if ($userlevel == -1 || empty($userlevel)) { $words = array('viagra', 'cialis', 'xanax', 'kamagra', 'zithromax', 'nolvadex', 'levitra', 'tramadol', 'ultram', 'alprazolam'); foreach ($_REQUEST as $k => $v) { foreach ($words as $w) { if (preg_match('@\\b' . $w . '\\b@u', $v) || preg_match('@<a.*?\\[url=.*?\\[link=@us', $v)) { header('HTTP/1.0 403 Spam'); header('Content-Type: text/plain'); echo "We think your post is spam:\n\n"; echo var_export($_REQUEST, true), "\n"; exit(0); } } } require_once '../../common/akismet.php'; $GLOBALS['akismet_home'] = str_replace('{PATH}', substr($realpath, 4), $GLOBALS['akismet_home']); if (akismet_check($_REQUEST)) { header('HTTP/1.0 403 Spam'); header('Content-Type: text/plain'); echo "Akismet thinks your post is spam:\n\n"; echo var_export($_REQUEST, true), "\n"; exit(0); } } } ChatSessionSuspend(); $xcnt = count($banip); $_SERVER['REMOTE_HOST'] = gethostbyaddr($_SERVER['REMOTE_ADDR']); for ($cc = 0; $cc < $xcnt; $cc++) { if ($ident == $banip[$cc] || strncmp($_SERVER['REMOTE_ADDR'], $banip[$cc], strlen($banip[$cc])) == 0 || strncmp($_SERVER['HTTP_X_FORWARDED_FOR'], $banip[$cc], strlen($banip[$cc])) == 0) { echo "<html><head></head>{$cbodytag}"; $ox = $banguage[4];
function do_send($logged_in_user) { global $replyto, $userid; check_banished($logged_in_user); check_tokens($logged_in_user->authenticator); $to = sanitize_tags(post_str("to", true)); $subject = post_str("subject", true); $content = post_str("content", true); if (post_str("preview", true) == tra("Preview")) { pm_form($replyto, $userid); } if ($to == null || $subject == null || $content == null) { pm_form($replyto, $userid, tra("You need to fill all fields to send a private message")); } else { if (!akismet_check($logged_in_user, $content)) { pm_form($replyto, $userid, tra("Your message was flagged as spam\n by the Akismet anti-spam system.\n Please modify your text and try again.")); } $to = str_replace(", ", ",", $to); // Filter out spaces after separator $users = explode(",", $to); $userlist = array(); $userids = array(); // To prevent from spamming a single user by adding it multiple times foreach ($users as $username) { $user = explode(" ", $username); if (is_numeric($user[0])) { // user ID is gived $userid = $user[0]; $user = BoincUser::lookup_id($userid); if ($user == null) { pm_form($replyto, $userid, tra("Could not find user with id %1", $userid)); } } else { $user = BoincUser::lookup_name($username); if ($user == null) { pm_form($replyto, $userid, tra("Could not find user with username %1", $username)); } elseif ($user == -1) { // Non-unique username pm_form($replyto, $userid, tra("%1 is not a unique username; you will have to use user ID", $username)); } } BoincForumPrefs::lookup($user); if (is_ignoring($user, $logged_in_user)) { pm_form($replyto, $userid, tra("User %1 (ID: %2) is not accepting private messages from you.", $user->name, $user->id)); } if (!isset($userids[$user->id])) { $userlist[] = $user; $userids[$user->id] = true; } } foreach ($userlist as $user) { if (!is_moderator($logged_in_user, null)) { check_pm_count($logged_in_user->id); } pm_send_msg($logged_in_user, $user, $subject, $content, true); } Header("Location: pm.php?action=inbox&sent=1"); } }
} check_reply_access($logged_in_user, $forum, $thread); if (!$sort_style) { $sort_style = $logged_in_user->prefs->thread_sorting; } else { $logged_in_user->prefs->update("thread_sorting={$sort_style}"); } $warning = null; if ($content && !$preview) { if (post_str('add_signature', true) == "add_it") { $add_signature = true; } else { $add_signature = false; } check_tokens($logged_in_user->authenticator); if (!akismet_check($logged_in_user, $content)) { $warning = "Your post has been flagged as spam by the Akismet anti-spam system. Please modify your text and try again."; $preview = tra("Preview"); } else { create_post($content, $parent_post_id, $logged_in_user, $forum, $thread, $add_signature); header('Location: forum_thread.php?id=' . $thread->id); } } page_head(tra("Post to thread")); show_forum_header($logged_in_user); switch ($forum->parent_type) { case 0: $category = BoincCategory::lookup_id($forum->category); show_forum_title($category, $forum, $thread); break; case 1:
