Beispiel #1
0
function processArticle($papi, &$hdrs)
{
    /* Sanity check */
    if (isset($hdrs['control'])) {
        return false;
    }
    if (!isset($hdrs['body'])) {
        return true;
    }
    /* Define missing headers if necessary */
    $moreHeaders = '';
    if (!isset($hdrs['content-type'])) {
        $moreHeaders .= "Content-Type: text/plain\r\n";
    }
    /* Part is a regular RFC822 message */
    $part = new Part(array('content' => $hdrs['raw_hdrs'] . $moreHeaders . "\r\n" . $hdrs['body'], 'directives' => array('mimeHint' => 'message/rfc822')));
    /* Build category paths */
    $paths = array();
    foreach (explode(',', $hdrs['newsgroups']) as $group) {
        $paths[] = str_replace('.', '/', $group);
        break;
        /* FIXME ONLY ONE PATH BY DEFAULT */
    }
    /* "The" URI */
    $uri = getUri($hdrs['message-id']);
    /* Meta-datas */
    $metas = array('publicurl' => $uri, 'file_name' => substr($uri, 5) . '.eml', 'path' => $paths, 'file_size' => strlen($hdrs['body']), 'std:numlines' => safeGet($hdrs, 'lines'));
    /* Merge references to parent(s) */
    $threadUri = false;
    if (isset($hdrs['references'])) {
        $refUri = array();
        foreach (explode(' ', str_replace('><', '> <', $hdrs['references'])) as $ref) {
            $ref = trim($ref);
            if (strlen($ref) != 0) {
                $refUri[] = getUri($ref);
            }
        }
        $metas['parent_count'] = count($refUri);
        for ($i = 0; $i < count($refUri); $i++) {
            $metas['parent' . ($i + 1) . '_uri'] = $refUri[$i];
        }
        /* First element is the top thread ID (the one which started the thread)*/
        if (count($refUri) != 0) {
            $threadUri = $refUri[0];
        }
    }
    if ($threadUri == false) {
        $threadUri = $uri;
    }
    $metas['thread_uri'] = $threadUri;
    /* FIXME TEST - pseudo-thread identifier in path */
    $metas['path'][0] .= '/' . substr(md5($threadUri), 0, 8);
    /* Create document */
    $doc = new Document(array('uri' => $uri, 'parts' => $part, 'metas' => $metas));
    /* Sent the document to the Push API */
    $resp = $papi->addDocument(array($doc));
    /*   if (isset($hdrs['content-type']) */
    /*       && strpos($hdrs['content-type'], 'iso-8859-15') !== false) { */
    /*     //$stdout = fopen('php://stdout', 'w'); */
    /*     $stdout = fopen('/tmp/out', 'w'); */
    /*     $ser = new PushAPISerializer($doc); */
    /*     $ser->serialize($stdout); */
    /*     echo ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n"; */
    /*     fclose($stdout); */
    /*   } */
    return true;
}
Beispiel #2
0
@chdir(FORUM_ROOT . PATH_DIR) or die('Invalid path');
//TODO: that should generate a 404, but we can't create a 404 in PHP that will send the server's provided 404 page.
//      I may revist this if I create an NNF-provided 404 page
/* access control
   ====================================================================================================================== */
/* name / password authorisation:
   ---------------------------------------------------------------------------------------------------------------------- */
//for HTTP authentication (sign-in):
//- CGI workaround <orangejuiceliberationfront.com/http-auth-with-php-in-cgi-mode-e-g-on-dreamhost/>
if (@$_SERVER['HTTP_AUTHORIZATION']) {
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}
//all pages can accept a name / password when committing actions (new thread / reply &c.)
//in the case of HTTP authentication (sign in), these are provided in the request header instead
define('NAME', safeGet(@$_SERVER['PHP_AUTH_USER'] ? @$_SERVER['PHP_AUTH_USER'] : @$_POST['username'], SIZE_NAME));
define('PASS', safeGet(@$_SERVER['PHP_AUTH_PW'] ? @$_SERVER['PHP_AUTH_PW'] : @$_POST['password'], SIZE_PASS, false));
if (@$_SERVER['PHP_AUTH_USER'] && @$_SERVER['PHP_AUTH_PW'] || NAME && PASS && isset($_POST['email']) && @$_POST['email'] == '*****@*****.**' && (isset($_POST['x'], $_POST['y']) || isset($_POST['submit_x'], $_POST['submit_y']))) {
    //users are stored as text files based on the hash of the given name
    $name = hash('sha512', strtolower(NAME));
    $user = FORUM_ROOT . DIRECTORY_SEPARATOR . FORUM_USERS . DIRECTORY_SEPARATOR . "{$name}.txt";
    //create the user, if new:
    //- if registrations are allowed (`FORUM_NEWBIES` is true)
    //- you can’t create new users with the HTTP_AUTH sign in
    if (FORUM_NEWBIES && !isset($_SERVER['PHP_AUTH_USER']) && !file_exists($user)) {
        file_put_contents($user, hash('sha512', $name . PASS)) or (require FORUM_LIB . 'error_permissions.php');
    }
    //does password match?
    define('AUTH', @file_get_contents($user) == hash('sha512', $name . PASS));
    //if signed in with HTTP_AUTH, confirm that it’s okay to use
    //(e.g. the user could still have given the wrong password with HTTP_AUTH)
    define('AUTH_HTTP', @$_SERVER['PHP_AUTH_USER'] ? AUTH : false);
Beispiel #3
0
<?php

//display the index of threads in a folder
/* ====================================================================================================================== */
/* NoNonsense Forum v19 © Copyright (CC-BY) Kroc Camen 2012
   licenced under Creative Commons Attribution 3.0 <creativecommons.org/licenses/by/3.0/deed.en_GB>
   you may do whatever you want to this code as long as you give credit to Kroc Camen, <camendesign.com>
*/
//bootstrap the forum; you should read that file first
require_once './start.php';
//submitted info for making a new thread
//(name / password already handled in 'start.php')
define('TITLE', safeGet(@$_POST['title'], SIZE_TITLE));
define('TEXT', safeGet(@$_POST['text'], SIZE_TEXT));
/* ======================================================================================================================
   new thread submitted
   ====================================================================================================================== */
//has the user submitted a new thread?
//(`AUTH` will be true if username and password submitted and correct, `TITLE` and `TEXT` are checked to not be blank)
if (CAN_POST && AUTH && TITLE && TEXT) {
    //the file on disk is a simplified version of the title:
    $translit = preg_replace(array('/[^_a-z0-9-]/i', '/_{2,}/'), '_', str_replace(array("'", "`", "^", "~", "'", '"'), '', strtolower(iconv('UTF-8', 'US-ASCII//IGNORE//TRANSLIT', TITLE))));
    //old iconv versions and certain inputs may cause a nullstring. don't allow a blank filename
    if (!$translit) {
        $translit = '_';
    }
    //if a thread already exsits with that name, append a number until an available filename is found
    $c = 0;
    do {
        $file = $translit . ($c++ ? '_' . ($c - 1) : '');
    } while (file_exists("{$file}.rss"));
function suspectProvider($json)
{
    $score = 0;
    $details = [];
    $playTime = ticksToSeconds(safeGet('stat.playOneMinute', $json, 0));
    $shortPlayTime = 14400;
    //4 hours in considered short
    //acquire some data
    $diamonds = safeGet('achievement.diamonds', $json, 0);
    $obsMined = safeGet('stat.mineBlock.minecraft.obsidian', $json, 0);
    $enderEyes = safeGet('stat.craftItem.minecraft.ender_eye', $json, 0);
    $blazeRods = safeGet('achievement.blazeRod', $json, 0);
    $iron = safeGet('achievement.acquireIron', $json, 0);
    $stone = safeGet('stat.mineBlock.minecraft.stone', $json, 0);
    $wood = safeGet('achievement.mineWood', $json, 0);
    $score += suspectAdd($details, 'Beacons', getWeightedMinePlaceDiffCmp($json, 'minecraft.beacon', 25, [['has' => safeGet('achievement.killWither', $json, 0), 'shouldHave' => 1]]));
