Chống Flood Member cho IBF:

Tổng số bài gửi : 200 Join date : 22/10/2010

Mở file Register.php
Tìm:

//+--------------------------------------------
//| Find the highest member id, and increment it
//| auto_increment not used for guest id 0 val.
//+--------------------------------------------

$DB->query("SELECT MAX(id) as new_id FROM ibf_members");
$r = $DB->fetch_row();

Thêm vào bên dưới:

$DB->query("SELECT ip_address as last_member_ip, joined FROM ibf_members WHERE id = ".$r['new_id']);

$flood_check = $DB->fetch_row();

Tìm:

//+--------------------------------------------
//| Insert into the DB
//+--------------------------------------------

$member['password'] = md5( $member['password'] );

$db_string = $std->compile_db_string( $member );

$DB->query("INSERT INTO ibf_members (" .$db_string['FIELD_NAMES']. ") VALUES (". $db_string['FIELD_VALUES'] .")");

$DB->query("INSERT INTO ibf_member_extra (id) VALUES ($member_id)");

unset($db_string);

//+--------------------------------------------
//| Insert into the custom profile fields DB
//+--------------------------------------------

// Ensure deleted members profile fields are removed.

$DB->query("DELETE FROM ibf_pfields_content WHERE member_id=".$member['id']);

$custom_fields['member_id'] = $member['id'];

$db_string = $DB->compile_db_insert_string($custom_fields);

$DB->query("INSERT INTO ibf_pfields_content (".$db_string['FIELD_NAMES'].") VALUES(".$db_string['FIELD_VALUES'].")");

unset($db_string);

//+--------------------------------------------

$validate_key = md5( $std->make_password() . time() );
$time = time();

if ($coppa != 1)
{
if ( ($ibforums->vars['reg_auth_type'] == 'user') or ($ibforums->vars['reg_auth_type'] == 'admin') ) {

// We want to validate all reg's via email, after email verificiation has taken place,
// we restore their previous group and remove the validate_key

$db_str = $DB->compile_db_insert_string( array (
'vid' => $validate_key,
'member_id' => $member['id'],
'real_group' => $ibforums->vars['member_group'],
'temp_group' => $ibforums->vars['auth_group'],
'entry_date' => $time,
'coppa_user' => $coppa,
'new_reg' => 1,
'ip_address' => $member['ip_address']
) );

$DB->query("INSERT INTO ibf_validating ({$db_str['FIELD_NAMES']}) VALUES({$db_str['FIELD_VALUES']})");

if ( $ibforums->vars['reg_auth_type'] == 'user' )
{

$this->email->get_template("reg_validate");

$this->email->build_message( array(
'THE_LINK' => $this->base_url_nosess."?act=Reg&CODE=03&uid=".urlencode($member_id)."&aid=".urlencode($validate_key),
'NAME' => $member['name'],
'MAN_LINK' => $this->base_url_nosess."?act=Reg&CODE=05",
'EMAIL' => $member['email'],
'ID' => $member_id,
'CODE' => $validate_key,
)
);

$this->email->subject = "Registration at ".$ibforums->vars['board_name'];
$this->email->to = $member['email'];

$this->email->send_mail();

$this->output = $this->html->show_authorise( $member );

}
else if ( $ibforums->vars['reg_auth_type'] == 'admin' )
{
$this->output = $this->html->show_preview( $member );
}

if ($ibforums->vars['new_reg_notify']) {

$date = $std->get_date( time(), 'LONG' );

$this->email->get_template("admin_newuser");

$this->email->build_message( array(
'DATE' => $date,
'MEMBER_NAME' => $member['name'],
)
);

$this->email->subject = "New Registration at ".$ibforums->vars['board_name'];
$this->email->to = $ibforums->vars['email_in'];
$this->email->send_mail();
}

$this->page_title = $ibforums->lang['reg_success'];

$this->nav = array( $ibforums->lang['nav_reg'] );
}

else
{

// We don't want to preview, or get them to validate via email.

$DB->query("UPDATE ibf_stats SET ".
"MEM_COUNT=MEM_COUNT+1, ".
"LAST_MEM_NAME='" . $member['name'] . "', ".
"LAST_MEM_ID='" . $member['id'] . "'");

if ($ibforums->vars['new_reg_notify']) {

$date = $std->get_date( time(), 'LONG' );

$this->email->get_template("admin_newuser");

$this->email->build_message( array(
'DATE' => $date,
'MEMBER_NAME' => $member['name'],
)
);

$this->email->subject = "New Registration at ".$ibforums->vars['board_name'];
$this->email->to = $ibforums->vars['email_in'];
$this->email->send_mail();
}

$std->my_setcookie("member_id" , $member['id'] , 1);
$std->my_setcookie("pass_hash" , $member['password'], 1);

$std->boink_it($ibforums->base_url.'&act=Login&CODE=autologin&fromreg=1');
}
}
else
{
// This is a COPPA user, so lets tell them they registered OK and redirect to the form.

