/**
* Here we do the work
*/
public function execute($comment)
{
global $_CONF, $_TABLES, $LANG_SX00;
$uid = $this->getUid();
/**
* Check for IP of url in blacklist
*/
/*
* regex to find urls $2 = fqd
*/
$regx = '(ftp|http|file)://([^/\\s]+)';
$num = preg_match_all("#{$regx}#", html_entity_decode($comment), $urls);
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='IPofUrl'", 1);
$nrows = DB_numRows($result);
$ans = PLG_SPAM_NOT_FOUND;
for ($j = 1; $j <= $nrows; $j++) {
list($val) = DB_fetchArray($result);
for ($i = 0; $i < $num; $i++) {
$ip = gethostbyname($urls[2][$i]);
if ($val == $ip) {
$ans = PLG_SPAM_FOUND;
// quit on first positive match
$this->updateStat('IPofUrl', $val);
SPAMX_log($LANG_SX00['foundspam'] . $urls[2][$i] . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
break;
}
}
if ($ans == PLG_SPAM_FOUND) {
break;
}
}
return $ans;
}
/**
* Here we do the work
*/
public function execute($comment)
{
global $_CONF, $_TABLES, $_USER, $LANG_SX00;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
/**
* Include Blacklist Data
*/
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='Personal'", 1);
$nrows = DB_numRows($result);
// named entities
$comment = html_entity_decode($comment);
// decimal notation
$comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment);
// hex notation
$comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment);
$ans = 0;
for ($i = 1; $i <= $nrows; $i++) {
list($val) = DB_fetchArray($result);
$val = str_replace('#', '\\#', $val);
if (preg_match("#{$val}#i", $comment)) {
$ans = 1;
// quit on first positive match
SPAMX_log($LANG_SX00['foundspam'] . $val . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
break;
}
}
return $ans;
}
/**
* Disables a specified user
*
* @param int $uid
**/
protected function disableUser($uid)
{
global $_TABLES, $_USER;
$this->result = PLG_SPAM_ACTION_DELETE;
DB_change($_TABLES['users'], 'status', USER_ACCOUNT_DISABLED, 'uid', $uid);
SPAMX_log("User {$_USER['username']} banned for profile spam.");
}
/**
* Here we do the work
*/
function execute($comment)
{
global $_CONF, $_USER, $_TABLES, $LANG_SX00;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
/**
* Include Blacklist Data
*/
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'MTBlacklist'", 1);
$nrows = DB_numRows($result);
// named entities
$comment = html_entity_decode($comment);
// decimal notation
$comment = preg_replace('/&#(\\d+);/me', "chr(\\1)", $comment);
// hex notation
$comment = preg_replace('/&#x([a-f0-9]+);/mei', "chr(0x\\1)", $comment);
$ans = 0;
// Found Flag
for ($i = 1; $i <= $nrows; $i++) {
list($val) = DB_fetchArray($result);
if (@preg_match("#{$val}#i", $comment)) {
$ans = 1;
// quit on first positive match
SPAMX_log($LANG_SX00['fsc'] . $val . $LANG_SX00['fsc1'] . $uid . $LANG_SX00['fsc2'] . $_SERVER['REMOTE_ADDR']);
break;
}
}
return $ans;
}
/**
* Here we do the work
*
* @param string $comment
* @return int
*/
public function execute($comment)
{
global $_TABLES, $_USER, $LANG_SX00, $LANG28;
$uid = COM_isAnonUser() ? 1 : $_USER['uid'];
// Get homepage URLs of all banned users
