The Background and Reason for the SPAM IP Database and Delete

I actually wrote up half of this article and was still testing the function and lost the whole post, which will teach me for adding it straight into my cms... Anyway I'll write it up again.

So i still have been getting quite a bit of bot comment spam, even after a few other attempts to block this with google recapture, and other techniques, but they still manage to get through which is annoying.

So i had been taking the ip addresses from these spam comments and adding it to an array which i had to update each time i had a new one, so i had to go into the main file and add the new ip, then i had to go into the database and run a delete command for all of the comments matching an IP address.

I was doing this because i thought im not spending time writing a procedure to handle spam. well im sure i have wasted many hours on this now, so im going to make it easy for my self and write a function that you can list the comment and click a button where it will then add the IP address to a block list and also delete all the related spam from that IP.

Sounds easy now that im typing about it, and it is actually i have done the function and page in about an hour ish once i got into the groove. I love that coding groove, but its hard to get into sometimes.

Anyway this is what i did. Some of the code links to other bits in the CMS so this example code probably wont work for you out of the box.

New Spam Block Class

Create a new class extend for the block list to live in.

PHP

class ipblock extends core {

  public $class_extend = true; // this must be set to true! :)

  public $add_to_menu = false;
  public $add_section_button = true; // add this class to the section menu
  public $add_to_admin_menu = false; // add this class to the main admin menu

  public $nice_name = "IPBlock";
  public $nice_description = "Blocked IP Addresses - If you made it here you should not see this...";
    public $db_table_name = "ipblock";
  public $images_enabled = false;

  public $load_array = [
    "id",
    "uid",
    "insdate",
    "title",
    "additional",
    "category",
    "ip",
  ];

}

Load the ips and block them once they are added to this new class and database.

PHP

//Load the IP Blocked List
$ipblock_array = $ipblock->list_distinct(
  "ip",
  0,
  5000,
  "ip",
  "DESC"
);
foreach ($ipblock_array as $ip_block_val) {
  if($_SERVER['REMOTE_ADDR'] == $ip_block_val) {
    echo "no spam thx";
    return false;
  }
}

Change the template for the comments admin list and add a delete button

HTML

<a href='/block-delete/comments/[@user_ip]/' class='btn btn-danger'>Block + Delete [@user_ip]</a>

Create a new block-delete page to handle the blocks and delete functions. this will also check that the ip should be blocked and deleted before proceeding and then allow the user to go back to the comments list if there is any more spam to be blocked or deleted. 

PHP

$alert_template = new template("alert.html");
$alert_template->set("alert_type", "danger");
$alert_template->set("content", "This will delete all $p2 from IP $p3 and block it. Are you sure?");
$alert_html = $alert_template->output();
$page_content .= $alert_html;
$page_content .= "<p><a href='/$p1/$p2/$p3/confirm/' class='btn btn-danger'>Yes Delete and Block</a></p>";
if($p4 == "confirm") {
  $ipblock->title = $p3;
  $ipblock->ip = $p3;
  $ipblock->add();
  $p2_safe = $comments->db->escapeString($p2);
  $p3_safe = $comments->db->escapeString($p3);
  $sql = "delete from $p2_safe where user_ip = '$p3_safe' ";
  $result = $comments->db->query($sql);
  $alert_template = new template("alert.html");
  $alert_template->set("alert_type", "success");
  $alert_template->set("content", "Blocked and Deleted. <a href='/list/$p2/' class='btn btn-primary'>Back to $p2 List</a>");
  $alert_html = $alert_template->output();
  $page_content .= $alert_html;
}

And done. This was actually easier than i thought for some reason i had been putting it off. 

Here is a graphical flow of the process.

Click Block + Delete

Click on Confirm or the Yes Delete and Block and onto the next step, running the delete function and blocking the IP.

Ok all should be deleted and blocked, check the IP is in the ipblock db.