function check_ban_proxy() {
global $globals;
if ($globals['development']) return false; // only for development
if (($ban = check_ban($globals['user_ip'], 'proxy'))) return $ban;
else return check_ban($_SERVER['REMOTE_ADDR'], 'proxy');
}
function check_url($url, $check_local = true, $first_level = false)
{
global $globals, $current_user;
if (!preg_match('/^http[s]*:/', $url)) {
return false;
}
$url_components = @parse_url($url);
if (!$url_components) {
return false;
}
if (!preg_match('/[a-z]+/', $url_components['host'])) {
return false;
}
$quoted_domain = preg_quote(get_server_name());
if ($check_local && preg_match("/^{$quoted_domain}\$/", $url_components['host'])) {
$globals['ban_message'] = _('el servidor es local');
syslog(LOG_NOTICE, "Meneame, server name is local name ({$current_user->user_login}): {$url}");
return false;
}
require_once mnminclude . 'ban.php';
if (check_ban($url, 'hostname', false, $first_level) || check_ban_list($url_components[host], $globals['forbiden_domains'])) {
syslog(LOG_NOTICE, "Meneame, server name is banned ({$current_user->user_login}): {$url}");
$this->banned = true;
return false;
}
return true;
}
function check_ban_proxy()
{
global $globals;
if ($ban = check_ban($globals['user_ip'], 'proxy')) {
return $ban;
} else {
return check_ban($_SERVER['REMOTE_ADDR'], 'proxy');
}
}
$shower = "messages.php?session={$session}";
if (!in_array($chat_type, $chat_types)) {
$chat_type = $chat_types[0];
}
if ($chat_type == "tail") {
$shower = "{$daemon_url}?{$session}";
} elseif ($chat_type == "reload") {
$shower = "messages.php?session={$session}";
} elseif ($chat_type == "php_tail") {
$shower = "tail.php?session={$session}";
} elseif ($chat_type == "js_tail") {
$shower = "js_frameset.php?session={$session}";
}
#ban check
include $ld_engine_path . "ban_check.php";
if (check_ban(array("un|" . to_canon_nick($user_name), "ip|" . $REMOTE_ADDR, "ch|" . $c_hash, "bh|" . $browser_hash, "sn|" . substr($REMOTE_ADDR, 0, strrpos($REMOTE_ADDR, "."))))) {
$error_text = $w_banned;
include $file_path . "designes/" . $design . "/error_page.php";
exit;
}
#???????????
if ($c_user_color == "") {
$user_color = $default_color;
} else {
$user_color = $c_user_color;
}
$registered_user = 0;
$users = array();
$htmlnick = "";
//////////////////////////////////////////! ÇÀÏÈÑÜ
include $ld_engine_path . "voc_user_data.php";
function do_submit1() {
global $db, $dblang, $current_user, $globals;
$url = clean_input_url($_POST['url']);
$url = preg_replace('/^http:\/\/http:\/\//', 'http://', $url); // Some users forget to delete the foo http://
if (! preg_match('/^\w{3,6}:\/\//', $url)) { // http:// forgotten, add it
$url = 'http://'.$url;
}
$url = preg_replace('/#[^\/]*$/', '', $url); // Remove the "#", people just abuse
echo '<div>'."\n";
$new_user = false;
if (!check_link_key()) {
echo '<p class="error"><strong>'._('clave incorrecta').'</strong></p> ';
echo '</div>'. "\n";
return;
}
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links'] ) {
echo '<p class="error"><strong>'._('no tienes el mínimo de karma para enviar una nueva historia').'</strong></p> ';
echo '</div>'. "\n";
return;
}
// Don't allow to send a link by a clone
$hours = intval($globals['user_links_clon_interval']);
$clones = $current_user->get_clones($hours+1);
if ($hours > 0 && $clones) {
$l = implode(',', $clones);
$c = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval $hours hour) and link_author in ($l)");
if ($c > 0) {
echo '<p class="error">'._('ya se envió con otro usuario «clon» en las últimas horas'). ", "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, clon submit ($current_user->user_login): $_POST[url]");
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
// Check the number of links sent by a user
$queued_24_hours = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval 24 hour) and link_author=$current_user->user_id");
if (!$globals['development'])
if ($globals['limit_user_24_hours'] && $queued_24_hours > $globals['limit_user_24_hours']) {
