Problems with SPAM? Read this!

[drwillennium]

I have just downloaded version 1.43 (I am updating from 1.41) and I am confused about the entries.txt. I was under the impression that you turned this into a php file so that it could not be accessed via the web. However, the version I downloaded I see that it is still a text file. Am I doing something wrong or is it still supposed to be a text file?

[Klemen]

You can rename entries.txt to any name, for example "sdkjh4w89vzakjfd.txt" and set that name as $settings['logfile'] in settings.php.

[suehutton]

I took the developers' advice and renamed the text file to something other than entries, making sure that I reflected this change in the settings for the logfile in settings.php

[drwillennium]

Yes I do know that, and actually I do do it. I was just confused because I thought you had changed it. Thanks for the great script.

[allencummings]

I had such a time with someone posting junk in the guestbook that I have removed the guestbook from the site. This was someone intentionally entering the viewed code.

The IP logger is nice, but since that only allows you to view where it comes from and NOT who sent it, the IP logger is not a very useful tool.

However, sending a confirmation email, just like I received to sign up for this forum, prior to allowing a post, would be really great. Then, someone could not get by posting anything with a bogus email addy.

[Klemen]

What version of gouestbook were you using?

[finger-lickin]

Hi there,


I suggest renaming all the form fields to something bizare, this might prevent bots from ascertaining certain things.

i.e, rename url fieldS to something like "christmas", unusual example i know.

email fieldS to "mirror" etc etc.

But obviously this would have to be done by the author, unless of course you are confident with your PHP/HTML.

give it a bash.

[Klemen]

This might actually not be a bad idea at all. Noted.

[finger-lickin]

Hi again,

Just to further the idea.

If you did go ahead and alter the code with bizare field names, then you might want to consider putting a few hidden fields with the original names,
at the start of the sign up form.

i.e, name, email , url , message. etc etc

so a bot might fill these in and the data go nowhere upon submitting.

Just a hind sight one.

Cheers

[Klemen]

Hi,

Sure and to take that even further - normally the hidden fields would be empty (no value), but if the script detected the hidden fields are not empty it would block the message instantly.

Thanks for the idea!

[morningsun76]

When people sign the guestbook, their e-mail address is displayed to all visitors including a link. I'm concerned that I'm inviting my site visitors to open themselves unknowingly up to lots of spam by signing my guestbook.

[Klemen]

Gbook does encode chars like . : and @ in e-mail link, but if you are still conserned you can disable showing e-mail address:

viewtopic.php?t=793&highlight=hide+email

The above thread is for an older version, but the code is the same (just different line numbers).

[chucktarv]

I just asked a question in the wrong forum. Please pardon. Is upgrading as easy as you describe here? I'd like to upgrade without losing the entries on the site I manage.

[nxshardcore]

as i checked. i have version 1.5 installed allready but.
I got a lot of spam anyhow.

http://www.nxshardcore.com/main2/guestbook/gbook.php

Blogspot is the website every url adress points to.
How to get rid of this spam and is it possible to make an admin area with the option to select more than 1 email and then to delete them?

This would be a great extra.

And language files. I translated the guestbook to dutch wich was a lot of work.

[Klemen]

The latest version is 1.6 not 1.5