How to protect osTicket from spambots

 

  1. Download CleanTalk API from Github.com 

  2. Unzip the downloaded archive to your root directory. You will see the folder with the name "php-antispam-master". Rename it to "cleantalk"

  3. Edit "open.php" script in your osTicket folder

In order to start using the CleanTalk Anti-Spam API you need to connect it to your site. You can paste this code at the top of your script:

session_start(); //Session
require_once (dirname(__FILE__) . '/cleantalk/cleantalk.class.php');

Replace the following code:

if(($ticket=Ticket::create($vars, $errors, SOURCE))) {
    $msg=__('Support ticket request created');
// Drop session-backed form data
    unset($_SESSION[':form-data']);
//Logged in...simply view the newly created ticket.
    if($thisclient && $thisclient->isValid()) {
        session_write_close();
        session_regenerate_id();
        @header('Location: tickets.php?id='.$ticket->getId());
    }
}
else {
    $errors['err']=$errors['err']?$errors['err']:__('Unable to create a ticket. Please correct errors below and try again!');
}

With this one:

$uform = UserForm::getUserForm()->getForm($_POST);
$config_url = 'http://moderate.cleantalk.org'; //Server address
$auth_key = '000000000'; // Your access key
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $auth_key; //access key variable
$ct_request->message = $tform->getField('message'); //message to check
$ct_request->method_name = 'check_message'; //method 
$ct_request->sender_email = $uform->getClean()['email']; //e-mail to check
$ct_request->sender_nickname = $uform->getClean()['name']; //name to check 
$ct_request->agent = 'php-api'; //extension name
$ct_request->sender_ip = $_SERVER["REMOTE_ADDR"]; //ip to check
$ct = new Cleantalk();
$ct->server_url = $config_url;
$ct_result = $ct->isAllowMessage($ct_request);
if ($ct_result->allow == 1) {
    if(($ticket=Ticket::create($vars, $errors, SOURCE))) {
        $msg=__('Support ticket request created');
// Drop session-backed form data
        unset($_SESSION[':form-data']);
//Logged in...simply view the newly created ticket.
        if($thisclient && $thisclient->isValid()) {
            session_write_close();
            session_regenerate_id();
            @header('Location: tickets.php?id='.$ticket->getId());
        }
    }
    else {
        $errors['err']=$errors['err']?$errors['err']:__('Unable to create a ticket. Please correct errors below and try again!');
    }
}
else {
    echo 'Comment blocked. Reason ' . $ct_result->comment;
}

The following line can be replaced with your custom warning page:

echo 'Comment blocked. Reason ' . $ct_result->comment;

For example:

@header('Location: blocked.php');

 

Use the blacklisted e-mail s@cleantalk.org to create a ticket. As a result, you will see the blocking message at the top of the page

 

 


Perhaps it would also be interesting