You are not logged in.
I have been seeing a lot of blank username fields in the database lately, like HERE
does the API allow blank fields to be input ?
maybe a bug ?
it doesn't really matter to me personally, since I don't do queries based on username,
but maybe it would matter to someone else .
Last edited by ih8spam (2009-06-06 11:59 am)
Offline
Ill have to look at the raw data in the database to really see but as the html shows no encoded utf/css username, jema would be suggesting the correct answer at the moment. As the html "trims" leading spaces when displaying (but doesnt trim them when adding data so as to allow spammers to bypassing checking with a leading space in their name) someone mightve just put a space in the username field.
Offline
Or the spammer may not have managed to enter a username at all. e.g. If an automated form filler looks to fill a field called "username", but the form actually has "743748hn" as the name of the username field, then there simply is no username name data that can be reported as the form filler may not in those circumstances even make a stab at posting a "username" value.
Clearly such a circumstance indicates a spammer, but a a blank username is all that can be reported.
Offline
yeah, I understand that, but what I am refering to is that SFS doesn't treat blank usernames as an invalid entry, and I have never seen blank usernames until recently .
but I guess that SFS does allow blank usernames since no one has said otherwise .
Offline
Most of the blanks are from me!
If SFS treated them as invalid, I could not and would not report. Blank usernames are totally valid as an entry, as would be blank emails, the only thing a system designed to block spam can be sure of reporting is the IP address.
Offline
blank e-mail addresses are an invalid entry on SFS,
I tried it on the manual entry entry page, and it gave an error .
Offline
Hi all ... Did anyone come up with any fixes or something for this? I was just wondering. I'm still seeing lots of blanks. The most recent is:
http://www.stopforumspam.com/search?q=r … 0gmail.com
Found 307 entries for raymokins@gmail.com but only 14 Usernames entered.
I thought that you couldn't submit spam data unless all fields were filled in ... but I tried it and it allowed the submission to go through with a blank username field.
Anyway ... great site here, have been using it for several months now ... tremendous help in cutting down spam on the forums.
Offline
Ive looked at the database and they are blank fields, as allowed for username
Offline
I can only repeat the basic point, you should be able to report what information you have on a spammer and that might only be the IP address, blank usernames are allowed, blank emails should also be let through.
An anti-spam system at the forums level works by confounding the spammer making it hard for them to enter the correct registration data. My own systems succeed by preventing them getting a username into the system, and if need be I would add tricks to the email address entry as well.
At that point as the stopforumspam system stands I would go from being the top contributer to not being able to contribute at all.
Of course it is preferable to be able to report more data, but there is a trade off with how accurate the report is. With my system I lose the username and that fact combined with a duff CAPTCHA attempt and another heuristic or three means my reports to stopforumspam are extremely reliable.
Offline
We are talking about accepting all or some of the data in v2. I migth be able to change the current system a little more
Offline
