Hello.
Some spambots are attacking my forum sending a lot of Lost PW e-mails, this way my e-mail host block the service for 1 hour.
I want to add a re-captcha to that page or to allow a IP to use the Lost PW once in an hour, or anything that can stop them.
Someone can help me with that?
Thanks.
Ok I haven't tried this out so make sure you have appropriate backups in case it doesn't work:
First you'll need to download the recaptcha libraries from their site.
http://code.google.com/p/recaptcha/downl...lib-Latest
And put the recaptchalib.php in the inc/ folder of your forum.
In member.php, find:
$plugins->run_hooks("member_lostpw");
Below it, add:
require_once('inc/recaptchalib.php');
$publickey = "your_public_key"; // you got this from the signup page
$recaptcha_code = recaptcha_get_html($publickey);
You need to replace
your_public_key with your recaptcha API key.
Find:
$plugins->run_hooks("member_do_lostpw_start");
Below it, add:
require_once('inc/recaptchalib.php');
$privatekey = "your_private_key";
$resp = recaptcha_check_answer ($privatekey,
get_ip(),
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
error('Die bots!!!!');
}
You need to replace
your_private_key with your recaptcha API keys.
In your member_lostpw template, find:
<tr>
<td class="trow1" width="40%"><strong>{$lang->email_address}</strong></td>
<td class="trow1" width="60%"><input type="text" class="textbox" name="email" /></td>
</tr>
Below it, add:
<tr>
<td class="trow2"><strong>Are you human?</strong></td>
<td class="trow2">{$recaptcha_code}</td>
</tr>
Worked great!
Thank you so much!!!!!
Hello again.
Looks like that the spambots are sending the "Resent activation code" e-mail too.
There is a way to do something about that too?
Thank you again.
Sorry, I could fix that using the same way.
Thank you!