$result = DB_query("SELECT DISTINCT homepage FROM {$_TABLES['users']} WHERE status = 0 AND homepage IS NOT NULL AND homepage <> ''");
$numRows = DB_numRows($result);
// named entities
$comment = html_entity_decode($comment);
// decimal notation
$comment = preg_replace_callback('/&#(\\d+);/m', array($this, 'callbackDecimal'), $comment);
// hex notation
$comment = preg_replace_callback('/&#x([a-f0-9]+);/mi', array($this, 'callbackHex'), $comment);
$ans = 0;
for ($i = 0; $i < $numRows; $i++) {
list($val) = DB_fetchArray($result);
$val = str_replace('#', '\\#', $val);
if (preg_match("#{$val}#i", $comment)) {
$ans = 1;
// quit on first positive match
SPAMX_log($LANG_SX00['foundspam'] . $val . ' (' . $LANG28[42] . ')' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
break;
}
}
$this->result = $ans;
return $ans;
}
function execute($comment)
{
global $result, $_CONF, $_TABLES, $LANG_SX00;
$result = 128;
// update count of deleted spam posts
DB_change($_TABLES['vars'], 'value', 'value + 1', 'name', 'spamx.counter', '', true);
SPAMX_log($LANG_SX00['spamdeleted']);
return 1;
}
/**
* Execute
*
* @param $comment
* @return int
*/
public function execute($comment)
{
global $_CONF, $_TABLES, $LANG_SX00;
$this->result = PLG_SPAM_ACTION_DELETE;
// update count of deleted spam posts
$sql['mysql'] = "UPDATE {$_TABLES['vars']} " . "SET value = value + 1 " . "WHERE name = 'spamx.counter' ";
$sql['pgsql'] = "UPDATE {$_TABLES['vars']} " . "SET value = CAST(value AS int) + 1 " . "WHERE name = 'spamx.counter' ";
DB_query($sql);
SPAMX_log($LANG_SX00['spamdeleted']);
return PLG_SPAM_FOUND;
}
/**
* Execute
*
* @param string $comment
* @return int
*/
public function execute($comment)
{
global $result, $_CONF, $_TABLES, $LANG_SX00, $_USER;
$url = COM_getCurrentURL();
if (strpos($url, 'usersettings.php') !== false) {
$this->result = PLG_SPAM_ACTION_DELETE;
DB_change($_TABLES['users'], 'status', USER_ACCOUNT_DISABLED, 'uid', $_USER['uid']);
SPAMX_log("User {$_USER['username']} banned for profile spam.");
}
return 1;
}
/**
* Helper function for the curious: Log rejected trackbacks
*
* @param string $logmsg Message to log
* @return void
*
*/
function TRB_logRejected($reason, $url = '')
{
global $_TRB_LOG_REJECTS;
if ($_TRB_LOG_REJECTS) {
$logmsg = 'Trackback from IP ' . $_SERVER['REMOTE_ADDR'] . ' rejected for ' . $reason . ', URL: ' . $url;
if (function_exists('SPAMX_log')) {
SPAMX_log($logmsg);
} else {
COM_errorLog($logmsg);
}
}
}
/**
* Here we do the work
*
* @param string
* @return int
*/
public function execute($comment)
{
global $LANG_SX00;
$ans = PLG_SPAM_NOT_FOUND;
$uid = $this->getUid();
$slv = new SLVbase();
if ($slv->CheckForSpam($comment)) {
$ans = PLG_SPAM_FOUND;
SPAMX_log($LANG_SX00['foundspam'] . 'Spam Link Verification (SLV)' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
}
// tell the Action module that we've already been triggered
$GLOBALS['slv_triggered'] = true;
return $ans;
}
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
* Note: Also returns 'false' in case of problems communicating with SLV.
