Option to prevent registration spam

config/application.php

@@ -55,6 +55,7 @@
 	'RequireEmailConfirm'		=> false,					// Require e-mail confirmation during registration.
 	'RequireChangeConfirm'		=> false,					// Require confirmation when changing e-mail addresses.
 	'EmailConfirmExpire'		=> 48,						// E-mail confirmations expire hours. Unconfirmed accounts will expire after this period of time.
+	'AntiRegesterationSpam'		=> false,					// Work only when 'RequireEmailConfirm' is active , if the ip have an unconfirmed account , it would privent the user from registering new account.
 	'PincodeEnabled'		=> true,					// Whether or not the pincode system is enabled in your server. (Check your char_athena.conf file. Enabled by default.)
 	'MailerFromAddress'			=> 'noreply@localhost',		// The e-mail address displayed in the From field.
 	'MailerFromName'			=> 'MailerName',			// The name displayed with the From e-mail address.

lang/en_us.php

@@ -210,6 +210,7 @@
 	'InvalidSecurityCode'     => 'Please enter the security code correctly.',
 	'InvalidPassword'         => 'Your password contains invalid characters.',
 	'InvalidBirthdate'        => 'Invalid birthdate input.',
+	'AntiRegesterationSpam'   => 'Anti Registeration Spam System is Active , Contact the Admin to Complete your registeration.',
 	'CriticalRegisterError'   => 'Something bad happened.  Report to an administrator ASAP.',
 	// - account/edit
 	'AccountEditTitle'        => 'Modify Account',

lib/Flux/LoginServer.php

@@ -189,14 +189,25 @@ public function register($username, $password, $confirmPassword, $email,$email2,
 				throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE);
 			}
 		}
+
+		if (Flux::config('RequireEmailConfirm') && Flux::config('AntiRegesterationSpam')) {
+			$sql = "SELECT state FROM {$this->loginDatabase}.login WHERE last_ip = ? And state = 5 LIMIT 1";
+			$sth = $this->connection->getStatement($sql);
+			$sth->execute(array($_SERVER['REMOTE_ADDR']));
+
+			$res = $sth->fetch();
+			if ($res) {
+				throw new Flux_RegisterError('Anti Regesteration Spam System Detect a Spam', Flux_RegisterError::ANTI_REGESTERATION_SPAM);
+			}
+		}
 
 		if ($this->config->getUseMD5()) {
 			$password = Flux::hashPassword($password);
 		}
 
-		$sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate) VALUES (?, ?, ?, ?, ?, ?)";
+		$sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate, last_ip) VALUES (?, ?, ?, ?, ?, ?, ?)";
 		$sth = $this->connection->getStatement($sql);
-		$res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp)));
+		$res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp), $_SERVER['REMOTE_ADDR']));
 
 		if ($res) {
 			$idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id");

lib/Flux/RegisterError.php

@@ -23,5 +23,6 @@ class Flux_RegisterError extends Flux_Error {
 	const INVALID_PASSWORD       = 18;
 	const INVALID_BIRTHDATE      = 19;
 	const INVALID_EMAIL_CONF     = 20;
+	const ANTI_REGESTERATION_SPAM= 21;
 }
 ?>

modules/account/create.php

@@ -150,6 +150,9 @@
 			case Flux_RegisterError::INVALID_BIRTHDATE:
 				$errorMessage = Flux::message('InvalidBirthdate');
 				break;
+			case Flux_RegisterError::ANTI_REGESTERATION_SPAM:
+				$errorMessage = Flux::message('AntiRegesterationSpam');
+				break;
 			default:
 				$errorMessage = Flux::message('CriticalRegisterError');
 				break;