echo '<p class="error">'._('debes esperar, tienes demasiados envíos en cola de las últimas 24 horas'). " ($queued_24_hours), "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued in 24 hours ($current_user->user_login): $_POST[url]");
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
// check the URL is OK and that it resolves
$url_components = @parse_url($url);
if (!$url_components || ! $url_components['host'] || gethostbyname($url_components['host']) == $url_components['host']) {
echo '<p class="error"><strong>'._('URL o nombre de servidor erróneo').'</strong></p> ';
echo '<p>'._('el nombre del servidor es incorrecto o éste tiene problemas para resolver el nombre'). ' </p>';
syslog(LOG_NOTICE, "Meneame, hostname error ($current_user->user_login): $url");
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
$enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
if ($current_user->user_karma > $globals['limit_3_minutes_karma']) $enqueued_limit = $globals['limit_3_minutes'] * 1.5;
else $enqueued_limit = $globals['limit_3_minutes'];
if ($enqueued_last_minutes > $enqueued_limit) {
echo '<p class="error"><strong>'._('exceso de envíos').':</strong></p>';
echo '<p>'._('se han enviado demasiadas historias en los últimos 3 minutos'). " ($enqueued_last_minutes > $enqueued_limit), "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued ($current_user->user_login): $_POST[url]");
echo '</div>'. "\n";
return;
}
// Check the user does not have too many drafts
$minutes = intval($globals['draft_time'] / 60) + 10;
$drafts = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval $minutes minute) and link_status='discard' and link_votes = 0");
if (!$globals['development'])
if ($drafts > $globals['draft_limit']) {
echo '<p class="error"><strong>'._('demasiados borradores').':</strong></p>';
echo '<p>'._('has hecho demasiados intentos, debes esperar o continuar con ellos desde la'). ' <a href="shakeit.php?meta=_discarded">'. _('cola de descartadas').'</a></p>';
syslog(LOG_NOTICE, "Meneame, too many drafts ($current_user->user_login): $_POST[url]");
echo '</div>'. "\n";
return;
}
// Delete dangling drafts
if ($drafts > 0) {
$db->query("delete from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
}
// Check for banned IPs
if (!$globals['development'])
if(($ban = check_ban($globals['user_ip'], 'ip', true)) || ($ban = check_ban_proxy())) {
echo '<p class="error"><strong>'._('dirección IP no permitida para enviar').':</strong> '.$globals['user_ip'].'</p>';
echo '<p><strong>'._('Razón').'</strong>: '.$ban['comment'].'</p>';
if ($ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($ban['expire']).'</p>';
}
syslog(LOG_NOTICE, "Meneame, banned IP $globals[user_ip] ($current_user->user_login): $url");
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
// Number of links sent by the user
$total_sents = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id") - $drafts;
if ($total_sents > 0) {
$sents = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day)") - $drafts;
} else {
$new_user = true;
$sents = 0;
}
$register_date = $current_user->Date();
if ($globals['now'] - $register_date < $globals['new_user_time'] ) {
$new_user = true;
}
// check that a new user also votes, not only sends links
// it requires $globals['min_user_votes'] votes
if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < $globals['new_user_karma']) {
$user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id=$current_user->user_id");
$user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id=$current_user->user_id");
$user_links = 1 + $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
$total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
echo "<!-- $user_votes_total, $user_links, $total_links -->\n";
if ($sents == 0) {
// If is a new user, requires more votes, to avoid spam
$min_votes = $globals['min_user_votes'];
} else {
$min_votes = min(4, intval($total_links/20)) * $user_links;
}
