[TAC] Fool Bot Honey Pot

[TAC] Fool Bot Honey Pot [Paid] 3.0.32

No permission to buy ($29.00)
Overview Updates (79) Reviews (28) History Discussion
OK... may have figured out what it is. Disable External Accounts Extended and it works with both enabled. Re-enable External Accounts Extended and it appears to work again.
Guess it's something in @silence's add-on that is causing the problem.
 
Tracy Perry said:
I'll grab it and regress it. Guess I need to uninstall and delete all the files to get a clean install.
Click to expand...
Yes, you will almost always need to unistall if installing an older plugin (unless the plugin creator has not changed the plugin version id)

Tracy Perry said:
On login. It seems to redirect you to the registration page like it doesn't recognize you after putting the code in for 2 factor.
Click to expand...
Login is not an area the FBHP touches (only pre_dispatch and I'll probably change that soon, but that wont be the issue)

As far as I can see FreddysHouse 2 factor authentication looks quite well coded from an OO point of view (nothing should cause clashes), it calls the parent correctly.
The only thing I can see that might have a clash with other addons and is in the public area is:

XenForo_ControllerPublic_Login::actionLogin()
- Since this is the only public class that is extended and where a core method has been overridden.
(XenForo_ControllerPublic_Account has also been extended, but I can't see any core methods that have been overridden)

But, it doesn't look like it's an issue with 2 factor (since it passes through the parent), it's possibly more likely to be an issue with the other addon - (unconfirmed, just a 1st glance guess)

FBHP does not touch actionLogin() (none of the TAC plugins do), so it won't be an issue with FBHP.
I imagine if you have the bug when installing this version of FBHP, you probably had it with the last version too - can you confirm this?

The "extended logons add-on" does sound like a likely candidate, since it will very likely do something with actionLogin()
(I can't confirm that's where your conflict is, since I can't see the code for extended logons, but it does sound like a likely candidate)
 
tenants said:
The "extended logons add-on" does sound like a likely candidate, since it will very likely do something with actionLogin()
(I can't confirm that's where your conflict is, since I can't see the code for extended logons, but it does sound like a likely candidate)
Click to expand...
It's definitely the Extended Logons by @silence that is the problem. It occurs on all three sites. I can disable the 2 factor authentications and everything works.... so apparently he's got some bad code somewhere in it.
 
Got a couple of these today using the latest version:
ErrorException: Undefined variable: foundSpamAnyApi - library/Tac/FoolBotHoneyPot/Model/Log.php:335
Generated By: Unknown Account, Today at 7:35 AM
Stack Trace
#0 /home/sites/avforums/public_html/library/Tac/FoolBotHoneyPot/Model/Log.php(335): XenForo_Application::handlePhpError(8, 'Undefined varia...', '/home/sites/avf...', 335, Array)
#1 /home/sites/avforums/public_html/library/Tac/FoolBotHoneyPot/ControllerPublic/Register.php(643): Tac_FoolBotHoneyPot_Model_Log->logBot(Object(XenForo_Options), Array, NULL, '$R??', false, Array, 'sandora', 'lbw25147@ssoia....', 39, 1, NULL, false, false, Array)
#2 /home/sites/avforums/public_html/library/UserEss/ControllerPublic/Register.php(68): Tac_FoolBotHoneyPot_ControllerPublic_Register->actionRegister()
#3 /home/sites/avforums/public_html/library/XenForo/FrontController.php(347): UserEss_ControllerPublic_Register->actionRegister()
#4 /home/sites/avforums/public_html/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#5 /home/sites/avforums/public_html/index.php(13): XenForo_FrontController->run()
#6 {main}
Request State
array(3) {
["url"] => string(79) "http://www.avforums.com/register/register?dfe35538d6c4f0bda9=810e3538d6c4f0b010"
["_GET"] => array(2) {
["/register/register"] => string(0) ""
["dfe35538d6c4f0bda9"] => string(18) "810e3538d6c4f0b010"
}
["_POST"] => array(44) {
["username"] => string(18) "abaf1b4e8d0e34afa3"
["f2ef4538d6c4f0b102"] => string(0) ""
["df136538d6c4f0bf1c"] => string(0) ""
["120ac538d6c4f0c08c"] => string(0) ""
["e8c9e538d6c4f0c51e"] => string(7) "sandora"
["345ed538d6c4f0b6f9"] => string(0) ""
["b1d86538d6c4f0b9d4"] => string(0) ""
["4aea5538d6c4f0b54a"] => string(0) ""
["d309c538d6c4f0c5dc"] => string(0) ""
["524e1538d6c4f0c143"] => string(0) ""
["63b0f538d6c4f0c180"] => string(0) ""
["31333538d6c4f0b50e"] => string(0) ""
["email"] => string(42) "x@819978f0-0b0f-11e2-892e-0800200c9a66.com"
["976ae538d6c4f0be61"] => string(0) ""
["c1e45538d6c4f0b458"] => string(0) ""
["e5d52538d6c4f0c1be"] => string(0) ""
["3338a538d6c4f0b82a"] => string(0) ""
["e2394538d6c4f0bf96"] => string(18) "lbw25147@ssoia.com"
["57d09538d6c4f0bb87"] => string(9) "joyoboyo1"
["42ac3538d6c4f0b736"] => string(9) "joyoboyo1"
["5ded0538d6c4f0c428"] => string(0) ""
["f8008538d6c4f0c3ad"] => string(0) ""
["4119c538d6c4f0bcb7"] => string(0) ""
["a9515538d6c4f0b2ac"] => string(0) ""
["password"] => string(8) "********"
["password_confirm"] => string(8) "********"
["212cd538d6c4f0b0c5"] => string(0) ""
["75a21538d6c4f0ba4f"] => string(0) ""
["dob_month"] => string(1) "3"
["dob_day"] => string(2) "14"
["dob_year"] => string(4) "1987"
["c8f06538d6c4f0b1b9"] => string(0) ""
["81b77538d6c4f0c2b7"] => string(0) ""
["gender"] => string(4) "male"
["fe2a4538d6c4f0b3de"] => string(6) "female"
["41cdd538d6c4f0b867"] => string(0) ""
["timezone"] => string(14) "Pacific/Midway"
["b6e36538d6c4f0b2ea"] => string(14) "Pacific/Midway"
["3b659538d6c4f0b773"] => string(14) "Pacific/Midway"
["68487538d6c4f0b13f"] => string(14) "Pacific/Midway"
["97061538d6c4f0bf59"] => string(12) "Asia/Bangkok"
["agree"] => string(1) "1"
["_xfToken"] => string(8) "********"
["reg_key"] => string(32) "5cd6cf0ee753b4edacc210e7d6fcb6c1"
}
}
Click to expand...
 
Stuart Wright said:
Got a couple of these today using the latest version:
Click to expand...
already fixed, see: http://xenforo.com/community/thread...ion-page-honey-pots.37063/page-28#post-772776
But hang on, didn't you report that already:
http://xenforo.com/community/thread...-fraud-any-api-thing.45358/page-2#post-771808

Have you really updated to the latest version (replaced all of the files)
FoolBotHoneyPot_v2_4_03b.zip (note the b)

I've checked that zip, and "foundSpamAnyApi" is definitely defined
Tac_FoolBotHoneyPot_Model_Log: (found in file: library/Tac/FoolBotHoneyPot/Model/Log.php) line 295:
Code: 
public function logBot(...$foundSpamAnyApi)
 
Last edited:
tenants said:
already fixed, see: http://xenforo.com/community/thread...ion-page-honey-pots.37063/page-28#post-772776
But hang on, didn't you report that already:
http://xenforo.com/community/thread...-fraud-any-api-thing.45358/page-2#post-771808

Have you really updated to the latest version (replaced all of the files)
FoolBotHoneyPot_v2_4_03b.zip (note the b)

I've checked that zip, and "foundSpamAnyApi" is definitely defined
Tac_FoolBotHoneyPot_Model_Log: (found in file: library/Tac/FoolBotHoneyPot/Model/Log.php) line 295:
Code: 
public function logBot(...$foundSpamAnyApi)
Click to expand...
Many apologies. I did check the version, but missed the 'b' suffix. Have upgraded. Many thanks for the quick reply.
 
Hey,

I installed the Free Version for testing, before i buy the Branding Free Version. But i really dont know how this is working. I dont changed the FBHP Options in the ACP, its all Default. So, must i disable the XenForo Anti-Spam Settings? Or can i leave it, and everything should working? :cool:

Thx
 
It works out of the box, you don't need to change any settings. Just look at the logs in the ACP and you will notice that it detects the bots when they attempt to register

It gives quite a lot of evidence, such as:

upload_2014-6-15_9-6-37.webp
 
Hi There,

We just got this error for honeypot:

Code: 
Server Error Log
Error Info
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Incorrect string value: '\xD3RIA (...' for column 'is_proxy' at row 1 - library/Zend/Db/Statement/Mysqli.php:214
Generated By: Unknown Account, Today at 6:31 AM
Stack Trace
#0 /home/pgweb/public_html/forums/library/Zend/Db/Statement.php(297): Zend_Db_Statement_Mysqli->_execute(Array)
#1 /home/pgweb/public_html/forums/library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 /home/pgweb/public_html/forums/library/Zend/Db/Adapter/Abstract.php(574): Zend_Db_Adapter_Abstract->query('INSERT INTO `sf...', Array)
#3 /home/pgweb/public_html/forums/library/XenForo/DataWriter.php(1624): Zend_Db_Adapter_Abstract->insert('sf_foolbothoney...', Array)
#4 /home/pgweb/public_html/forums/library/XenForo/DataWriter.php(1613): XenForo_DataWriter->_insert()
#5 /home/pgweb/public_html/forums/library/XenForo/DataWriter.php(1405): XenForo_DataWriter->_save()
#6 /home/pgweb/public_html/forums/library/Tac/FoolBotHoneyPot/Model/Log.php(380): XenForo_DataWriter->save()
#7 /home/pgweb/public_html/forums/library/Tac/FoolBotHoneyPot/ControllerPublic/Register.php(643): Tac_FoolBotHoneyPot_Model_Log->logBot(Object(XenForo_Options), false, NULL, '???#', Array, Array, 'EmmaZdn', 'baduippf@hotmai...', 3, 0, NULL, true, false, Array, false)
#8 /home/pgweb/public_html/forums/library/UserEss/ControllerPublic/Register.php(68): Tac_FoolBotHoneyPot_ControllerPublic_Register->actionRegister()
#9 /home/pgweb/public_html/forums/library/Tac/CustomImgCaptcha/ControllerPublic/Register.php(51): UserEss_ControllerPublic_Register->actionRegister()
#10 /home/pgweb/public_html/forums/library/XenForo/FrontController.php(347): Tac_CustomImgCaptcha_ControllerPublic_Register->actionRegister()
#11 /home/pgweb/public_html/forums/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#12 /home/pgweb/public_html/forums/index.php(13): XenForo_FrontController->run()
#13 {main}
Request State
array(3) {
  ["url"] => string(102) "http://www.precursorgames.com/forums/index.php?register/register&39e0e53a55ef92fe71=b146153a55ef92fc63"
  ["_GET"] => array(2) {
    ["register/register"] => string(0) ""
    ["39e0e53a55ef92fe71"] => string(18) "b146153a55ef92fc63"
  }
  ["_POST"] => array(44) {
    ["faaf953a55ef930fac"] => string(0) ""
    ["329a853a55ef92ddfe"] => string(0) ""
    ["f97e353a55ef9315df"] => string(0) ""
    ["aa3a253a55ef92ef50"] => string(0) ""
    ["e2ab953a55ef92ed40"] => string(0) ""
    ["username"] => string(7) "EmmaZdn"
    ["86c2453a55ef92e397"] => string(0) ""
    ["3ed4253a55ef9304aa"] => string(0) ""
    ["f78a853a55ef92f793"] => string(0) ""
    ["862fd53a55ef930d9d"] => string(20) "baduippf@hotmail.com"
    ["c50c953a55ef92e709"] => string(0) ""
    ["44a8353a55ef92ff21"] => string(0) ""
    ["99dfd53a55ef92ebe1"] => string(0) ""
    ["email"] => string(20) "baduippf@hotmail.com"
    ["ca4b653a55ef93173e"] => string(0) ""
    ["c913f53a55ef930085"] => string(0) ""
    ["1539e53a55ef930979"] => string(0) ""
    ["e1a6953a55ef9317f2"] => string(0) ""
    ["43cd953a55ef9318a8"] => string(0) ""
    ["ef95a53a55ef9301e4"] => string(0) ""
    ["700f153a55ef92f6e4"] => string(0) ""
    ["397cd53a55ef92dd4f"] => string(0) ""
    ["7d2d953a55ef930ada"] => string(0) ""
    ["9ca8253a55ef930c3d"] => string(0) ""
    ["1351e53a55ef92f36e"] => string(0) ""
    ["817a253a55ef93126c"] => string(0) ""
    ["password"] => string(8) "********"
    ["password_confirm"] => string(8) "********"
    ["dob_month"] => string(1) "9"
    ["dob_day"] => string(2) "28"
    ["dob_year"] => string(4) "1973"
    ["3f25653a55ef92d548"] => string(0) ""
    ["gender"] => string(0) ""
    ["3638253a55ef930a29"] => string(0) ""
    ["9263853a55ef930348"] => string(0) ""
    ["986a453a55ef92d9b2"] => string(0) ""
    ["timezone"] => string(14) "Pacific/Midway"
    ["95eec53a55ef92e2e4"] => string(14) "Pacific/Midway"
    ["4636253a55ef92e5a4"] => string(14) "Pacific/Midway"
    ["5461353a55ef92ee9f"] => string(14) "Pacific/Midway"
    ["9b87853a55ef930298"] => string(14) "Pacific/Midway"
    ["agree"] => string(1) "1"
    ["_xfToken"] => string(8) "********"
    ["reg_key"] => string(32) "0dfaac80d1aad89980a0fa2a49e24fc4"
  }
}
 
