forked from leftypol/leftypol
Bot prevention
This commit is contained in:
parent
fab3618afe
commit
7622e84b62
5 changed files with 137 additions and 2 deletions
|
@ -634,6 +634,105 @@
|
|||
}
|
||||
}
|
||||
|
||||
function createHiddenInputs() {
|
||||
global $config;
|
||||
|
||||
$inputs = Array();
|
||||
|
||||
shuffle($config['spam']['hidden_input_names']);
|
||||
$hidden_input_names_x = 0;
|
||||
|
||||
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
|
||||
for($x=0;$x<$input_count;$x++) {
|
||||
if(rand(0, 2) == 0 || $hidden_input_names_x < 0) {
|
||||
// Use an obscure name
|
||||
$name = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
|
||||
} else {
|
||||
// Use a pre-defined confusing name
|
||||
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
|
||||
if($hidden_input_names_x > count($config['spam']['hidden_input_names']))
|
||||
$hidden_input_names_x = -1;
|
||||
}
|
||||
|
||||
if(rand(0, 2) == 0) {
|
||||
// Value must be null
|
||||
$inputs[$name] = '';
|
||||
} elseif(rand(0, 4) == 0) {
|
||||
// Numeric value
|
||||
$inputs[$name] = rand(0, 100);
|
||||
} else {
|
||||
// Obscure value
|
||||
$inputs[$name] = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
|
||||
}
|
||||
}
|
||||
|
||||
$content = '';
|
||||
foreach($inputs as $name => $value) {
|
||||
$content .= '<input type="hidden" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" />' . "\n ";
|
||||
}
|
||||
|
||||
// Create a hash to validate it after
|
||||
// This is the tricky part.
|
||||
|
||||
// First, sort the keys in alphabetical order (A-Z)
|
||||
ksort($inputs);
|
||||
|
||||
$hash = '';
|
||||
|
||||
// Iterate through each input
|
||||
foreach($inputs as $name => $value) {
|
||||
$hash .= $name . '=' . $value;
|
||||
}
|
||||
|
||||
// Add a salt to the hash
|
||||
$hash .= $config['cookies']['salt'];
|
||||
|
||||
// Use SHA1 for the hash
|
||||
$hash = sha1($hash);
|
||||
|
||||
// Append it to the HTML
|
||||
$content .= '<input type="hidden" name="hash" value="' . $hash . '" />';
|
||||
|
||||
return $content;
|
||||
}
|
||||
|
||||
function checkSpam() {
|
||||
global $config;
|
||||
|
||||
if(!isset($_POST['hash']))
|
||||
return true;
|
||||
|
||||
$hash = $_POST['hash'];
|
||||
|
||||
// Reconsturct the $inputs array
|
||||
$inputs = Array();
|
||||
|
||||
foreach($_POST as $name => $value) {
|
||||
if(in_array($name, $config['spam']['valid_inputs']))
|
||||
continue;
|
||||
|
||||
$inputs[$name] = $value;
|
||||
}
|
||||
|
||||
// Sort the inputs in alphabetical order (A-Z)
|
||||
ksort($inputs);
|
||||
|
||||
$_hash = '';
|
||||
|
||||
// Iterate through each input
|
||||
foreach($inputs as $name => $value) {
|
||||
$_hash .= $name . '=' . $value;
|
||||
}
|
||||
|
||||
// Add a salt to the hash
|
||||
$_hash .= $config['cookies']['salt'];
|
||||
|
||||
// Use SHA1 for the hash
|
||||
$_hash = sha1($_hash);
|
||||
|
||||
return $hash != $_hash;
|
||||
}
|
||||
|
||||
function buildIndex() {
|
||||
global $board, $config;
|
||||
sql_open();
|
||||
|
@ -648,6 +747,7 @@
|
|||
$content['pages'] = $pages;
|
||||
$content['pages'][$page-1]['selected'] = true;
|
||||
$content['btn'] = getPageButtons($content['pages']);
|
||||
$content['hidden_inputs'] = createHiddenInputs();
|
||||
@file_put_contents($filename, Element('index.html', $content)) or error("Couldn't write to file.");
|
||||
|
||||
if(isset($md5) && $md5 == md5_file($filename)) {
|
||||
|
@ -837,6 +937,7 @@
|
|||
'index' => $config['root'],
|
||||
'id' => $id,
|
||||
'mod' => $mod,
|
||||
'hidden_inputs' => $content['hidden_inputs'] = createHiddenInputs(),
|
||||
'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index'])
|
||||
));
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue