예제 #1
0
function bb2_start($settings)
{
    // Gather up all the information we need, first of all.
    $headers = bb2_load_headers();
    // Postprocess the headers to mixed-case
    // TODO: get the world to stop using PHP as CGI
    $headers_mixed = array();
    foreach ($headers as $h => $v) {
        $headers_mixed[uc_all($h)] = $v;
    }
    // IPv6 - IPv4 compatibility mode hack
    $_SERVER['REMOTE_ADDR'] = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
    // Reconstruct the HTTP entity, if present.
    $request_entity = array();
    if (!strcasecmp($_SERVER['REQUEST_METHOD'], "POST") || !strcasecmp($_SERVER['REQUEST_METHOD'], "PUT")) {
        foreach ($_POST as $h => $v) {
            $request_entity[$h] = $v;
        }
    }
    @($package = array('ip' => $_SERVER['REMOTE_ADDR'], 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $_SERVER['REQUEST_URI'], 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false));
    $result = bb2_screen($settings, $package);
    if ($result && !defined('BB2_TEST')) {
        bb2_banned($settings, $package, $result);
    }
    return $result;
}
예제 #2
0
function bb2_test($settings, $package, $result)
{
    if ($result !== FALSE) {
        bb2_banned($settings, $package, $result);
        return TRUE;
    }
    return FALSE;
}
function bb2_test($settings, $package, $result)
{
    // Passthrough a value of 1 for whitelisted/bypass items
    if ($result == 1) {
        return true;
    }
    if ($result !== FALSE) {
        bb2_banned($settings, $package, $result);
        return TRUE;
    }
    return FALSE;
}
예제 #4
0
function bb2_start($settings)
{
    // Gather up all the information we need, first of all.
    $headers = bb2_load_headers();
    // Postprocess the headers to mixed-case
    // TODO: get the world to stop using PHP as CGI
    $headers_mixed = array();
    foreach ($headers as $h => $v) {
        $headers_mixed[uc_all($h)] = $v;
    }
    // IPv6 - IPv4 compatibility mode hack
    $_SERVER['REMOTE_ADDR'] = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
    // Reconstruct the HTTP entity, if present.
    $request_entity = array();
    if (!strcasecmp($_SERVER['REQUEST_METHOD'], "POST") || !strcasecmp($_SERVER['REQUEST_METHOD'], "PUT")) {
        foreach ($_POST as $h => $v) {
            if (is_array($v)) {
                # Workaround, see Bug #12
                $v = "Array";
            }
            $request_entity[$h] = $v;
        }
    }
    $request_uri = $_SERVER["REQUEST_URI"];
    if (!$request_uri) {
        $request_uri = $_SERVER['SCRIPT_NAME'];
    }
    # IIS
    if ($settings['reverse_proxy'] && ($ip = bb2_reverse_proxy($settings, $headers_mixed))) {
        $headers['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR'];
        $headers_mixed['X-Bad-Behavior-Remote-Address'] = $_SERVER['REMOTE_ADDR'];
    } else {
        $ip = $_SERVER['REMOTE_ADDR'];
    }
    @($package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false));
    $result = bb2_screen($settings, $package);
    if ($result && !defined('BB2_TEST')) {
        bb2_banned($settings, $package, $result);
    }
    return $result;
}