function bb2_post($settings, $package)
{
// Check blackhole lists for known spam/malicious activity
require_once BB2_CORE . "/blackhole.inc.php";
bb2_test($settings, $package, bb2_blackhole($package));
// MovableType needs specialized screening
if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
return "7d12528e";
}
}
// Trackbacks need special screening
$request_entity = $package['request_entity'];
if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
require_once BB2_CORE . "/trackback.inc.php";
return bb2_trackback($package);
}
// Catch a few completely broken spambots
foreach ($request_entity as $key => $value) {
$pos = strpos($key, "\tdocument.write");
if ($pos !== FAlSE) {
return "dfd9b1ad";
}
}
// Screen by cookie/JavaScript form add
if (isset($_COOKIE[BB2_COOKIE])) {
$screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
}
if (isset($_POST[BB2_COOKIE])) {
$screener2 = explode(" ", $_POST[BB2_COOKIE]);
}
$screener = max($screener1[0], $screener2[0]);
if ($screener > 0) {
// Posting too fast? 5 sec
// FIXME: even 5 sec is too intrusive
// if ($screener + 5 > time())
// return "408d7e72";
// Posting too slow? 48 hr
if ($screener + 172800 < time()) {
return "b40c8ddc";
}
// Screen by IP address
$ip = ip2long($package['ip']);
$ip_screener = ip2long($screener[1]);
// FIXME: This is b0rked, but why?
// if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
// return "c1fa729b";
// Screen for user agent changes
// User connected previously with blank user agent
$q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
// Damnit, too many ways for this to fail :(
if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0) {
return "799165c2";
}
}
return false;
}
function bb2_post($package)
{
// MovableType needs specialized screening
if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
return "7d12528e";
}
}
// Trackbacks need special screening
$request_entity = $package['request_entity'];
if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
require_once BB2_CORE . "/trackback.inc.php";
return bb2_trackback($package);
}
// Catch a few broken spambots
if (isset($request_entity[' document.write(Math.round ('])) {
return "dfd9b1ad";
}
// Screen by cookie/JavaScript form add
if (isset($_COOKIE[BB2_COOKIE])) {
$screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
}
if (isset($_POST[BB2_COOKIE])) {
$screener2 = explode(" ", $_POST[BB2_COOKIE]);
}
$screener = max($screener[0], $screener2[0]);
if ($screener > 0) {
// Posting too fast? 5 sec
// FIXME: even 5 sec is too intrusive
// if ($screener + 5 > time())
// return "408d7e72";
// Posting too slow? 48 hr
if ($screener + 172800 < time()) {
return "b40c8ddc";
}
}
// Screen by IP address
$ip = ip2long($package['ip']);
$ip_screener = ip2long($screener[1]);
// FIXME: This is b0rked, but why?
// if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
// return "c1fa729b";
return false;
// Screen for user agent changes
$q = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `http_headers` NOT LIKE '%User-Agent: %'");
if ($q !== FALSE) {
return "799165c2";
}
return false;
}
function bb2_post($settings, $package)
{
// Check blackhole lists for known spam/malicious activity
// require_once(BB2_CORE . "/blackhole.inc.php");
// if ($r = bb2_blackhole($package)) return $r;
// MovableType needs specialized screening
if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
return "7d12528e";
}
}
// Trackbacks need special screening
$request_entity = $package['request_entity'];
if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
return bb2_trackback($package);
}
// Catch a few completely broken spambots
foreach ($request_entity as $key => $value) {
$pos = strpos($key, "\tdocument.write");
if ($pos !== FALSE) {
return "dfd9b1ad";
}
}
// If Referer exists, it should refer to a page on our site
if (!$settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed'])) {
$url = parse_url($package['headers_mixed']['Referer']);
$url['host'] = preg_replace('|^www\\.|', '', $url['host']);
$host = preg_replace('|^www\\.|', '', $package['headers_mixed']['Host']);
# Strip port
$host = preg_replace('|:\\d+$|', '', $host);
if (strcasecmp($host, $url['host'])) {
return "cd361abb";
}
}
// Screen by cookie/JavaScript form add
if (isset($_COOKIE[BB2_COOKIE]) && !$settings['eu_cookie']) {
$screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
} else {
$screener1 = array(0);
}
if (isset($_POST[BB2_COOKIE])) {
$screener2 = explode(" ", $_POST[BB2_COOKIE]);
} else {
$screener2 = array(0);
}
$screener = max($screener1[0], $screener2[0]);
if ($screener > 0) {
// Posting too fast? 5 sec
// FIXME: even 5 sec is too intrusive
// if ($screener + 5 > time())
// return "408d7e72";
// Posting too slow? 48 hr
if ($screener + 172800 < time()) {
return "b40c8ddc";
}
// Screen by IP address
$ip = ip2long($package['ip']);
$ip_screener = ip2long($screener[1]);
// FIXME: This is b0rked, but why?
// if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
// return "c1fa729b";
if (!empty($package['headers_mixed']['X-Forwarded-For'])) {
$ip = $package['headers_mixed']['X-Forwarded-For'];
}
// Screen for user agent changes
// User connected previously with blank user agent
// $q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
// Damnit, too many ways for this to fail :(
// if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
// return "799165c2";
}
return false;
}
