Disable homepage link for guests?

[cmeinck]

I just migrated another vB site to XF. My first new user was a spammer who set up a shiny new profile pic, status update complete with a spam link in the homepage field. While signature links are easily detected, it's impossible to check every new member's account to see if they simply signed up to spam.

Is it possible to set this profile field so that only registered members see the link?

Is it possible to set it to no-follow?

Thoughts?

 

[James]

Use the conditional: <xen:if is="$visitor.user_id"> homepage </xen:if> in the appropriate area. Member_view and member_card I think, off the top of my head.

 

[cmeinck]

Use the conditional: <xen:if is="$visitor.user_id"> homepage </xen:if> in the appropriate area. Member_view and member_card I think, off the top of my head.

Wouldn't that do the opposite -- show links to guests? I don't mind members seeing the links. I don't want guests (search engines) to see the links. That would remove the incentive for spammers to even bother.

 

[Paul B]

James is correct, that is the correct conditional to only show to logged in users.

<xen:if is="{$visitor.user_id}"> - Only show when logged in

<xen:if is="!{$visitor.user_id}"> - Only show when not logged in

 

[cmeinck]

Use the conditional: <xen:if is="$visitor.user_id"> homepage </xen:if> in the appropriate area. Member_view and member_card I think, off the top of my head.

James is correct, that is the correct conditional to only show to logged in users.

Thanks guys. I appreciate it.

 

[James]

Woops, I forgot my curlies. I am on my mobile, minimal effort is prudent. Brogan's conditional is correct.

 

[cmeinck]

Looks like member_view is indeed where I need to make my edits. I tried a few, but thankfully XF knows that I'm not a coder. The spammer also used the 'About' section, so I'm going to want to wrap that code also.

I'm not 100% sure, but I think this is the code that needs the conditional.

        <xen:if is="{$user.homepage}">
                                            <dl><dt>{xen:phrase home_page}:</dt> <dd><a href="{xen:string censor, $user.homepage}" rel="nofollow" target="_blank">{xen:string censor, $user.homepage}</a></dd></dl>
                                        </xen:if>

 <xen:if is="{$user.about}"><div class="baseHtml ugc">{xen:raw $user.aboutHtml}</div></xen:if>

Any input is greatly appreciated.

 

[Paul B]

Try wrapping the code you want to hide to guests in the conditional, like so:

<xen:if is="{$visitor.user_id}">
Code to hide here
</xen:if>

 

[cmeinck]

This worked perfectly. Here's the code changes I made that will help anyone who has spammers on their site. There are two areas where they targeted to show spam links (in addition to signature links, which can be handled through Options), homepage links and about. Thanks to Brogan and James' conditionals, their evil plot can be foiled.

Find the member_view template.

Find this:

<xen:if is="{$user.about}"><div class="baseHtml ugc">{xen:raw $user.aboutHtml}</div></xen:if>

Replace with:

<xen:if is="{$visitor.user_id}">
<xen:if is="{$user.about}"><div class="baseHtml ugc">{xen:raw $user.aboutHtml}</div></xen:if></xen:if>

Find this:

<xen:if is="{$user.homepage}">
                                            <dl><dt>{xen:phrase home_page}:</dt> <dd><a href="{xen:string censor, $user.homepage}" rel="nofollow" target="_blank">{xen:string censor, $user.homepage}</a></dd></dl>
                                        </xen:if>

Replace with:

<xen:if is="{$visitor.user_id}">
<xen:if is="{$user.homepage}">
                                            <dl><dt>{xen:phrase home_page}:</dt> <dd><a href="{xen:string censor, $user.homepage}" rel="nofollow" target="_blank">{xen:string censor, $user.homepage}</a></dd></dl>
                                        </xen:if></xen:if>

Find this:

<xen:if is="{$user.homepage}">
                    <dt>{xen:phrase home_page}:</dt>
                    <dd><a href="{xen:string censor, $user.homepage}" rel="nofollow" target="_blank" itemprop="url">{xen:string censor, $user.homepage}</a></dd>
                </xen:if>

Replace with:

<xen:if is="{$visitor.user_id}">
                <xen:if is="{$user.homepage}">
                    <dt>{xen:phrase home_page}:</dt>
                    <dd><a href="{xen:string censor, $user.homepage}" rel="nofollow" target="_blank" itemprop="url">{xen:string censor, $user.homepage}</a></dd>
                </xen:if></xen:if>

 

[cmeinck]

The one piece that I'm missing is the Recent Activity. In this case, the spammer created a homepage link. Most of this isn't viewable by guests (search engines) using the above modifications. However, if you select recent activity, a link remains to the spammer's link where they set homepage.