* Error messages are logged in Geeklog's error.log
*/
public function CheckForSpam($post)
{
global $_SPX_CONF;
$retval = false;
if (empty($post)) {
return $retval;
}
$links = $this->prepareLinks($post);
if (empty($links)) {
return $retval;
}
if (!isset($_SPX_CONF['timeout'])) {
$_SPX_CONF['timeout'] = 5;
// seconds
}
if ($this->_verbose) {
SPAMX_log("Sending to SLV: {$links}");
}
$params = array(new XML_RPC_Value($links, 'string'));
$msg = new XML_RPC_Message('slv', $params);
$cli = new XML_RPC_Client('/slv.php', 'http://www.linksleeve.org');
if ($this->_debug) {
$cli->setDebug(1);
}
$resp = $cli->send($msg, $_SPX_CONF['timeout']);
if (!$resp) {
COM_errorLog('Error communicating with SLV: ' . $cli->getErrorString() . '; Message was ' . $msg->serialize());
} else {
if ($resp->faultCode()) {
COM_errorLog('Error communicating with SLV. Fault code: ' . $resp->faultCode() . ', Fault reason: ' . $resp->faultString() . '; Message was ' . $msg->serialize());
} else {
$val = $resp->value();
// note that SLV returns '1' for acceptable posts and '0' for spam
if ($val->scalarval() != '1') {
$retval = true;
SPAMX_log("SLV: spam detected");
} else {
if ($this->_verbose) {
SPAMX_log("SLV: no spam detected");
}
}
}
}
return $retval;
}
/**
* Here we do the work
*/
function execute($comment)
{
global $_USER, $LANG_SX00;
$ans = 0;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
$slv = new SLVbase();
if ($slv->CheckForSpam($comment)) {
$ans = 1;
SPAMX_log($LANG_SX00['foundspam'] . 'Spam Link Verification (SLV)' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
}
// tell the Action module that we've already been triggered
$GLOBALS['slv_triggered'] = true;
return $ans;
}
/**
* Here we do the work
*/
function execute($comment)
{
global $_CONF, $_TABLES, $_USER, $LANG_SX00, $result;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
// get HTTP headers of the current request
if (function_exists('getallheaders')) {
$headers = getallheaders();
} else {
// if getallheaders() is not available, we have to fake it using
// the $_SERVER['HTTP_...'] values
$headers = array();
foreach ($_SERVER as $key => $content) {
if (substr($key, 0, 4) == 'HTTP') {
$name = str_replace('_', '-', substr($key, 5));
$headers[$name] = $content;
}
}
}
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader'", 1);
$nrows = DB_numRows($result);
$ans = 0;
for ($i = 0; $i < $nrows; $i++) {
list($entry) = DB_fetchArray($result);
$v = explode(':', $entry);
$name = trim($v[0]);
$value = trim($v[1]);
$value = str_replace('#', '\\#', $value);
foreach ($headers as $key => $content) {
if (strcasecmp($name, $key) == 0) {
if (preg_match("#{$value}#i", $content)) {
$ans = 1;
// quit on first positive match
SPAMX_log($LANG_SX00['foundspam'] . $entry . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
break;
}
}
}
}
return $ans;
}
function execute($comment)
{
global $result, $_CONF, $_USER, $LANG_SX00, $_SPX_CONF;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
$uid .= '@' . $_SERVER['REMOTE_ADDR'];
$msg = sprintf($LANG_SX00['emailmsg'], $_CONF['site_name'], $uid, $comment);
// Add headers of the spam post to help track down the source.
// Function 'getallheaders' is not available when PHP is running as
// CGI. Print the HTTP_... headers from $_SERVER array instead then.
$msg .= "\n\n" . $LANG_SX00['headers'] . "\n";
if (function_exists('getallheaders')) {
$headers = getallheaders();
foreach ($headers as $key => $content) {
if (strcasecmp($key, 'Cookie') != 0) {
$msg .= $key . ': ' . $content . "\n";
}
}
} else {
foreach ($_SERVER as $key => $content) {
if (substr($key, 0, 4) == 'HTTP') {
if ($key != 'HTTP_COOKIE') {
$msg .= $key . ': ' . $content . "\n";
}
}
}
}
$subject = sprintf($LANG_SX00['emailsubject'], $_CONF['site_name']);
if (empty($_SPX_CONF['notification_email'])) {
$email_address = $_CONF['site_mail'];
} else {
$email_address = $_SPX_CONF['notification_email'];
}
$to = array();
$to = COM_formatEmailAddress('', $email_address);
COM_mail($to, $subject, $msg);