if (!$current_user->admin && $user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error">';
if ($new_user) {
echo '<strong>'._('¿es la primera vez que envías una noticia?').'</strong></p> ';
echo '<p class="error-text">'._('necesitas como mínimo'). " <strong>$needed " . _('votos') . '</strong><br/>';
} else {
echo '<strong>'._('no tienes el mínimo de votos necesarios para enviar una nueva historia').'</strong></p> ';
echo '<p class="error-text">'._('necesitas votar como mínimo a'). " <strong>$needed " . _('envíos') . '</strong><br/>';
}
echo '<strong>'._('no votes de forma apresurada, penaliza el karma').'</strong><br/>';
echo '<a href="'.$globals['base_url'].'shakeit.php" target="_blank">'._('haz clic aquí para ir a votar').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
// avoid spams, an extra security check
// it counts the numbers of links in the last hours
if ($new_user) {
$user_links_limit = $globals['new_user_links_limit'];
$user_links_interval = intval($globals['new_user_links_interval'] / 3600);
} else {
$user_links_limit = $globals['user_links_limit'];
$user_links_interval = intval($globals['user_links_interval'] / 3600);
}
$same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author=$current_user->user_id") - $drafts;
$same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_ip = '".$globals['user_ip']."'") - $drafts;
if ($same_user > $user_links_limit || $same_ip > $user_links_limit ) {
echo '<p class="error"><strong>'._('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP'). '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
// avoid users sending continuous "rubbish" or "propaganda", specially new users
// it takes in account the number of positive votes in the last six hours
if ($same_user > 1 && $current_user->user_karma < $globals['karma_propaganda']) {
$positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author = $current_user->user_id");
$negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author = $current_user->user_id");
if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
echo '<p class="error"><strong>'._('debes esperar, has tenido demasiados votos negativos en tus últimos envíos'). '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
$linkres=new Link;
$linkres->url = $url;
$edit = false;
if(report_dupe($url)) return;
if(!$linkres->check_url($url, true, true) || !$linkres->get($url)) {
echo '<p class="error"><strong>'._('URL erróneo o no permitido').'</strong>: ';
if ($linkres->ban && $linkres->ban['match']) {
echo $linkres->ban['match'];
} else {
echo $linkres->url;
}
echo '</p>';
echo '<p><strong>'._('Razón').':</strong> '. $linkres->ban['comment'].'</p>';
if ($linkres->ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($linkres->ban['expire']).'</p>';
}
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
// If the URL has changed, check again is not dupe
if($linkres->url != $url && report_dupe($linkres->url)) return;
$linkres->randkey = intval($_POST['randkey']);
if(!$linkres->valid) {
echo '<p class="error"><strong>'._('error leyendo el url').':</strong> '.htmlspecialchars($url).'</p>';
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 8 && $current_user->user_level == 'normal') {
echo '<p>'._('URL inválido, incompleto o no permitido. Está fuera de línea, o tiene mecanismos antibots.').'</p>';
print_empty_submit_form();
return;
}
echo '<p>'._('no es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto').'</p>';
}
$linkres->status='discard';
$linkres->author=$current_user->user_id;
if (!$linkres->pingback()) {
$linkres->trackback();
}
$trackback=htmlspecialchars($linkres->trackback);
$linkres->create_blog_entry();
$blog = new Blog;
$blog->id = $linkres->blog;
$blog->read();
$blog_url_components = @parse_url($blog->url);
$blog_url = $blog_url_components['host'].$blog_url_components['path'];
// Now we check again against the blog table
// it's done because there could be banned blogs like http://lacotelera.com/something
