Hello,
I've just started using s9y and installed the shoutbox plugin.
I next login and find someone has spammed it with 60 different website adverts for junk so I've modified the stock code as follows:
Line 101, inserted:
if (!preg_match("/^http/",$_REQUEST['serendipity']['shouttext'])) {
Line 118, inserted:
}
Its a simply check to see if (as in this case) the spammer starts their shoutbox entry with a website. It also silently drops the request rather than throwing an error and doesn't do anything with the database.