Home > Backend Development > PHP Tutorial > Methods to prevent the PHPWIND forum from being maliciously registered and advertised by the registration machine_PHP Tutorial

Methods to prevent the PHPWIND forum from being maliciously registered and advertised by the registration machine_PHP Tutorial

WBOY
Release: 2016-07-13 17:39:41
Original
1553 people have browsed it

Recently, my forum has been maliciously registered by the registration machine and posted advertising information, which is very annoying, so I thought of some ways to prevent malicious registration. Here are some ways:

Method 1: Change the registration form NAME (most effective, but requires some knowledge of PHP and MYSQL.)

Change the NAME of the content filled in the registration form. This needs to be coordinated with the data table, and the MYSQL form keywords must also be changed.

Method 2: Enter the answer to the website registration question

Change two files, one is register.htm and the other is register.php

The first step is to open register.htm under the forum template/wind/. Of course, this is the default style template. If your template has been changed, then look for this file under the name of your modified template.
Find a place first, I suggest you put it on this:

Edit—Find
Username

Add the following sentences above this sentence: There is a question. Of course, the specific content of the question can be modified by yourself



Anti-malicious registration question:
Your mother was 49 last year. How old is she this year?

Please fill in the number in the space on the left


Save and upload to space to replace the original file

Step 2: Open register.php in the forum’s main directory
Edit-Find

$db->update("INSERT INTO pw_members (username, password,email,publicmail,groupid,memberid,icon,gender,regdate,signature,introduce,oicq,icq,site,location,bday,receivemail,yz ,signchange) VALUES

Add a few sentences above this sentence: It is a test to see if the answer to the question is correct. You can specify the specific answer according to your own question

if($manianling != 50) {
Showmsg("Those who don't care how old their mother is, go to hell!!","javascript:history.back()");
}

Save and upload to space to replace the original file.

Method 3: Change the name of register.php


Just change the file name of the registration page, for example, change register.php to r.php or something. But one thing to note is that all linked register.php pages must be changed to r.php, otherwise it will become a whiteboard.

This is a hopeless solution, it requires many modifications and affects the upgrade and the current operation of the forum, but it is absolutely effective
First change register.php to the name you want
Start of modification:

Check register.php and replace it with the name you changed, such as: welcome.php

login.php
global.php 2 places

Then go to template/wind (all templates must be modified as long as they have the following files) and make 8 changes!

faq.htm
login.htm
lang_email.php
lang_other.php
register.htm 3 places simple_index.htm
simple_read.htm
simple_thread.htm

Search

in
register.php
Replace it with your modified register.php name. For example welcome.php

This method does not require any additional information to be set!
Method 4: Enter today’s date

1. Modify register.php (register.php is in the main directory)

Found:
$db->update("INSERT INTO pw_members (username, password, email,publicmail,groupid,memberid,icon,gender,regdate,signature,introduce,oicq,icq,site,location,bday,receivemail,yz,signchange) VALUES

Add above (modify the Chinese version yourself):
if($nowday != $nowday1) {
Showmsg("The date was entered incorrectly. Have you forgotten what day it is today?","javascript:history.back()");
}
Found:

@include_once(D_P.data/bbscache/inv_config.php);

Add below:
$nowday1 = gmdate("d", $timestamp + $timeoffset * 3600);
$nowday2 = gmdate("m month d day", $timestamp + $timeoffset * 3600);

2. Modify register.htm (register.htm is in the directory /template/wind/register.htm or other style directories)
Found:
Required information

Add below (modify the Chinese version yourself):

Anti-malicious registration question: What is today’s date?
If today is the day

The deadline is December 4th, please fill in 04

Tip: Please fill in

color="#FF0000">$nowday1 Enter it into the text box on the left (ignore the early morning time difference)

Friendly reminder: Please delete the previously registered ID of the robot. There are many robots that were registered before and did not post, and then posted wildly on the specified date. If you find similar IDs, such as sharp sword*, etc., please delete it and leave it. There is a hidden danger.

Method 5: Add anti-automatic registration machine verification code in the background

1. Open template/admin/settings.htm
Find


Initial {$db_moneyname} when registering: (recommended to be set to 0.)

Add

after


Go to the backend and set the verification code you want. Leave it blank to disable this function)

2. Open admin/settings.php
Find

if ($reg[regmaxname]>15){
adminmsg(illegal_username);
}

Add

after

$reg[autoreg]=str_replace(" ","",trim($reg[autoreg]));

3. Open template/wind/register.htm
Find

Confirm password*

Add

after


Anti-automatic registration machine verification code*

color=red>$rg_autoreg


4. Open the register.php file
Find

if(!$rg_rglower){
for ($asc=65;$asc<=90;$asc++){
if (strpos($regname,chr($asc))!==false){
Showmsg(username_limit);
}
}
}

Add

after

if($rg_autoreg!="" && $autoreg!=$rg_autoreg){
showmsg(Sorry, the anti-automatic registration machine verification failed!);
}

Complete

Hope it’s helpful to everyone.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/486272.htmlTechArticleRecently, my forum has been maliciously registered by the registration machine and posted advertising information. It is very annoying. I thought about it. There are some ways to prevent malicious registration. Here are some methods: Method 1: Change registration...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template