if(($ban = check_ban($blog->url, 'hostname', false, true))) {
echo '<p class="error"><strong>'._('URL inválido').':</strong> '.htmlspecialchars($url).'</p>';
echo '<p>'._('el sitio').' '.$ban['match'].' '. _('está deshabilitado'). ' ('. $ban['comment'].') </p>';
if ($ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($ban['expire']).'</p>';
}
syslog(LOG_NOTICE, "Meneame, banned site ($current_user->user_login): $blog->url <- $_POST[url]");
print_empty_submit_form();
echo '</div>'. "\n";
/*
// If the domain is banned, decrease user's karma
if ($linkres->banned && $current_user->user_level == 'normal') {
$db->query("update users set user_karma = user_karma - 0.05 where user_id = $current_user->user_id");
}
*/
return;
}
// check for users spamming several sites and networks
// it does not allow a low "entropy"
// DISABLED BY MANEL: let the user send news from the same sources
/*
if ($sents > 30) {
$ratio = (float) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day)");
$threshold = 1/log($sents, 2);
if ($ratio < $threshold ) {
if ($db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_blog = $blog->id") > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: $ratio < $threshold ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado demasiados enlaces a los mismos sitios').'</strong></p> ';
echo '<p class="error-text">'._('varía las fuentes, podría ser considerado spam').'</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
}
*/
// Check the user does not send too many images or vídeos
// they think this is a fotolog
// DISABLED BY MANEL: this could be a fotolog
/*
if ($sents > 5 && ($linkres->content_type == 'image' || $linkres->content_type == 'video')) {
$image_links = intval($db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')"));
if ($image_links > $sents * 0.7) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado demasiadas imágenes o vídeos').'</strong></p> ';
//echo '<p class="error-text">'._('disculpa, no es un fotolog').'</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
*/
// Avoid users sending too many links to the same site in last hours
// DISABLED BY MANEL
/*
$hours = 24;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $hours hour) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0");
if ($same_blog > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many links to the same site in last $hours hours ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('demasiados enlaces al mismo sitio en las últimas horas').'</strong></p> ';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// avoid auto-promotion (autobombo)
// DISABLED BY MANEL: autobombo permitido
/*
$minutes = 30;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $minutes minute) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado un enlace al mismo sitio hace poco tiempo').'</strong></p> ';
echo '<p class="error-text">'._('debes esperar'). " $minutes " . _('minutos entre cada envío al mismo sitio.') . ', ';
echo '<a href="'.$globals['base_url'].'faq-'.$dblang.'.php">'._('lee el FAQ').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// Avoid spam (autobombo), count links in last two months
// DISABLED BY MANEL: autobombo permitido
/*
$same_blog = $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_blog=$linkres->blog");
$check_history = $sents > 3 && $same_blog > 0 && ($ratio = $same_blog/$sents) > 0.5;
if ($check_history) {
echo '<p class="error"><strong>'._('has enviado demasiados enlaces a')." $blog->url".'</strong></p> ';
if ($sents > 5 && $ratio > 0.75) {
echo '<p class="error-text">'._('has superado los límites de envíos de este sitio').'</p>';
// don't allow to continue
syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ($current_user->user_login): $linkres->url");
return;
} else {
echo '<p class="error-text">'._('continúa, pero ten en cuenta podría recibir votos negativos').', ';
echo '<a href="'.$globals['base_url'].'legal.php">'._('condiciones de uso').'</a>, ';