Any suggestions for removing that?

Thanks.

 

[Paul B]

Do you want to hide the recent activity page content to guests?

If so, just edit the news_feed_page_global template to add the guest conditional.

 

[James]

I think cmeinck wishes to remove the spammer's spammed content (links etc.) from the recent activity feed. I don't think this'll be possible without a modification to remove it from the cache.

 

[borbole]

If you want to totally clean them from the db run this query:

UPDATE xf_user_profile  LEFT JOIN xf_user ON xf_user.user_id = xf_user_profile.user_id SET homepage = '' WHERE xf_user.message_count = 0;

If you are using another prefix for your tables, replace xf_ with your custom prefix.

This will clean all the homepage links for all users with 0 post count.

If you would like to totally clean the signatures as well, run this other query:

UPDATE xf_user_profile  LEFT JOIN xf_user ON xf_user.user_id = xf_user_profile.user_id SET signature = '' WHERE xf_user.message_count = 0;

 

[cmeinck]

Ideally, I want to make edits, so that links do not appear to guests at all. If there is no public link, the incentive to spam is lost.

This way, regardless of whether I catch them (and you cannot catch them all), there is no value assigned to their spamming efforts.

To the best of my knowledge, this activity feed is the last area that's exposed.

 

[cmeinck]

Is there a way to block the Recent Activity content from non-logged in users. I'm going to try conditionals around Profile Posts also. I found a slew of spam on my vB sites. One member signs up and they all flow to to post visitor members to his profile. As an admin, it's difficult (if not impossible) to detect.

When a user is banned, this whole section should be washed. Allowing options to only show this information to registered members would remove any SEO benefit, since the search engines would not see the links.

 

[Paul B]

Is there a way to block the Recent Activity content from non-logged in users.

Only if members have set their account preferences accordingly; i.e Receive your news feed: Members Only

To do it for all members though will require another conditional.

You could run a query in the DB to set it to members only for everyone, but that won't stop them changing it back.

 

[cmeinck]

Only if members have set their account preferences accordingly; i.e Receive your news feed: Members Only

To do it for all members though will require another conditional.

You could run a query in the DB to set it to members only for everyone, but that won't stop them changing it back.

Thanks. I am oh so close to getting this right. I created a test spammer and placed links in homepage, status, signature and posted on another users profile. The conditionals I've set up have all but nuked the typical spammer's attempts.

The only trouble I'm having is with news_feed_page_global.

I must be placing the conditionals incorrectly.

Here's the last area I'm try to block. Do you have any recommendations on where in news_feed_global I should place my conditionals?

 

[Paul B]

The news_feed_page_global template is for Recent Activity: http://xenforo.com/community/recent-activity/

Your screen shot above is for the member_view template.

Try adding the conditional to that.

 

[cmeinck]

The news_feed_page_global template is for Recent Activity: http://xenforo.com/community/recent-activity/

Your screen shot above is for the member_view template.

Try adding the conditional to that.

I just cannot seem to figure it out. Here's a link to this ficticious spammer. Despite spam throughout this profile, profile posts, homepage, about, status -- for the most part, it's not viewable. The only tab I'm having trouble with is the Postings area. A quick look there and you'll see that despite my best efforts, the spammer is still successful.

Do you have any specifics you might share on how to remove this piece from guests?

Thanks again for all your help.

 

[Paul B]

I'm a bit confused as to what it is you're trying to achieve with the Postings tab on profiles.

Do you want to just make them not visible to guests?
In which case you can do that with the View user profiles permission.

If you run the Spam Cleaner on the spammer and delete their content then everything on that tab for the spammer in question will be deleted.