[TYPO3-dev] checking form inputs with a spamfilter

[Martin Kutschker]

Peter Guhl schrieb:
> Martin Kutschker schrieb:
>> Peter Guhl schrieb:
>>  
>>> Hello all
>>>
>>> Some time ago I created a lib which allows to send form inputs 
>>> through a bayes filter (at least under unixoid systems ;-) It's 
>>> available from sourceforge, public domain, under the project name 
>>> "spfgb". The point is that, unlike captcha, it works fully 
>>> transparent. My guestbook is quite clean since then.
>>>     
>>
>> And of course it'd be great if we had a virus filter service to check 
>> the file uloads.
> Definitely. Shouldn't be more complicated than the spamfilter.

The major problem I see is the UI. How shall a found (and removed) file 
(virus) or content (spam) be reported? Is it in the responsibility of the 
form handling code? If so, how can it be added transparently to a complete 
site? A simple solution is to remove unwanted content from $_POST and 
$_FILES and add some messages to a global variable. Compliant code will 
process it and make a note to the user, non-compliant code will never see 
the viri/spam, but will simply not warn the user that her submitted data 
has been removed.

Perhaps a globa logging option/feature is nice as well.

> A problem may be that both things need a lot of local installation. It's 
> not done by adding a php class (except somebody wants to program a scan 
> engine in PHP :-P  Not that it's not feasable but it's not part of 
> today's standard hosting plans. So it will probably not be available to 
> typo3-beginners starting with a cheap hosting.

And so? If you're buying a cheap car you won't get any of the advanced 
assisting technologies (breaks, traction, etc).

Masi