$result = 8;
SPAMX_log('Mail Sent to Admin');
return 0;
}
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
*
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in glFusion's error.log
*
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $REMOTE_ADDR;
$retval = false;
$ip = $REMOTE_ADDR;
if (empty($post) || $ip == '') {
return $retval;
}
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error == "" || strlen($body) > 0) {
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['ip']) && $result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) 25) {
$retval = true;
SPAMX_log("SFS: spam detected");
}
}
}
return $retval;
}
/**
* Here we do the work
*/
function execute($comment)
{
global $_USER, $LANG_SX00;
$ans = 0;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
$sfs = new SFSbase();
if ($sfs->CheckForSpam($comment)) {
$ans = 1;
SPAMX_log($LANG_SX00['foundspam'] . 'Stop Forum Spam (SFS)' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
SESS_setVar('spamx_msg', 'Failed Stop Forum Spam IP / username check');
}
// tell the Action module that we've already been triggered
$GLOBALS['sfs_triggered'] = true;
return $ans;
}
/**
* Here we do the work
*/
function execute($comment)
{
global $_USER, $_SPX_CONF, $LANG_SX00;
if (!isset($_SPX_CONF['slc_max_links'])) {
$_SPX_CONF['slc_max_links'] = 5;
}
$tooManyLinks = 0;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
$slc = new SLCbase();
$linkCount = $slc->CheckForSpam($comment);
if ($linkCount > $_SPX_CONF['slc_max_links']) {
SPAMX_log($LANG_SX00['foundspam'] . 'Spam Link Counter (SLC)' . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
$tooManyLinks = 1;
SESS_setVar('spamx_msg', 'Too many links in post');
}
// tell the Action module that we've already been triggered
$GLOBALS['slc_triggered'] = true;
return $tooManyLinks;
}
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
* Note: Also returns 'false' in case of problems communicating with SNL.
* Error messages are logged in Geeklog's error.log
*/
public function CheckForSpam($post)
{
global $_SPX_CONF;
$retval = false;
if (!isset($_SPX_CONF['snl_enabled'])) {
$_SPX_CONF['snl_enabled'] = false;
}
if (empty($post) || !$_SPX_CONF['snl_enabled']) {
return $retval;
}
$links = $this->prepareLinks($post);
if (empty($links)) {
return $retval;
}
if (!isset($_SPX_CONF['snl_num_links'])) {
$_SPX_CONF['snl_num_links'] = 5;
}
if ($links > $_SPX_CONF['snl_num_links']) {
$retval = true;
SPAMX_log('SNL: spam detected, found ' . $links . ' links.');
}
return $retval;
}
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
*
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in glFusion's error.log
*
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $REMOTE_ADDR;
require_once 'HTTP/Request2.php';
$retval = false;
$ip = $REMOTE_ADDR;
if (empty($post) || $ip == '') {
return $retval;
}
$request = new HTTP_Request2('http://www.stopforumspam.com/api', HTTP_Request2::METHOD_GET, array('use_brackets' => true));
$url = $request->getUrl();
$checkData['f'] = 'serial';
if ($ip != '') {
$checkData['ip'] = $ip;
}
$url->setQueryVariables($checkData);
$url->setQueryVariable('cmd', 'display');
try {
$response = $request->send();
} catch (Exception $e) {
return 0;
}
$result = @unserialize($response->getBody());
if (!$result) {
return false;
}
// invalid data, assume ok
if ($result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) 25) {
$retval = true;
SPAMX_log("SFS: spam detected");
} else {
if ($this->_verbose) {
SPAMX_log("SFS: no spam detected");
}
}
return $retval;
}
/**
* Execute
*
* @param string $comment
* @return int
*/
public function execute($comment)
{
global $_CONF, $LANG_SX00, $_SPX_CONF;
$uid = $this->getUid() . '@' . $_SERVER['REMOTE_ADDR'];
$msg = sprintf($LANG_SX00['emailmsg'], $_CONF['site_name'], $uid, $comment);
// Add headers of the spam post to help track down the source.
// Function 'getallheaders' is not available when PHP is running as
// CGI. Print the HTTP_... headers from $_SERVER array instead then.
