BuddyPress.org

Is this a bot or a manual signup who manually sends messages to the users?

Anyway, the way I see it, there are two ways to combat this problem in the interim:

1) do a check to see if the logged-in user is a friend of that user, if so run the bp_send_message_button() function

2) code own function based on bp_send_message_button() and do the check within this function

Either option will require modifying the Buddypress member theme template in three places:

* /bp-themes/bpmember/activity/just-me.php

* /bp-themes/bpmember/wire/latest.php

* /bp-themes/bpmember/profile/index.php

(I’m using the default BP member theme as an example)

This is only for the “Send message” button though… how did the person spam your users?

Nope, Im afraid there´s not a newer version.

1.1 was coded by Andy himself, and there are no signs that it is going to be updated. He has made clear many times that its up to Buddypress community to continue with the update of Facebook connect plugin.

If I had coding skills, I would have updated it a long time ago, but I am still busy understanding how BP works ! ;-(

If you have disabled registration on your WordPress MU installation, and users are still signing up, you may have forgotten that if you are running group forums you have a bbPress installation that synchronizes users with the WordPress MU installation. Disable registration in bbPress and you should be good to go.

the fbc_get_avatar() error is from the facebook connect… it’s been addressed somewhere else in the forums. ..it’s been fixed. The spam.. the user “LnddMiles” is not just on buddypress sites, so it’s a spambot that looks for open registrations.

You should add a captcha or math problem to your registration page to divert these.

It’s important to note that BuddyPress is an opensource project, just like all of the other WordPress related ones. That being said, if you find something isn’t working up to your expectations you are free to develop or contribute to the project to make it work how you wish. As it stands today, BuddyPress does a good job of keeping tidy and cleaning up after itself; better than most plugins in my opinion. The signups table is specific to MU and is a new addition, so you can expect it’s functionality to be misunderstood. When a user is deleted, the idea is that their signup remain in the signups table as proof of their previous registration. One could even argue that removing all user data is a bad idea in the event someone ever needs it later, say for law enforcement purposes.

Regarding blocking spam registrations, read some articles about Twitter. Some analysts have said that nearly 50% of all registrations on Twitter are spammers. Crazy eh? There just isn’t a fool proof way to prevent it from happening unfortunately.

Also, while none of the moderators are directly employed by Automattic, it’s about the best internship I think anyone in our respective businesses can hope for. We all do our best to represent Automattic and are here to help to the best of our abilities.

If you can find a specific bug or flaw in how users are currently managed between BuddyPress and WordPress, you’re welcome to respond here or file ticket in the trac. If you feel your opinion warrants more attention you can message me privately if you’d like also, and I’d be happy to help further.

Spam signups != comment spam.

Isn’t Akismet keeping the SPAM away?

Instead of looking at banning users, I would be more concerned with preventing spam signups.

That way you won’t have to think about banning people (at least not often!)

Hello

Point 4 is a standard WPMU option and can be found in the Site Options panel of the admin interface.

Photo albums are something that will become a part of BuddyPress eventually (i.e. don’t hold your breath). There is an interim plugin you can use which provides a photo gallery to BuddyPress. I haven’t used it myself but you can find it on https://buddypress.org/extend/plugins/.

The big problem I can see with point 2 is that you are inviting spammers and vandalism in to your site.

Seems to work wonderfully on 1.0.3.

I wish there was a way to let the user enter an invite message though. As it is, the message appears to come from the BP admin, and it looks super skynet. Don’t want to give the appearance that my site is spamming people… At any rate, it’s a brilliant plugin, and I appreciate all the hard work!

http://thegsn.org

Buddy Press rocks.

One monetization idea for you guys — Akismet for message-spam…like that plague of MySpace message spam. I’ll hopefully have some better contributions for the BuddyPress pot-luck put together soon.

Morning all! I got rita-ized as well!

Yep… definitely need some type of anti-spam filter, in addition to Jeff’s upcoming privacy component.

I have not tested it yet but I am guessing it sends the activation link anyway (since the author mentions that a random password will be generated if one is not provided) which is fine by me as it will help somewhat to thwart spammers.

Brajesh, is there a way to have the user enter the password twice (like in other registration forms) to make sure it is entered correctly as the user wants?

Hey, I didn’t receive a spam message. I guess I’m just not popular. ;(

@socialpreneur-

The BuddyPress Privacy component will allow users the ability to decide who can send them PMs.

I received a spam message from rita4u as well.

Those kind of messages seems to appear on lots of communities nowadays, I guess its impossible to remove them automatically.

Since nobody has figured this out yet, I was wondering, maybe there might be a different way. Such as when people signup, it automatically logs them in upon signup. Then while it automatically logs them in, it leads them to the change the password/profile page.

Although, it would be great to see buddypress profile section to actually have the option to change passwords, as right now we have no other choice but to edit the passwords in the wp profile area.

Hopefully, somebody will get this figured out, as it is a horrible idea to send out e-mails in this manner, because most of the time the e-mail could get lost or placed into the spam areas or the e-mails can become delayed and users never check for it, or they just don’t bother to login because they are concerned that they may not have the option to change their passwords so readily.

Time will tell. But, there needs to be a way to automatically log people in upon them creating their own account, then they can change their passwords as they like. Otherwise, if they don’t change their password right there upon auto login, they will still be e-mailed the password that the website created for them by default.

Hey all, sorry to bump and old thread, but it’s related, I promise

I’ve installed reCAPTCHA in the plugins folder, and it works brilliantly for comments. (For that matter so does wmpu-captcha in the mu-plugins folder) But neither seem to work on the registration page.

Working – http://thompsonjason.org/2009/04/11/hello-world/#comments

Not Working – http://thompsonjason.org/register

Is there a bit of code that I should be inserting into my registration page to make reCAPTCHA show up. I’ve been getting a lot of spam accounts being created lately, so I really need to get this going before we can launch the site. Any help is greatly appreciated.