public static function byImage($inputFilePath) { $binaryHash = sha1_file($inputFilePath); $phash = ph_dct_imagehash($inputFilePath); if (!$phash) { return false; } $results = ImageHash::whereRaw('binary_hash = ? or bit_count(phash ^ ?) <= ?', array($binaryHash, $phash, self::SEARCH_THRESHOLD))->get(); $paths = array(); foreach ($results as $hash) { $record = $hash->pathRecord; $path = $record->getPath(); $paths[$record->id] = $path; } return $paths; }
function autoHookRegistBegin(&$name, &$email, &$sub, &$com, $upfileInfo, $accessInfo, $isReply) { global $BANPATTERN, $BAD_FILEMD5, $postInfo; $setfail = true; $postInfo = array($isReply, str_replace("\r\n", '<br>', $com), $sub, $name, $email, $upfileInfo['name'], isset($_POST['loid']) ? $_POST['loid'] : '', $_SERVER['HTTP_USER_AGENT']); // extract fail cookie if (isset($_COOKIE[$this->cookiename])) { $this->failcookie = explode(':', $this->_mybase64_decode($_COOKIE[$this->cookiename])); } if ($this->postlogfile) { $plname = strstr($this->postlogfile, '%s') ? sprintf($this->postlogfile, date('Ymd')) : $this->postlogfile; $pfp = fopen($plname, 'ab'); $outstr = '/ip=' . $accessInfo['ip'] . "\ttime=" . date('Ymd-His'); $pInames = array('re', 'com', 'sub', 'name', 'email', 'upfile', 'loid', 'ua'); $pIcnt = count($postInfo); for ($i = 0; $i < $pIcnt; $i++) { $outstr .= "\t" . (isset($pInames[$i]) ? $pInames[$i] . '=' : '') . $postInfo[$i]; } if (isset($_COOKIE[$this->cookiename])) { $outstr .= "\tfc=" . implode(':', $this->failcookie); } fwrite($pfp, $outstr . "\t/end\n"); fclose($pfp); } // 載入封鎖黑名單定義檔 if (is_file($this->ipfile)) { $BANPATTERN = array_merge($BANPATTERN, array_map('rtrim', $this->_parseBlackListFile($this->ipfile, true))); } if (is_file($this->imgfile)) { $BAD_FILEMD5 = array_merge($BAD_FILEMD5, array_map('rtrim', $this->_parseBlackListFile($this->imgfile, true))); } // IP/Hostname Check $accessInfo['host'] = strtolower($accessInfo['host']); $checkTwice = $accessInfo['ip'] != $accessInfo['host']; // 是否需檢查第二次 $IsBanned = false; if (!isset($_POST['js']) || $_POST['js'] !== 'js') { error('Please enable Javascript'); } // Quick hack 3 /*if(strpos($_SERVER['HTTP_USER_AGENT'],'NT 6.1; rv:12.0')!==false) { $this->_nglog_append($accessInfo['ip'],'badip','High possibility of Seiyuu Chuu detected'.'#postinf='.implode('|',$postInfo)); $IsBanned = true; $setfail = false; }*/ // Quick hack 3 end // Quick hack if (!$IsBanned && (strpos($_SERVER['HTTP_USER_AGENT'], 'VPNGate') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'FreeSafeIP.com') !== false)) { $this->_nglog_append($accessInfo['ip'], 'badip', 'VPNGate detected' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } // Quick hack end // Quick hack 2 if (!$IsBanned) { $lsval = ''; $lastslash = strrpos($_SERVER['HTTP_USER_AGENT'], '/'); if ($lastslash !== false) { $lsval = substr($_SERVER['HTTP_USER_AGENT'], $lastslash + 1); } $lastspace = strrpos($lsval, ' '); if ($lastspace !== false) { $lsval = substr($lsval, $lastspace + 1); } $lastbmark = strrpos($lsval, ')'); if ($lastbmark !== false) { $lsval = substr($lsval, 0, $lastbmark); } if (strlen($lsval) > 1 && preg_match('/^[0-9A-F]+$/i', $lsval)) { $this->_nglog_append($accessInfo['ip'], 'badip', 'strange user agent detected' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } } // Quick hack 2 end // UA checks if (is_file($this->baduafile)) { $baduas = array_map('rtrim', $this->_parseBlackListFile($this->baduafile, true)); } if (@$baduas[0]) { foreach ($baduas as $badua) { if (preg_match('`' . $badua . '`', $_SERVER['HTTP_USER_AGENT'])) { $this->_nglog_append($accessInfo['ip'], 'badip', 'Bad user agent#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } } } if (!$IsBanned) { foreach ($BANPATTERN as $pattern) { $slash = substr_count($pattern, '/'); if ($slash == 2) { // RegExp $pattern .