function bb2_post($settings, $package)
{
// Check blackhole lists for known spam/malicious activity
require_once BB2_CORE . "/blackhole.inc.php";
bb2_test($settings, $package, bb2_blackhole($package));
// MovableType needs specialized screening
if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
return "7d12528e";
}
}
// Trackbacks need special screening
$request_entity = $package['request_entity'];
if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
require_once BB2_CORE . "/trackback.inc.php";
return bb2_trackback($package);
}
// Catch a few completely broken spambots
foreach ($request_entity as $key => $value) {
$pos = strpos($key, "\tdocument.write");
if ($pos !== FAlSE) {
return "dfd9b1ad";
}
}
// Screen by cookie/JavaScript form add
if (isset($_COOKIE[BB2_COOKIE])) {
$screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
}
if (isset($_POST[BB2_COOKIE])) {
$screener2 = explode(" ", $_POST[BB2_COOKIE]);
}
$screener = max($screener1[0], $screener2[0]);
if ($screener > 0) {
// Posting too fast? 5 sec
// FIXME: even 5 sec is too intrusive
// if ($screener + 5 > time())
// return "408d7e72";
// Posting too slow? 48 hr
if ($screener + 172800 < time()) {
return "b40c8ddc";
}
// Screen by IP address
$ip = ip2long($package['ip']);
$ip_screener = ip2long($screener[1]);
// FIXME: This is b0rked, but why?
// if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
// return "c1fa729b";
// Screen for user agent changes
// User connected previously with blank user agent
$q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
// Damnit, too many ways for this to fail :(
if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0) {
return "799165c2";
}
}
return false;
}
function bb2_start($settings)
{
// Gather up all the information we need, first of all.
$headers = bb2_load_headers();
// Postprocess the headers to mixed-case
// FIXME: get the world to stop using PHP as CGI
$headers_mixed = array();
foreach ($headers as $h => $v) {
$headers_mixed[uc_all($h)] = $v;
}
// IPv6 - IPv4 compatibility mode hack
$_SERVER['REMOTE_ADDR'] = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
// We use these frequently. Keep a copy close at hand.
$ip = $_SERVER['REMOTE_ADDR'];
$request_method = $_SERVER['REQUEST_METHOD'];
$request_uri = $_SERVER['REQUEST_URI'];
if (!$request_uri) {
$request_uri = $_SERVER['SCRIPT_NAME'];
}
# IIS
$server_protocol = $_SERVER['SERVER_PROTOCOL'];
@($user_agent = $_SERVER['HTTP_USER_AGENT']);
// Reconstruct the HTTP entity, if present.
$request_entity = array();
if (!strcasecmp($request_method, "POST") || !strcasecmp($request_method, "PUT")) {
foreach ($_POST as $h => $v) {
$request_entity[$h] = $v;
}
}
$package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $request_method, 'request_uri' => $request_uri, 'server_protocol' => $server_protocol, 'request_entity' => $request_entity, 'user_agent' => $user_agent, 'is_browser' => false);
// Please proceed to the security checkpoint and have your
// identification and boarding pass ready.
// First check the whitelist
require_once BB2_CORE . "/whitelist.inc.php";
if (!bb2_whitelist($package)) {
// Now check the blacklist
require_once BB2_CORE . "/blacklist.inc.php";
bb2_test($settings, $package, bb2_blacklist($package));
// Check the http:BL
// config check added for DokuWiki plugin
if (!$settings['skipblackhole']) {
require_once BB2_CORE . "/blackhole.inc.php";
if (bb2_test($settings, $package, bb2_httpbl($settings, $package))) {
// Bypass all checks if http:BL says search engine
bb2_approved($settings, $package);
return true;
}
}
// Check for common stuff
require_once BB2_CORE . "/common_tests.inc.php";
bb2_test($settings, $package, bb2_protocol($settings, $package));
bb2_test($settings, $package, bb2_cookies($settings, $package));
bb2_test($settings, $package, bb2_misc_headers($settings, $package));
// Specific checks
@($ua = $headers_mixed['User-Agent']);
// Search engines first
if (stripos($ua, "bingbot") !== FALSE || stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
require_once BB2_CORE . "/msnbot.inc.php";
bb2_test($settings, $package, bb2_msnbot($package));
bb2_approved($settings, $package);
return true;
} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Web Preview") !== FALSE) {
require_once BB2_CORE . "/google.inc.php";
bb2_test($settings, $package, bb2_google($package));
bb2_approved($settings, $package);
return true;
} elseif (stripos($ua, "Yahoo! Slurp") !== FALSE || stripos($ua, "Yahoo! SearchMonkey") !== FALSE) {
require_once BB2_CORE . "/yahoo.inc.php";
bb2_test($settings, $package, bb2_yahoo($package));
bb2_approved($settings, $package);
return true;
}
// MSIE checks
if (stripos($ua, "MSIE") !== FALSE) {
$package['is_browser'] = true;
if (stripos($ua, "Opera") !== FALSE) {
require_once BB2_CORE . "/opera.inc.php";
bb2_test($settings, $package, bb2_opera($package));
} else {
require_once BB2_CORE . "/msie.inc.php";
bb2_test($settings, $package, bb2_msie($package));
}
} elseif (stripos($ua, "Konqueror") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/konqueror.inc.php";
bb2_test($settings, $package, bb2_konqueror($package));
} elseif (stripos($ua, "Opera") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/opera.inc.php";
bb2_test($settings, $package, bb2_opera($package));
} elseif (stripos($ua, "Safari") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/safari.inc.php";
bb2_test($settings, $package, bb2_safari($package));
} elseif (stripos($ua, "Lynx") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/lynx.inc.php";
bb2_test($settings, $package, bb2_lynx($package));
} elseif (stripos($ua, "MovableType") !== FALSE) {
require_once BB2_CORE . "/movabletype.inc.php";
bb2_test($settings, $package, bb2_movabletype($package));
} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
$package['is_browser'] = true;
require_once BB2_CORE . "/mozilla.inc.php";
bb2_test($settings, $package, bb2_mozilla($package));
}
// More intensive screening applies to POST requests
if (!strcasecmp('POST', $package['request_method'])) {
require_once BB2_CORE . "/post.inc.php";
bb2_test($settings, $package, bb2_post($settings, $package));
}
}
// Last chance screening.
