Java Blacklist Code

Some idiot from Argentina keeps leaving anonymous comments for some wacky reason (probablamente porque su madre es una puta y él no tiene pollo, gillipollas) and it's been a little too manual for me to wack commenters that piss me off. So I just added a quick few lines of code to make it easier to to delete the morons. It's so nice to have redone this system so that it's more maintainable like this.

Along with the comment text in my DB, I also record the IP address, which is presented next to the comments when I sign in. Thus it's pretty easy to see when people are pretending to be several people (happens quite a lot) or when I'm just trying to find abusive people in general. Many times it's just a quick query comparing it against my referrers table (which also records the IP)

Here's the quick code I just implemented:

String sql;
PreparedStatement pstmt = null;

sql="select ipaddress from comment where id = ? limit 1";
pstmt = conn.prepareStatement(sql);
pstmt.setString(1, id);
ResultSet rs = pstmt.executeQuery();
String ipaddress = "";
while(rs.next()){
    ipaddress = rs.getString("ipaddress");
}

rs.close();
pstmt.close();

Runtime rtime = Runtime.getRuntime();
Process child = rtime.exec("sudo /sbin/route add -host " + ipaddress + " reject");
sql="delete from comment where ipaddress = ?";
pstmt = conn.prepareStatement(sql);
pstmt.setString(1, ipaddress);
pstmt.executeUpdate();
pstmt.close();

It's pretty straight forward. I sign in and on the comments page, click on the "delete comment" link which passes the comment ID to a confirmation page. There I can click on "confirm delete comment" or "blacklist commenter". For the former, it just deletes that comment - good for when someone accidentally double-posts or just pisses me off once, the latter (in the code above) grabs the ip address of the offending comment, calls out to Linux using sudo, wacks that IP from seeing my server again, then deletes every comment created by that idiot. This is perfect for the anonymous assholes out there.

Yes it's brute force, but there's not much other solution other than moderation - which I'm seriously considering at this point. I'm also adding some comment throttling as well, but I can't figure out what a good number of posts per minute is. 2? 3? 5? I'll have to look out at the MT stuff to see what they do.

-Russ

Later: Hmm. That sudo command doesn't actually work (and is admittedly an unsafe thing to do...) any suggestions? I'm messing with NOPASSWD in the /etc/sudoers file now...

< Previous         Next >