    $score += suspectAdd($details, 'Enchanting Tables', getWeightedMinePlaceDiffCmp($json, 'minecraft.enchanting_table', 15, [['has' => $obsMined, 'shouldHave' => 4]]));
    $score += suspectAdd($details, 'Ender Chests', getWeightedMinePlaceDiffCmp($json, 'minecraft.ender_chest', 15, [['has' => $enderEyes, 'shouldHave' => 1]]));
    $score += suspectAdd($details, 'Brewing Stands', getWeightedMinePlaceDiffCmp($json, 'minecraft.brewing_stand', 15, [['has' => $blazeRods, 'shouldHave' => 1]]));
    $score += suspectAdd($details, 'Anvils', getWeightedMinePlaceDiffCmp($json, 'minecraft.anvil', 15, [['has' => $iron, 'shouldHave' => 31]]));
    $score += suspectAdd($details, 'Chests', getWeightedMinePlaceDiffCmp($json, 'minecraft.chest', 8, [['has' => $wood, 'shouldHave' => 3]]));
    $score += suspectAdd($details, 'Furnaces', getWeightedMinePlaceDiffCmp($json, 'minecraft.furnace', 1, [['has' => $stone, 'shouldHave' => 9]]));
    //Destroyed more build blocks than ever placed
    $score += suspectAdd($details, 'Glass', getWeightedMinePlaceDiff($json, 'minecraft.stained_glass', 5)) + suspectAdd($details, 'Glass', getWeightedMinePlaceDiff($json, 'minecraft.stained_glass_pane', 5)) + suspectAdd($details, 'Glass', getWeightedMinePlaceDiff($json, 'minecraft.glass', 5)) + suspectAdd($details, 'Glass', getWeightedMinePlaceDiff($json, 'minecraft.glass_pane', 5)) + suspectAdd($details, 'Rails', getWeightedMinePlaceDiff($json, 'minecraft.golden_rail', 5)) + suspectAdd($details, 'Brick Blocks', getWeightedMinePlaceDiff($json, 'minecraft.brick_block', 3)) + suspectAdd($details, 'Quartz Blocks', getWeightedMinePlaceDiff($json, 'minecraft.quartz_block', 3)) + suspectAdd($details, 'Ladders', getWeightedMinePlaceDiff($json, 'minecraft.ladder', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.dark_oak_fence', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.spruce_fence', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.birch_fence', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.jungle_fence', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.acacia_fence', 3)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.cobblestone_wall', 3));
    //Destroyed more blocks than ever played after a SHORT playing time
    if ($playTime < $shortPlayTime) {
        $score += suspectAdd($details, 'Rails', getWeightedMinePlaceDiff($json, 'minecraft.rail', 8)) + suspectAdd($details, 'Bookshelves', getWeightedMinePlaceDiff($json, 'minecraft.bookshelf', 8)) + suspectAdd($details, 'Fences', getWeightedMinePlaceDiff($json, 'minecraft.fence', 3)) + suspectAdd($details, 'Planks', getWeightedMinePlaceDiff($json, 'minecraft.planks', 2)) + suspectAdd($details, 'Torches', getWeightedMinePlaceDiff($json, 'minecraft.torch', 1));
        //found in MANY places
        $score += suspectAdd($details, 'Lava Buckets', 25 * safeGet('stat.useItem.minecraft.lava_bucket', $json, 0));
        $score += suspectAdd($details, 'TNT', 25 * safeGet('stat.craftItem.minecraft.tnt', $json, 0));
        $score += suspectAdd($details, 'Fire', 10 * safeGet('stat.useItem.minecraft.flint_and_steel', $json, 0));
    }
    //Increase suspicion according to lava buckets emptied, TNT crafted and fires started
    if ($score > 100 && $playTime >= $shortPlayTime) {
        $score += suspectAdd($details, 'Lava Buckets', 10 * safeGet('stat.useItem.minecraft.lava_bucket', $json, 0));
        $score += suspectAdd($details, 'TNT', 10 * safeGet('stat.craftItem.minecraft.tnt', $json, 0));
        $score += suspectAdd($details, 'Fire', 5 * safeGet('stat.useItem.minecraft.flint_and_steel', $json, 0));
    }
    //Scale suspicion score for low play times
    $score = (int) ($score * suspectAdd($details, 'Playtime Factor', min(300, max(1, $shortPlayTime / max(1, $playTime)))));
    return $score > 100 ? ['score' => $score, 'details' => $details] : FALSE;
}
Beispiel #5
0
// defined by url parameters. (more or less do nasty nasty exploits as they to
// will have access to this Open Source Framework and will for the most part
// know the code.)
