Guestbook spam attempts- help! getting hammered!

Hi, I am suddenly getting hammered with database error reports, apparently the result of some automated program trying to spam my guestbook.  I've pasted one of the error reports below.   They are starting to pour in- help!  How do I protect myself from this?

Rob

Database error in California Trade Network
Query:
INSERT INTO `Guestbook` SET `Date` = NOW(), `IP` = '218.84.186.230', `Sender` = '', `Recipient` = '3', `Text` = 'On this site it is possible to find the I have found it!, regional airlines new telephone system,  %-P, problems with telephone system,  4922, california telephone relay system for hearing impaired,  447379, office telephone system,  0216, telephone system,  uzwidg, hobbs telephone system installation,  vcptk, field tests of a cellular telephone positioning system,  00061, 3 line telephone system,  :-(((, broker telephone system,  =DD, free voip small business telephone system cheap,  orim, ', `New` = '1'

Mysql error:
Duplicate entry '0' for key 1

I stopped this by checking to make sure there was a Sender ID when the guestbook record was being inserted.  You can add a simple line of code in the AddRecord() function of guestbook.php.

After (around line 295):
if ( !$record_recipient )
return $ret;

Add this code:
// Added to stop spam.
if ( $record_sender=="")
return $ret;

This will stop these spam records from being added to the tables.

Thanks- I'll try this.  Why don't they just add this code to Dolphin?  I seem to remember this being an issue for others on Expertzzz.

Rob

One other thing.  Your insert statements were causing a Duplicate entry error.  This error is caused by a duplicate ID value being zero.  Use PHPMyAdmin to check the guestbook structure to make sure that ID is set to auto-increment.  If it is not, then you need to set ID to auto-increment.

Rob, just delete the "guestbook.php" file completely... those damn "bots" were hitting me CONSTANTLY so I deleted it from all my sites. Then go in admin and remove it from the menus it was on.

Did we really need a guestbook AND profile comments in Dolphin??

M

Rob,

So which solution did you use here?

Lorren

If you wish to use the guestbook feature, without deleting it :)  - I would suggest adding a captcha to it - simple and will stop the bots.

Chris

I used the one that kyedinak came up with, and the problem disappeared.

Rob

Not so simple for people that don't know how to do it  ..... 
.

Hey Chris... Do I hear another mod coming on?

I added this too but I also changed the name of guestbook.php so the hackers 'bots' cannot find it!

Nice mod, keep up the good work kyedinak!

Sure.  Gonna need ya again though, I don't use the guestbook, and my version would be too old anyhow.  Send me some mail Lorren if you want it. :)

Chris