see full discussion here:
http://drupal.org/node/64861

this simple patch will render registering phony accounts absolutely pointless for spammers.

CommentFileSizeAuthor
#6 spam.diff_0.txt633 bytesbeginner
#2 spam.diff.txt645 bytesbeginner
registration-spam.diff.txt634 bytesbeginner

Comments

killes@www.drop.org’s picture

killes@www.drop.org commented
Status: Needs review » Needs work

The patch does not comply with coding standards: We use || not OR.

beginner’s picture

beginner commented
Status: Needs work » Needs review
StatusFileSize
new spam.diff.txt645 bytes

new patch.

I see the different precedence between &&, || and AND, OR.
http://www.php.net/manual/en/language.operators.logical.php

Is there any particular (historical) reason why Drupal must use && and || instead of AND and OR?

drumm’s picture

drumm
he/him
Location NY, US
commented

This doesn't seem to have much to do with "meta roles"; what does this patch do, concisely?

beginner’s picture

beginner commented

the patch is relevant to the discussion about spam registration that I addressed on the 'meta-roles' page:

Any person who has administered a vanilla phpBB2 forum knows that spammers like to register phony accounts, just so that there is a link to their web site in the member list. Drupal has exactly the same flaw as phpBB in that it gives an incentive to spammers to register phony accounts with fake email addresses.

This page removes that incentive, because an account that is never activated (because created by a spammer with a fake email or an email they don't own) is not accessible by anonymous or normal users, and most importantly from the spammers' point of view, the page is not accessible by search engines...

killes@www.drop.org’s picture

killes@www.drop.org commented
Version: 4.7.0 » x.y.z
Priority: Critical » Normal
Status: Needs review » Reviewed & tested by the community

applied to 4.7, downgrading as nothign is that broken.

beginner’s picture

beginner commented
StatusFileSize
new spam.diff_0.txt633 bytes

clean patch for head.

Is there any particular (historical) reason why Drupal must use && and || instead of AND and OR?

beginner’s picture

beginner commented
Title: 4.7 fix for registration SPAM » fix to deter registration SPAM
beginner’s picture

beginner commented
Title: fix to deter registration SPAM » fix to deter from registration SPAM
killes@www.drop.org’s picture

killes@www.drop.org commented

We have decided to use && and || and want to keep it consistent.

beginner’s picture

beginner commented

thanks :)

drumm’s picture

drumm
he/him
Location NY, US
commented
Status: Reviewed & tested by the community » Fixed

Committed to HEAD.

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)