if ($userlevel == -1 || empty($userlevel)) {
$words = array('viagra', 'cialis', 'xanax', 'kamagra', 'zithromax', 'nolvadex', 'levitra', 'tramadol', 'ultram', 'alprazolam');
foreach ($_REQUEST as $k => $v) {
foreach ($words as $w) {
if (preg_match('@\\b' . $w . '\\b@u', $v) || preg_match('@<a.*?\\[url=.*?\\[link=@us', $v)) {
header('HTTP/1.0 403 Spam');
header('Content-Type: text/plain');
echo "We think your post is spam:\n\n";
echo var_export($_REQUEST, true), "\n";
exit(0);
}
}
}
require_once '../../common/akismet.php';
$GLOBALS['akismet_home'] = str_replace('{PATH}', substr($realpath, 4), $GLOBALS['akismet_home']);
if (akismet_check($_REQUEST)) {
header('HTTP/1.0 403 Spam');
header('Content-Type: text/plain');
echo "Akismet thinks your post is spam:\n\n";
echo var_export($_REQUEST, true), "\n";
exit(0);
}
}
}
ChatSessionSuspend();
$xcnt = count($banip);
$_SERVER['REMOTE_HOST'] = gethostbyaddr($_SERVER['REMOTE_ADDR']);
for ($cc = 0; $cc < $xcnt; $cc++) {
if ($ident == $banip[$cc] || strncmp($_SERVER['REMOTE_ADDR'], $banip[$cc], strlen($banip[$cc])) == 0 || strncmp($_SERVER['HTTP_X_FORWARDED_FOR'], $banip[$cc], strlen($banip[$cc])) == 0) {
echo "<html><head></head>{$cbodytag}";
$ox = $banguage[4];
function do_send($logged_in_user)
{
global $replyto, $userid;
check_banished($logged_in_user);
check_tokens($logged_in_user->authenticator);
$to = sanitize_tags(post_str("to", true));
$subject = post_str("subject", true);
$content = post_str("content", true);
if (post_str("preview", true) == tra("Preview")) {
pm_form($replyto, $userid);
}
if ($to == null || $subject == null || $content == null) {
pm_form($replyto, $userid, tra("You need to fill all fields to send a private message"));
} else {
if (!akismet_check($logged_in_user, $content)) {
pm_form($replyto, $userid, tra("Your message was flagged as spam\n by the Akismet anti-spam system.\n Please modify your text and try again."));
}
$to = str_replace(", ", ",", $to);
// Filter out spaces after separator
$users = explode(",", $to);
$userlist = array();
$userids = array();
// To prevent from spamming a single user by adding it multiple times
foreach ($users as $username) {
$user = explode(" ", $username);
if (is_numeric($user[0])) {
// user ID is gived
$userid = $user[0];
$user = BoincUser::lookup_id($userid);
if ($user == null) {
pm_form($replyto, $userid, tra("Could not find user with id %1", $userid));
}
} else {
$user = BoincUser::lookup_name($username);
if ($user == null) {
pm_form($replyto, $userid, tra("Could not find user with username %1", $username));
} elseif ($user == -1) {
// Non-unique username
pm_form($replyto, $userid, tra("%1 is not a unique username; you will have to use user ID", $username));
}
}
BoincForumPrefs::lookup($user);
if (is_ignoring($user, $logged_in_user)) {
pm_form($replyto, $userid, tra("User %1 (ID: %2) is not accepting private messages from you.", $user->name, $user->id));
}
if (!isset($userids[$user->id])) {
$userlist[] = $user;
$userids[$user->id] = true;
}
}
foreach ($userlist as $user) {
if (!is_moderator($logged_in_user, null)) {
check_pm_count($logged_in_user->id);
}
pm_send_msg($logged_in_user, $user, $subject, $content, true);
}
Header("Location: pm.php?action=inbox&sent=1");
}
}
}
check_reply_access($logged_in_user, $forum, $thread);
if (!$sort_style) {
$sort_style = $logged_in_user->prefs->thread_sorting;
} else {
$logged_in_user->prefs->update("thread_sorting={$sort_style}");
}
$warning = null;
if ($content && !$preview) {
if (post_str('add_signature', true) == "add_it") {
$add_signature = true;
} else {
$add_signature = false;
}
check_tokens($logged_in_user->authenticator);
if (!akismet_check($logged_in_user, $content)) {
$warning = "Your post has been flagged as spam by the Akismet anti-spam system. Please modify your text and try again.";
$preview = tra("Preview");
} else {
create_post($content, $parent_post_id, $logged_in_user, $forum, $thread, $add_signature);
header('Location: forum_thread.php?id=' . $thread->id);
}
}
page_head(tra("Post to thread"));
show_forum_header($logged_in_user);
switch ($forum->parent_type) {
case 0:
$category = BoincCategory::lookup_id($forum->category);
show_forum_title($category, $forum, $thread);
break;
case 1:
function akismet($var_akismet_key, $nname, $gbemail, $newurl, $mmu, $errormsg)
{
$url = get_bloginfo('wpurl');
$phpvers = explode(".", phpversion());
if ($phpvers[0] == 4) {
include_once 'microakismet/func.microakismet.inc.php';
}
if ($phpvers[0] >= 5) {
include_once "microakismet/class.microakismet.inc.php";
}
// The array of data we need
$vars = array();
$vars["user_ip"] = $_SERVER["REMOTE_ADDR"];
