function bb2_run_whitelist($package)
{
# FIXME: Transitional, until port maintainters implement bb2_read_whitelist
if (function_exists('bb2_read_whitelist')) {
$whitelists = bb2_read_whitelist();
} else {
$whitelists = @parse_ini_file(dirname(BB2_CORE) . "/whitelist.ini");
}
if (@(!empty($whitelists['ip']))) {
foreach ($whitelists['ip'] as $range) {
if (match_cidr($package['ip'], $range)) {
return true;
}
}
}
if (@(!empty($whitelists['useragent']))) {
foreach ($whitelists['useragent'] as $user_agent) {
if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) {
return true;
}
}
}
if (@(!empty($whitelists['url']))) {
if (strpos($package['request_uri'], "?") === FALSE) {
$request_uri = $package['request_uri'];
} else {
$request_uri = substr($package['request_uri'], 0, strpos($package['request_uri'], "?"));
}
foreach ($whitelists['url'] as $url) {
$pos = strpos($request_uri, $url);
if ($pos !== false && $pos == 0) {
return true;
}
}
}
return false;
}
function bb2_whitelist()
{
$whitelists = bb2_read_whitelist();
if (empty($whitelists)) {
$whitelists = array();
$whitelists['ip'] = array();
$whitelists['url'] = array();
$whitelists['useragent'] = array();
}
$request_uri = $_SERVER["REQUEST_URI"];
if (!$request_uri) {
$request_uri = $_SERVER['SCRIPT_NAME'];
}
# IIS
if ($_POST) {
$_POST = array_map('stripslashes_deep', $_POST);
if ($_POST['ip']) {
$whitelists['ip'] = array_filter(preg_split("/\\s+/m", $_POST['ip']));
} else {
$whitelists['ip'] = array();
}
if ($_POST['url']) {
$whitelists['url'] = array_filter(preg_split("/\\s+/m", $_POST['url']));
} else {
$whitelists['url'] = array();
}
if ($_POST['useragent']) {
$whitelists['useragent'] = array_filter(preg_split("/[\r\n]+/m", $_POST['useragent']));
} else {
$whitelists['useragent'] = array();
}
update_option('bad_behavior_whitelist', $whitelists);
?>
<div id="message" class="updated fade"><p><strong><?php
_e('Options saved.');
?>
</strong></p></div>
<?php
}
?>
<div class="wrap">
<?php
echo bb2_donate_button(admin_url("options-general.php?page=bb2_whitelist"));
?>
<h2><?php
_e("Bad Behavior Whitelist");
?>
</h2>
<form method="post" action="<?php
echo admin_url("options-general.php?page=bb2_whitelist");
?>
">
<p>Inappropriate whitelisting WILL expose you to spam, or cause Bad Behavior to stop functioning entirely! DO NOT WHITELIST unless you are 100% CERTAIN that you should.</p>
<p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
<p>See also: <a href="<?php
echo admin_url("options-general.php?page=bb2_options");
?>
">Settings</a> | <a href="<?php
echo admin_url("tools.php?page=bb2_manage");
?>
">Log</a></p>
<h3><?php
_e('IP Address');
?>
</h3>
<table class="form-table">
<tr><td><label>IP address or CIDR format address ranges to be whitelisted (one per line)<br/><textarea cols="24" rows="6" name="ip"><?php
echo implode("\n", $whitelists['ip']);
?>
</textarea></td></tr>
</table>
<h3><?php
_e('URL');
?>
</h3>
<table class="form-table">
<tr><td><label>URL fragments beginning with the / after your web site hostname (one per line)<br/><textarea cols="48" rows="6" name="url"><?php
echo implode("\n", $whitelists['url']);
?>
</textarea></td></tr>
</table>
<h3><?php
_e('User Agent');
?>
</h3>
<table class="form-table">
<tr><td><label>User agent strings to be whitelisted (one per line)<br/><textarea cols="48" rows="6" name="useragent"><?php
echo implode("\n", $whitelists['useragent']);
?>
</textarea></td></tr>
</table>
<p class="submit"><input class="button" type="submit" name="submit" value="<?php
_e('Update »');
?>
" /></p>
</form>
<?php
}