require_once BB2_CORE . "/screener.inc.php";
bb2_screener($settings, $package);
// And that's about it.
bb2_approved($settings, $package);
return true;
}
function bb2_start($settings)
{
global $gShellScript;
if ($gShellScript) {
return;
}
// Gather up all the information we need, first of all.
$headers = bb2_load_headers();
// Postprocess the headers to mixed-case
// FIXME: get the world to stop using PHP as CGI
$headers_mixed = array();
foreach ($headers as $h => $v) {
$headers_mixed[uc_all($h)] = $v;
}
// We use these frequently. Keep a copy close at hand.
$ip = $_SERVER['REMOTE_ADDR'];
$request_method = $_SERVER['REQUEST_METHOD'];
$request_uri = $_SERVER['REQUEST_URI'];
$server_protocol = $_SERVER['SERVER_PROTOCOL'];
$user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
// Reconstruct the HTTP entity, if present.
$request_entity = array();
if (!strcasecmp($request_method, "POST") || !strcasecmp($request_method, "PUT")) {
foreach ($_POST as $h => $v) {
$request_entity[$h] = $v;
}
}
$package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $request_method, 'request_uri' => $request_uri, 'server_protocol' => $server_protocol, 'request_entity' => $request_entity, 'user_agent' => $user_agent, 'is_browser' => false);
// Please proceed to the security checkpoint and have your
// identification and boarding pass ready.
// First check the whitelist
require_once BB2_CORE . "/whitelist.inc.php";
if (!($whitelisted = bb2_whitelist($package))) {
// Now check the blacklist
require_once BB2_CORE . "/blacklist.inc.php";
bb2_test($settings, $package, bb2_blacklist($package));
// Check for common stuff
require_once BB2_CORE . "/common_tests.inc.php";
bb2_test($settings, $package, bb2_protocol($settings, $package));
bb2_test($settings, $package, bb2_misc_headers($settings, $package));
// Specific checks
$ua = $headers_mixed['User-Agent'];
// MSIE checks
if (stripos($ua, "MSIE") !== FALSE) {
$package['is_browser'] = true;
if (stripos($ua, "Opera") !== FALSE) {
require_once BB2_CORE . "/opera.inc.php";
bb2_test($settings, $package, bb2_opera($package));
} else {
require_once BB2_CORE . "/msie.inc.php";
bb2_test($settings, $package, bb2_msie($package));
}
} elseif (stripos($ua, "Konqueror") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/konqueror.inc.php";
bb2_test($settings, $package, bb2_konqueror($package));
} elseif (stripos($ua, "Opera") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/opera.inc.php";
bb2_test($settings, $package, bb2_opera($package));
} elseif (stripos($ua, "Safari") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/safari.inc.php";
bb2_test($settings, $package, bb2_safari($package));
} elseif (stripos($ua, "Lynx") !== FALSE) {
$package['is_browser'] = true;
require_once BB2_CORE . "/lynx.inc.php";
bb2_test($settings, $package, bb2_lynx($package));
} elseif (stripos($ua, "MovableType") !== FALSE) {
require_once BB2_CORE . "/movabletype.inc.php";
bb2_test($settings, $package, bb2_movabletype($package));
} elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
require_once BB2_CORE . "/msnbot.inc.php";
bb2_test($settings, $package, bb2_msnbot($package));
} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE) {
require_once BB2_CORE . "/google.inc.php";
bb2_test($settings, $package, bb2_google($package));
} elseif (stripos($ua, "Google Keyword Tool") !== FALSE) {
bb2_approved($settings, $package);
return true;
} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
$package['is_browser'] = true;
require_once BB2_CORE . "/mozilla.inc.php";
bb2_test($settings, $package, bb2_mozilla($package));
}
// More intensive screening applies to POST requests
if (!strcasecmp('POST', $package['request_method'])) {
require_once BB2_CORE . "/post.inc.php";
bb2_test($settings, $package, bb2_post($settings, $package));
}
}
// Last chance screening.
require_once BB2_CORE . "/screener.inc.php";
bb2_screener($settings, $package);
// And that's about it.
bb2_approved($settings, $package, $whitelisted);
return true;
}
