Beispiel #1
0
function admin_bans($ban_type)
{
    global $db, $globals, $offset, $page_size, $ban_text_length, $ban_comment_length, $current_user;
    require_once mnminclude . 'ban.php';
    $key = get_security_key();
    if ($current_user->user_level == "god" && check_security_key($_REQUEST["key"])) {
        if (!empty($_REQUEST["new_ban"])) {
            insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"]);
        } elseif (!empty($_REQUEST["edit_ban"])) {
            insert_ban($ban_type, $_POST["ban_text"], $_POST["ban_comment"], $_POST["ban_expire"], $_POST["ban_id"]);
        } elseif (!empty($_REQUEST["new_bans"])) {
            $array = preg_split("/\\s+/", $_POST["ban_text"]);
            $size = count($array);
            for ($i = 0; $i < $size; $i++) {
                insert_ban($ban_type, $array[$i], $_POST["ban_comment"], $_POST["ban_expire"]);
            }
        } elseif (!empty($_REQUEST["del_ban"])) {
            del_ban($_REQUEST["del_ban"]);
        }
    }
    // ex container-wide
    echo '<div class="genericform" style="margin:0">';
    echo '<div style="float:right;">' . "\n";
    echo '<form method="get" action="' . $globals['base_url'] . 'admin/bans.php">';
    echo '<input type="hidden" name="admin" value="' . $ban_type . '" />';
    echo '<input type="hidden" name="key" value="' . $key . '" />';
    echo '<input type="text" name="s" ';
    if ($_REQUEST["s"]) {
        $_REQUEST["s"] = clean_text($_REQUEST["s"]);
        echo ' value="' . $_REQUEST["s"] . '" ';
    } else {
        echo ' value="' . _('buscar') . '..." ';
    }
    echo 'onblur="if(this.value==\'\') this.value=\'' . _('buscar') . '...\';" onfocus="if(this.value==\'' . _('buscar') . '...\') this.value=\'\';" />';
    echo '&nbsp;<input style="padding:2px;" type="image" align="top" value="' . _('buscar') . '" alt="' . _('buscar') . '" src="' . $globals['base_static'] . 'img/common/search-03.png" />';
    echo '</form>';
    echo '</div>';
    if ($current_user->user_level == "god") {
        echo '&nbsp; [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;op=new">' . _('Nuevo ban') . '</a> ]';
        echo '&nbsp; [ <a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;op=news">' . _('Múltiples bans') . '</a> ]';
    }
    if (!empty($_REQUEST["op"])) {
        echo '<form method="post" name="newban" action="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '">';
        echo '<input type="hidden" name="key" value="' . $key . '" />';
    }
    echo '<table class="decorated" style="font-size: 10pt">';
    echo '<tr><th width="25%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;';
    if ($_REQUEST["s"]) {
        echo 's=' . $_REQUEST["s"] . '&amp;';
    }
    echo 'orderby=ban_text">' . $ban_type . '</a></th>';
    echo '<th width="30%"><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;';
    if ($_REQUEST["s"]) {
        echo 's=' . $_REQUEST["s"] . '&amp;';
    }
    echo 'orderby=ban_comment">' . _('comentario') . '</a></th>';
    echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;';
    if ($_REQUEST["s"]) {
        echo 's=' . $_REQUEST["s"] . '&amp;';
    }
    echo 'orderby=ban_date">' . _('fecha creación') . '</a></th>';
    echo '<th><a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;';
    if ($_REQUEST["s"]) {
        echo 's=' . $_REQUEST["s"] . '&amp;';
    }
    echo 'orderby=ban_expire">' . _('fecha caducidad') . '</a></th>';
    echo '<th>' . _('Editar / Borrar') . '</th></tr>';
    switch ($_REQUEST["op"]) {
        case 'new':
            echo '<tr><td>';
            echo '<input type="text" id="ban_text" name="ban_text" size="30" maxlength="' . $ban_text_length . '" value="" />';
            echo '&nbsp;<span id="checkit"><input type="button" id="checkbutton1" value="' . _('verificar') . '" onclick="checkfield(\'ban_' . $ban_type . '\', this.form, this.form.ban_text)"/></span>' . "\n";
            echo '<br /><span id="ban_' . $ban_type . 'checkitvalue"></span>' . "\n";
            echo '</td><td>';
            echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />';
            echo '</td><td>';
            echo '</td><td>';
            echo '<select name="ban_expire" id="ban_expire">';
            print_expiration_dates();
            echo '</select>';
            echo '</td><td>';
            echo '<input type="hidden" name="new_ban" value="1" />';
            echo '<input type="submit" name="submit" value="' . _('Crear ban') . '" />';
            echo '</td></tr>';
            break;
        case 'news':
