Laravel Spam Detection (Step by Step Guide)

Introduction

 

As you already know, Laravel is the most powerful and most used MVC PHP framework for building full-featured web applications. With its expressive and beautiful syntax and modern toolkit, Laravel is the leader in the industry. Laravel focuses on the end user first, which means its focus is on simplicity, clarity, and getting work done.

For more information about the Laravel framework, visit the documentation page, following this link.

Because of all these advantages of the framework, we are using Laravel a lot, because we tend to and our idea is to follow all the latest trends in the IT industry.

That’s why, in this post, we will use Laravel 5.6. You will enjoy!

 

Skeleton application

 

For the purpose of this tutorial, a Laravel application was created from scratch with the following functionalities:

  • Login/Register functionality with the core auth command;
  • Created some test users in the database;
  • Posts and Comments controllers, models, relations between and migrations with some sample data.

 

Spam Detection

 

There is a big problem with the spammers nowadays. There are a lot of scripts that are running throughout different websites and try to submit a form wherever they come across. Have you ever wondered why? If you have a little bit experience with SEO, you can understand that the reason is very simple.

They try to add a link (spam backlink) that redirects to potential spammers’ websites. With that, they build authority on their sites and it is easier to rank the site higher on Google search when someone search for keywords related with their websites content. Ranking higher on Google search is mainly calculated based on the websites backlinks and authority. Authority of the website is increased with more backlinks.

This is the main reason why we need to be careful of spammers on our application, because we can easily find our applications with a lot of spam comments that won’t be related with the site’s content.

 

Spam rules that will be used

 

In this tutorial, spam comments on blog posts will be detected. Of course, there are a lot of rules that can be presented, but for now, the attention will be on 3 rules. Those are:

1.      Invalid keywords

This will be an array of words or sentences. Each comment that contains any of these words or sentences will be marked as spam.

2.      Key held down

Imagine that someone, visits your website and just for fun held down a key and try to post a comment. For example: ‘aaaaaaaa’, ‘bbbbbbbbb’, etc. We should prevent this kind of action and mark those comments as spam.

3.      Comments posted very often

We should prevent users from posting comments very often. There will be a configuration parameter with integer number that will tell us how long the user should wait before posting a new comment.

 

Let’s code!

 

Surely, in order not to bother you with a lot of unnecessary info regarding the application that was set up for this tutorial, the focus will be only on sharing pieces of code with good explanation, that will be more useful and understandable.

In this section, we will display a post with basic flow that is enabled with the beautiful HTTP Foundation component that Laravel uses.

Route in web.php file:

 

 

Method in PostsController:

 

Code explanation:

  • Find the post with the slug (it is a vunique field in the database);
  • Return view with parameter the post.

 

After that, the view will be rendered that is a blade template with the post data.

In the view, there is a form for adding a comment to the post.

It looks like this in real life:

 

A form for adding a comment to the post

 

And the form in the blade template (using bootstrap 4):

 

 

On submit, the action of the form is set up to post the request to the given route. The post method is handled like this in the web.php file:

 

And the method in CommentsController:

 

 

Explanation of the code above:

  • Finding the post by ID on which the user wants to comment on;
  • Creating the comment (notice the relation);
  • Redirect to the previous post with a status and a message.

 

Hope that until now everything is clear. Now, the interesting part comes.

Dedicated spam class will be created that will handle everything related with the detection of spam comments. Of course, we will create it by following the best practices and keeping the rule of separation of concerns.

Let’s create a generic Spam class:

 

 

Let me explain the code above:

  • The Spam class is created and placed in the App\Inspections folder;
  • In the $inspections property, in an array are placed all the classes with specific rules that were separated while refactoring the code;
  • Below, in the detect() method, the body of the comment is passed and loop through all the classes in the $inspections property, passing the class name to the app() helper to resolve it from the container, and calling each class detect() method with a parameter that is the body of the comment (type string).

You can see that each spam rule is separated in different classes. All classes are placed in the App\Inspections folder.

So let’s talk about each class and explain what they are exactly doing.

 

Invalid keywords rule

 

Here’s the code for this class:

 

  • Initializing a property $keywords that is an array of all keywords that we recognize as spam. For now, there is only one keyword, but you can write as many as you need;
  • The method detect() called from Spam class with parameter $body passed from Spam class too;
  • Looping through the $keywords property, and for each of the keywords there is a check if the keyword exists in the body of the comment, and if so, throw an Exception.

Simple as that.

 

Key held down rule

 

Here’s the code for this class:

 

  • The method detect() called from Spam class with parameter $body passed from Spam class too;
  • Checking with regular expression if the body of the comment contains the same letter in a row more than 4 times. It is 4 times for the purposes of this example, you can change it by your needs;
  • If the condition is met, throw Exception.

 

Comments posted very often rule

 

Here’s the code for this class:

 

 

  • The method detect() called from Spam class with parameter $body passed from Spam class too;
  • Finding the logged in user;
  • Getting the latest comment for the logged in user;
    • The code is separated in a method getLatestCommentByUser() declared in User model:

 

 

  • If the user has comments, there is a condition that checks if the user can post a new comment with another method canUserPostComment() declared in the User model and passed a prepared data with the date of the latest created comment and a configuration parameter from the app.php file that tells us how often a user can post a comment. For now, it is once in 10 minutes.
    • Below is the code from the canUserPostComment() method:

 

 

  • If the user posted a comment in less than those 10 minutes, the condition is met, and the code throws Exception with a proper message.

 

There is only one and final step before finishing this feature. To call the Spam class and detect if the comment is spam throughout the spam rules, you have to add one more line of code in the store() method of the CommentsController. This is the line of the code:

 

 

And after that, the store() method will look like this:

 

You always have to prefer smaller amount of code and that’s why here is used the resolve() helper that Laravel offers. It resolves a given class name to its instance using the service container.

There are some other ways to call the detect() method of the Spam class, you can do it with type-hinting, with creating a new instance of the Spam class and after that calling the detect() method etc. However, the method used in the code above looks fine for now.

 

Conclusion

 

The example in this post is simple and easy-to-implement solution. Of course, as it is mentioned above, there are a lot of other rules that you can add, and with this code structure, it will be very easy to add a new rule based on your needs.

You can see how enjoyable is coding with Laravel framework, that’s why Laravel is preferred and recommended for all kinds of web applications, from simple hobby projects all the way to Fortune 500 companies.

Please feel free to comment below and share your thoughts.

 

Taner Fejzulovski

Technical Consultant