echo '<a href="'.$globals['base_url'].'faq-'.$dblang.'.php">'._('el FAQ').'</a></p>';
syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ($current_user->user_login): $linkres->url");
}
}
*/
$links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour)");
// check there is no an "overflow" from the same site
// DISABLED BY MANEL: could be an overflow
/*
$site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_blog=$linkres->blog and link_status in ('queued')"));
if ($site_links > 8 && $site_links > $links_12hs * 0.04) { // Only 4% from the same site
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya se han enviado demasiadas artículos del mismo sitio, espera unos minutos por favor').'</strong></p> ';
echo '<p class="error-text">'._('total en 12 horas').": $site_links , ". _('el máximo actual es'). ': ' . intval($links_12hs * 0.04). '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// check there is no an "overflow" of images
// DISABLED BY MANEL: let the overflow begin
/*
if ($linkres->content_type == 'image' || $linkres->content_type == 'video') {
$image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_content_type in ('image', 'video')"));
if ($image_links > 5 && $image_links > $links_12hs * 0.08) { // Only 8% images and videos
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor').'</strong></p> ';
echo '<p class="error-text">'._('total en 12 horas').": $image_links , ". _('el máximo actual es'). ': ' . intval($links_12hs * 0.05). '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
*/
if(($ban = check_ban($linkres->url, 'punished_hostname', false, true))) {
echo '<p class="error"><strong>'._('Aviso').' '.$ban['match']. ':</strong> <em>'.$ban['comment'].'</em></p>';
echo '<p>'._('mejor enviar el enlace a la fuente original, sino será penalizado').'</p>';
}
// Now stores new draft
$linkres->ip = $globals['user_ip'];
$linkres->sent_date = $linkres->date=time();
$linkres->store();
echo '<h2>'._('envío de una nueva noticia: paso 2 de 3').'</h2>'."\n";
echo '<div class="genericform">'."\n";
echo '<form action="submit.php" method="post" id="thisform" name="thisform">'."\n";
echo '<input type="hidden" name="url" id="url" value="'.htmlspecialchars($linkres->url).'" />'."\n";
echo '<input type="hidden" name="phase" value="2" />'."\n";
echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n";
echo '<input type="hidden" name="key" value="'.$_POST['key'].'" />'."\n";
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<fieldset><legend><span class="sign">'._('información del enlace').'</span></legend>'."\n";
echo '<p class="genericformtxt"><strong>';
echo mb_substr($linkres->url_title, 0, 200);
echo '</strong><br/>';
echo htmlspecialchars($linkres->url);
echo '</p> '."\n";
echo '</fieldset>'."\n";
echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n";
echo '<label for="title" accesskey="1">'._('título de la noticia').':</label>'."\n";
echo '<p><span class="note">'._('título de la noticia. máximo: 120 caracteres').'</span>'."\n";
// Is it an image or video?
echo ' ';
$linkres->print_content_type_buttons();
echo '<br/><input type="text" id="title" name="title" value="'.$link_title.'" size="80" maxlength="120" />';
echo '</p>'."\n";
echo '<label for="tags" accesskey="2">'._('etiquetas').':</label>'."\n";
echo '<p><span class="note"><strong>'._('pocas palabras, genéricas, cortas y separadas por «,» (coma)').'</strong> Ejemplo: <em>web, programación, software libre</em></span>'."\n";
echo '<br/><input type="text" id="tags" name="tags" value="'.$link_tags.'" size="70" maxlength="70" /></p>'."\n";
echo '<link rel="stylesheet" type="text/css" media="all" href="'.$globals['base_static'].'css/ui-lightness/jquery-ui-1.8.16.custom.css"/>' . "\n";
echo '<script src="'.$globals['base_url'].'js/jquery-ui-1.8.16.custom.min.js" type="text/javascript" charset="utf-8"></script>' . "\n";
echo '<script type="text/javascript">
$(document).ready( function() {
';
echo "$.datepicker.regional['pt-BR'] = {
closeText: 'Fechar',