            echo '<tr><td>';
            echo '<textarea id="ban_text" name="ban_text" /></textarea>';
            echo '</td><td>';
            echo '<input class="form-full" type="text" name="ban_comment" id="ban_comment" />';
            echo '</td><td>';
            echo '</td><td>';
            echo '<select name="ban_expire" id="ban_expire">';
            print_expiration_dates();
            echo '</select>';
            echo '</td><td>';
            echo '<input type="hidden" name="new_bans" value="1" />';
            echo '<input type="submit" name="submit" value="' . _('Crear bans') . '" />';
            echo '</td></tr>';
            break;
        case 'edit':
            $ban = new Ban();
            $ban->ban_id = (int) $_REQUEST["id"];
            $ban->read();
            echo '<tr><td>';
            echo '<input type="text" name="ban_text" id="ban_text" size="30" maxlength="' . $ban_text_length . '" value="' . $ban->ban_text . '" />';
            echo '</td><td>';
            echo '<input type="text" class="form-full" name="ban_comment" id="ban_comment" value="' . $ban->ban_comment . '" />';
            echo '</td><td>';
            echo $ban->ban_date;
            echo '</td><td>';
            echo '<select name="ban_expire" id="ban_expire">';
            echo '<option value="' . $ban->ban_expire . '">' . $ban->ban_expire . '</option>';
            print_expiration_dates();
            echo '</select>';
            echo '</td><td>';
            echo '<input type="hidden" name="ban_id" value="' . $ban->ban_id . '" />';
            echo '<input type="submit" name="edit_ban" value="' . _('Editar ban') . '" />';
            echo '</td></tr>';
            break;
    }
    if (empty($_REQUEST["op"])) {
        //listado de bans
        if (empty($_REQUEST["orderby"])) {
            $_REQUEST["orderby"] = "ban_text";
        } else {
            $_REQUEST["orderby"] = preg_replace('/[^a-z_]/i', '', $_REQUEST["orderby"]);
            if ($_REQUEST["orderby"] == 'ban_date') {
                $order = "DESC";
            }
        }
        $where = "WHERE ban_type='" . $ban_type . "'";
        if ($_REQUEST["s"]) {
            $search_text = $db->escape($_REQUEST["s"]);
            $where .= " AND (ban_text LIKE '%{$search_text}%' OR ban_comment LIKE '%{$search_text}%')";
        }
        $bans = $db->get_col("SELECT ban_id FROM bans " . $where . " ORDER BY " . $_REQUEST["orderby"] . " {$order} LIMIT {$offset},{$page_size}");
        $rows = $db->get_var("SELECT count(*) FROM bans " . $where);
        if ($bans) {
            $ban = new Ban();
            foreach ($bans as $ban_id) {
                $ban->ban_id = $ban_id;
                $ban->read();
                echo '<tr>';
                echo '<td onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);" >' . clean_text($ban->ban_text) . '</td>';
                echo '<td style="overflow: hidden;white-space: nowrap;" onmouseover="return tooltip.ajax_delayed(event, \'get_ban_info.php\', ' . $ban->ban_id . ');" onmouseout="tooltip.clear(event);">' . clean_text(txt_shorter($ban->ban_comment, 50)) . '</td>';
                echo '<td>' . $ban->ban_date . '</td>';
                echo '<td>' . $ban->ban_expire . '</td>';
                echo '<td>';
                if ($current_user->user_level == "god") {
                    echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;op=edit&amp;id=' . $ban->ban_id . '" title="' . _('Editar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-edit-notice01.png" alt="' . 'Editar' . '" /></a>';
                    echo '&nbsp;/&nbsp;';
                    echo '<a href="' . $globals['base_url'] . 'admin/bans.php?admin=' . $ban_type . '&amp;del_ban=' . $ban->ban_id . '&amp;key=' . $key . '" title="' . _('Eliminar') . '"><img src="' . $globals['base_static'] . 'img/common/sneak-reject01.png" alt="' . 'Eliminar' . '" /></a>';
                }
                echo '</td>';
                echo '</tr>';
            }
        }
    }
    echo '</table>';
    if (!empty($_REQUEST["op"])) {
        echo "</form>\n";
    }
    do_pages($rows, $page_size, false);
}
Beispiel #2
0
function do_submit1()
{
    global $db, $dblang, $current_user, $globals;
    $url = clean_input_url($_POST['url']);
    $url = preg_replace('/^http:\\/\\/http:\\/\\//', 'http://', $url);
    // Some users forget to delete the foo http://
    $url = preg_replace('/#.*$/', '', $url);
    // Remove the "#", people just abuse
    do_banner_top();
    echo '<div id="container-wide">' . "\n";