$msg .= "\n\n" . $LANG_SX00['headers'] . "\n";
if (function_exists('getallheaders')) {
$headers = getallheaders();
foreach ($headers as $key => $content) {
if (strcasecmp($key, 'Cookie') != 0) {
$msg .= $key . ': ' . $content . "\n";
}
}
} else {
foreach ($_SERVER as $key => $content) {
if (substr($key, 0, 4) == 'HTTP') {
if ($key != 'HTTP_COOKIE') {
$msg .= $key . ': ' . $content . "\n";
}
}
}
}
$subject = sprintf($LANG_SX00['emailsubject'], $_CONF['site_name']);
if (empty($_SPX_CONF['notification_email'])) {
$email_address = $_CONF['site_mail'];
} else {
$email_address = $_SPX_CONF['notification_email'];
}
COM_mail($email_address, $subject, $msg);
$this->result = PLG_SPAM_ACTION_NOTIFY;
SPAMX_log('Mail Sent to Admin');
return PLG_SPAM_NOT_FOUND;
}
/**
* Private internal method, this actually processes a given ip
* address against a blacklist of IP regular expressions.
*
* @param strint $ip IP address of comment poster
* @return int 0: no spam, else: spam detected
* @access private
*/
function _process($ip)
{
global $_CONF, $_TABLES, $_USER, $LANG_SX00, $result;
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$uid = $_USER['uid'];
} else {
$uid = 1;
}
/**
* Include Blacklist Data
*/
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='IP'", 1);
$nrows = DB_numRows($result);
$ans = 0;
for ($i = 0; $i < $nrows; $i++) {
list($val) = DB_fetchArray($result);
$matches = false;
if (strpos($val, '/') !== false) {
$matches = $this->_matchCIDR($ip, $val);
} elseif (strpos($val, '-') !== false) {
$matches = $this->_matchRange($ip, $val);
} else {
$matches = preg_match("#{$val}#i", $ip) == 0 ? false : true;
}
if ($matches) {
$ans = 1;
// quit on first positive match
SPAMX_log($LANG_SX00['foundspam'] . $val . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $ip);
break;
}
}
return $ans;
}
/**
* Initial import of the MT Blacklist
*/
function _initial_import()
{
global $_CONF, $_TABLES, $LANG_SX00, $_SPX_CONF;
if (ini_get('allow_url_fopen')) {
$blacklist = file($_SPX_CONF['mtblacklist_url']);
$count = $this->_do_import($blacklist);
if ($count > 0) {
$display = sprintf($LANG_SX00['import_success'], $count);
SPAMX_log($LANG_SX00['uMTlist'] . $LANG_SX00['uMTlist2'] . $count . $LANG_SX00['uMTlist3'] . '0' . $LANG_SX00['entries']);
} else {
$display = $LANG_SX00['import_failure'];
}
} else {
// read blacklist from local file
$fromfile = $_CONF['path_data'] . 'blacklist.txt';
if (file_exists($fromfile)) {
$blacklist = file($fromfile);
$count = $this->_do_import($blacklist);
if ($count > 0) {
$display = sprintf($LANG_SX00['import_success'], $count);
SPAMX_log($LANG_SX00['uMTlist'] . $LANG_SX00['uMTlist2'] . $count . $LANG_SX00['uMTlist3'] . '0' . $LANG_SX00['entries']);
} else {
$display = $LANG_SX00['import_failure'];
}
} else {
$display = sprintf($LANG_SX00['allow_url_fopen'], $_CONF['path_data']);
$display .= '<p>' . COM_createLink($_SPX_CONF['mtblacklist_url'], $_SPX_CONF['mtblacklist_url']);
}
}
// Import Personal Blacklist for existing users.
$fromfile = $_CONF['path_html'] . 'spamx/blacklist.php';
if (file_exists($fromfile)) {
require_once $fromfile;
$count = $this->_do_importp($SPAMX_BLACKLIST);
$display .= $LANG_SX00['initial_Pimport'];
if ($count > 0) {
$display .= sprintf($LANG_SX00['import_success'], $count);
SPAMX_log($LANG_SX00['uPlist'] . $LANG_SX00['uMTlist2'] . $count . $LANG_SX00['uMTlist3'] . '0' . $LANG_SX00['entries']);
} else {
$display .= $LANG_SX00['import_failure'];
}
}
return $display;
}
/**
* Private internal method, this actually processes a given ip
* address against a blacklist of IP regular expressions.
*
* @param strint $ip IP address of comment poster
* @return int 0: no spam, else: spam detected
*/
private function _process($ip)
{
global $_CONF, $_TABLES, $LANG_SX00;
$uid = $this->getUid();
/**
* Include Blacklist Data
*/
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='IP'", 1);
$nrows = DB_numRows($result);
$ans = PLG_SPAM_NOT_FOUND;
for ($i = 0; $i < $nrows; $i++) {
list($val) = DB_fetchArray($result);
$matches = false;
if (strpos($val, '/') !== false) {
$matches = $this->_matchCIDR($ip, $val);
} elseif (strpos($val, '-') !== false) {
$matches = $this->_matchRange($ip, $val);
} else {
$matches = preg_match("#^{$val}\$#i", $ip);
}
if ($matches) {
$ans = PLG_SPAM_FOUND;
// quit on first positive match
$this->updateStat('IP', $val);
SPAMX_log($LANG_SX00['foundspam'] . $val . $LANG_SX00['foundspam2'] . $uid . $LANG_SX00['foundspam3'] . $ip);
break;
}
}
return $ans;
}
/**
* Deletes a given comment
* (lifted from comment.php)
* @param int $cid Comment ID
* @param string $sid ID of object comment belongs to
* @param string $type Comment type (e.g. article, poll, etc)
* @return string Returns string needed to redirect page to right place
*
*/
public function delcomment($cid, $sid, $type)
{
global $_CONF, $_TABLES, $LANG_SX00;
$type = COM_applyFilter($type);
$sid = COM_applyFilter($sid);
switch ($type) {
case 'article':
$has_editPermissions = SEC_hasRights('story.edit');
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'");
$A = DB_fetchArray($result);
if ($has_editPermissions && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
CMT_deleteComment(COM_applyFilter($cid, true), $sid, 'article');
$comments = DB_count($_TABLES['comments'], array('sid', 'type'), array($sid, 'article'));
DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
} else {
COM_errorLog("User {$_USER['username']} (IP: {$_SERVER['REMOTE_ADDR']}) tried to illegally delete comment {$cid} from {$type} {$sid}");
}
break;
default:
// assume plugin
PLG_commentDelete($type, COM_applyFilter($cid, true), $sid);
break;
}
SPAMX_log($LANG_SX00['spamdeleted']);
}
/**
* Deletes a given trackback comment
*
* @param int $cid Comment ID
* @param string $sid ID of object comment belongs to
* @param string $type Comment type (e.g. article, poll, etc)
* @return void
*
*/
function deltrackback($cid, $sid, $type)
{
global $_TABLES, $LANG_SX00;
if (TRB_allowDelete($sid, $type)) {
TRB_deleteTrackbackComment($cid);
if ($type == 'article') {
$tbcount = DB_count($_TABLES['trackback'], array('type', 'sid'), array('article', $sid));
DB_query("UPDATE {$_TABLES['stories']} SET trackbacks = {$tbcount} WHERE sid = '{$sid}'");
}
SPAMX_log($LANG_SX00['spamdeleted']);
}
}
/**
* Private internal method, this actually processes a given ip
* address against a blacklist of IP regular expressions.
