function ewiki_edit_save_antispam_urldeface(&$save, &$old)
{
preg_match_all('°(http://[^\\s*<>"\'\\[\\]\\#]+)°', $old["content"], $old_urls);
preg_match_all('°(http://[^\\s*<>"\'\\[\\]\\#]+)°', $save["content"], $save_urls);
$added_urls = array_diff($save_urls[1], $old_urls[1]);
if ($added_urls) {
foreach ($added_urls as $url) {
#-- test against BannedLinks, then deface (filter page) URL
if (ewiki_banned_link($url)) {
$save["content"] = str_replace($url, ZERO_PAGERANK . urlencode($url), $save["content"]);
}
}
}
}
function ewiki_link_url_zero_pagerank(&$href, &$title)
{
if (ewiki_banned_link($href)) {
$href = ZERO_PAGERANK . urlencode($href);
}
}
function ewiki_shutdown_referer_log($id, &$data, $action, $args = NULL)
{
global $ewiki_config;
$iw = $ewiki_config["interwiki"];
#-- the referer url
$ref = strtok($_SERVER["HTTP_REFERER"], "# ");
$this1 = EWIKI_SERVER . $_SERVER["REQUEST_URI"];
$this2 = ewiki_script("", $id);
#-- pattern of ourselfs
$host = $_SERVER["HTTP_HOST"];
$pat = substr($host, strpos($host, ".") + 1);
if (!strpos($pat, ".")) {
$pat = $host;
}
#-- reject if self-referring
if (strpos($ref, $host) || strpos($ref, $_SERVER["SERVER_NAME"])) {
return false;
}
#-- reject search engine links
if (strpos($ref, "?") && strpos($ref, "q=")) {
return false;
}
#-- link already on page?
$sref = trim($ref, "/");
$sref = substr($sref, strpos($sref, ".") + 1);
$sref = strtolower($sref);
if (strpos(strtolower($data["refs"]), $sref)) {
return false;
}
#-- forgery test 1
if (strpos(urldecode($ref), $pat) || strpos(urldecode(urldecode($ref)), $pat)) {
ewiki_log("forged REFERER '{$ref}' to {$this1}");
return -1;
}
#-- already banned?
if (function_exists("ewiki_banned_link") && ewiki_banned_link($ref)) {
ewiki_log("banned REFERER '{$ref}' to {$this1}");
return -1;
}
#-- special cases
if (!strpos(trim(substr($ref, 10), "/"), "/")) {
$likely_fake = 1;
// link from server root dir?
} elseif (strpos($ref, "slashdot")) {
$from_sd = 1;
}
#-- decode InterWiki URLs into "prefix:PageName" representation
if ($link = ewiki_url2wiki($ref)) {
if (stristr($data["refs"], $link)) {
// already in page
return false;
}
} else {
$link = $ref;
}
#-- retrieve page to check for link existence
$R = ewiki_http_query("GET", $ref, NULL, array(), "cookies.txt");
if (!stristr($R[0], $this1) && !stristr($R[0], $this2) && !strpos($R[0], EWIKI_NAME . ":{$id}")) {
ewiki_log("faked REFERER '{$ref}' to {$this1}");
if ($likely_fake && ($abuse = $_SERVER["HTTP_FROM"])) {
mail($abuse, "REFERER Header Abuse", "Dear 'search-engine' maintainer,\n\nYou misused the HTTP Referer: header for marketing purposes.\nThis informational mail is meant to annoy you likewise.\n\n", "X-From: {$_SERVER['SERVER_ADMIN']}\nX-Mailer: ewiki:refererlog\n");
}
return -1;
}
#-- all tests passed, add link
$data = ewiki_db::GET($id);
if ($data["version"]++) {
$data["content"] = trim($data["content"]) . "\n- {$link}\n";
ewiki_data_update($data);
$data["author"] = "RefererLog; " . $data["author"];
if (!EWIKI_REFERER_NOISE) {
$data["flags"] |= EWIKI_DB_F_MINOR;
}
ewiki_db::WRITE($data);
}
}
