forked from leftypol/leftypol
anti-bot.php: trim
This commit is contained in:
parent
26ca994be8
commit
106db9a7e7
1 changed files with 39 additions and 40 deletions
|
|
@ -10,7 +10,7 @@ $hidden_inputs_twig = array();
|
||||||
|
|
||||||
class AntiBot {
|
class AntiBot {
|
||||||
public $salt, $inputs = array(), $index = 0;
|
public $salt, $inputs = array(), $index = 0;
|
||||||
|
|
||||||
public static function randomString($length, $uppercase = false, $special_chars = false, $unicode_chars = false) {
|
public static function randomString($length, $uppercase = false, $special_chars = false, $unicode_chars = false) {
|
||||||
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
||||||
if ($uppercase)
|
if ($uppercase)
|
||||||
|
|
@ -22,11 +22,11 @@ class AntiBot {
|
||||||
for ($n = 0; $n < $len; $n++)
|
for ($n = 0; $n < $len; $n++)
|
||||||
$chars .= mb_convert_encoding('&#' . mt_rand(0x2600, 0x26FF) . ';', 'UTF-8', 'HTML-ENTITIES');
|
$chars .= mb_convert_encoding('&#' . mt_rand(0x2600, 0x26FF) . ';', 'UTF-8', 'HTML-ENTITIES');
|
||||||
}
|
}
|
||||||
|
|
||||||
$chars = preg_split('//u', $chars, -1, PREG_SPLIT_NO_EMPTY);
|
$chars = preg_split('//u', $chars, -1, PREG_SPLIT_NO_EMPTY);
|
||||||
|
|
||||||
$ch = array();
|
$ch = array();
|
||||||
|
|
||||||
// fill up $ch until we reach $length
|
// fill up $ch until we reach $length
|
||||||
while (count($ch) < $length) {
|
while (count($ch) < $length) {
|
||||||
$n = $length - count($ch);
|
$n = $length - count($ch);
|
||||||
|
|
@ -39,40 +39,40 @@ class AntiBot {
|
||||||
foreach ($keys as $key)
|
foreach ($keys as $key)
|
||||||
$ch[] = $chars[$key];
|
$ch[] = $chars[$key];
|
||||||
}
|
}
|
||||||
|
|
||||||
$chars = $ch;
|
$chars = $ch;
|
||||||
|
|
||||||
return implode('', $chars);
|
return implode('', $chars);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function make_confusing($string) {
|
public static function make_confusing($string) {
|
||||||
$chars = preg_split('//u', $string, -1, PREG_SPLIT_NO_EMPTY);
|
$chars = preg_split('//u', $string, -1, PREG_SPLIT_NO_EMPTY);
|
||||||
|
|
||||||
foreach ($chars as &$c) {
|
foreach ($chars as &$c) {
|
||||||
if (mt_rand(0, 3) != 0)
|
if (mt_rand(0, 3) != 0)
|
||||||
$c = utf8tohtml($c);
|
$c = utf8tohtml($c);
|
||||||
else
|
else
|
||||||
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
|
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
|
||||||
}
|
}
|
||||||
|
|
||||||
return implode('', $chars);
|
return implode('', $chars);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function __construct(array $salt = array()) {
|
public function __construct(array $salt = array()) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if (!empty($salt)) {
|
if (!empty($salt)) {
|
||||||
// create a salted hash of the "extra salt"
|
// create a salted hash of the "extra salt"
|
||||||
$this->salt = implode(':', $salt);
|
$this->salt = implode(':', $salt);
|
||||||
} else {
|
} else {
|
||||||
$this->salt = '';
|
$this->salt = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
shuffle($config['spam']['hidden_input_names']);
|
shuffle($config['spam']['hidden_input_names']);
|
||||||
|
|
||||||
$input_count = mt_rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
|
$input_count = mt_rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
|
||||||
$hidden_input_names_x = 0;
|
$hidden_input_names_x = 0;
|
||||||
|
|
||||||
for ($x = 0; $x < $input_count ; $x++) {
|
for ($x = 0; $x < $input_count ; $x++) {
|
||||||
if ($hidden_input_names_x === false || mt_rand(0, 2) == 0) {
|
if ($hidden_input_names_x === false || mt_rand(0, 2) == 0) {
|
||||||
// Use an obscure name
|
// Use an obscure name
|
||||||
|
|
@ -83,7 +83,7 @@ class AntiBot {
|
||||||
if ($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
|
if ($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
|
||||||
$hidden_input_names_x = false;
|
$hidden_input_names_x = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mt_rand(0, 2) == 0) {
|
if (mt_rand(0, 2) == 0) {
|
||||||
// Value must be null
|
// Value must be null
|
||||||
$this->inputs[$name] = '';
|
$this->inputs[$name] = '';
|
||||||
|
|
@ -96,16 +96,16 @@ class AntiBot {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function space() {
|
public static function space() {
|
||||||
if (mt_rand(0, 3) != 0)
|
if (mt_rand(0, 3) != 0)
|
||||||
return ' ';
|
return ' ';
|
||||||
return str_repeat(' ', mt_rand(1, 3));
|
return str_repeat(' ', mt_rand(1, 3));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function html($count = false) {
|
public function html($count = false) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
$elements = array(
|
$elements = array(
|
||||||
'<input type="hidden" name="%name%" value="%value%">',
|
'<input type="hidden" name="%name%" value="%value%">',
|
||||||
'<input type="hidden" value="%value%" name="%name%">',
|
'<input type="hidden" value="%value%" name="%name%">',
|
||||||
|
|
@ -119,13 +119,13 @@ class AntiBot {
|
||||||
'<textarea style="display:none" name="%name%">%value%</textarea>',
|
'<textarea style="display:none" name="%name%">%value%</textarea>',
|
||||||
'<textarea name="%name%" style="display:none">%value%</textarea>'