= 'i'; } elseif ($slash == 1) { // CIDR Notation if (matchCIDR($accessInfo['ip'], $pattern)) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } continue; } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) { // Wildcard $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i'; } else { // Full-text if ($accessInfo['ip'] == $pattern || $checkTwice && $accessInfo['host'] == strtolower($pattern)) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } continue; } if (preg_match($pattern, $accessInfo['host']) || $checkTwice && preg_match($pattern, $accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } } } if (!$IsBanned) { if ($this->_checkProxiesList($accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'badip', 'OpenProxy Listed' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; } } if ($IsBanned) { if ($setfail) { $this->_setfailcookie(); } error(_T('ip_banned')); } // process fail cookie if (isset($_COOKIE[$this->cookiename])) { /*if(RENZOKU && ($time - $this->failcookie[0] < RENZOKU*2)){ error(_T('regist_successivepost')); }*/ if (isset($this->failcookie[1]) && $this->failcookie[1] > 5) { $this->_nglog_append($accessInfo['ip'], 'ckban', implode(':', $this->failcookie) . '#postinf=' . implode('|', $postInfo)); $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'cookie autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n"); // 同步進行刪除及更新 error(_T('ip_banned')); } } if ($this->_nglog_process($accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'lgban', (isset($_COOKIE[$this->cookiename]) ? implode('.', $this->failcookie) : 'no-cookie') . '#postinf=' . implode('|', $postInfo)); $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'nglog autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n"); // 同步進行刪除及更新 $this->_setfailcookie('ban'); error(_T('ip_banned')); } // Cleanup $BANPATTERN as it passed in upper test $BANPATTERN = array(); if (is_file($this->badstrfile)) { $badstrs = array_map('rtrim', $this->_parseBlackListFile($this->badstrfile, true)); } if (@$badstrs[0]) { foreach ($badstrs as $badstr) { if (preg_match('`' . $badstr . '`', $name) || preg_match('`' . $badstr . '`', $email) || preg_match('`' . $badstr . '`', $sub) || preg_match('`' . $badstr . '`', str_replace("\r\n", '', $com))) { $this->_nglog_append($accessInfo['ip'], 'ngstr', $badstr, implode('|', $postInfo)); $this->_setfailcookie(); error(_T('regist_wordfiltered')); } } } if ($this->use_imghash && file_exists($this->imghash_lib)) { include $this->imghash_lib; if (is_dir(realpath($this->imghash_imgdir))) { $pfolder = opendir($this->imghash_imgdir); //Folder $pnamebase = array(); while ($file = readdir($pfolder)) { if (is_file($this->imghash_imgdir . $file)) { $pnamebase[] = $file; } } closedir($pfolder); for ($i = 0; $i < sizeof($pnamebase); $i++) { if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir) && file_exists($this->imghash_hashdir . $pnamebase[$i] . '.imghash')) { list($pw, $ph, $apHash) = explode("\t", file_get_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash')); $pbase_size = array($pw, $ph); } else { $pbase_size = getimagesize($this->imghash_imgdir . $pnamebase[$i]); $apHash = ImageHash::hashImageFile($this->imghash_imgdir . $pnamebase[$i]); if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir)) { file_put_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash', $pbase_size[0] . "\t" . $pbase_size[1] . "\t" . $apHash); } } $dpHash = ImageHash::hashImageFileCropped($upfileInfo['file'], $pbase_size[0], $pbase_size[1]); if (ImageHash::isHashSimilar($apHash, $dpHash) || ImageHash::isImageSimilarWithHash($dest, $apHash)) { $this->_nglog_append($accessInfo['ip'], 'phash', $pnamebase[$i], '' . '#postinf=' . implode('|', $postInfo)); $this->_setfailcookie(); error(_T('regist_upload_blocked')); //拒絶画像 } } } } }
public static function isImageSimilarWithHash($aPath, $bHash) { $aHash = ImageHash::hashImageFile($aPath); return ImageHash::isHashSimilar($aHash, $bHash); }