    echo '<div id="genericform-contents">' . "\n";
    $new_user = false;
    if (!check_link_key()) {
        echo '<p class="error"><strong>' . _('clave incorrecta') . '</strong></p> ';
        echo '</div>' . "\n";
        return;
    }
    if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) {
        echo '<p class="error"><strong>' . _('no tienes el mínimo de karma para enviar una nueva historia') . '</strong></p> ';
        echo '</div>' . "\n";
        return;
    }
    $enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
    if ($current_user->user_karma > 10) {
        $enqueued_limit = $globals['limit_3_minutes'] * 1.5;
    } else {
        $enqueued_limit = $globals['limit_3_minutes'];
    }
    if ($enqueued_last_minutes > $enqueued_limit) {
        echo '<p class="error"><strong>' . _('Exceso de envíos') . ':</strong></p>';
        echo '<p>' . _('Se han enviado demasiadas noticias en los últimos 3 minutos') . " ({$enqueued_last_minutes} > {$enqueued_limit}), " . _('disculpa las molestias') . ' </p>';
        syslog(LOG_NOTICE, "Meneame, too many queued ({$current_user->user_login}): {$_POST['url']}");
        echo '</div>' . "\n";
        return;
    }
    // Check the user does not have too many drafts
    $drafts = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}  and link_date > date_sub(now(), interval 30 minute) and link_status='discard' and link_votes = 0");
    if ($drafts > 3) {
        echo '<p class="error"><strong>' . _('Demasiados borradores') . ':</strong></p>';
        echo '<p>' . _('Has hecho demasiados intentos, debes esperar o continuar con ellos desde la') . ' <a href="shakeit.php?meta=_discarded">' . _('cola de descartadas') . '</a></p>';
        syslog(LOG_NOTICE, "Meneame, too many drafts ({$current_user->user_login}): {$_POST['url']}");
        echo '</div>' . "\n";
        return;
    }
    // Delete dangling drafts
    if ($drafts > 0) {
        $db->query("delete from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
    }
    // Check for banned IPs
    if (check_ban($globals['user_ip'], 'ip', true) || check_ban_proxy()) {
        echo '<p class="error"><strong>' . _('Dirección IP no permitida para enviar') . ':</strong> ' . $globals['user_ip'] . ' (' . $globals['ban_message'] . ')</p>';
        syslog(LOG_NOTICE, "Meneame, banned IP {$globals['user_ip']} ({$current_user->user_login}): {$url}");
        print_empty_submit_form();
        echo '</div>' . "\n";
        return;
    }
    // Number of links sent by the user
    $total_sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}") - $drafts;
    if ($total_sents > 0) {
        $sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)") - $drafts;
    } else {
        $new_user = true;
        $sents = 0;
    }
    $register_date = $current_user->Date();
    if ($globals['now'] - $register_date < 86400 * 3) {
        $new_user = true;
    }
    // check that a new user also votes, not only sends links
    // it requires $globals['min_user_votes'] votes
    if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < 6.1) {
        $user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id={$current_user->user_id}");
        $user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id={$current_user->user_id}");
        $user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
        $total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
        echo "<!-- {$user_votes_total}, {$user_links}, {$total_links} -->\n";
        if ($sents == 0) {
            // If is a new user, requires more votes, to avoid spam
            $min_votes = $globals['min_user_votes'];
        } else {
            $min_votes = min(4, intval($total_links / 20)) * $user_links;
        }
        if ($current_user->user_level != 'god' && $current_user->user_level != 'admin' && $user_votes < $min_votes) {
            $needed = $min_votes - $user_votes;
            echo '<p class="error">';
            if ($new_user) {
                echo '<strong>' . _('¿es la primera vez que envías una noticia?') . '</strong></p> ';
                echo '<p class="error-text">' . _('necesitas como mínimo') . " <strong>{$needed} " . _('votos') . '</strong><br/>';
            } else {
                echo '<strong>' . _('no tienes el mínimo de votos necesarios para enviar una nueva historia') . '</strong></p> ';
                echo '<p class="error-text">' . _('necesitas votar como mínimo a') . " <strong>{$needed} " . _('noticias') . '</strong><br/>';
            }
            echo '<strong>' . _('no votes de forma apresurada, penaliza el karma') . '</strong><br/>';