|
'<textarea name="%name%" style="display:none">%value%</textarea>'
|
||||||
);
|
);
|
||||||
|
|
||||||
$html = '';
|
$html = '';
|
||||||
|
|
||||||
if ($count === false) {
|
if ($count === false) {
|
||||||
$count = mt_rand(1, abs(count($this->inputs) / 15) + 1);
|
$count = mt_rand(1, abs(count($this->inputs) / 15) + 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($count === true) {
|
if ($count === true) {
|
||||||
// all elements
|
// all elements
|
||||||
$inputs = array_slice($this->inputs, $this->index);
|
$inputs = array_slice($this->inputs, $this->index);
|
||||||
|
|
@ -133,7 +133,7 @@ class AntiBot {
|
||||||
$inputs = array_slice($this->inputs, $this->index, $count);
|
$inputs = array_slice($this->inputs, $this->index, $count);
|
||||||
}
|
}
|
||||||
$this->index += count($inputs);
|
$this->index += count($inputs);
|
||||||
|
|
||||||
foreach ($inputs as $name => $value) {
|
foreach ($inputs as $name => $value) {
|
||||||
$element = false;
|
$element = false;
|
||||||
while (!$element) {
|
while (!$element) {
|
||||||
|
|
@ -146,29 +146,29 @@ class AntiBot {
|
||||||
$element = false;
|
$element = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$element = str_replace('%name%', utf8tohtml($name), $element);
|
$element = str_replace('%name%', utf8tohtml($name), $element);
|
||||||
|
|
||||||
if (mt_rand(0, 2) == 0)
|
if (mt_rand(0, 2) == 0)
|
||||||
$value = $this->make_confusing($value);
|
$value = $this->make_confusing($value);
|
||||||
else
|
else
|
||||||
$value = utf8tohtml($value);
|
$value = utf8tohtml($value);
|
||||||
|
|
||||||
if (strpos($element, 'textarea') === false)
|
if (strpos($element, 'textarea') === false)
|
||||||
$value = str_replace('"', '"', $value);
|
$value = str_replace('"', '"', $value);
|
||||||
|
|
||||||
$element = str_replace('%value%', $value, $element);
|
$element = str_replace('%value%', $value, $element);
|
||||||
|
|
||||||
$html .= $element;
|
$html .= $element;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $html;
|
return $html;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function reset() {
|
public function reset() {
|
||||||
$this->index = 0;
|
$this->index = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function hash() {
|
public function hash() {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
|
|
@ -176,7 +176,7 @@ class AntiBot {
|
||||||
// First, sort the keys in alphabetical order (A-Z)
|
// First, sort the keys in alphabetical order (A-Z)
|
||||||
$inputs = $this->inputs;
|
$inputs = $this->inputs;
|
||||||
ksort($inputs);
|
ksort($inputs);
|
||||||
|
|
||||||
$hash = '';
|
$hash = '';
|
||||||
// Iterate through each input
|
// Iterate through each input
|
||||||
foreach ($inputs as $name => $value) {
|
foreach ($inputs as $name => $value) {
|
||||||
|
|
@ -184,7 +184,7 @@ class AntiBot {
|
||||||
}
|
}
|
||||||
// Add a salt to the hash
|
// Add a salt to the hash
|
||||||
$hash .= $config['cookies']['salt'];
|
$hash .= $config['cookies']['salt'];
|
||||||
|
|
||||||
// Use SHA1 for the hash
|
// Use SHA1 for the hash
|
||||||
return sha1($hash . $this->salt);
|
return sha1($hash . $this->salt);
|
||||||
}
|
}
|
||||||
|
|
@ -192,31 +192,30 @@ class AntiBot {
|
||||||
|
|
||||||
function _create_antibot($board, $thread) {
|
function _create_antibot($board, $thread) {
|
||||||
global $config, $purged_old_antispam;
|
global $config, $purged_old_antispam;
|
||||||
|
|
||||||
$antibot = new AntiBot(array($board, $thread));
|
$antibot = new AntiBot(array($board, $thread));
|
||||||
|
|
||||||
if (!isset($purged_old_antispam)) {
|
if (!isset($purged_old_antispam)) {
|
||||||
$purged_old_antispam = true;
|
$purged_old_antispam = true;
|
||||||
query('DELETE FROM ``antispam`` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
|
query('DELETE FROM ``antispam`` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($thread)
|
if ($thread)
|
||||||
$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread AND `expires` IS NULL');
|
$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread AND `expires` IS NULL');
|
||||||
else
|
else
|
||||||
$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL AND `expires` IS NULL');
|
$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL AND `expires` IS NULL');
|
||||||
|
|
||||||
$query->bindValue(':board', $board);
|
$query->bindValue(':board', $board);
|
||||||
if ($thread)
|
if ($thread)
|
||||||
$query->bindValue(':thread', $thread);
|
$query->bindValue(':thread', $thread);
|
||||||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
$query = prepare('INSERT INTO ``antispam`` VALUES (:board, :thread, :hash, UNIX_TIMESTAMP(), NULL, 0)');
|
$query = prepare('INSERT INTO ``antispam`` VALUES (:board, :thread, :hash, UNIX_TIMESTAMP(), NULL, 0)');
|
||||||
$query->bindValue(':board', $board);
|
$query->bindValue(':board', $board);
|
||||||
$query->bindValue(':thread', $thread);
|
$query->bindValue(':thread', $thread);
|
||||||
$query->bindValue(':hash', $antibot->hash());
|
$query->bindValue(':hash', $antibot->hash());
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
return $antibot;
|
return $antibot;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue