Overleg gebruiker:Carlb: verschil tussen versies

5.722 bytes toegevoegd ,  26 sep 2012 01:55
(Versie 12459 van (overleg) ongedaan gemaakt.)
==Background image==
Isn't it possible to get the whole bg image on place again? Now it seems it's cut in the middle somewhere (showing a pub, a bank, and the PizzaHut, lol) {{Gebruiker:CartoonistHenning/sig}} 24 jul 2011 22:53 (UTC)
== User registration process ==
Hi Carl,
The Mechelen Mapt site has been suffering a good deal of automated spam lately. None of its three regular editors finds the time to cope with anything else here. The typical behaviour is the creation of a new user, which then takes one of three lines of action:
#Simply wait.
#Create a bogus user and/or user talk page with one or more linked urls.
#Create a new article with a bogus title, and several urls within the content.
As long as the ''modus operandi'' remains as is, it suffices to block the registration of a new user: Last month, there were merely 2 improper edits by an IP user.
Mechelen Mapt is a small wiki, and its language is Dutch, one that is unfamiliar to the creators of this spam. Developers of spambots are unlikely to be eager to spend the time and effort to try and circumvent peculiar protection methods of a for their purpose unimportant wiki. That's why I thought of using the locally controllable common.js to cause them some problems. Of course, spambots will not have JavaScripting turned on, so they don't even notice anything and continue their devious activity on Mechelen Mapt. Normally, a wiki should be accessible without JavaScripting and by a non-CSS capable browser. But for Mechelen Mapt, it is quite acceptable to require functionality of both just for registering a new user. (And for creating a new article, but as things are, that is not really needed, and would also be more complicated at the Php server side.)
Therefore, the Php should generate a user registration page with the submit button disabled (pure Html attribute disabled="disabled"). For clarity towards real users, the form should remain invisible, which is a CSS property. All modern browsers do support CSS, thus that will not pose a problem (and it is by no means vital to the protection). Thus JavasScript becomes necessarily enabled at the user side for my script to turn the submit button disabled = false. It only does this after successfully passing an original security check (understanding some Dutch is tested and key/mousedowns are monitored) that cannot be disregarded while JavaScript is on. Of course, a Html <div> notifies the user that CSS and JS are required to register, and offers an e-mail link in case this would be hard to do (E.g. by company policy and no other PC available). When JS is functional, one of my scripts sets CSS display:none on that <div class="HideByJS">. The described process has been tested under all circumstances, be it by human users only. It is ready and waiting for your intervention:
Fortunately, the Php sources that I could find (from another wiki), show that the entire registration interface is an included pure Html sequence, and I expect this to be the case for us as well.
The Php (includes/templates/Usercreate.php ???) straightforwardly writes this into the page (the '''''three required additions are shown in green colour'''''):<br />
<div style="background-color:#DDE;border:1px solid #99A;margin-left:3ex;padding:0;padding-left:2px;padding-right:6px;">
&lt;div id="userlogin"&gt;<br />
<span style="color:green;">&lt;div class="HideByJS"&gt;Om u op de meest anonieme wijze als gebruiker te registreren, vergt onze beveiliging dat uw browser JavaScript effectief verwerkt en als alle moderne browsers Cascading Style Sheets (CSS) ondersteunt. Nu blijkt in uw geval minstens een van beide niet in orde. Ziet u geen mogelijkheid om dit te verhelpen (instelling van de browser en/of firewall, of vanaf een andere PC), dan kan u zich kort voorstellen (uw echte naam mag maar hoeft niet; voorbeeld waaraan u wil bijdragen...) in een &lt;a <nowiki>href="mailto:[email protected]"</nowiki> class="external text" rel="nofollow"&gt;e-mailtje&lt;/a&gt;. U krijgt zo spoedig mogelijk (normaal zeker binnen 48 uur) een antwoord waarmee u zich toch kan registreren en wij maken uw gebruikers- en overleg-gebruikerspagina's aan.&lt;/div&gt;</span><br />
&lt;form ... id="userlogin2" ... <span style="color:green;">style="display:none;"</span>&gt;<br />
...<br />
&lt;input type="submit" ... id="wpCreateaccount" ... value="Registreren" <span style="color:green;">disabled="disabled"</span>/&gt;<br />
...<br />
Please do copy the literal Html text from this normally displayed talk page, not from its edit source.<br />
In either the same or some other Php, there should also be:
<div style="background-color:#DDE;border:1px solid #99A;margin-left:3ex;padding:0;padding-left:2px;padding-right:6px;">
&lt;input type="submit" ... id="wpCreateaccountMail" ... value="Registreren per e-mail" <span style="color:green;">disabled="disabled"</span>/&gt;<br />
but in case this can not be found immediately, it probably does not matter (registering by e-mail is not a problem and that button does not even appear in the more normal situations).
This has all been explained in Dutch on [[Overleg_gebruiker:CartoonistHenning#Quick_and_not_too_dirty|Henning's talk page]], who gave his consent. I expect him to send you an email soon, in which he will also ask to upgrade the wiki to version 1.20 alpha. But please, do the above '''very simple modification''' on the '''''old''''' version first, so that for at least a couple of days we can verify whether my method actually helps against the spam plague. On an at the same time upgraded version, we could never be sure that any improvement would be caused by my thingy or by some other software difference that 'our' current spambots simply don't aim for.
Sincerely Yours,<br />— [[Gebruiker:SomeHuman|SomeHuman]] <span style="font-size:.87em;">2012-09-26 01:55&nbsp;(UTC<span style="font-size:87%">=CEST-2</span>)</span>
Controleur, emailconfirmed, phantom