To remedy this, we implemented the Member Approval addon/hack from the now defunct XMHacks website, which ensured that these users could not post on the site until their accounts were approved by an Administrator. However, this still did not resolve the second set of SPAM accounts, as the URL's were still visible in the user list and the accounts still appeared in various parts of the XMB Forum system - e.g. Newest Member listing on the front page, included in the Stats for the forum etc.
To resolve this, we enhanced the Member Approval script to ensure that the new registrations did not appear on the site or in the statistics for the site until the account had been approved by one of the Forum Administators. This hack is documented here and requires that the Member Approval v2 hack is installed first.
The first file that we need to amend is misc.php, to remove this type of users from appearing in the Forum's searchable member lists or member counts.
elseif($srchmem == "")
{
$querymem = $db->query("SELECT * FROM $table_members WHERE status != 'Not Approved' ORDER BY $order $desc LIMIT $start_limit, $memberperpage");
$num = $db->result($db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved'"), 0);
$staff = '';
}
else
{
$querymem = $db->query("SELECT * FROM $table_members WHERE status != 'Not Approved' AND username LIKE '%$srchmem%' ORDER BY $order $desc LIMIT $start_limit, $memberperpage");
$num = $db->result($db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved' AND username LIKE '%$srchmem%'"), 0);
$staff = '';
}
// Get total amount of members
$query=$db->query("SELECT COUNT(*) FROM $table_members WHERE status != 'Not Approved'");
$members=$db->result($query,0);
// Start Whos Online and Stats
$query = $db->query("SELECT username FROM $table_members WHERE status != 'Not Approved' ORDER BY regdate DESC LIMIT 1");
$lastmem = $db->fetch_array($query);
$lastmember = $lastmem['username'];
$query = $db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved'");
$members = $db->result($query, 0);
$adminquery = $db->query("SELECT username AS adminuser, email FROM $table_members WHERE status='Administrator'");
while($adminu2u = $db->fetch_array($adminquery)) {
$db->query("INSERT INTO $table_u2u VALUES('', '$adminu2u[adminuser]', '$bbname', '" . time() . "', '$lang_newu2u_adminsubject', '$lang_newu2u_adminmessage', 'inbox', 'yes', 'no')");
mail("$adminu2u[email]","$lang_newu2u_adminsubject","$lang_newemail_adminmessage", "From: $bbname <$adminemail>");
}
if($emailcheck == "on") {
mail($email, "$lang_textyourpw", "$lang_textyourpwis \n\n$username\n$password2", "From: $bbname <$adminemail>");
$lang_newemail_adminmessage="A New User using the UserName $username has registered on $bbname, please login and approve them so they can become an active member of the forum.";
These changes will ensure that non Approved users of your XMB Forum do not appear in the membership list, count of members or Forum statistics until they have been approved by a Forum Administrator.This hack has just been added to the 'approved' list on the XMB Hacks site, but has not been checked against newer versions of the forum.