Example #1
0
 public static function byImage($inputFilePath)
 {
     $binaryHash = sha1_file($inputFilePath);
     $phash = ph_dct_imagehash($inputFilePath);
     if (!$phash) {
         return false;
     }
     $results = ImageHash::whereRaw('binary_hash = ? or bit_count(phash ^ ?) <= ?', array($binaryHash, $phash, self::SEARCH_THRESHOLD))->get();
     $paths = array();
     foreach ($results as $hash) {
         $record = $hash->pathRecord;
         $path = $record->getPath();
         $paths[$record->id] = $path;
     }
     return $paths;
 }
Example #2
0
 function autoHookRegistBegin(&$name, &$email, &$sub, &$com, $upfileInfo, $accessInfo, $isReply)
 {
     global $BANPATTERN, $BAD_FILEMD5, $postInfo;
     $setfail = true;
     $postInfo = array($isReply, str_replace("\r\n", '<br>', $com), $sub, $name, $email, $upfileInfo['name'], isset($_POST['loid']) ? $_POST['loid'] : '', $_SERVER['HTTP_USER_AGENT']);
     // extract fail cookie
     if (isset($_COOKIE[$this->cookiename])) {
         $this->failcookie = explode(':', $this->_mybase64_decode($_COOKIE[$this->cookiename]));
     }
     if ($this->postlogfile) {
         $plname = strstr($this->postlogfile, '%s') ? sprintf($this->postlogfile, date('Ymd')) : $this->postlogfile;
         $pfp = fopen($plname, 'ab');
         $outstr = '/ip=' . $accessInfo['ip'] . "\ttime=" . date('Ymd-His');
         $pInames = array('re', 'com', 'sub', 'name', 'email', 'upfile', 'loid', 'ua');
         $pIcnt = count($postInfo);
         for ($i = 0; $i < $pIcnt; $i++) {
             $outstr .= "\t" . (isset($pInames[$i]) ? $pInames[$i] . '=' : '') . $postInfo[$i];
         }
         if (isset($_COOKIE[$this->cookiename])) {
             $outstr .= "\tfc=" . implode(':', $this->failcookie);
         }
         fwrite($pfp, $outstr . "\t/end\n");
         fclose($pfp);
     }
     // 載入封鎖黑名單定義檔
     if (is_file($this->ipfile)) {
         $BANPATTERN = array_merge($BANPATTERN, array_map('rtrim', $this->_parseBlackListFile($this->ipfile, true)));
     }
     if (is_file($this->imgfile)) {
         $BAD_FILEMD5 = array_merge($BAD_FILEMD5, array_map('rtrim', $this->_parseBlackListFile($this->imgfile, true)));
     }
     // IP/Hostname Check
     $accessInfo['host'] = strtolower($accessInfo['host']);
     $checkTwice = $accessInfo['ip'] != $accessInfo['host'];
     // 是否需檢查第二次
     $IsBanned = false;
     if (!isset($_POST['js']) || $_POST['js'] !== 'js') {
         error('Please enable Javascript');
     }
     // Quick hack 3
     /*if(strpos($_SERVER['HTTP_USER_AGENT'],'NT 6.1; rv:12.0')!==false) {
     			$this->_nglog_append($accessInfo['ip'],'badip','High possibility of Seiyuu Chuu detected'.'#postinf='.implode('|',$postInfo));
     			$IsBanned = true;
     			$setfail = false;
     		}*/
     // Quick hack 3 end
     // Quick hack
     if (!$IsBanned && (strpos($_SERVER['HTTP_USER_AGENT'], 'VPNGate') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'FreeSafeIP.com') !== false)) {
         $this->_nglog_append($accessInfo['ip'], 'badip', 'VPNGate detected' . '#postinf=' . implode('|', $postInfo));
         $IsBanned = true;
         $setfail = false;
     }
     // Quick hack end
     // Quick hack 2
     if (!$IsBanned) {
         $lsval = '';
         $lastslash = strrpos($_SERVER['HTTP_USER_AGENT'], '/');
         if ($lastslash !== false) {
             $lsval = substr($_SERVER['HTTP_USER_AGENT'], $lastslash + 1);
         }
         $lastspace = strrpos($lsval, ' ');
         if ($lastspace !== false) {
             $lsval = substr($lsval, $lastspace + 1);
         }
         $lastbmark = strrpos($lsval, ')');
         if ($lastbmark !== false) {
             $lsval = substr($lsval, 0, $lastbmark);
         }
         if (strlen($lsval) > 1 && preg_match('/^[0-9A-F]+$/i', $lsval)) {
             $this->_nglog_append($accessInfo['ip'], 'badip', 'strange user agent detected' . '#postinf=' . implode('|', $postInfo));
             $IsBanned = true;
             $setfail = false;
         }
     }
     // Quick hack 2 end
     // UA checks
     if (is_file($this->baduafile)) {
         $baduas = array_map('rtrim', $this->_parseBlackListFile($this->baduafile, true));
     }
     if (@$baduas[0]) {
         foreach ($baduas as $badua) {
             if (preg_match('`' . $badua . '`', $_SERVER['HTTP_USER_AGENT'])) {
                 $this->_nglog_append($accessInfo['ip'], 'badip', 'Bad user agent#postinf=' . implode('|', $postInfo));
                 $IsBanned = true;
                 $setfail = false;
             }
         }
     }
     if (!$IsBanned) {
         foreach ($BANPATTERN as $pattern) {
             $slash = substr_count($pattern, '/');
             if ($slash == 2) {
                 // RegExp
                 $pattern .= 'i';
             } elseif ($slash == 1) {
                 // CIDR Notation
                 if (matchCIDR($accessInfo['ip'], $pattern)) {
                     $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo));
                     $IsBanned = true;
                     break;
                 }
                 continue;
             } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) {
                 // Wildcard
                 $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i';
             } else {
                 // Full-text
                 if ($accessInfo['ip'] == $pattern || $checkTwice && $accessInfo['host'] == strtolower($pattern)) {
                     $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo));
                     $IsBanned = true;
                     break;
                 }
                 continue;
             }
             if (preg_match($pattern, $accessInfo['host']) || $checkTwice && preg_match($pattern, $accessInfo['ip'])) {
                 $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo));
                 $IsBanned = true;
                 break;
             }
         }
     }
     if (!$IsBanned) {
         if ($this->_checkProxiesList($accessInfo['ip'])) {
             $this->_nglog_append($accessInfo['ip'], 'badip', 'OpenProxy Listed' . '#postinf=' . implode('|', $postInfo));
             $IsBanned = true;
         }
     }
     if ($IsBanned) {
         if ($setfail) {
             $this->_setfailcookie();
         }
         error(_T('ip_banned'));
     }
     // process fail cookie
     if (isset($_COOKIE[$this->cookiename])) {
         /*if(RENZOKU && ($time - $this->failcookie[0] < RENZOKU*2)){
         			error(_T('regist_successivepost'));
         		}*/
         if (isset($this->failcookie[1]) && $this->failcookie[1] > 5) {
             $this->_nglog_append($accessInfo['ip'], 'ckban', implode(':', $this->failcookie) . '#postinf=' . implode('|', $postInfo));
             $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'cookie autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n");
             // 同步進行刪除及更新
             error(_T('ip_banned'));
         }
     }
     if ($this->_nglog_process($accessInfo['ip'])) {
         $this->_nglog_append($accessInfo['ip'], 'lgban', (isset($_COOKIE[$this->cookiename]) ? implode('.', $this->failcookie) : 'no-cookie') . '#postinf=' . implode('|', $postInfo));
         $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'nglog autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n");
         // 同步進行刪除及更新
         $this->_setfailcookie('ban');
         error(_T('ip_banned'));
     }
     // Cleanup $BANPATTERN as it passed in upper test
     $BANPATTERN = array();
     if (is_file($this->badstrfile)) {
         $badstrs = array_map('rtrim', $this->_parseBlackListFile($this->badstrfile, true));
     }
     if (@$badstrs[0]) {
         foreach ($badstrs as $badstr) {
             if (preg_match('`' . $badstr . '`', $name) || preg_match('`' . $badstr . '`', $email) || preg_match('`' . $badstr . '`', $sub) || preg_match('`' . $badstr . '`', str_replace("\r\n", '', $com))) {
                 $this->_nglog_append($accessInfo['ip'], 'ngstr', $badstr, implode('|', $postInfo));
                 $this->_setfailcookie();
                 error(_T('regist_wordfiltered'));
             }
         }
     }
     if ($this->use_imghash && file_exists($this->imghash_lib)) {
         include $this->imghash_lib;
         if (is_dir(realpath($this->imghash_imgdir))) {
             $pfolder = opendir($this->imghash_imgdir);
             //Folder
             $pnamebase = array();
             while ($file = readdir($pfolder)) {
                 if (is_file($this->imghash_imgdir . $file)) {
                     $pnamebase[] = $file;
                 }
             }
             closedir($pfolder);
             for ($i = 0; $i < sizeof($pnamebase); $i++) {
                 if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir) && file_exists($this->imghash_hashdir . $pnamebase[$i] . '.imghash')) {
                     list($pw, $ph, $apHash) = explode("\t", file_get_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash'));
                     $pbase_size = array($pw, $ph);
                 } else {
                     $pbase_size = getimagesize($this->imghash_imgdir . $pnamebase[$i]);
                     $apHash = ImageHash::hashImageFile($this->imghash_imgdir . $pnamebase[$i]);
                     if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir)) {
                         file_put_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash', $pbase_size[0] . "\t" . $pbase_size[1] . "\t" . $apHash);
                     }
                 }
                 $dpHash = ImageHash::hashImageFileCropped($upfileInfo['file'], $pbase_size[0], $pbase_size[1]);
                 if (ImageHash::isHashSimilar($apHash, $dpHash) || ImageHash::isImageSimilarWithHash($dest, $apHash)) {
                     $this->_nglog_append($accessInfo['ip'], 'phash', $pnamebase[$i], '' . '#postinf=' . implode('|', $postInfo));
                     $this->_setfailcookie();
                     error(_T('regist_upload_blocked'));
                     //拒絶画像
                 }
             }
         }
     }
 }
Example #3
0
 public static function isImageSimilarWithHash($aPath, $bHash)
 {
     $aHash = ImageHash::hashImageFile($aPath);
     return ImageHash::isHashSimilar($aHash, $bHash);
 }