public function test_version_phpbb_com()
{
global $phpbb_root_path, $phpEx;
include_once $phpbb_root_path . 'includes/functions.' . $phpEx;
if (!phpbb_checkdnsrr('version.phpbb.com', 'A')) {
$this->markTestSkipped(sprintf('Could not find a DNS record for hostname %s. ' . 'Assuming network is down.', 'version.phpbb.com'));
}
$this->version_helper->get_versions();
// get_versions checks to make sure we got a valid versions file or
// throws an exception if we did not. We don't need to test anything
// here, but adding an assertion so we do not get a warning about no
// assertions in this test
$this->assertSame(true, true);
}
public function test_version_phpbb_com()
{
$hostname = 'version.phpbb.com';
if (!phpbb_checkdnsrr($hostname, 'A')) {
$this->markTestSkipped(sprintf('Could not find a DNS record for hostname %s. ' . 'Assuming network is down.', $hostname));
}
$errstr = $errno = null;
$file = get_remote_file($hostname, '/phpbb', '30x.txt', $errstr, $errno);
$this->assertNotEquals(0, strlen($file), 'Failed asserting that the response is not empty.');
$this->assertSame('', $errstr, 'Failed asserting that the error string is empty.');
$this->assertSame(0, $errno, 'Failed asserting that the error number is 0 (i.e. no error occurred).');
$lines = explode("\n", $file);
$this->assertGreaterThanOrEqual(2, sizeof($lines), 'Failed asserting that the version file has at least two lines.');
$this->assertStringStartsWith('3.', $lines[0], "Failed asserting that the first line of the version file starts with '3.'");
$this->assertNotSame(false, filter_var($lines[1], FILTER_VALIDATE_URL), 'Failed asserting that the second line of the version file is a valid URL.');
$this->assertContains('http', $lines[1]);
$this->assertContains('phpbb.com', $lines[1], '', true);
}
/**
* Check if ip is blacklisted
* This should be called only where absolutely necessary
*
* Only IPv4 (rbldns does not support AAAA records/IPv6 lookups)
*
* @author satmd (from the php manual)
* @param string $mode register/post - spamcop for example is ommitted for posting
* @param string|false $ip the IPv4 address to check
*
* @return false if ip is not blacklisted, else an array([checked server], [lookup])
*/
function check_dnsbl($mode, $ip = false)
{
if ($ip === false) {
$ip = $this->ip;
}
// Neither Spamhaus nor Spamcop supports IPv6 addresses.
if (strpos($ip, ':') !== false) {
return false;
}
$dnsbl_check = array('sbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=');
if ($mode == 'register') {
$dnsbl_check['bl.spamcop.net'] = 'http://spamcop.net/bl.shtml?';
}
if ($ip) {
$quads = explode('.', $ip);
$reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];
// Need to be listed on all servers...
$listed = true;
$info = array();
foreach ($dnsbl_check as $dnsbl => $lookup) {
if (phpbb_checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true) {
$info = array($dnsbl, $lookup . $ip);
} else {
$listed = false;
}
}
if ($listed) {
return $info;
}
}
return false;
}
/**
* Check to see if email address is banned or already present in the DB
*
* @param string $email The email to check
* @param string $allowed_email An allowed email, default being $user->data['user_email']
*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function validate_email($email, $allowed_email = false)
{
global $config, $db, $user;
$email = strtolower($email);
$allowed_email = $allowed_email === false ? strtolower($user->data['user_email']) : strtolower($allowed_email);
if ($allowed_email == $email) {
return false;
}
if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) {
return 'EMAIL_INVALID';
}
// Check MX record.
// The idea for this is from reading the UseBB blog/announcement. :)
if ($config['email_check_mx']) {
list(, $domain) = explode('@', $email);
if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false) {
return 'DOMAIN_NO_MX_RECORD';
}
}
if (($ban_reason = $user->check_ban(false, false, $email, true)) !== false) {
return $ban_reason === true ? 'EMAIL_BANNED' : $ban_reason;
}
if (!$config['allow_emailreuse']) {
$sql = 'SELECT user_email_hash
FROM ' . USERS_TABLE . "\n\t\t\tWHERE user_email_hash = " . (crc32($email) . strlen($email));
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
return 'EMAIL_TAKEN';
}
}
return false;
}
/**
* @dataProvider data_provider
*/
public function test_checkdnsrr($host, $type, $expected)
{
$this->assertEquals($expected, phpbb_checkdnsrr($host, $type));
}
/**
* Check to see if email address is a valid address and contains a MX record
*
* @param string $email The email to check
*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function phpbb_validate_email($email, $config = null)
{
if ($config === null) {
global $config;
}
$email = strtolower($email);
if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email)) {
return 'EMAIL_INVALID';
}
// Check MX record.
// The idea for this is from reading the UseBB blog/announcement. :)
if ($config['email_check_mx']) {
list(, $domain) = explode('@', $email);
if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false) {
return 'DOMAIN_NO_MX_RECORD';
}
}
return false;
}
/**
* Check IP address against DNS-based lists of Open HTTP/SOCKS Proxies
*
* This function only checks DNSBLs which list Open HTTP/SOCKS Proxies, not spammers or open smtp relays, etc..
* For more info, see: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists
*
* @param string $check_ip The IP address to check against the list or Tor exit-node IPs
*/
function proxy_dnsbl_check($check_ip)
{
// proxies.dnsbl.sorbs.net is an aggregate zone for (http|socks|misc).dnsbl.sorbs.net
$dnsbl_check = array('proxies.dnsbl.sorbs.net' => 'http://www.de.sorbs.net/lookup.shtml?', 'web.dnsbl.sorbs.net' => 'http://www.de.sorbs.net/lookup.shtml?', 'xbl.spamhaus.org' => 'http://www.spamhaus.org/query/bl?ip=');
$reverse_ip = implode('.', array_reverse(explode('.', $check_ip)));
$listed = false;
$info_ary = array();
foreach ($dnsbl_check as $dnsbl => $lookup) {
if (phpbb_checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true) {
$info_ary[] = $lookup . $check_ip;
$listed = true;
}
}
if ($listed) {
$info = implode('<>', array_unique($info_ary));
insert_ip($check_ip, PROXY_DNSBL, "0.0.0.0", $info);
}
}
