMessage(1, $USER['id'], $senderName, 1, $subject, $text."<hr>".$spam, TIMESTAMP);
      4. die('Spam');
      5. }



      What u think about it yourself ?
    • in my game lots of links are used, for shareing youtube vids and stuff, cause the game is also like social media.
      so i like to keep the ability to post links.

      the mod is not integrated in the adminpanel, cause i made it yesterday night in 10 min(will post a more comfortable version later).
      to block all links is an elegant solution, if you don't want the users to share links at all. :thumbup:

      ps. removing spaces or other placeholders is also a good idea, i will adapt this later
    • yes space are really important, i can ensure you that if you block in your case ogamex.eu, that tomorrow you will have o g a m e x . e u and later on

      o
      g
      a
      m
      e
      .
      e
      u

      i take it as a reference to show what would still be possible as spam
    • you have any idea for effectiv spamcontrol?
      as you showed in the thread, spam is always possible.
      i think about a central db, all 2moonsgames can access to build a solid list of spammers. some kind of blacklist.


      as we can see on mailservices it's not really possible to block
      effectivly without a huge ammount of data, like thousends of users, who
      identify spam. like the big mailservices do.
      so may an function for the users to mark spam is may a way to develop a good system.


      userspamcontrol^^

      the system is still not to bad, i will, add some function like automatic accountban and automatic temporary ip-ban.
      so it is possible to spam but it's far away from comfortable^^
      most common spam can be blocked like that.

      if the spam is to cryptic to walk around the spamsystem ists also not useful for the spammer anymore.

      so it can't block everything, but still its a nice to have.

      lets collect some ideas, to make it as hard as possible^^
    • Below you can find my latest antispam feature close to be finished aswell.
      @mimikri you got some extra lines in private

      1. i created a new database with as name antispam_control connected to a domain that has nothing to do with my games (example antispam.jeremy.com)
      2. I make a curl request to that domain with the CORS protection set to "*" to allow incomming traffic from all domains (an unique api key is saved for that purpose in uni1_config returning true/false
      3. I have an icon in my private players message redirecting to a report function popup where you report the player name, email and the message send
      4. If the message contains a blacklisted word on antispam.jeremy.com then it will aswell save the blacklisted words send in that message into the dabase
      5. If the message doesnt contain any blacklisted words but after having scanned it wisely and closely (it detect any type of VALID link) (gethostaddress), then it create automatically a database row to manually review with wwhat the script though was a valid link.
      6. Player can aswell while reporting a message that didnt spot any blacklisted words to manually add a word that should be blacklisted, in that case it will aswell create a database row to manually review.
      7. At registration, i do aswell a check to known spammers (email was saved previously) and if the mail is recognized, then it flag the player in game as potential spammer and will have to have 10 manually message aproved automatically before he can send others in a more free way.


      Of course i am using SendInBlue transactional email service to ensure all emails are going into the INBOX and not the spam section and i enfore the player to activate his account via email to reduce the ease of account creations and spams (you can add or create on sendinblue or on the game a database that contains a list of most temporar/junk mail adress like 10minmail.net...)


      it can probably receive some improvements but it was for me on the day i started to create it the best idea to include one antispam function on all websites with a single database of blacklisted words.

      @Songoku Hey long time no see, what are you becoming ? Still in Albania ?

      The post was edited 2 times, last by Thisishowwedoit ().

    • Songoku wrote:

      off-topic, long time no see :) , anyway , never been to Albania :D so ... wish 2moons community the best
      *OFF* Rofl then i dont remember exactly fom where you are xD maybe you were albanian origin, its what i remember from you :p
    • Thisishowwedoit wrote:

      Below you can find my latest antispam feature close to be finished aswell.
      @mimikri you got some extra lines in private

      1. i created a new database with as name antispam_control connected to a domain that has nothing to do with my games (example antispam.jeremy.com)
      2. I make a curl request to that domain with the CORS protection set to "*" to allow incomming traffic from all domains (an unique api key is saved for that purpose in uni1_config returning true/false
      3. I have an icon in my private players message redirecting to a report function popup where you report the player name, email and the message send
      4. If the message contains a blacklisted word on antispam.jeremy.com then it will aswell save the blacklisted words send in that message into the dabase
      5. If the message doesnt contain any blacklisted words but after having scanned it wisely and closely (it detect any type of VALID link) (gethostaddress), then it create automatically a database row to manually review with wwhat the script though was a valid link.
      6. Player can aswell while reporting a message that didnt spot any blacklisted words to manually add a word that should be blacklisted, in that case it will aswell create a database row to manually review.
      7. At registration, i do aswell a check to known spammers (email was saved previously) and if the mail is recognized, then it flag the player in game as potential spammer and will have to have 10 manually message aproved automatically before he can send others in a more free way.


      Of course i am using SendInBlue transactional email service to ensure all emails are going into the INBOX and not the spam section and i enfore the player to activate his account via email to reduce the ease of account creations and spams (you can add or create on sendinblue or on the game a database that contains a list of most temporar/junk mail adress like 10minmail.net...)


      it can probably receive some improvements but it was for me on the day i started to create it the best idea to include one antispam function on all websites with a single database of blacklisted words.

      @Songoku Hey long time no see, what are you becoming ? Still in Albania ?
      Wait for your version because this have some problem with ALLIANCE message and not work together
    • im just interested, in the error, cause i don't really see what could cause it. or why the system is triggert.
      also i think about, that it may don't work cause it's on xamp or other simulation system.
      other cause could be, that there was a false change made to the code, may syntaxerror caused by putting in new strings.

      have you done changes to the code?
    • USING this code help but not help in alliance

      Source Code

      1. function url_to_link($str, $attributes=array()) {
      2. $attrs = '';
      3. foreach ($attributes as $attribute => $value) {
      4. $attrs .= " {$attribute}=\"{$value}\"";
      5. }
      6. $str = ' ' . $str;
      7. $str = preg_replace(
      8. '`([^"=\'>])((ftp)://[^\s<]+[^\s<\.)])`i',
      9. ' Spam Message, Please report!',
      10. $str
      11. );
      12. $str = preg_replace(
      13. '`([^"=\'>])(www.[^\s<]+[^\s<\.)])`i',
      14. ' Spam Message, Please report!',
      15. $str
      16. );
      17. $banlist = array('eogame.eu','ogamex.eu','ogamex','eogame');
      18. foreach ($banlist as $key)
      19. $str = preg_replace('/\b'.$key.'\b/i','*censor',$str);
      20. $str = substr($str, 1);
      21. return $str;
      22. }
      Display All
    • öhm, there is not one line wich belongs to the code posted here. how can you say it's not woking if you use other code oO
      anyway, you are right, it's better to wait for the new antispamsystem, this one was just the first try, to handly the problem.
    • mimikri wrote:

      im just interested, in the error, cause i don't really see what could cause it. or why the system is triggert.
      also i think about, that it may don't work cause it's on xamp or other simulation system.
      other cause could be, that there was a false change made to the code, may syntaxerror caused by putting in new strings.

      have you done changes to the code?
      using Xterium version