Example #1
0
 public function test_version_phpbb_com()
 {
     global $phpbb_root_path, $phpEx;
     include_once $phpbb_root_path . 'includes/functions.' . $phpEx;
     if (!phpbb_checkdnsrr('version.phpbb.com', 'A')) {
         $this->markTestSkipped(sprintf('Could not find a DNS record for hostname %s. ' . 'Assuming network is down.', 'version.phpbb.com'));
     }
     $this->version_helper->get_versions();
     // get_versions checks to make sure we got a valid versions file or
     // throws an exception if we did not. We don't need to test anything
     // here, but adding an assertion so we do not get a warning about no
     // assertions in this test
     $this->assertSame(true, true);
 }
Example #2
0
 public function test_version_phpbb_com()
 {
     $hostname = 'version.phpbb.com';
     if (!phpbb_checkdnsrr($hostname, 'A')) {
         $this->markTestSkipped(sprintf('Could not find a DNS record for hostname %s. ' . 'Assuming network is down.', $hostname));
     }
     $errstr = $errno = null;
     $file = get_remote_file($hostname, '/phpbb', '30x.txt', $errstr, $errno);
     $this->assertNotEquals(0, strlen($file), 'Failed asserting that the response is not empty.');
     $this->assertSame('', $errstr, 'Failed asserting that the error string is empty.');
     $this->assertSame(0, $errno, 'Failed asserting that the error number is 0 (i.e. no error occurred).');
     $lines = explode("\n", $file);
     $this->assertGreaterThanOrEqual(2, sizeof($lines), 'Failed asserting that the version file has at least two lines.');
     $this->assertStringStartsWith('3.', $lines[0], "Failed asserting that the first line of the version file starts with '3.'");
     $this->assertNotSame(false, filter_var($lines[1], FILTER_VALIDATE_URL), 'Failed asserting that the second line of the version file is a valid URL.');
     $this->assertContains('http', $lines[1]);
     $this->assertContains('phpbb.com', $lines[1], '', true);
 }
Example #3
0
 /**
  * Check if ip is blacklisted
  * This should be called only where absolutely necessary
  *
  * Only IPv4 (rbldns does not support AAAA records/IPv6 lookups)
  *
  * @author satmd (from the php manual)
  * @param string 		$mode	register/post - spamcop for example is ommitted for posting
  * @param string|false	$ip		the IPv4 address to check
  *
  * @return false if ip is not blacklisted, else an array([checked server], [lookup])
  */
 function check_dnsbl($mode, $ip = false)
 {
     if ($ip === false) {
         $ip = $this->ip;
     }
     // Neither Spamhaus nor Spamcop supports IPv6 addresses.
     if (strpos($ip, ':') !== false) {
         return false;
     }
     $dnsbl_check = array('sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=');
     if ($mode == 'register') {
         $dnsbl_check['bl.spamcop.net'] = 'http://spamcop.net/bl.shtml?';
     }
     if ($ip) {
         $quads = explode('.', $ip);
         $reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];
         // Need to be listed on all servers...
         $listed = true;
         $info = array();
         foreach ($dnsbl_check as $dnsbl => $lookup) {
             if (phpbb_checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true) {
                 $info = array($dnsbl, $lookup . $ip);
             } else {
                 $listed = false;
             }
         }
         if ($listed) {
             return $info;
         }
     }
     return false;
 }
Example #4
0
/**
* Check to see if email address is banned or already present in the DB
*
* @param string $email The email to check
* @param string $allowed_email An allowed email, default being $user->data['user_email']
*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function validate_email($email, $allowed_email = false)
{
    global $config, $db, $user;
    $email = strtolower($email);
    $allowed_email = $allowed_email === false ? strtolower($user->data['user_email']) : strtolower($allowed_email);
    if ($allowed_email == $email) {
        return false;
    }
    if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) {
        return 'EMAIL_INVALID';
    }
    // Check MX record.
    // The idea for this is from reading the UseBB blog/announcement. :)
    if ($config['email_check_mx']) {
        list(, $domain) = explode('@', $email);
        if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false) {
            return 'DOMAIN_NO_MX_RECORD';
        }
    }
    if (($ban_reason = $user->check_ban(false, false, $email, true)) !== false) {
        return $ban_reason === true ? 'EMAIL_BANNED' : $ban_reason;
    }
    if (!$config['allow_emailreuse']) {
        $sql = 'SELECT user_email_hash
			FROM ' . USERS_TABLE . "\n\t\t\tWHERE user_email_hash = " . (crc32($email) . strlen($email));
        $result = $db->sql_query($sql);
        $row = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        if ($row) {
            return 'EMAIL_TAKEN';
        }
    }
    return false;
}
Example #5
0
 /**
  * @dataProvider data_provider
  */
 public function test_checkdnsrr($host, $type, $expected)
 {
     $this->assertEquals($expected, phpbb_checkdnsrr($host, $type));
 }
/**
* Check to see if email address is a valid address and contains a MX record
*
* @param string $email The email to check
*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function phpbb_validate_email($email, $config = null)
{
    if ($config === null) {
        global $config;
    }
    $email = strtolower($email);
    if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) {
        return 'EMAIL_INVALID';
    }
    // Check MX record.
    // The idea for this is from reading the UseBB blog/announcement. :)
    if ($config['email_check_mx']) {
        list(, $domain) = explode('@', $email);
        if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false) {
            return 'DOMAIN_NO_MX_RECORD';
        }
    }
    return false;
}
Example #7
0
/**
* Check IP address against DNS-based lists of Open HTTP/SOCKS Proxies
*
* This function only checks DNSBLs which list Open HTTP/SOCKS Proxies, not spammers or open smtp relays, etc..
* For more info, see: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
*
* @param string $check_ip		The IP address to check against the list or Tor exit-node IPs
*/
function proxy_dnsbl_check($check_ip)
{
    // proxies.dnsbl.sorbs.net is an aggregate zone for (http|socks|misc).dnsbl.sorbs.net
    $dnsbl_check = array('proxies.dnsbl.sorbs.net' => 'http://www.de.sorbs.net/lookup.shtml?', 'web.dnsbl.sorbs.net' => 'http://www.de.sorbs.net/lookup.shtml?', 'xbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=');
    $reverse_ip = implode('.', array_reverse(explode('.', $check_ip)));
    $listed = false;
    $info_ary = array();
    foreach ($dnsbl_check as $dnsbl => $lookup) {
        if (phpbb_checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true) {
            $info_ary[] = $lookup . $check_ip;
            $listed = true;
        }
    }
    if ($listed) {
        $info = implode('<>', array_unique($info_ary));
        insert_ip($check_ip, PROXY_DNSBL, "0.0.0.0", $info);
    }
}