            echo '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a></p>';
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
    }
    // avoid spams, an extra security check
    // it counts the numbers of links in the last hours
    if ($new_user) {
        $user_links_limit = 1;
        $user_links_interval = 1;
    } else {
        $user_links_limit = 5;
        $user_links_interval = 2;
    }
    $same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author={$current_user->user_id}") - $drafts;
    $same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_ip = '" . $globals['user_ip'] . "'") - $drafts;
    if ($same_user > $user_links_limit || $same_ip > $user_links_limit) {
        echo '<p class="error"><strong>' . _('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP') . '</strong></p>';
        echo '<br style="clear: both;" />' . "\n";
        echo '</div>' . "\n";
        return;
    }
    // avoid users sending continuous "rubbsih" or "propaganda", specially new users
    // it takes in account the number of positive votes in the last six hours
    if ($same_user > 1 && $current_user->user_karma < 12) {
        $positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
        $negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
        echo "<!-- Positives: {$positives_received} -->\n";
        echo "<!-- Negatives: {$negatives_received} -->\n";
        if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
            echo '<p class="error"><strong>' . _('debes esperar, has tenido demasiados votos negativos en tus últimos envíos') . '</strong></p>';
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
    }
    $linkres = new Link();
    $linkres->url = $url;
    $edit = false;
    if (report_dupe($url)) {
        return;
    }
    if (!$linkres->check_url($url, true, true) || !$linkres->get($url)) {
        echo '<p class="error"><strong>' . _('URL erróneo o no permitido') . '</strong>: ';
        if (!empty($globals['ban_match'])) {
            echo $globals['ban_match'];
        } else {
            echo $linkres->url;
        }
        echo '</p>';
        echo '<p><strong>' . _('Razón') . ':</strong> ' . $globals['ban_message'] . '</p>';
        // If the domain is banned, decrease user's karma
        if ($linkres->banned) {
            $db->query("update users set user_karma = user_karma - 0.05 where user_id = {$current_user->user_id}");
        }
        print_empty_submit_form();
        echo '</div>' . "\n";
        return;
    }
    // If the URL has changed, check again is not dupe
    if ($linkres->url != $url && report_dupe($linkres->url)) {
        return;
    }
    $linkres->randkey = intval($_POST['randkey']);
    if (!$linkres->valid) {
        echo '<p class="error"><strong>' . _('error leyendo el url') . ':</strong> ' . htmlspecialchars($url) . '</p>';
        // Dont allow new users with low karma to post wrong URLs
        if ($current_user->user_karma < 12 && $current_user->user_level == 'normal') {
            echo '<p>' . _('URL inválido, incompleto o no permitido') . '</p>';
            print_empty_submit_form();
            return;
        }
        echo '<p>' . _('No es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto') . '</p>';
    }
    $linkres->status = 'discard';
    $linkres->author = $current_user->user_id;
    if (!$linkres->trackback()) {
        $linkres->pingback();
    }
    $trackback = htmlspecialchars($linkres->trackback);
    $linkres->create_blog_entry();
    $blog = new Blog();
    $blog->id = $linkres->blog;
    $blog->read();
    $blog_url_components = @parse_url($blog->url);
    $blog_url = $blog_url_components[host] . $blog_url_components[path];
    // Now we check again against the blog table
    // it's done because there could be banned blogs like http://lacotelera.com/something
    if (check_ban($blog->url, 'hostname', false, true)) {
        echo '<p class="error"><strong>' . _('URL inválido') . ':</strong> ' . htmlspecialchars($url) . '</p>';
        echo '<p>' . _('El sitio') . " {$globals['ban_match']} " . _('está deshabilitado') . ' (' . $globals['ban_message'] . ') </p>';
        syslog(LOG_NOTICE, "Meneame, banned site ({$current_user->user_login}): {$blog->url} <- {$_POST['url']}");
        print_empty_submit_form();
        echo '</div>' . "\n";
        return;
    }
    // check for users spamming several sites and networks
    // it does not allow a low "entropy"
    if ($sents > 30) {
        $ratio = (double) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)");
        $threshold = 1 / log($sents, 2);
        if ($ratio < $threshold) {
            if ($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog = {$blog->id}") > 2) {
                syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: {$ratio} <  {$threshold}  ({$current_user->user_login}): {$linkres->url}");
                echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a los mismos sitios') . '</strong></p> ';
                echo '<p class="error-text">' . _('varía las fuentes, podría ser considerado spam') . '</p>';
                echo '<br style="clear: both;" />' . "\n";
                echo '</div>' . "\n";
                return;
            }
        }
    }
    // Check the user does not send too many images or vídeos
    // they think this is a fotolog
    if ($sents > 5 && ($linkres->content_type == 'image' || $linkres->content_type == 'video')) {
        $image_links = intval($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60  day) and link_content_type in ('image', 'video')"));
        if ($image_links > $sents * 0.3) {
            syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ({$current_user->user_login}): {$linkres->url}");
            echo '<p class="error"><strong>' . _('ya has enviado demasiadas imágenes o vídeos') . '</strong></p> ';
            echo '<p class="error-text">' . _('disculpa, no es un fotolog') . '</p>';
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
    }
    // avoid auto-promotion (autobombo)
    $minutes = 30;
    $same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$minutes} minute) and link_author={$current_user->user_id} and link_blog={$linkres->blog} and link_votes > 0");
    if ($same_blog > 0 && $current_user->user_karma < 12) {
        syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ({$current_user->user_login}): {$linkres->url}");
        echo '<p class="error"><strong>' . _('ya has enviado un enlace al mismo sitio hace poco tiempo') . '</strong></p> ';
        echo '<p class="error-text">' . _('debes esperar') . " {$minutes} " . _(' minutos entre cada envío al mismo sitio.') . ', ';
        echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a></p>';
        echo '<br style="clear: both;" />' . "\n";
        echo '</div>' . "\n";
        return;
    }
    // Avoid spam, count links in last three months
    $same_blog = $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog={$linkres->blog}");
    // Check if the domain should be banned
    $check_history = $sents > 2 && $same_blog > 0 && ($ratio = $same_blog / $sents) > 0.5;
    // check clones also for new users
    if ($sents == 0 || $check_history) {
        // Count unique users
        // TODO: we should discard users with the same IP (clones)
        $unique_users = (int) $db->get_var("select count(distinct link_author) from links, users, votes where link_blog={$blog->id}  and link_date > date_sub(now(), interval 30 day) and user_id = link_author and user_level != 'disabled' and vote_type='links' and vote_link_id = link_id and vote_user_id = link_author and vote_ip_int != " . $globals['user_ip_int']);
        // Check for user clones
        $clones = $db->get_var("select count(distinct link_author) from links, votes where link_author!={$current_user->user_id} and link_date > date_sub(now(), interval 20 day) and link_blog={$linkres->blog} link_votes > 0 and vote_type='links' and vote_link_id=link_id and link_author = vote_user_id and vote_ip_int = " . $globals['user_ip_int']);
        if ($clones > 0 && $unique_users < 3) {
            // we detected that another user has sent to the same URL from the same IP
            echo '<p class="error"><strong>' . _('se han detectado usuarios clones que envían al sitio') . " {$blog->url}" . '</strong></p> ';
            $ban_period_txt = _('un mes');
            $ban = insert_ban('hostname', $blog_url, _('usuarios clones') . " {$current_user->user_login} ({$blog_url})", time() + 86400 * 30);
            $banned_host = $ban->ban_text;
            echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong>, ";
            echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a></p>';
            syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to user clones ({$current_user->user_login}): {$banned_host}  <- {$linkres->url}");
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
        // end clones
    }
    if ($check_history) {
        // Calculate ban period according to previous karma
