function ewiki_edit_save_antispam_urldeface(&$save, &$old) { preg_match_all('°(http://[^\\s*<>"\'\\[\\]\\#]+)°', $old["content"], $old_urls); preg_match_all('°(http://[^\\s*<>"\'\\[\\]\\#]+)°', $save["content"], $save_urls); $added_urls = array_diff($save_urls[1], $old_urls[1]); if ($added_urls) { foreach ($added_urls as $url) { #-- test against BannedLinks, then deface (filter page) URL if (ewiki_banned_link($url)) { $save["content"] = str_replace($url, ZERO_PAGERANK . urlencode($url), $save["content"]); } } } }
function ewiki_link_url_zero_pagerank(&$href, &$title) { if (ewiki_banned_link($href)) { $href = ZERO_PAGERANK . urlencode($href); } }
function ewiki_shutdown_referer_log($id, &$data, $action, $args = NULL) { global $ewiki_config; $iw = $ewiki_config["interwiki"]; #-- the referer url $ref = strtok($_SERVER["HTTP_REFERER"], "# "); $this1 = EWIKI_SERVER . $_SERVER["REQUEST_URI"]; $this2 = ewiki_script("", $id); #-- pattern of ourselfs $host = $_SERVER["HTTP_HOST"]; $pat = substr($host, strpos($host, ".") + 1); if (!strpos($pat, ".")) { $pat = $host; } #-- reject if self-referring if (strpos($ref, $host) || strpos($ref, $_SERVER["SERVER_NAME"])) { return false; } #-- reject search engine links if (strpos($ref, "?") && strpos($ref, "q=")) { return false; } #-- link already on page? $sref = trim($ref, "/"); $sref = substr($sref, strpos($sref, ".") + 1); $sref = strtolower($sref); if (strpos(strtolower($data["refs"]), $sref)) { return false; } #-- forgery test 1 if (strpos(urldecode($ref), $pat) || strpos(urldecode(urldecode($ref)), $pat)) { ewiki_log("forged REFERER '{$ref}' to {$this1}"); return -1; } #-- already banned? if (function_exists("ewiki_banned_link") && ewiki_banned_link($ref)) { ewiki_log("banned REFERER '{$ref}' to {$this1}"); return -1; } #-- special cases if (!strpos(trim(substr($ref, 10), "/"), "/")) { $likely_fake = 1; // link from server root dir? } elseif (strpos($ref, "slashdot")) { $from_sd = 1; } #-- decode InterWiki URLs into "prefix:PageName" representation if ($link = ewiki_url2wiki($ref)) { if (stristr($data["refs"], $link)) { // already in page return false; } } else { $link = $ref; } #-- retrieve page to check for link existence $R = ewiki_http_query("GET", $ref, NULL, array(), "cookies.txt"); if (!stristr($R[0], $this1) && !stristr($R[0], $this2) && !strpos($R[0], EWIKI_NAME . ":{$id}")) { ewiki_log("faked REFERER '{$ref}' to {$this1}"); if ($likely_fake && ($abuse = $_SERVER["HTTP_FROM"])) { mail($abuse, "REFERER Header Abuse", "Dear 'search-engine' maintainer,\n\nYou misused the HTTP Referer: header for marketing purposes.\nThis informational mail is meant to annoy you likewise.\n\n", "X-From: {$_SERVER['SERVER_ADMIN']}\nX-Mailer: ewiki:refererlog\n"); } return -1; } #-- all tests passed, add link $data = ewiki_db::GET($id); if ($data["version"]++) { $data["content"] = trim($data["content"]) . "\n- {$link}\n"; ewiki_data_update($data); $data["author"] = "RefererLog; " . $data["author"]; if (!EWIKI_REFERER_NOISE) { $data["flags"] |= EWIKI_DB_F_MINOR; } ewiki_db::WRITE($data); } }