Tag Archives: mysql

MODX – “The developer’s CMS”

For those of you who are looking for an alternative CMS (content management system) to something like Joomla, Mambo, Drupal and the numerous others then I urge you to check out a CMS called MODX.

MODXMODX is open source, written in PHP and MySQL and very, very easy to develop on and customise whether it be front or back end functionality.

MODX has become the CMS of choice at work for content managed websites.

This is mainly due to the cost (MODX is free!), functionality, ease of use for the web master  and ease of,  and therefore speed, of development.

It allows you to plugin your own PHP scripts almost seamlessly and embed them into content with a simple ‘snippet’ call.

You can get MODX from here:  http://modx.com/

If any of you MODX users come across this page and need a little help then be sure to drop me an email or a comment and I’ll do my best to help you out!

Spambots & Prevention

As you may know from reading other blog posts or pages on this site I’m a web developer. This is my job and I also do some at home.

Whitley WarriorsYou may also know that I used to play ice hockey for the Whitley Warriors until I was forced to retire after suffering a DVT.

When playing for the Warriors and studying HND computing at college I created a website dedicated to the Whitley Warriors ice hockey team. Eventually this site became the Official Whitley Warriors website.

The site is powered by a custom CMS (Content Management System) written by myself using PHP and MySQL and makes use of the ZEND Framework.

SpambotsRecently we’ve been getting a lot of spambots registering on the site forums (powered by SMF), making a mess and forcing me to spend hours removing post and spam users (I’ve removed about 2500 users up to date).

We are running CAPTCHA images but the spambots have managed to bypass this allowing them to sign up.

So I’ve recently added a few fields to the sign up form and database to help track new users and try to prevent the registration of spambots. Without the correct answers the registration will fail.

So what have I tried?

I’ve added a couple of dropdowns: Are you human? Are you a spambot?

Pick the wrong answer here and the registration attempt will be rejected.

I’ve attempted to catch spambots out here – if they change both answers they’ll fail, if they leave both answers on the default value they’ll also fail. They must choose the right question to change the answer in order to be successful.

Spambots also like to try to answer every question in the form – so I’ve added a box which must be left blank in order for the registration process to be successful.

The final measure in this attempt to prevent the registration of spambots is to ensure that the form has been posted from the correct page on my site. A lot of spambots submit their own form from a remote site, so, by checking the referrer we can see if the user has registered from the correct site and reject any remote registrations.

These measure seems to be working so far, but, if any of you can think of any other measures, whether it be actual code or just theories, which could be introduced or have any comments on the steps I’ve taken so far then please leave a comment.