From 44e91af3fd631752e4de74673b591bce17ce7a79 Mon Sep 17 00:00:00 2001
From: Arun Persaud <arun@nubati.net>
Date: Sat, 17 Jan 2009 22:50:05 -0800
Subject: [PATCH] NEW FEATURE: add a random math question to the registration
 progress to get rid of robots

make it harder for robots to register
---
 include/output.php   | 16 +++++++++++
 include/register.php | 68 ++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 79 insertions(+), 5 deletions(-)
diff --git a/include/output.php b/include/output.php
index 48f31e4..395e4ec 100644
--- a/include/output.php
+++ b/include/output.php
@@ -440,4 +440,20 @@ function output_user_notes($userid,$gameid,$userstatus)
   return;
 }
 
+function output_robotproof($i)
+{
+  switch($i)
+    {
+    case 0:
+      return "6*7=";
+    case 1:
+      return "5*7=";
+    case 2:
+      return "4*7=";
+    case 3:
+      return "3*7=";
+    case 4:
+      return "2*7=";
+    }
+}
 ?>
\ No newline at end of file
diff --git a/include/register.php b/include/register.php
index 797e605..7f3266b 100644
--- a/include/register.php
+++ b/include/register.php
@@ -12,17 +12,59 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
 
     /* is this name already in use/ */
     $ok=1;
-    if(DB_get_userid('name',$_REQUEST["Rfullname"]))
+    if(DB_get_userid('name',$_REQUEST['Rfullname']))
       {
 	echo "please chose another name<br />";
 	$ok=0;
       }
     /* check if email address is already used */
-    if(DB_get_userid('email',$_REQUEST["Remail"]))
+    if(DB_get_userid('email',$_REQUEST['Remail']))
       {
 	echo "this email address is already used ?!<br />";
 	$ok=0;
       }
+    /* check against robots */
+    $robots=0; /* at least one anti-robot question needs to be answered */
+    if(myisset('Robotproof0'))
+      {
+	if($_REQUEST['Robotproof0']!=42)
+	  $ok=0;
+	else
+	  $robot=1;
+      }
+    else if(myisset('Robotproof1'))
+      {
+	if($_REQUEST['Robotproof1']!=35)
+	  $ok=0;
+	else
+	  $robot=1;
+      }
+    else if(myisset('Robotproof2'))
+      {
+	if($_REQUEST['Robotproof2']!=28)
+	  $ok=0;
+	else
+	  $robot=1;
+      }
+    else if(myisset('Robotproof3'))
+      {
+	if($_REQUEST['Robotproof3']!=21)
+	  $ok=0;
+	else
+	  $robot=1;
+      }
+    else if(myisset('Robotproof4'))
+      {
+	if($_REQUEST['Robotproof4']!=14)
+	  $ok=0;
+	else
+	  $robot=1;
+      }
+    if($robot==0)
+      {
+	echo "You answered the math question wrong. <br />\n";
+	$ok=0;
+      }
 
     /* everything ok, go ahead and create user */
     if($ok)
@@ -44,6 +86,10 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
 	else
 	  echo " something went wrong, couldn't add you to the database, please contact $ADMIN_NAME at $ADMIN_EMAIL.";
       }
+    else
+      {
+	echo "Couldn't register you. Please <a href=\"index.php?action=register\">try again</a>! </br />\n";
+      }
   }
  else
    {
@@ -59,13 +105,13 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
              <table>
               <tr>
                <td><label for="Rfullname">Full name:</label></td>
-	       <td><input type="text" id="Rfullname" name="Rfullname" size="20" maxsize="30" /> </td>
+	       <td><input type="text" id="Rfullname" name="Rfullname" size="20" maxlength="30" /> </td>
               </tr><tr>
                <td><label for="Remail">Email:</label></td>
-	       <td><input type="text" id="Remail" name="Remail" size="20" maxsize="30" /></td>
+	       <td><input type="text" id="Remail" name="Remail" size="20" maxlength="30" /></td>
               </tr><tr>
 	       <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>
-               <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxsize="30" /></td>
+               <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>
               </tr><tr>
 	       <td><label for="Rtimezone">Timezone:</label></td>
                <td>
@@ -73,8 +119,20 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
                output_select_timezone("Rtimezone");
 ?>
 	       </td>
+              </tr><tr>
+              </tr><tr>
+<?php
+              /* random number to select robotproof question */
+	      $rand_number = mt_rand(0,3); /* to get numbers between 0 and 4  */
+              $Robotproof = "Robotproof".$rand_number;
+?>
+		<td><label for="Robotproof">Please answer this question: <?php echo output_robotproof($rand_number); ?></label></td>
+<?php
+	 echo "<td><input type=\"text\" id=\"$Robotproof\" name=\"$Robotproof\" size=\"20\" maxlength=\"30\" /></td>\n";
+?>
               </tr><tr>
                <td colspan="2"> <input type="submit" value="register" /></td>
+              </tr>
              </table>
           </fieldset>
         </form>
-- 
2.25.1


Full name:
Email:
Password(will be displayed in cleartext on the next page):
Timezone:	@@ -73,8 +119,20 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") ) output_select_timezone("Rtimezone"); ?>
Please answer this question: