It works!

[brell]

The activation of Captcha seems to have done the job but there are still a few names on the registration log, that are unactive, invalid and cannot be deleted! I don't know why this is so but I guess we don't have to worry about it.

[Semi-Native]

Hmmm, I wonder why they can't be deleted. But as you say, we probably don't have to worry about it.

Great job!

[brell]

Why are we getting a message like this again:

There are 79 Pre-Registered Members that are not yet validated.

[Semi-Native]

Registration is set for

pre-registration with email validation.

Should it be something else? I don't remember how you activated Captcha.

[brell]

I haven't changed anything and yes, everything seems to be set correctly, including Captcha.

[RobSeegel]

I noticed that Captcha was set to the easiest possible setting. It is possible to defeat something like Captcha, especially given how simple the setting is.

http://en.wikipedia.org/wiki/CAPTCHA

It was really only a matter of time before whoever was attacking this forum decided to increase the sophistication of their attacks. It's pretty sad and pathetic that someone would spend time trying to defeat it or that Captcha is even necessary.  I'm going to do a bit of reading up and see if there are any recommended settings that might improve the situation without making signing up too difficult.

I'm curious on why inactive names cannot be deleted though. I'll do some reading up. It could be that some minor tweaking will help the situation, but regardless of what's done, I think you should count on making minor changes to it every 90 days or so - possibly sooner.

[brell]

Thanks, Rob. This is really not my department and I appreciate if you can take some time to look into it.

[RobSeegel]

6D7D6A63630F0 wrote: Thanks, Rob.  This is really not my department and I appreciate if you can take some time to look into it.

I made some slight modifications to the verification, but I was a little surprised that even at setting 1, the random noise could be tough to read. I first set it at 4, but felt I needed to back it off.

We'll have to see if that helps and if there are any complaints about it... I wanted to take *some* sort of action while doing some more research.

[RobSeegel]

3D2D3A33335F0 wrote: The activation of Captcha seems to have done the job but there are still a few names on the registration log, that are unactive, invalid and cannot be deleted!  I don't know why this is so but I guess we don't have to worry about it.

It looks to me as though the information driving this registration log is in an inconsistent state - most likely only fixable with file system access where YABB is installed. The actual accounts *are* deleted, so someone must have deleted this info on the file system, but then didn't update the info in other files. What's happening is the account info is stored in one place, but the registration log is stored in another, and they are out of sync. When you try to delete one, you get no message, but when you try to validate one, you at least get:

Invalid User ID

.

I pulled the source code from Sourceforge to take a peek under the covers. I know Perl pretty well, so it wasn't hard to look through the code.

Perhaps it happened back where there was a purge of users - if it was done directly on the file system and not through the Admin interface (always a dangerous thing), then it's likely that only a partial delete of the information was done. I'm guessing that all that needs to be done is someone needs to manually clear those older entries from adminLog.txt, and it will be fine.

[Semi-Native]

Boy, it's great to have a programmer as an admin. Thanks, Rob!