Ejemplo n.º 1
0
$_IP = get_ip();
$name = $db->safesql($parse->process(trim($_POST['name'])));
$not_allow_symbol = array("\"", "`", "\t", '\\n', '\\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "\$", "<", ">", "?", "!", '"', "'", " ", "&");
$mail = $db->safesql(trim(str_replace($not_allow_symbol, '', strip_tags(stripslashes($_POST['mail'])))));
$post_id = intval($_POST['post_id']);
$stop = array();
$added_comments_id = 0;
if ($is_logged) {
    $name = $db->safesql($member_id['name']);
    $mail = $db->safesql($member_id['email']);
}
if ($user_group[$member_id['user_group']]['spamfilter']) {
    $row = $db->super_query("SELECT * FROM " . PREFIX . "_spam_log WHERE ip = '{$_IP}'");
    if (!$row['id'] or !$row['email']) {
        include_once ENGINE_DIR . '/classes/stopspam.class.php';
        $sfs = new StopSpam($config['spam_api_key'], $user_group[$member_id['user_group']]['spamfilter']);
        $args = array('ip' => $_IP, 'email' => $mail);
        if ($sfs->is_spammer($args)) {
            if (!$row['id']) {
                $db->query("INSERT INTO " . PREFIX . "_spam_log (ip, is_spammer, email, date) VALUES ('{$_IP}','1', '{$mail}', '{$_TIME}')");
            } else {
                $db->query("UPDATE " . PREFIX . "_spam_log SET is_spammer='1', email='{$mail}' WHERE id='{$row['id']}'");
            }
            $stop[] = $lang['reg_err_29'] . " ";
            $CN_HALT = TRUE;
        } else {
            if (!$row['id']) {
                $db->query("INSERT INTO " . PREFIX . "_spam_log (ip, is_spammer, email, date) VALUES ('{$_IP}','0', '{$mail}', '{$_TIME}')");
            } else {
                $db->query("UPDATE " . PREFIX . "_spam_log SET email='{$mail}' WHERE id='{$row['id']}'");
            }
Ejemplo n.º 2
0
            $db->query("DELETE FROM " . PREFIX . "_comments WHERE user_id='{$user_id}' AND is_register='1'");
        } else {
            $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '88', '{$author}')");
            $result = $db->query("SELECT COUNT(*) as count, post_id FROM " . PREFIX . "_comments WHERE ip='{$ip}' AND is_register='0' AND approve='1' GROUP BY post_id");
            while ($row = $db->get_array($result)) {
                $db->query("UPDATE " . PREFIX . "_post SET comm_num=comm_num-{$row['count']} WHERE id='{$row['post_id']}'");
            }
            $db->free($result);
            $db->query("DELETE FROM " . PREFIX . "_comments WHERE ip='{$ip}' AND is_register='0'");
            $db->query("INSERT INTO " . USERPREFIX . "_banned (descr, date, days, ip) values ('{$lang['mark_spam_ok_1']}', '0', '0', '{$ip}')");
            @unlink(ENGINE_DIR . '/cache/system/banned.php');
        }
        clear_cache();
        if ($config['sec_addnews'] and $email and strlen($config['spam_api_key']) > 3) {
            include_once ENGINE_DIR . '/classes/stopspam.class.php';
            $sfs = new StopSpam($config['spam_api_key'], $config['sec_addnews']);
            $args = array('ip_addr' => $ip, 'username' => $author, 'email' => $email);
            $sfs->add($args);
        }
        $buffer = $lang['mark_spam_ok'];
    } else {
        die("error");
    }
}
if ($_REQUEST['action'] == "clearcache") {
    if ($member_id['user_group'] != 1) {
        die("error");
    }
    $fdir = opendir(ENGINE_DIR . '/cache/system/');
    while ($file = readdir($fdir)) {
        if ($file != '.' and $file != '..' and $file != '.htaccess' and $file != 'cron.php') {