        $avg_karma = (int) $db->get_var("select avg(link_karma) from links where link_blog={$blog->id} and link_date > date_sub(now(), interval 30 day)");
        // This is the case of unique/few users sending just their site and take care of choosing goog titles and text
        // the condition is stricter, more links and higher ratio
        if ($sents > 3 && $ratio > 0.9 || $sents > 6 && $ratio > 0.8 || $sents > 12 && $ratio > 0.6) {
            if ($unique_users < 3) {
                if ($avg_karma < -10) {
                    $ban_period = 86400 * 30;
                    $ban_period_txt = _('un mes');
                } else {
                    $ban_period = 86400 * 7;
                    $ban_period_txt = _('una semana');
                }
                syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and few users ({$unique_users}), going to ban {$blog->url} ({$current_user->user_login})");
            }
            // Otherwise check previous karma
        } elseif ($sents > 4 && $avg_karma < 30) {
            if ($avg_karma < -40) {
                $ban_period = 86400 * 30;
                $ban_period_txt = _('un mes');
            } elseif ($avg_karma < -10) {
                $ban_period = 86400 * 7;
                $ban_period_txt = _('una semana');
            } elseif ($avg_karma < 10) {
                $ban_period = 86400;
                $ban_period_txt = _('un día');
            } else {
                $ban_period = 7200;
                $ban_period_txt = _('dos horas');
            }
            syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and low karma ({$avg_karma}), going to ban {$blog->url} ({$current_user->user_login})");
        }
        if ($ban_period > 0) {
            echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
            echo '<p class="error-text">' . _('varía tus fuentes, es para evitar abusos y enfados por votos negativos') . ', ';
            echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
            echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
            if (!empty($blog_url)) {
                $ban = insert_ban('hostname', $blog_url, _('envíos excesivos de') . " {$current_user->user_login}", time() + $ban_period);
                $banned_host = $ban->ban_text;
                echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong></p> ";
                syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to high ratio ({$current_user->user_login}): {$banned_host}  <- {$linkres->url}");
            } else {
                syslog(LOG_NOTICE, "Meneame, error parsing during ban: {$blog->id}, {$blog->url} ({$current_user->user_login})");
            }
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        } elseif ($sents > 0) {
            // Just in case check again sent (paranoia setting)
            echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
            echo '<p class="error-text">' . _('el sitio podría ser baneado automáticamente si continúas enviando') . ', ';
            echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
            echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
            if ($sents > 5 && $ratio > 0.75) {
                // don't allow to continue
                syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ({$current_user->user_login}): {$linkres->url}");
                return;
            } else {
                syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ({$current_user->user_login}): {$linkres->url}");
            }
        }
    }
    $links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard')");
    // check there is no an "overflow" from the same site
    if ($current_user->user_karma < 18) {
        $site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_blog={$linkres->blog}"));
        if ($site_links > 5 && $site_links > $links_12hs * 0.04) {
            // Only 4% from the same site
            syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ({$current_user->user_login}): {$linkres->url}");
            echo '<p class="error"><strong>' . _('ya se han enviado demasiadas noticias del mismo sitio, espera unos minutos por favor') . '</strong></p> ';
            echo '<p class="error-text">' . _('total en 12 horas') . ": {$site_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.04) . '</p>';
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
    }
    // check there is no an "overflow" of images
    if ($linkres->content_type == 'image' || $linkres->content_type == 'video') {