Hey--
We've been having a lot of success with this add-on in terms of blocking bot registrations. :D

I noticed however that in certain styles like Space by Xencrea where the background isn't solid, you can see duplicate fields in the background. Is there any way to hide those?
space-xencrea-foolbot.webp
 
Dinosaur said:
Hey--
We've been having a lot of success with this add-on in terms of blocking bot registrations. :D

I noticed however that in certain styles like Space by Xencrea where the background isn't solid, you can see duplicate fields in the background. Is there any way to hide those?
View attachment 76413
Click to expand...

That's interesting, I'll take a look at non solid backgrounds before next release. I think I may have already fixed this (since that hidden email field should have 0 width & 0 height)

DaiAku said:
Code: 
Incorrect string value: '\xD3RIA (...' for column 'is_proxy' at row 1 - library/Zend/Db/Statement/Mysqli.php:214
Click to expand...

This hasn't been seen before, I wonder why now (it seems to be very rare)

For 'is_proxy' the only place a non string value could come from the user is from:
$ReverseDNS = gethostbyaddr($ipAddress);
$ReverseDNSIP = gethostbyname($ReverseDNS);

But the datawriter will prevent any non strings from getting in, so to be honest @DaiAku this sounds like a collations issue

If you log in to your database (phpmyadmin) and check the collation for the table sf_foolbothoneypot_log (column: is_proxy) what does it say, it should say "utf8_general_ci"

upload_2014-6-22_10-24-34.webp
 
Last edited:
tenants said:
That's interesting, I'll take a look at solid backgrounds before next release. I think I may have already fixed this (since that hidden email field should have 0 width & 0 height)



This hasn't been seen before, I wonder why now (it seems to be very rare)

For 'is_proxy' the only place a non string value could come from the user is from:
$ReverseDNS = gethostbyaddr($ipAddress);
$ReverseDNSIP = gethostbyname($ReverseDNS);

But the datawriter will prevent any non strings from getting in, so to be honest @DaiAku this sounds like a collations issue

If you log in to your database (phpmyadmin) and check the collation for the table sf_foolbothoneypot_log (column: is_proxy) what does it say, it should say "utf8_general_ci"

View attachment 76416
Click to expand...