function akismet($var_akismet_key, $nname, $gbemail, $newurl, $mmu, $errormsg) { $url = get_bloginfo('wpurl'); $phpvers = explode(".", phpversion()); if ($phpvers[0] == 4) { include_once 'microakismet/func.microakismet.inc.php'; } if ($phpvers[0] >= 5) { include_once "microakismet/class.microakismet.inc.php"; } // The array of data we need $vars = array(); $vars["user_ip"] = $_SERVER["REMOTE_ADDR"]; $vars["user_agent"] = $_SERVER["HTTP_USER_AGENT"]; $vars["reerrer"] = $_SERVER["HTTP_REFERER"]; $vars["comment_content"] = $mmu; $vars["comment_author"] = $nname; $vars["comment_author_url"] = $newurl; $vars["comment_author_email"] = $gbemail; $vars["permalink"] = get_permalink($var_page_id); $vars["comment_type"] = "comment"; /* php 4 */ if ($phpvers[0] == 4) { if (akismet_check($vars)) { //echo "Spam detected!"; //echo $errormsg; return 1; } else { return 0; } } /* php 5 & 6 */ if ($phpvers[0] >= 5) { $akismet = new MicroAkismet("{$var_akismet_key}", $vars["permalink"], "{$url}/1.0"); if ($akismet->check($vars)) { //echo "Spam detected!"; //echo $errormsg; return 1; } else { return 0; } } }
function process_create_profile($user, $profile) { global $config; $response1 = post_str('response1', true); $response2 = post_str('response2', true); $language = post_str('language', true); $privatekey = parse_config($config, "<recaptcha_private_key>"); if ($privatekey) { $recaptcha = new ReCaptcha($privatekey); $resp = $recaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]); if (!$resp->success) { $profile->response1 = $response1; $profile->response2 = $response2; show_profile_form($profile, tra("Your ReCaptcha response was not correct. Please try again.")); return; } } if (!akismet_check($user, $response1)) { $profile->response1 = $response1; $profile->response2 = $response2; show_profile_form($profile, tra("Your first response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again.")); return; } if (!akismet_check($user, $response2)) { $profile->response1 = $response1; $profile->response2 = $response2; show_profile_form($profile, tra("Your second response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again.")); return; } if (isset($_POST['delete_pic'])) { $delete_pic = $_POST['delete_pic']; } else { $delete_pic = "off"; } if (strlen($response1) == 0 && strlen($response2) == 0 && $delete_pic != "on" && !is_uploaded_file($_FILES['picture']['tmp_name'])) { error_page(tra("Your profile submission was empty.")); exit; } if ($delete_pic == "on") { delete_user_pictures($profile->userid); $profile->has_picture = false; $profile->verification = 0; } $profile ? $has_picture = $profile->has_picture : ($has_picture = false); if (is_uploaded_file($_FILES['picture']['tmp_name'])) { $has_picture = true; if ($profile) { $profile->verification = 0; } // echo "<br>Name: " . $_FILES['picture']['name']; // echo "<br>Type: " . $_FILES['picture']['type']; // echo "<br>Size: " . $_FILES['picture']['size']; // echo "<br>Temp name: " . $_FILES['picture']['tmp_name']; $images = getImages($_FILES['picture']['tmp_name']); // Write the original image file to disk. // TODO: define a constant for image quality. ImageJPEG($images[0], IMAGE_PATH . $user->id . '.jpg'); ImageJPEG($images[1], IMAGE_PATH . $user->id . '_sm.jpg'); } $response1 = sanitize_html($response1); $response2 = sanitize_html($response2); $has_picture = $has_picture ? 1 : 0; if ($profile) { $query = " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " language = '" . BoincDb::escape_string($language) . "'," . " has_picture = {$has_picture}," . " verification = {$profile->verification}" . " WHERE userid = {$user->id}"; $result = BoincProfile::update_aux($query); if (!$result) { error_page(tra("Could not update the profile: database error")); } } else { $query = 'SET ' . " userid={$user->id}," . " language = '" . BoincDb::escape_string($language) . "'," . " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " has_picture = {$has_picture}," . " recommend=0, " . " reject=0, " . " posts=0, " . " uotd_time=0, " . " verification=0"; $result = BoincProfile::insert($query); if (!$result) { error_page(tra("Could not create the profile: database error")); } } $user->update("has_profile=1"); page_head(tra("Profile saved")); echo tra("Congratulations! Your profile was successfully entered into our database.") . "<br><br>" . "<a href=\"view_profile.php?userid=" . $user->id . "\">" . tra("View your profile") . "</a><br>"; page_tail(); }
function isSpam($author = '', $email = '', $content = '') { $spam = false; if (isset($GLOBALS['akismet_key'])) { $vars = array(); // Uncomment to mix in $_SERVER properties, which may or may not improve // spam detection(???) // $vars = array_merge($vars, $_SERVER); $vars['user_ip'] = $_SERVER['REMOTE_ADDR']; $vars['user_agent'] = $_SERVER['HTTP_USER_AGENT']; // The body of the message to check, the name of the person who // posted it, and their email address $vars['comment_author'] = $author; $vars['comment_author_email'] = $email; $vars['comment_content'] = $content; // ... Add more fields if you want // Check if it's spam if (akismet_check($vars)) { $spam = true; } } return $spam; }