Putting a CAPTCHA for every post in phpBB3


Advertisements

Though it is bit irritating to ask for filling extra information for every post a user is going to post in your forum, but it will be even more frustrating to get 100s of spam posts everyday. I have been in the same situation while I was asked to become admin for tutorialspoint’s forum section. I tried putting captcha at registration level, but no success, looks like spammers already have broken those captcha. Finally I decided to go for post level captcha kind of solution and this is what I did to achieve that.

Step 1 – Generate a Random Code

Let’s start with creating a random code. Open file posting.php available in your forum’s home directory, search for L_POST_A, its inside global variables template->assign_vars(array…..). Let’s put one line of code just above to it which will give us a random number as follows:

$security_code = rand(10000, 100000);
$template->assign_vars(array(
        'L_POST_A'    => $page_title,
        'L_ICON'      => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],

.....

Now let’s add this secuirty code in the list of already defined global variables as follows:

$security_code = rand(10000, 100000);
$template->assign_vars(array(
        'L_POST_A'    => $page_title,
        'SECURITY_CODE' => $security_code,
        'L_ICON'      => ($mode == 'reply' || $mode == 'quote' || ($mode == 'edit' && $post_id != $post_data['topic_first_post_id'])) ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
.....

You are done with defining a global variable. Now let’s go to second step where we will make use of this global variable.

Adding Addition Field to take security code

Let’s open posting_editor.html file available in the following path

/[your forum home]/styles/[your forum style name]/template/

Now search for the following lines:

<dl style="clear: left;">
     <dt><label for="subject">{L_SUBJECT}:</label></dt>
     <dd><input type="text" name="subject" id="subject" size="45" maxlength="60" tabindex="2" value="{SUBJECT}{DRAFT_SUBJECT}" class="inputbox autowidth" /></dd>
</dl>

Finally add following few lines under this subject to get a security code from the user before he/she submits a post.

<dl style="clear: left;">
     <dt><label for="subject">{L_SUBJECT}:</label></dt>
     <dd><input type="text" name="subject" id="subject" size="45" maxlength="60" tabindex="2" value="{SUBJECT}{DRAFT_SUBJECT}" class="inputbox autowidth" /></dd>
</dl>
<dl style="clear: left;">
     <dt><label for="subject">Enter Security Code:</label></dt>
     <dd><input type="text" name="security_code" size="45" maxlength="60" tabindex="3" class="inputbox autowidth" /><input type="hidden" name="hidden_security_code" value="{SECURITY_CODE}"/></dd>
     <dd><label>Security Code:</label> {SECURITY_CODE}</dd>
</dl>

Once you are done with this, go to Admin home and under the Styles tab -> Templates -> Referesh the template you are using. This will bring above changes into effect and now you will find a field under Subject field in every post you want to post. There will also be a random security code available. Check live working example at the below link

http://www.tutorialspoint.com/forums/posting.php?mode=post&f=2

Step 3 – Define Error Message

Now let "e;s define a message which will be displayed in case user does not enter correct security code before posting the post or any reply or quote. Let’s open file posting.php available under the following directory:

/[your forum home]/language/en/

Search for ADD_ATTACHMENT and put the following line under this line as follows:

$lang = array_merge($lang, array(
        'ADD_ATTACHMENT' => 'Upload attachment',
        'SECURITY_CODE_ERROR' => 'Please enter correct security code to proceed.',
......

Step 4 – Security Code Validation

You are almost done, let’s put final step to make our powerful captcha works. Again let’s open file posting.php available in your forum’s home directory and search for the following line:

if ($submit || $preview || $refresh)
{
....

Add the following code inside this if block as follows

if ($submit || $preview || $refresh)
{
        if($submit || $refresh){
           if( !isset( $_POST['security_code'] )){
              $error[] = $user->lang['SECURITY_CODE_ERROR'];
           }
           if( $_POST['hidden_security_code'] != $_POST['security_code'] )
           {
              $error[] = $user->lang['SECURITY_CODE_ERROR'];
           }
        }
.....

That’s it. You are done. Now try to post any post and face to challenge without entering correct security code which has been generated randomly :-) . If from today on wards, you get less number of spams then please provide your feedback on this post.

Conslusion

Now you have simply a great CAPTCHA working for your website which will help you reducing 99.99% spam coming in your forum. This is actually a generic solution and can be implemented with any other CMS (Content Management System) like wordpress, Joomla etc.

admin

admin

admin

Latest posts by admin (see all)

Advertisements