Hide UnApproved Users

On one of the sites that I run that uses the XMB Forum software we had a number of spurious User Registrations, which were creating 'SPAM' accounts - accounts in which the Site and Avatar links referred to sites of a dubious nature, usually pornographic sites.

To remedy this, we implemented the Member Approval v2 (current version is 2.1) hack from XMHacks, which ensured that these users could not post on the site until their accounts were approved by an Administrator. However, this still did not resolve the second set of SPAM accounts, as the URL's were still visible in the user list and the accounts still appeared in various parts of the XMB Forum system - e.g. Newest Member listing on the front page, included in the Stats for the forum etc.

To resolve this, we enhanced the Member Approval script to ensure that the new registrations did not appear on the site or in the statistics for the site until the account had been approved by one of the Forum Administators. This hack is documented here and requires that the Member Approval v2 hack is installed first.

The first file that we need to amend is misc.php, to remove this type of users from appearing in the Forum's searchable member lists or member counts.

elseif($srchmem == "")
    $querymem = $db->query("SELECT * FROM $table_members WHERE status != 'Not Approved' ORDER BY $order $desc LIMIT $start_limit, $memberperpage");
    $num = $db->result($db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved'"), 0);
    $staff = '';
    $querymem = $db->query("SELECT * FROM $table_members WHERE status != 'Not Approved' AND username LIKE '%$srchmem%' ORDER BY $order $desc LIMIT $start_limit, $memberperpage");
    $num = $db->result($db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved' AND username LIKE '%$srchmem%'"), 0);
    $staff = '';

Next we will amend the stats.php to ensure that they do not appear in the statistics for the site :

// Get total amount of members
$query=$db->query("SELECT COUNT(*) FROM $table_members WHERE status != 'Not Approved'");

Lastly, we need to amend the code that generates the front page of the Forum, to remove these users from the user count and potentially being listed as the newest user, these changes will need to be made to the index.php file.

// Start Whos Online and Stats
$query = $db->query("SELECT username FROM $table_members WHERE status != 'Not Approved' ORDER BY regdate DESC LIMIT 1");
$lastmem = $db->fetch_array($query);
$lastmember = $lastmem['username'];
$query = $db->query("SELECT count(uid) FROM $table_members WHERE status != 'Not Approved'");
$members = $db->result($query, 0);

The final change is an addition to the Member Approval v2 hack so that the Admin users are now emailed as well as sent a U2U message that a user has registered and requires their account to be activated, again this is a change to the member.php file :

$adminquery = $db->query("SELECT username AS adminuser, email FROM $table_members WHERE status='Administrator'");
while($adminu2u = $db->fetch_array($adminquery)) {
    $db->query("INSERT INTO $table_u2u VALUES('', '$adminu2u[adminuser]', '$bbname', '" . time() . "', '$lang_newu2u_adminsubject', '$lang_newu2u_adminmessage', 'inbox', 'yes', 'no')");
    mail("$adminu2u[email]","$lang_newu2u_adminsubject","$lang_newemail_adminmessage", "From: $bbname <$adminemail>");
if($emailcheck == "on") {
    mail($email, "$lang_textyourpw", "$lang_textyourpwis \n\n$username\n$password2", "From: $bbname <$adminemail>");

To support the above change to the Member Approval v2 hack, we need to add an additional entry into the Language file English.lang.php as follows :

$lang_newemail_adminmessage="A New User using the UserName $username has registered on $bbname, please login and approve them so they can become an active member of the forum.";

These changes will ensure that non Approved users of your XMB Forum do not appear in the membership list, count of members or Forum statistics until they have been approved by a Forum Administrator. This customisation can be seen on my Personal or the GenerationCross forum.

This hack has just been added to the 'approved' list at XMB Hacks.

Website Designed by Adservio Consulting      Bookmark and Share Valid HTML 4.01 Strict    Valid CSS!    Level A conformance icon, W3C-WAI Web Content Accessibility Guidelines 1.0