registration spam

i know we are all familair with registration spam, and other similair forms of auto-signups on your sites. the first commonly known way to avert this is with the use of image verification to be sure that the user is a human - but this user can still be a naughty human and want to cause harm!

especially on blog sites. comment spam is a large problem, even worse with wordpress. there is even some bugs with the software that allows them to create accounts you have even disabled registrations and have comment spam "protection". i have decided the best way to combat this is to get rid of wordpress, and go on my own using my own cms.

the problem still remains though, how to stop them from registering. i have never used or implemented any type of image verification scripts, and actually would rather not use one. i know alot of sites that have an activation system, whereas instead the administrator must go by hand and activate accounts that he/she wishes to be apart of the site. this is more of along the lines of what I would like to do but what would be the best way to accomplish this? would a new table need to be created as new_users and first send registrations there, then once activated they are moved to the real users table? or just add a new field to user rows.. any ideas for the best solution?

[Free WordPress Themes]

this user authentication class has these features:
http://www.finalwebsites.com/snippets.php?id=10

If you already have a working registration system in place I think the easiest way would be to add one field to your user table, something like 'activated' and default it to 0, then your admin user can update the field to 1 to make the user profile active. No need to create an extra table.

If you already have a working registration system in place I think the easiest way would be to add one field to your user table, something like 'activated' and default it to 0, then your admin user can update the field to 1 to make the user profile active. No need to create an extra table.

and then modifying the login script to only accept logins where that userfield is set for activated?

exactly!

thanks mind, this is what i was probably going to end up doing -- just wanted a second opinion
and Olaf, i dont need a whole entire script for this, as the CMS is already operational just needs some modifications

[Guest]

[37.937]

Googlebot, Yahoo crawler, Msnbot, Baidu Spider