$vars["user_agent"] = $_SERVER["HTTP_USER_AGENT"];
$vars["reerrer"] = $_SERVER["HTTP_REFERER"];
$vars["comment_content"] = $mmu;
$vars["comment_author"] = $nname;
$vars["comment_author_url"] = $newurl;
$vars["comment_author_email"] = $gbemail;
$vars["permalink"] = get_permalink($var_page_id);
$vars["comment_type"] = "comment";
/* php 4 */
if ($phpvers[0] == 4) {
if (akismet_check($vars)) {
//echo "Spam detected!";
//echo $errormsg;
return 1;
} else {
return 0;
}
}
/* php 5 & 6 */
if ($phpvers[0] >= 5) {
$akismet = new MicroAkismet("{$var_akismet_key}", $vars["permalink"], "{$url}/1.0");
if ($akismet->check($vars)) {
//echo "Spam detected!";
//echo $errormsg;
return 1;
} else {
return 0;
}
}
}
function process_create_profile($user, $profile)
{
global $config;
$response1 = post_str('response1', true);
$response2 = post_str('response2', true);
$language = post_str('language', true);
$privatekey = parse_config($config, "<recaptcha_private_key>");
if ($privatekey) {
$recaptcha = new ReCaptcha($privatekey);
$resp = $recaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]);
if (!$resp->success) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your ReCaptcha response was not correct. Please try again."));
return;
}
}
if (!akismet_check($user, $response1)) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your first response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again."));
return;
}
if (!akismet_check($user, $response2)) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your second response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again."));
return;
}
if (isset($_POST['delete_pic'])) {
$delete_pic = $_POST['delete_pic'];
} else {
$delete_pic = "off";
}
if (strlen($response1) == 0 && strlen($response2) == 0 && $delete_pic != "on" && !is_uploaded_file($_FILES['picture']['tmp_name'])) {
error_page(tra("Your profile submission was empty."));
exit;
}
if ($delete_pic == "on") {
delete_user_pictures($profile->userid);
$profile->has_picture = false;
$profile->verification = 0;
}
$profile ? $has_picture = $profile->has_picture : ($has_picture = false);
if (is_uploaded_file($_FILES['picture']['tmp_name'])) {
$has_picture = true;
if ($profile) {
$profile->verification = 0;
}
// echo "<br>Name: " . $_FILES['picture']['name'];
// echo "<br>Type: " . $_FILES['picture']['type'];
// echo "<br>Size: " . $_FILES['picture']['size'];
// echo "<br>Temp name: " . $_FILES['picture']['tmp_name'];
$images = getImages($_FILES['picture']['tmp_name']);
// Write the original image file to disk.
// TODO: define a constant for image quality.
ImageJPEG($images[0], IMAGE_PATH . $user->id . '.jpg');
ImageJPEG($images[1], IMAGE_PATH . $user->id . '_sm.jpg');
}
$response1 = sanitize_html($response1);
$response2 = sanitize_html($response2);
$has_picture = $has_picture ? 1 : 0;
if ($profile) {
$query = " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " language = '" . BoincDb::escape_string($language) . "'," . " has_picture = {$has_picture}," . " verification = {$profile->verification}" . " WHERE userid = {$user->id}";
$result = BoincProfile::update_aux($query);
if (!$result) {
error_page(tra("Could not update the profile: database error"));
}
} else {
$query = 'SET ' . " userid={$user->id}," . " language = '" . BoincDb::escape_string($language) . "'," . " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " has_picture = {$has_picture}," . " recommend=0, " . " reject=0, " . " posts=0, " . " uotd_time=0, " . " verification=0";
$result = BoincProfile::insert($query);
if (!$result) {
error_page(tra("Could not create the profile: database error"));
}
}
$user->update("has_profile=1");
page_head(tra("Profile saved"));
echo tra("Congratulations! Your profile was successfully entered into our database.") . "<br><br>" . "<a href=\"view_profile.php?userid=" . $user->id . "\">" . tra("View your profile") . "</a><br>";
page_tail();
}
function isSpam($author = '', $email = '', $content = '')
{
$spam = false;
if (isset($GLOBALS['akismet_key'])) {
$vars = array();
// Uncomment to mix in $_SERVER properties, which may or may not improve
// spam detection(???)
// $vars = array_merge($vars, $_SERVER);
$vars['user_ip'] = $_SERVER['REMOTE_ADDR'];
$vars['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
// The body of the message to check, the name of the person who
// posted it, and their email address
$vars['comment_author'] = $author;
$vars['comment_author_email'] = $email;
$vars['comment_content'] = $content;
// ... Add more fields if you want
// Check if it's spam
if (akismet_check($vars)) {
$spam = true;
}
}
return $spam;
}