Huh, just saw this in the middle of the forum upgrade to 1.3.3. Let me check this out and get back to you.
 
tenants said:
That's interesting, I'll take a look at non solid backgrounds before next release. I think I may have already fixed this (since that hidden email field should have 0 width & 0 height)



This hasn't been seen before, I wonder why now (it seems to be very rare)

For 'is_proxy' the only place a non string value could come from the user is from:
$ReverseDNS = gethostbyaddr($ipAddress);
$ReverseDNSIP = gethostbyname($ReverseDNS);

But the datawriter will prevent any non strings from getting in, so to be honest @DaiAku this sounds like a collations issue

If you log in to your database (phpmyadmin) and check the collation for the table sf_foolbothoneypot_log (column: is_proxy) what does it say, it should say "utf8_general_ci"

View attachment 76416
Click to expand...

DaiAku said:
Huh, just saw this in the middle of the forum upgrade to 1.3.3. Let me check this out and get back to you.
Click to expand...

Hi I've checked on the server side in phpmyadmin and the collation is uttf8_general_ci as it should be... any other thoughts?
 
tenants said:
Are you the same person / admin the same forum as @DaiAku (or see the same error "Incorrect string value"?)
Has this error only ever occurred once?
Click to expand...

He is an admin on the same sight as me and we manage the site together. Sorry, we should have been more clear. We have only seen this error once.
 
Hello, when trying to update to the latest version of this plugin, now on Xenforo V 1.3.2, i get the following error in my Server Error Log, in Xenforo, and the update never is completed,
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : The total number of locks exceeds the lock table size - library/Zend/Db/Statement/Mysqli.php:214

#0 /var/www/html/library/Zend/Db/Statement.php(297): Zend_Db_Statement_Mysqli->_execute(Array)
#1 /var/www/html/library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 /var/www/html/library/Tac/FoolBotHoneyPot/Install.php(279): Zend_Db_Adapter_Abstract->query('????????UPDATE ...')
#3 /var/www/html/library/Tac/FoolBotHoneyPot/Install.php(144): Tac_FoolBotHoneyPot_Install::updateHiddenCountForLogs(Object(Zend_Db_Adapter_Mysqli))
#4 [internal function]: Tac_FoolBotHoneyPot_Install::installCode(Array, Array, Object(SimpleXMLElement))
#5 /var/www/html/library/XenForo/Model/AddOn.php(215): call_user_func(Array, Array, Array, Object(SimpleXMLElement))
#6 /var/www/html/library/XenForo/Model/AddOn.php(169): XenForo_Model_AddOn->installAddOnXml(Object(SimpleXMLElement), 'FoolBotHoneyPot')
#7 /var/www/html/library/XenForo/ControllerAdmin/AddOn.php(236): XenForo_Model_AddOn->installAddOnXmlFromFile('/tmp/phpCm7fK4', 'FoolBotHoneyPot')
#8 /var/www/html/library/XenForo/FrontController.php(347): XenForo_ControllerAdmin_AddOn->actionUpgrade()
#9 /var/www/html/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#10 /var/www/html/admin.php(13): XenForo_FrontController->run()
#11 {main}

Please let me know if you could assist. Thank you.
 
Last edited:
In the install file, comment this out, like so:

Code: 
/*
        if(!$hasStats)
        {
            self::updateHiddenCountForLogs($db);
            $statsModel = XenForo_Model::create('Tac_FoolBotHoneyPot_Model_Stats');
            $statsModel->buildStatsDataFromLogs();
        }
*/

What I try to do is build the stats from your previous logs (but it's not needed, and if your logs are too large / or you have a small buffer size, this might happen, but I've not run into it). It's a one off upgrade

=> Alternatively, uninstall this addon (which will clear your logs), then reinstall
(To prevent this, on upgrade, I should chop down the log size before using it for stats if no stats are present)
 
Last edited:
Hello :)

I'm just curious - we have confirmed that this user is not a bot, but he was able to alter a hidden field... any idea how this might happen? Not sure what to tell the user to allow him to register. Maybe an "autofill" issue or something? I'm a newbie when it comes to this stuff ;)

Screenshot at Jun 26 08-38-40.webp
 
You must log in or register to reply here.
Top Bottom