*
* @param strint $ip IP address of comment poster
* @return int 0: no spam, else: spam detected
* @access private
*/
function _process($type, $email = '', $ip = '', $username = '')
{
global $_TABLES, $_SPX_CONF, $LANG_SX00;
if (!isset($_SPX_CONF['sfs_username_confidence'])) {
$_SPX_CONF['sfs_username_confidence'] = (double) 99.0;
}
if (!isset($_SPX_CONF['sfs_email_confidence'])) {
$_SPX_CONF['sfs_email_confidence'] = (double) 50.0;
}
if (!isset($_SPX_CONF['sfs_ip_confidence'])) {
$_SPX_CONF['sfs_ip_confidence'] = (double) 25.0;
}
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
if ($email != '') {
$requestArgs .= 'email=' . urlencode($email) . '&';
}
if ($username != '') {
$requestArgs .= 'username='******'&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error != "" || strlen($body) == 0) {
return 0;
}
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['ip']) && $result['ip']['appears'] == 1) {
if ($result['ip']['confidence'] > (double) $_SPX_CONF['sfs_ip_confidence']) {
SPAMX_log($type . ' - Found ' . $type . ' matching ' . 'Stop Forum Spam (SFS)' . 'for IP ' . $ip . ' with confidence level of ' . $result['ip']['confidence'] . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
return 1;
} else {
COM_errorLog("Spamx: SFS found match on IP, but confidence level was only " . $result['ip']['confidence']);
}
}
if (isset($result['email']) && $result['email']['appears'] == 1) {
if ($result['email']['confidence'] > (double) $_SPX_CONF['sfs_email_confidence']) {
SPAMX_log($type . ' - Found ' . $type . ' matching ' . 'Stop Forum Spam (SFS)' . 'for email ' . $email . ' with confidence level of ' . $result['email']['confidence'] . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
return 1;
}
}
if (isset($result['username']) && $result['username']['appears'] == 1) {
if ($result['username']['confidence'] > (double) $_SPX_CONF['sfs_username_confidence']) {
SPAMX_log($type . ' - Found ' . $type . ' matching ' . 'Stop Forum Spam (SFS)' . 'for username ' . $username . ' with confidence level of ' . $result['username']['confidence'] . $LANG_SX00['foundspam3'] . $_SERVER['REMOTE_ADDR']);
return 1;
}
}
// Passed the checks
return 0;
}
return 0;
}
/**
* Check if spam IP
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
*
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in Geeklog's error.log
*
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $_TABLES;
if (!isset($_SPX_CONF['sfs_enabled'])) {
$_SPX_CONF['sfs_enabled'] = false;
}
if (!$_SPX_CONF['sfs_enabled']) {
return PLG_SPAM_NOT_FOUND;
// invalid data, assume ok
}
if (!$_SPX_CONF['sfs_confidence']) {
$_SPX_CONF['sfs_enabled'] = 25;
}
if (!isset($_SPX_CONF['timeout'])) {
$_SPX_CONF['timeout'] = 5;
// seconds
}
$ip = $_SERVER['REMOTE_ADDR'];
$query = "http://www.stopforumspam.com/api?f=serial&ip={$ip}";
require_once 'HTTP/Request.php';
$req = new HTTP_Request($query, array('timeout' => $_SPX_CONF['timeout']));
if ($this->_verbose) {
SPAMX_log('Sending to SFS: ' . $query);
}
if ($req->sendRequest() === TRUE) {
$result = $req->getResponseBody();
if ($result === FALSE) {
return PLG_SPAM_NOT_FOUND;
// Response body is not set, assume ok
}
$result = unserialize($result);
if (!$result) {
if ($this->_verbose) {
SPAMX_log("SFS: no spam detected");
}
return PLG_SPAM_NOT_FOUND;
// Invalid data, assume ok
}
} else {
return PLG_SPAM_NOT_FOUND;
// PEAR Error, assume ok
}
if (!$result) {
return PLG_SPAM_NOT_FOUND;
}
// invalid data, assume ok
if ($result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) $_SPX_CONF['sfs_confidence']) {
$retval = PLG_SPAM_FOUND;
SPAMX_log("SFS: spammer IP detected: " . $ip);
