/**
 * Do we think the current user is a spider?
 *
 * @package SearchEngines
 * @return int
 */
function spiderCheck()
{
    global $modSettings;
    $db = database();
    if (isset($_SESSION['id_robot'])) {
        unset($_SESSION['id_robot']);
    }
    $_SESSION['robot_check'] = time();
    // We cache the spider data for five minutes if we can.
    if (($spider_data = cache_get_data('spider_search', 300)) === null) {
        $request = $db->query('', '
			SELECT id_spider, user_agent, ip_info
			FROM {db_prefix}spiders
			ORDER BY LENGTH(user_agent) DESC', array());
        $spider_data = array();
        while ($row = $db->fetch_assoc($request)) {
            $spider_data[] = $row;
        }
        $db->free_result($request);
        // Save it in the cache
        cache_put_data('spider_search', $spider_data, 300);
    }
    if (empty($spider_data)) {
        return false;
    }
    // We need the user agent
    $req = request();
    // Always attempt IPv6 first.
    if (strpos($_SERVER['REMOTE_ADDR'], ':') !== false) {
        $ip_parts = convertIPv6toInts($_SERVER['REMOTE_ADDR']);
    } else {
        preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $_SERVER['REMOTE_ADDR'], $ip_parts);
    }
    foreach ($spider_data as $spider) {
        // User agent is easy.
        if (!empty($spider['user_agent']) && strpos(strtolower($req->user_agent()), strtolower($spider['user_agent'])) !== false) {
            $_SESSION['id_robot'] = $spider['id_spider'];
        } elseif (!empty($ip_parts)) {
            $ips = explode(',', $spider['ip_info']);
            foreach ($ips as $ip) {
                $ip = ip2range($ip);
                if (!empty($ip)) {
                    foreach ($ip as $key => $value) {
                        if ($value['low'] > $ip_parts[$key + 1] || $value['high'] < $ip_parts[$key + 1]) {
                            break;
                        } elseif ($key == 7 && strpos($_SERVER['REMOTE_ADDR'], ':') !== false || $key == 3 && strpos($_SERVER['REMOTE_ADDR'], ':') === false) {
                            $_SESSION['id_robot'] = $spider['id_spider'];
                        }
                    }
                }
            }
        }
        if (isset($_SESSION['id_robot'])) {
            break;
        }
    }
    // If this is low server tracking then log the spider here as oppossed to the main logging function.
    if (!empty($modSettings['spider_mode']) && $modSettings['spider_mode'] == 1 && !empty($_SESSION['id_robot'])) {
        logSpider();
    }
    return !empty($_SESSION['id_robot']) ? $_SESSION['id_robot'] : 0;
}
Exemple #2
0
/**
 * Do we think the current user is a spider?
 * 
 * @todo Should this not be... you know... in a different file?
 * @return int
 */
function SpiderCheck()
{
    global $modSettings;
    if (isset($_SESSION['id_robot'])) {
        unset($_SESSION['id_robot']);
    }
    $_SESSION['robot_check'] = time();
    // We cache the spider data for five minutes if we can.
    if (($spider_data = CacheAPI::getCache('spider_search', 300)) === null) {
        $request = smf_db_query('
			SELECT id_spider, user_agent, ip_info
			FROM {db_prefix}spiders', array());
        $spider_data = array();
        while ($row = mysql_fetch_assoc($request)) {
            $spider_data[] = $row;
        }
        mysql_free_result($request);
        CacheAPI::putCache('spider_search', $spider_data, 300);
    }
    if (empty($spider_data)) {
        return false;
    }
    // Only do these bits once.
    $ci_user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
    // Always attempt IPv6 first.
    if (strpos($_SERVER['REMOTE_ADDR'], ':') !== false) {
        $ip_parts = convertIPv6toInts($_SERVER['REMOTE_ADDR']);
    } else {
        preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $_SERVER['REMOTE_ADDR'], $ip_parts);
    }
    foreach ($spider_data as $spider) {
        // User agent is easy.
        if (!empty($spider['user_agent']) && strpos($ci_user_agent, strtolower($spider['user_agent'])) !== false) {
            $_SESSION['id_robot'] = $spider['id_spider'];
        } elseif (!empty($ip_parts)) {
            $ips = explode(',', $spider['ip_info']);
            foreach ($ips as $ip) {
                $ip = ip2range($ip);
                if (!empty($ip)) {
                    foreach ($ip as $key => $value) {
                        if ($value['low'] > $ip_parts[$key + 1] || $value['high'] < $ip_parts[$key + 1]) {
                            break;
                        } elseif ($key == 7 && strpos($_SERVER['REMOTE_ADDR'], ':') !== false || $key == 3 && strpos($_SERVER['REMOTE_ADDR'], ':') === false) {
                            $_SESSION['id_robot'] = $spider['id_spider'];
                        }
                    }
                }
            }
        }
        if (isset($_SESSION['id_robot'])) {
            break;
        }
    }
    // If this is low server tracking then log the spider here as oppossed to the main logging function.
    if (!empty($modSettings['spider_mode']) && $modSettings['spider_mode'] == 1 && !empty($_SESSION['id_robot'])) {
        logSpider();
    }
    return !empty($_SESSION['id_robot']) ? $_SESSION['id_robot'] : 0;
}
Exemple #3
0
/**
 * Another helper function that put together the
 * @param string $fullip An IP address either IPv6 or not
 * @return string A SQL condition
 */
function constructBanQueryIP($fullip)
{
    // First attempt a IPv6 address.
    if (isValidIPv6($fullip)) {
        $ip_parts = convertIPv6toInts($fullip);
        $ban_query = '((' . $ip_parts[0] . ' BETWEEN bi.ip_low1 AND bi.ip_high1)
			AND (' . $ip_parts[1] . ' BETWEEN bi.ip_low2 AND bi.ip_high2)
			AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low3 AND bi.ip_high3)
			AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low4 AND bi.ip_high4)
			AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low5 AND bi.ip_high5)
			AND (' . $ip_parts[5] . ' BETWEEN bi.ip_low6 AND bi.ip_high6)
			AND (' . $ip_parts[6] . ' BETWEEN bi.ip_low7 AND bi.ip_high7)
			AND (' . $ip_parts[7] . ' BETWEEN bi.ip_low8 AND bi.ip_high8))';
    } elseif (preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $fullip, $ip_parts) == 1) {
        $ban_query = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1)
			AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2)
			AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3)
			AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))';
    } else {
        $ban_query = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255
			AND bi.ip_low2 = 255 AND bi.ip_high2 = 255
			AND bi.ip_low3 = 255 AND bi.ip_high3 = 255
			AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)';
    }
    return $ban_query;
}