$print->redirect_screen( $ibforums->lang['cp_success'], 'act=Reg&CODE=12' );
}

}

Thay bằng:

//+---------------------------------------------------------
//| Insert into the DB
//| This code was edited by BabyWolf to anti-flood member
//+----------------------------------------------------------------

$member['password'] = md5( $member['password'] );

$db_string = $std->compile_db_string( $member );

if(strcmp($member['ip_address'],$flood_check['last_member_ip']) == 0 && (time() - $flood_check['joined']) <= 7200000)
{
$this->show_reg_form('err_flood_check');
return;
}
else
{

$DB->query("INSERT INTO ibf_members (" .$db_string['FIELD_NAMES']. ") VALUES (". $db_string['FIELD_VALUES'] .")");

$DB->query("INSERT INTO ibf_member_extra (id) VALUES ($member_id)");

unset($db_string);

//+--------------------------------------------
//| Insert into the custom profile fields DB
//+--------------------------------------------

// Ensure deleted members profile fields are removed.

$DB->query("DELETE FROM ibf_pfields_content WHERE member_id=".$member['id']);

$custom_fields['member_id'] = $member['id'];

$db_string = $DB->compile_db_insert_string($custom_fields);

$DB->query("INSERT INTO ibf_pfields_content (".$db_string['FIELD_NAMES'].") VALUES(".$db_string['FIELD_VALUES'].")");

unset($db_string);

//+--------------------------------------------

$validate_key = md5( $std->make_password() . time() );
$time = time();

if ($coppa != 1)
{
if ( ($ibforums->vars['reg_auth_type'] == 'user') or ($ibforums->vars['reg_auth_type'] == 'admin') ) {

// We want to validate all reg's via email, after email verificiation has taken place,
// we restore their previous group and remove the validate_key

$db_str = $DB->compile_db_insert_string( array (
'vid' => $validate_key,
'member_id' => $member['id'],
'real_group' => $ibforums->vars['member_group'],
'temp_group' => $ibforums->vars['auth_group'],
'entry_date' => $time,
'coppa_user' => $coppa,
'new_reg' => 1,
'ip_address' => $member['ip_address']
) );

$DB->query("INSERT INTO ibf_validating ({$db_str['FIELD_NAMES']}) VALUES({$db_str['FIELD_VALUES']})");

if ( $ibforums->vars['reg_auth_type'] == 'user' )
{

$this->email->get_template("reg_validate");

$this->email->build_message( array(
'THE_LINK' => $this->base_url_nosess."?act=Reg&CODE=03&uid=".urlencode($member_id)."&aid=".urlencode($validate_key),
'NAME' => $member['name'],
'MAN_LINK' => $this->base_url_nosess."?act=Reg&CODE=05",
'EMAIL' => $member['email'],
'ID' => $member_id,
'CODE' => $validate_key,
)
);

$this->email->subject = "Registration at ".$ibforums->vars['board_name'];
$this->email->to = $member['email'];

$this->email->send_mail();

$this->output = $this->html->show_authorise( $member );

}
else if ( $ibforums->vars['reg_auth_type'] == 'admin' )
{
$this->output = $this->html->show_preview( $member );
}

if ($ibforums->vars['new_reg_notify']) {

$date = $std->get_date( time(), 'LONG' );

$this->email->get_template("admin_newuser");

$this->email->build_message( array(
'DATE' => $date,
'MEMBER_NAME' => $member['name'],
)
);

$this->email->subject = "New Registration at ".$ibforums->vars['board_name'];
$this->email->to = $ibforums->vars['email_in'];
$this->email->send_mail();
}

$this->page_title = $ibforums->lang['reg_success'];

$this->nav = array( $ibforums->lang['nav_reg'] );
}

else
{

// We don't want to preview, or get them to validate via email.

$DB->query("UPDATE ibf_stats SET ".
"MEM_COUNT=MEM_COUNT+1, ".
"LAST_MEM_NAME='" . $member['name'] . "', ".
"LAST_MEM_ID='" . $member['id'] . "'");

if ($ibforums->vars['new_reg_notify']) {

$date = $std->get_date( time(), 'LONG' );

$this->email->get_template("admin_newuser");

$this->email->build_message( array(
'DATE' => $date,
'MEMBER_NAME' => $member['name'],
)
);

$this->email->subject = "New Registration at ".$ibforums->vars['board_name'];
$this->email->to = $ibforums->vars['email_in'];
$this->email->send_mail();
}

$std->my_setcookie("member_id" , $member['id'] , 1);
$std->my_setcookie("pass_hash" , $member['password'], 1);

$std->boink_it($ibforums->base_url.'&act=Login&CODE=autologin&fromreg=1');
}
}
else
{
// This is a COPPA user, so lets tell them they registered OK and redirect to the form.

$print->redirect_screen( $ibforums->lang['cp_success'], 'act=Reg&CODE=12' );
}
}
}

Mở file lang_register.php
Thêm đoạn:

$lang['err_flood_check'] = "Bạn phải chờ thêm 120 phút nữa để đăng ký một tài khoản mới.";

» Chống bom thư Trên WEB (Bom PHP)
» Phòng chống hacker
» Cách chống BombMail hiệu quả :
» Thủ thuật nhỏ chống virus lây lan qua đường e-mail :
» NetBIOS hacking và cách phòng chống