Are you getting a lot of spam, or junk messages sent via your Joomla site?

I know certain components of Joomla let you put banned words but I know of even more that don't.  If you find all your forms need extra plugins and captchas (such as JezRecaptcha), then the website security isn't amazing.  I used to have Captcha on my K2 by Joomlaworks but if you did the sound version, it didn't work properly.  I found that sometimes the captcha wouldn't even match what you typed and what it displayed!!!

I have written this article to be another one of those programmer's tweaks.  This is quite a simple fix and I will hopefully be able to keep it simple for non-programmers.  The tweak below will stop any of your pages submitting content containing your banned words.

We're going to modify a file containing 2 lines of code by default.  The file is index2.php in your Joomla root folder.  Make a copy of it, back it up or do whatever you usually do when you modify a server-side file... ahem...

The code by to look for (joomla default) should be as follows:

$_REQUEST['tmpl'] = 'component';
include('index.php');

There is some more text but it's in /* lines */ which means these are comments.

The quick solution is:

$_REQUEST['tmpl'] = 'component';
$offensive_words=array("viagra","cialis","[url=","porn","pfizer");
if (is_array($_GET)) $GotVars.=implode(",", $_GET).",";
if (is_array($_POST)) $GotVars.=implode(",", $_POST).",";
for($i=0;$i<count($offensive_words);$i++) { if (stripos($GotVars, $offensive_words[$i])) $offense=true; } 
if (!$offense) include('index.php');

The reporting solution (which tells your visitor what word caused an offense) is:

# CREATE AN ARRAY OF BANNED WORDS
$offensive_words=array();
$offensive_words[]="viagra";
$offensive_words[]="cialis";
$offensive_words[]="[url=";
$errors="";
 
# CONVERT THE SUBMITTED DATA INTO STRING(S)
$GotVars="";
if (is_array($_GET)) $GotVars.=strtolower(implode(",", $_GET).",");
if (is_array($_POST)) $GotVars.=strtolower(implode(",", $_POST).",");
 
# NOW CHECK EACH BANNED WORD DOES NOT EXIST IN THE STRING
for ($i=0; $i<count($offensive_words); $i++) {
	$offensive_string.=(stripos($GotVars, $offensive_words[$i])!==false)?"- ".$offensive_words[$i].", ":"";
}
# IF THE OFFENSIVE STRING WAS POPULATED (=FOUND BANNED WORDS) THEN CREATE A MESSAGE
$errors.=(trim($offensive_string)!="")?"You have submitted word(s) that the website administrator has banned:".$offensive_string.".  Please try again without the banned words.":"";
 
# IF THE ERRORS STRING IS EMPTY PROCEED AS NORMAL, IF NOT THEN DISPLAY MESSAGE
if (trim($offensive_string)=="") {
	include('index.php');
} else {
	echo $errors;
}

My comments in the code above are prefixed with #. As you can see I actually tell the user what word they've used that's been banned. You could easily not do this by replacing echo $errors="" with the word Return in the second to last line.

To sum up: my code does the following:

1. Add words to the "offensive_words" array
2. Joins any submitted data into 1 long string
3. Tries to find each "offensive word" (case-insensitive) in the submitted data
4. Creates a message if there was a banned word found
5. If no message created, it proceeds as per usual; if not, it does not submit the form

To add more banned words, simply keep adding lines using the following syntax

# CREATE AN ARRAY OF BANNED WORDS
$offensive_words=array();
$offensive_words[]="viagra";
$offensive_words[]="cialis";
$offensive_words[]="[url=";
$offensive_words[]="porn";
$offensive_words[]="a banned phrase";
#...

or

# CREATE AN ARRAY OF BANNED WORDS
$offensive_words=array("viagra","cialis","[url=","porn","a banned phrase");
#...

Additional Information: The Open Web Application Security Project (OWASP)

The reason I did this is because AEC is now a commercial package and it is somewhat limited in terms of good customer service.  It only really manages the payment side and the complicated tasks of invoicing, but Community Builder provides more options for your website members.  If Joomlapolis ever complete the CB Subscription component then there is no need for AEC anymore.

For this we're basically going to follow the AEC installation instructions backwards.

1. Go to your admin panel (back-end)
2. Extensions > Plugin Manager
3. Go to the bottom and change the display # dropdown to ALL
4. Disable Authentication - AEC Access
5. Enable Authentication - Joomla
6. Re-enable any other authentication plugin you used to use.
7. Disable System - AEC Routing
8. Disable System - AEC ErrorHandling
9. Extensions > Install/Uninstall > Plugins
10. Tick Authentication - AEC Access
11. Tick System - AEC ErrorHandling
12. Tick System - AEC Routing
13. Tick User - AEC User
14. Click the Uninstall icon at the top of the page
15. Click on the Modules link (to uninstall modules)
16. Tick mod_acctexp (if you installed this) and Uninstall.
17. Click on the Components link (to uninstall components)
18. Select AcctExp and click on the Uninstall icon.

Now install Community Builder
1. Download the latest version from Joomlapolis.com
2. Unzip to a folder
3. Login to your admin panel
4. Go to Extensions > Install/Uninstall
5. Install com_comprofiler.zip (remember to wait till it confirms it says "Installation finished")
6. Go back to Extensions > Install/Uninstall
7. Install mod_cblogin.zip
8. Install mod_comprofilerModerator.zip
9. Install mod_comprofilerOnline.zip
10. Go to Components > Community Builder
11. Click on the Tools link and click on Synchronize Users
12. Go to Extensions > Module Manager
13. Tick next to CB Login, CB Workflows, CB Online and click Enable
14. Return to Components > Community Builder > Configuration
15. Click on the 'Registration' tab
16. Change Allow User Registration to Yes, ...
17. Make your custom configuration and Save the configuration file.
18. Go to Site > Global Configuration > System
19. Select No next to Allow User Registration and click Save
 

After I installed the rokstories module from www.rockettheme.com, if I clicked on one of the articles (rokstory), I would get a page with the article on it but with the following error (3x) above it:

Warning: Invalid argument supplied for foreach() in /home/.../components/com_content/helpers/route.php on line 106

After googling I found an unlikely solution which is becoming typical of Joomla. I hadn't switched the site to SEF friendly yet but I did this just to follow along with the solution. You need to make a menuitem to just one of the articles. I have a menu called "unused menuitems" (named unusedmenu), which isn't displayed anywhere on my site. I'm guessing the reference in the database is what corrects this.

 It took a few google searches until I could find out how to change the default weblinks order.  A lot of websites showed how to do this via the admin back-end panel in the advanced configuration... I can't see this panel, there is no advanced parameters under a weblinks category.

The issue is that suppose a menuitem links to a category of weblinks, the default sort order (as in the first time you view the page) is the order in the admin panel (not even by most recent).  I'm going to show you how to do this by title in ascending order without installing any 3rd-party extension as well as by any of the database values used by each link.

Malware Detected!

Warning: Visiting this site may harm your computer!

The website at .....ru appears to host malware - software that can hurt your computer or otherwise operate without your consent.  Just viisting a site that hosts malware can infect your computer.

For detailed information about the problems with this site, visit the Google Safe Browsing diagnostic page for this address

I understand that visiting this site may harm my computer.

Continue?

If you are in the administration panel and you are editing your weblinks and you come across this error:

"404 - An error has occurred. 

Joomla! was unable to locate the stated resource."

 By adding the following line to your LocalSettings.php file, you will be able to log everything that WikiMedia does:

$wgDebugLogFile = '/home/username/public_html/wikidir/logfile';

IMPORTANT NOTE: The path above should be the exact full path to the wiki directory under your account.

 The issue here is that you have added all your banners, divided between clients and categories and you're looking for a solution which doesn't involve installing a 3rd party applicatoin.

 Unfortunately the Joomla banner module only supports alternating between banners of either the same client OR the same category.  The setting is in your Joomla > Module Manager > Banner... What I do is I don't select a client but instead just select a category.  Set it to only display 1 banner at a time.  

If you want other categories to display, consider setting categories as vertical, horizontal and square banners.  This means that you can have 3 modules each displaying banners from each category and position these as appropriate.

This took me a whole afternoon and involved a lot of hope as I browsed the Internet and no one seemed to have done this before.  Fortunately, MediaWiki extensions are easier to write than Joomla CMS ones :c)

This article shows you how to get your MediaWiki system to display your Camtasia Studio SWF files in it's articles.

Why Camtasia when there are other free options?

We tried lots of FLV players that were usually branded or not free.  These were awkward to configure a full screen button on the controls and do basic customization.  Our screen recorder was also not displaying the captions of the video unless it was an AVI file that we converted to FLV.  The quality was horrible.  Then we moved to Camtasia Studio where their videos were displaying in good quality but as SWF files.  This extension includes the default settings for "ExpressShow" in Camtasia Studio.

 This is related to the issue of renaming yourdomain.com as your title page in phpBB3.  

You need to login to the phpBB admin control panel (ACP).  On the General tab, look under Board Configuration and click on 'Board Settings'.  The Site name is the first field in the right panel.

"OK this should take just a few minutes..."

I've written this because I spent all night on setting up a "quick" demo resulting in a quick 1 hour nap before having to go to my day job...  It sounds straight forward because both phpBB3 and RocketTheme talk about how to install the RocketTheme templates...  But it's not.  I'm rewriting their instructions here so that I can I do this on other websites:

Important Note:  On Linux (Apache), all file names and folder names are case-sensitive, so phpbb3 is NOT the same as phpBB3.  Bear this in mind during the installation process.

The Issue

Basically that you've installed JoomlaEZ's ReCaptcha Integrator plugin to protect your forms ("type two words" captcha) and then installed K2 Comments to use it's own ReCaptcha.  If you try adding a comment, you may get something like the following:

Fatal error:
Cannot redeclare_recaptcha_qsencode() (
     previously declared in /public_html/plugins/system/jezReCaptcha/recaptcha-php-1.10/recaptchalib.php:47
)
in /public_html/components/com_k2/lib/recaptchalib.php on line 67

I've managed to fix this in my site. Because you already force the recaptcha feature in your registration form and contact form (on this website I just went recaptcha-happy), then there are some settings you need to change in the plugin options:

• Inclusion Syntax = NO
• Auto-verify =YES

Update 16.NOV.2009

I don't see this supported anymore so I wouldn't recommend using the JezRecaptcha plugin.  In fact I'm not impressed with Recaptcha as it's sound alternative doesn't work and the text form is hackable.

I will be changing this over throughout the site... I may keep recaptcha for the comments feature on K2 articles but it should be considered low security.