        $image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_content_type in ('image', 'video')"));
        if ($image_links > 5 && $image_links > $links_12hs * 0.08) {
            // Only 8% images and videos
            syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ({$current_user->user_login}): {$linkres->url}");
            echo '<p class="error"><strong>' . _('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor') . '</strong></p> ';
            echo '<p class="error-text">' . _('total en 12 horas') . ": {$image_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05) . '</p>';
            echo '<br style="clear: both;" />' . "\n";
            echo '</div>' . "\n";
            return;
        }
    }
    if (check_ban($linkres->url, 'punished_hostname', false, true)) {
        echo '<p class="error"><strong>' . _('Aviso') . ' ' . $globals['ban_match'] . ':</strong> <em>' . $globals['ban_message'] . '</em></p>';
        echo '<p>' . _('mejor enviar el enlace a la fuente original, sino será penalizado') . '</p>';
    }
    // Now stores new draft
    $linkres->ip = $globals['user_ip'];
    $linkres->sent_date = $linkres->date = time();
    $linkres->store();
    echo '<h2>' . _('envío de una nueva noticia: paso 2 de 3') . '</h2>' . "\n";
    echo '<div id="genericform">' . "\n";
    echo '<form action="submit.php" method="post" id="thisform" name="thisform">' . "\n";
    echo '<input type="hidden" name="url" id="url" value="' . htmlspecialchars($linkres->url) . '" />' . "\n";
    echo '<input type="hidden" name="phase" value="2" />' . "\n";
    echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n";
    echo '<input type="hidden" name="key" value="' . $_POST['key'] . '" />' . "\n";
    echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
    echo '<fieldset><legend><span class="sign">' . _('información del enlace') . '</span></legend>' . "\n";
    echo '<p class="genericformtxt"><strong>';
    echo mb_substr($linkres->url_title, 0, 200);
    echo '</strong><br/>';
    echo htmlspecialchars($linkres->url);
    echo '</p> ' . "\n";
    echo '</fieldset>' . "\n";
    echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n";
    echo '<label for="title" accesskey="1">' . _('título de la noticia') . ':</label>' . "\n";
    echo '<p><span class="genericformnote">' . _('título de la noticia. máximo: 120 caracteres') . '</span>' . "\n";
    // Is it an image or video?
    echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
    $linkres->print_content_type_buttons();
    echo '<br/><input type="text" id="title" name="title" value="' . $link_title . '" size="80" maxlength="120" />';
    echo '</p>' . "\n";
    echo '<label for="tags" accesskey="2">' . _('etiquetas') . ':</label>' . "\n";
    echo '<p><span class="genericformnote"><strong>' . _('pocas palabras, genéricas, cortas y separadas por "," (coma)') . '</strong> Ejemplo: <em>web, programación, software libre</em></span>' . "\n";
    echo '<br/><input type="text" id="tags" name="tags" value="' . $link_tags . '" size="70" maxlength="70" /></p>' . "\n";
    print_simpleformat_buttons('bodytext');
    echo '<p><label for="bodytext" accesskey="3">' . _('descripción de la noticia') . ':</label>' . "\n";
    echo '<br /><span class="genericformnote">' . _('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.') . '</span>' . "\n";
    echo '<br /><textarea name="bodytext"  rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)"></textarea>' . "\n";
    echo '<br /><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="genericformnote">' . _('caracteres libres') . '</span>';
    echo '</p>' . "\n";
    print_categories_form();
    echo '<p><label for="trackback">' . _('trackback') . ':</label><br />' . "\n";
    if (empty($trackback)) {
        echo '<span class="genericformnote">' . _('puedes agregar o cambiar el trackback si ha sido detectado automáticamente') . '</span>' . "\n";
        echo '<input type="text" name="trackback" id="trackback" value="' . $trackback . '" class="form-full" /></p>' . "\n";
    } else {
        echo '<span class="genericformnote">' . $trackback . '</span>' . "\n";
        echo '<input type="hidden" name="trackback" id="trackback" value="' . $trackback . '"/></p>' . "\n";
    }
    echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('&#171; retroceder') . '" />&nbsp;&nbsp;' . "\n";
    echo '<input class="genericsubmit" type="submit" value="' . _('continuar &#187;') . '" />' . "\n";
    echo '</fieldset>' . "\n";
    echo '</form>' . "\n";
    echo '</div>' . "\n";
    echo '</div>' . "\n";
}