Home >Backend Development >PHP Tutorial >Methods to prevent the PHPWIND forum from being maliciously registered and advertised by the registration machine_PHP Tutorial
Recently, my forum has been maliciously registered by the registration machine and posted advertising information, which is very annoying, so I thought of some ways to prevent malicious registration. Here are some ways:
Method 1: Change the registration form NAME (most effective, but requires some knowledge of PHP and MYSQL.)
Change the NAME of the content filled in the registration form. This needs to be coordinated with the data table, and the MYSQL form keywords must also be changed.
Method 2: Enter the answer to the website registration question
Change two files, one is register.htm and the other is register.php
The first step is to open register.htm under the forum template/wind/. Of course, this is the default style template. If your template has been changed, then look for this file under the name of your modified template.
Find a place first, I suggest you put it on this:
Edit—Find
Add the following sentences above this sentence: There is a question. Of course, the specific content of the question can be modified by yourself
Save and upload to space to replace the original file
Step 2: Open register.php in the forum’s main directory
Edit-Find
$db->update("INSERT INTO pw_members (username, password,email,publicmail,groupid,memberid,icon,gender,regdate,signature,introduce,oicq,icq,site,location,bday,receivemail,yz ,signchange) VALUES
Add a few sentences above this sentence: It is a test to see if the answer to the question is correct. You can specify the specific answer according to your own question
if($manianling != 50) {
Showmsg("Those who don't care how old their mother is, go to hell!!","javascript:history.back()");
}
Save and upload to space to replace the original file.
Method 3: Change the name of register.php
Just change the file name of the registration page, for example, change register.php to r.php or something. But one thing to note is that all linked register.php pages must be changed to r.php, otherwise it will become a whiteboard.
This is a hopeless solution, it requires many modifications and affects the upgrade and the current operation of the forum, but it is absolutely effective
First change register.php to the name you want
Start of modification:
Check register.php and replace it with the name you changed, such as: welcome.php
login.php
global.php 2 places
Then go to template/wind (all templates must be modified as long as they have the following files) and make 8 changes!
faq.htm
login.htm
lang_email.php
lang_other.php
register.htm 3 places simple_index.htm
simple_read.htm
simple_thread.htm
in
register.php
Replace it with your modified register.php name. For example welcome.php
This method does not require any additional information to be set!
Method 4: Enter today’s date
1. Modify register.php (register.php is in the main directory)
Found:
$db->update("INSERT INTO pw_members (username, password, email,publicmail,groupid,memberid,icon,gender,regdate,signature,introduce,oicq,icq,site,location,bday,receivemail,yz,signchange) VALUES
Add above (modify the Chinese version yourself):
if($nowday != $nowday1) {
Showmsg("The date was entered incorrectly. Have you forgotten what day it is today?","javascript:history.back()");
}
Found:
@include_once(D_P.data/bbscache/inv_config.php);
Add below:
$nowday1 = gmdate("d", $timestamp + $timeoffset * 3600);
$nowday2 = gmdate("m month d day", $timestamp + $timeoffset * 3600);
2. Modify register.htm (register.htm is in the directory /template/wind/register.htm or other style directories)
Found:
Add below (modify the Chinese version yourself):
The deadline is December 4th, please fill in 04
color="#FF0000">$nowday1
Enter it into the text box on the left (ignore the early morning time difference)Friendly reminder: Please delete the previously registered ID of the robot. There are many robots that were registered before and did not post, and then posted wildly on the specified date. If you find similar IDs, such as sharp sword*, etc., please delete it and leave it. There is a hidden danger.
Method 5: Add anti-automatic registration machine verification code in the background
1. Open template/admin/settings.htm
Find
Add
after2. Open admin/settings.php
Find
if ($reg[regmaxname]>15){
adminmsg(illegal_username);
}
Add
after$reg[autoreg]=str_replace(" ","",trim($reg[autoreg]));
3. Open template/wind/register.htm
Find
Add
after
color=red>$rg_autoreg
4. Open the register.php file
Find
if(!$rg_rglower){
for ($asc=65;$asc<=90;$asc++){
if (strpos($regname,chr($asc))!==false){
Showmsg(username_limit);
}
}
}
Add
afterif($rg_autoreg!="" && $autoreg!=$rg_autoreg){
showmsg(Sorry, the anti-automatic registration machine verification failed!);
}
Complete
Hope it’s helpful to everyone.