Osclass forums

Support forums => Tips, tricks, and tutorials => Topic started by: mmcsus on October 18, 2013, 06:15:01 am

Title: [Tips & Tricks] Send to a Friend SPAM
Post by: mmcsus on October 18, 2013, 06:15:01 am: Spammers are using work at home jobs to spread their scum, in other words using real humans.

The "share" button or send to a friend is used by spammers more and more. (Copy & Paste)

The following should help prevent the "drones" from spreading the spammers scum.

This is only an example and can be used in the comment form or any form.

The problem is you do not want your customer not to be able to paste in some forms.

However the "send to a friend" form should not need to be pasted.

Edit your oc-content/themes/your_theme/item-send-friend.php

Find around line 77: (For bender 1.0)

Quote
<div class="control-group">
<label class="control-label" for="message">
<?php _e('Message', 'bender'); ?></label>
<div class="controls textarea">
<?php SendFriendForm::your_message(); ?>
</div>
</div>

Change to:

Quote
<div class="control-group">
<label class="control-label" for="message">
<?php _e('Message', 'bender'); ?></label>
<div class="controls textarea" id="nopaste">
<?php SendFriendForm::your_message(); ?>
</div>
</div>

Edit your oc-content/themes/your_theme/js/global.js

At the very end add the following:

Quote
window.onload = function() {
var nopaste = document.getElementById('nopaste');
nopaste.onpaste = function(e) {
e.preventDefault();
alert ("Pasting has been disabled to help prevent spam");
}
}

Now when the drone tries to paste they will receive a message "Pasting has been disabled to help prevent spam"

Of course this is not fool proof but just another tool.

David
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: strata on October 18, 2013, 06:27:02 am: Thanks for good tips mmcsus, will try it later ;D
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: Hello on October 19, 2013, 08:11:49 am: nice working file +1 ;)
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: Gizmo on October 24, 2013, 01:11:14 am: thank you
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: dev101 on October 24, 2013, 02:03:34 am: Hi mmcsus,
thanks for this usefull mod (although I personally do not like paste disabling on any website, it is annoying).

One bug: I analysed page loading in serveral browsers (F12 web dev tools) and they all report same js error in the console, but everything appears to be working fine:

Code: [Select]
Uncaught TypeError: Cannot set property 'onpaste' of null
Just thought you should know about it.

Edit: look here (http://stackoverflow.com/questions/9778888/uncaught-typeerror-cannot-set-property-onclick-of-null), might be a solution to move script at the end of item-send-friend.php file, instead of global.js

Code: [Select]
<script> window.onload = function() { var nopaste = document.getElementById('nopaste'); nopaste.onpaste = function(e) { e.preventDefault(); alert ("Pasting has been disabled to help prevent spam"); } } </script>
dev101
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: design on November 01, 2013, 05:41:04 pm: thanks :)
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: plesk on November 01, 2013, 08:44:24 pm: good evening
thank you for bender theme and the theme of France as you have a solution thank you
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: zoopla on December 20, 2013, 03:33:29 am: Thanks!
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: krahamath on February 26, 2014, 12:39:49 pm: Thank you 8)
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: volunteer on March 29, 2014, 05:52:32 am: thanks for this tip..

ideally would be nice to limit the use of contact forms by time :)
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: Syed on October 04, 2017, 12:09:13 pm: Can I use it on Contact Seller Form?

Regards
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: whitehattracker on November 16, 2017, 10:58:54 pm: Thanks for these tips. Unfortunately, years later looks like this trick is still going on.

Recent research by Imperva Incapsula (https://www.incapsula.com/blog/form-filler-bots-do-star-wars.html (https://www.incapsula.com/blog/form-filler-bots-do-star-wars.html)) has shown that many send-to-a-friend/share-to-a-friend social sharing modules are compromised.

Besides using all purpose bot filtering (yes, like the vendor sells) some other suggestions are "include a rate-limiting mechanism that will prevent an IP address from issuing unreasonable numbers of requests over a specific period of time. Other DIY solutions are to have all users fill in CAPTCHAs and to enforce registration as a prerequisite to sending out an email message"

In fact, according to Incapsula's research the same gambling sites are even using Star Wars novels to bypass content filters.
Title: Re: [Tips & Tricks] Send to a Friend SPAM
Post by: Aficionado on November 19, 2017, 09:31:42 pm: Quote from: whitehattracker on November 16, 2017, 10:58:54 pm
Thanks for these tips. Unfortunately, years later looks like this trick is still going on.

Recent research by Imperva Incapsula (https://www.incapsula.com/blog/form-filler-bots-do-star-wars.html (https://www.incapsula.com/blog/form-filler-bots-do-star-wars.html)) has shown that many send-to-a-friend/share-to-a-friend social sharing modules are compromised.

Besides using all purpose bot filtering (yes, like the vendor sells) some other suggestions are "include a rate-limiting mechanism that will prevent an IP address from issuing unreasonable numbers of requests over a specific period of time. Other DIY solutions are to have all users fill in CAPTCHAs and to enforce registration as a prerequisite to sending out an email message"

In fact, according to Incapsula's research the same gambling sites are even using Star Wars novels to bypass content filters.

Next time post a clever SPAM, this is very obvious.