// Add IP to SFS IP list... assuming sfs runs after ip check so no dups
// Double Check for IP address just in case
$db_ip = DB_escapeString($ip);
$result = DB_query("SELECT value FROM {$_TABLES['spamx']}\n WHERE name='IP' AND value='{$db_ip}'", 1);
if (DB_numRows($result) == 0) {
// Not in db so add
$timestamp = DB_escapeString(date('Y-m-d H:i:s'));
$sql = "INSERT INTO {$_TABLES['spamx']} (name, value, regdate)\n VALUES ('IP', '{$db_ip}', '{$timestamp}')";
DB_query($sql);
}
} else {
if ($this->_verbose) {
SPAMX_log("SFS: spammer IP not detected: " . $ip);
}
}
return $retval;
}
/**
* Private internal method,
*
* @param string $email Email address of user
* @param string $ip IP address of user
* @return int 0: no spam, else: spam detected
*/
private function _process($email, $ip)
{
global $_TABLES, $LANG_SX00, $_SPX_CONF;
if (!isset($_SPX_CONF['sfs_enabled'])) {
$_SPX_CONF['sfs_enabled'] = false;
}
if (!$_SPX_CONF['sfs_enabled']) {
return PLG_SPAM_NOT_FOUND;
// invalid data, assume ok
}
if (!$_SPX_CONF['sfs_confidence']) {
$_SPX_CONF['sfs_enabled'] = 25;
}
if (!isset($_SPX_CONF['timeout'])) {
$_SPX_CONF['timeout'] = 5;
// seconds
}
$db_email = DB_escapeString($email);
$db_ip = DB_escapeString($ip);
// Include Blacklist Data
// Check for IP address
$result = DB_query("SELECT name, value FROM {$_TABLES['spamx']}\n WHERE name='IP' AND value='{$db_ip}'\n OR name='email' AND value='{$db_email}'", 1);
if (DB_numRows($result) > 0) {
list($name, $value) = DB_fetchArray($result);
$timestamp = DB_escapeString(date('Y-m-d H:i:s'));
DB_query("UPDATE {$_TABLES['spamx']} SET counter = counter + 1, regdate = '{$timestamp}' WHERE name='" . DB_escapeString($name) . "' AND value='" . DB_escapeString($value) . "'", 1);
return PLG_SPAM_FOUND;
}
$em = urlencode($email);
$query = "http://www.stopforumspam.com/api?f=serial&email={$em}";
if (!empty($ip)) {
$query .= "&ip={$ip}";
}
require_once 'HTTP/Request.php';
$req = new HTTP_Request($query, array('timeout' => $_SPX_CONF['timeout']));
if ($this->_verbose) {
SPAMX_log('Sending to SFS: ' . $query);
}
if ($req->sendRequest() === TRUE) {
$result = $req->getResponseBody();
if ($result === FALSE) {
return PLG_SPAM_NOT_FOUND;
// Response body is not set, assume ok
}
$result = unserialize($result);
if (!$result) {
if ($this->_verbose) {
SPAMX_log("SFS: no spam detected");
}
return PLG_SPAM_NOT_FOUND;
// Invalid data, assume ok
}
} else {
return PLG_SPAM_NOT_FOUND;
// PEAR Error, assume ok
}
if (!$result) {
return PLG_SPAM_NOT_FOUND;
}
// invalid data, assume ok
if (isset($result['email']) && $result['email']['appears'] == 1 && $result['email']['confidence'] > (double) $_SPX_CONF['sfs_confidence'] || $result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) $_SPX_CONF['sfs_confidence']) {
$timestamp = DB_escapeString(date('Y-m-d H:i:s'));
if (isset($result['email']) && $result['email']['appears'] == 1 && $result['email']['confidence'] > (double) $_SPX_CONF['sfs_confidence']) {
$value_arr[] = "('email', '{$db_email}', '{$timestamp}')";
}
if ($result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) $_SPX_CONF['sfs_confidence']) {
$value_arr[] = "('IP', '{$db_ip}', '{$timestamp}')";
}
$values = implode(',', $value_arr);
$sql = "INSERT INTO {$_TABLES['spamx']} (name, value, regdate)\n VALUES {$values}";
DB_query($sql);
$log_msg = sprintf($LANG_SX00['email_ip_spam'], $email, $ip);
SPAMX_log($log_msg);
return PLG_SPAM_FOUND;
} else {
if ($this->_verbose) {
SPAMX_log("SFS: spammer IP not detected: " . $ip . " Spammer email not detected: " . $email);
}
}
// Passed the checks
return PLG_SPAM_NOT_FOUND;
}