php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #50254 SPAM detector trips up on your own PHP.net site as URL
Submitted: 2009-11-21 01:36 UTC Modified: 2009-11-21 01:50 UTC
From: daevid at daevid dot com Assigned:
Status: Not a bug Package: Website problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: daevid at daevid dot com
New email:
PHP Version: OS:

 

 [2009-11-21 01:36 UTC] daevid at daevid dot com 
Description:
------------
I tried to post this note in the include() page:

---
see 'reproduce code' below on this form.
---

I tried to post this note to here:
http://us2.php.net/manual/add-note.php
But the stupid-ass form says:
"Your note contains a prohibited (usually SPAM) word. Please remove it and try again."
WTF!? It doesn't even TELL me what f'n word is the problem. Seriously? It already asked me the stupid math question and now this
B.S.?

Then, I had to laugh because I removed the text:

http://php.net/manual/en/function.include.php
http://php.net/manual/en/function.require.php
http://php.net/manual/en/function.require-once.php
http://php.net/manual/en/function.include-once.php

And the submit note worked. LOL. So apparently one of those words in there is considered SPAM by PHP's own web form. Ha! Suckas.


Reproduce code:
---------------
Well now, I am confused because these pages:
http://php.net/manual/en/function.include.php
http://php.net/manual/en/function.require.php
http://php.net/manual/en/function.require-once.php
http://php.net/manual/en/function.include-once.php

All show them as functions:
Include(), require(), require_once(), include_once()

Yet ALL of the examples show the PEAR way:
http://pear.php.net/manual/en/standards.including.php

"Note: include_once and require_once are statements, not functions. Parentheses should not surround the subject filename." 

	include_once "a.php";

To change all require_once('foo.php'); to require_once 'foo.php' execute this:

cd /var/www/

find . -name '*.php' -print | xargs egrep -l \
'require_once\s*(\(.*\));'\ | xargs sed -i.sedorig -e \
's/require_once\s*(\(.*\));/require_once \1;/'

(thanks to Robert Hajime Lanning for that)

Then to remove all the ".php.sedorig" backup files execute this:

find . -name "*.php.sedorig" -type f -exec rm -rf {} \;

Expected result:
----------------
I expected the form to not be so stupid and just let me post. You already ask me for a dumb math question so why the added check. And at the VERY least, tell me what word you consider SPAM so I can remove it. duh. Are you new to writing web pages/forms? Help the user out man. If I've taken the time to post a useful note, then work with me, not against me.

This is related to 45055.

I agree that the resulting error message needs to be more helpful/descriptive. If its' because of too many links, then damnit tell me that. If it is some word that is offensive, then tell me that too! UGH.

I posted this again to show an example of what I'd consider a good note and that there aren't too many links. They are referencing relevant PHP pages even.

Actual result:
--------------
fail.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-11-21 01:50 UTC] bjori@php.net 
We intentionally do not tell you "the spam word" (which in this case is multiple links, more then 3) to avoid spammers simply removing that single word/link.

We need to deal with aaaaaaaaaaaaaaaaaaalot of spam, and still spam gets through our checks.

I prefer one or two false positives rather 1000-2000 extra spams a month.

If you think you can implement a better system, please take it up on the webmaster mailinglist (see http://php.net/mailinglists).

-Hannes
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed May 08 21:01:33 2024 UTC