this post was submitted on 13 Dec 2023
0 points (50.0% liked)

PHP

375 readers
1 users here now

<?

namespace lemmy\php;

/*

Welcome to the PHP community on Lemmy

#Rules:

1: Soon(TM)

#Helpful stuff:

PHP Documentation

Composer

PHP Standards

#Common frameworks:

Symfony

Larvel

*/

echo "Welcome";

founded 2 years ago
MODERATORS
Madpeter@lemmy.world
0
Even with a strong Captcha system in place, you will still find users trying to manually spam your web site. They tend to be people who discover your site through a very specific search engine query, (kbin.social)
submitted 1 year ago by xiffu@kbin.social to c/php@lemmy.world
4 comments fedilink hide all child comments
 

Even with a strong Captcha system in place, you will still find users trying to manually spam your web site. They tend to be people who discover your site through a very specific search engine query, for which they would like their own site to also rank well, and they hope that by adding a link back to their site from yours this will happen. Using this recipe, you can specify a set of keywords that will trigger spam detection, and then use the level of spam certainty returned by the function to decide whether to ignore a user post. https://www.chat-to.dev/post?id=11 #php #programming

you are viewing a single comment's thread
view the rest of the comments
[–] remotelove@lemmy.ca 3 points 1 year ago

Why would you trust any user input to begin with? If a person can spam links, there are bigger problems on the site. I would immediately start trying any and all forms of html and script injection if I saw that problem. The data is probably going back to a database anyway, so that is probably vulnerable as well.

Comparing against a short word list is also a lost cause. The input needs to be fully sanitized before it even gets shown.

I applaud the effort to teach, but there are more conceptual issues that need to be addressed first.