if (isset($itx)) {
    $itx = (string) NULL;
    unset($itx);
}
// Include some basic libraries that are common to the Framework in general.
include pathPrivate . "lib/F5DBlib.php";
include pathPrivate . "lib/F5SYSTEMlib.php";
// Load the Language Config file based upon what default language is set.
include pathPrivate . "config/localization/" . defLang . "/F5lang_" . deflang . ".php";
// Start an Instance of the Framework5 Global Class (F5class)
$DO = new F5class();
// SESSION Security! Initialize and set a token for the Agent (browser) the user
// is currently using. If the user changes clients with the same SESSION Cookie
// stored in the server's /TMP folder, it will kill the running of the Framework
// as this DOES NOT HAPPEN unless someone is trying to run a code exploit.
$_SESSION = $DO->initSession($_SESSION);
$_SESSION = $DO->agentSession($_SESSION, $_SERVER['HTTP_USER_AGENT']);
// Load the GET Parameters into the $itx array safely.
$itx['get'] = safeGet($_GET);
// Define Global Values for Time at the time the script is ran.
define('unixtime', time());
define('prettytime', $DO->getPrettyTime(unixtime, deftimezone));
// Load the PLUGINS dependant upon GET Parameter Overrides
if (!runPlugins($itx)) {
    echo "The Janitor accidentally tripped and spilled the mop water on the server again, please contact an administrator";
    die;
    exit;
}
                            <td class="center score-silver <?php 
    echo "place{$i}";
    ?>
"><?php 
    echo safeGet('silver', $e, 0);
    ?>
</td>
                            <td class="center score-gold <?php 
    echo "place{$i}";
    ?>
"><?php 
    echo safeGet('gold', $e, 0);
    ?>
</td>
                            <td class="center score <?php 
    echo "place{$i}";
    ?>
"><?php 
    echo safeGet('score', $e, 0);
    ?>
</td>
                        </tr>
                        <?php 
    $i++;
}
?>
            </tbody>
        </table>
    </div>
</div>
Beispiel #7
0
//Sort and save stat rankings, compute awards and hall of fame
$awards = [];
$hof = [];
foreach ($stats as $id => $stat) {
    echo "Saving data for {$id} ...\n";
    if (isset($stat['ranking'])) {
        //Sort ranking
        usort($stat['ranking'], 'compareRankingEntries');
        //Save stat ranking for players
        foreach ($stat['ranking'] as $rank => $entry) {
            $uuid = $entry['id'];
            if (!array_key_exists($uuid, $playerStats)) {
                $playerStats[$uuid] = [];
            }
            if ($rank < 3) {
                $e = safeGet($uuid, $hof, []);
                $e['id'] = $uuid;
                //save for sorter
                switch ($rank) {
                    case 0:
                        safeInc('gold', $e, 1);
                        safeInc('score', $e, $goldMedalScore);
                        break;
                    case 1:
                        safeInc('silver', $e, 1);
                        safeInc('score', $e, $silverMedalScore);
                        break;
                    case 2:
                        safeInc('bronze', $e, 1);
                        safeInc('score', $e, $bronzeMedalScore);
                        break;
    ?>
                            <tr>
                            <td><?php 
    echo $id;
    ?>
</td>
                            <td><?php 
    echo safeGet('craft', $stats, 0);
    ?>
</td>
                            <td><?php 
    echo safeGet('use', $stats, 0);
    ?>
</td>
                            <td><?php 
    echo safeGet('mine', $stats, 0);
    ?>
</td>
                            </tr>
                        <?php 
}
?>
            </tbody>
        </table>
        <hr />
        <p>Miscellaneous raw statistics:</p>
        <table class="listing">
            <colgroup>
                <col style="width:40%;"/>
                <col style="width:60%;"/>
            </colgroup>