for some reason a guestbook i coded in php gets spammed since about 1 week - app. 10 entries per day with content like this

cBlE3U
[URL=http://xxx-link]girls kissing girls[/URL]

[URL=URL=http://xxx-link]xxx words[/URL]

[URL=URL=http://xxx-link]xxx words[/URL]

[URL=URL=http://xxx-link]xxx words[/URL]

[URL=URL=http://xxx-link]xxx words[/URL]

i don't have the time to implement capatcha right now so here is a short work-around how i fixed it temporarily

original code
  1. $id = time();  
  2.   
  3. $name = addslashes($name);  
  4. $email = addslashes($email);  
  5. $homepage = addslashes($homepage);  
  6. $message = addslashes($message);  
  7. ...  
  8.   
  9. $pos = strpos($message,"[url");  
  10.   
  11. $sqlcommand =   
  12.   "INSERT INTO guestb (id, ...) VALUES ('$id', ...)";  
  13.   
  14. mysql_query($sqlcommand)   
  15.   or die("Error: " . mysql_error());  
  16.   
  17. echo "thx for your entry";  

modified code
  1. $id = time();  
  2.   
  3. $name = addslashes($name);  
  4. $email = addslashes($email);  
  5. $homepage = addslashes($homepage);  
  6. $message = addslashes($message);  
  7. ...  
  8.   
  9. $pos = strpos($message,"[url");  
  10.   
  11. if ($pos === false) {  
  12.   $sqlcommand =   
  13.        "INSERT INTO guestb (id, ...) VALUES ('$id', ...)";  
  14.       
  15.   mysql_query($sqlcommand)   
  16.       or die("Error: " . mysql_error());  
  17. }  
  18.   
  19. echo "thx for your entry";  

Read more...