prevText: '<Anterior',
nextText: 'Próximo>',
currentText: 'Hoje',
monthNames: ['Janeiro','Fevereiro','Março','Abril','Maio','Junho',
'Julho','Agosto','Setembro','Outubro','Novembro','Dezembro'],
monthNamesShort: ['Jan','Fev','Mar','Abr','Mai','Jun',
'Jul','Ago','Set','Out','Nov','Dez'],
dayNames: ['Domingo','Segunda-feira','Terça-feira','Quarta-feira','Quinta-feira','Sexta-feira','Sabado'],
dayNamesShort: ['Dom','Seg','Ter','Qua','Qui','Sex','Sab'],
dayNamesMin: ['Dom','Seg','Ter','Qua','Qui','Sex','Sab'],
dateFormat: 'dd/mm/yy', firstDay: 0,
isRTL: false};
$.datepicker.setDefaults($.datepicker.regional['pt-BR']);
";
echo '
$("[name=datepicker1]").datepicker();
$("[name=datepicker2]").datepicker();
});
</script>';
echo '<label>'._('Datas do Evento').'</label> <span class="note">(opcional) desde </span> ';
echo '<input type="text" name="datepicker1" size="8"><span class="note"> '._('ata').'</span> <input type="text" name="datepicker2" size="8"></span>';
print_simpleformat_buttons('bodytext');
echo '<label for="bodytext" accesskey="3">'._('descripción de la noticia').':</label>'."\n";
echo '<p><span class="note"><strong>'._('describe la noticia en castellano. entre dos y cinco frases es suficiente. no deformes el contenido.').'</strong></span>'."\n";
echo '<br /><textarea name="bodytext" rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)">';
if (mb_strlen($linkres->url_description) > 40) {
echo $linkres->url_description;
}
echo '</textarea>'."\n";
echo '<div style="margin-top:-7px"><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="note">' . _('caracteres libres') . '</span></div>';
echo '</p>'."\n";
print_categories_form();
echo '<p><label for="trackback">'._('trackback').':</label><br />'."\n";
if (empty($trackback)) {
echo '<span class="note">'._('puedes agregar o cambiar el trackback si ha sido detectado automáticamente').'</span>'."\n";
echo '<input type="text" name="trackback" id="trackback" value="'.$trackback.'" class="form-full" /></p>'."\n";
} else {
echo '<span class="note">'.$trackback.'</span>'."\n";
echo '<input type="hidden" name="trackback" id="trackback" value="'.$trackback.'"/></p>'."\n";
}
echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('retroceder').'" /> '."\n";
echo '<input class="button" type="submit" value="'._('continuar').' »" />'."\n";
echo '</fieldset>'."\n";
echo '</form>'."\n";
echo '</div>'."\n";
echo '</div>'."\n";
}
function do_submit1()
{
global $db, $dblang, $current_user, $globals;
$url = clean_input_url($_POST['url']);
$url = preg_replace('/^http:\\/\\/http:\\/\\//', 'http://', $url);
// Some users forget to delete the foo http://
$url = preg_replace('/#.*$/', '', $url);
// Remove the "#", people just abuse
do_banner_top();
echo '<div id="container-wide">' . "\n";
echo '<div id="genericform-contents">' . "\n";
$new_user = false;
if (!check_link_key()) {
echo '<p class="error"><strong>' . _('clave incorrecta') . '</strong></p> ';
echo '</div>' . "\n";
return;
}
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) {
echo '<p class="error"><strong>' . _('no tienes el mínimo de karma para enviar una nueva historia') . '</strong></p> ';
echo '</div>' . "\n";
return;
}
$enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
if ($current_user->user_karma > 10) {
$enqueued_limit = $globals['limit_3_minutes'] * 1.5;
} else {
$enqueued_limit = $globals['limit_3_minutes'];
}
if ($enqueued_last_minutes > $enqueued_limit) {
echo '<p class="error"><strong>' . _('Exceso de envíos') . ':</strong></p>';
echo '<p>' . _('Se han enviado demasiadas noticias en los últimos 3 minutos') . " ({$enqueued_last_minutes} > {$enqueued_limit}), " . _('disculpa las molestias') . ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued ({$current_user->user_login}): {$_POST['url']}");
echo '</div>' . "\n";
return;
}
// Check the user does not have too many drafts
$drafts = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_status='discard' and link_votes = 0");
if ($drafts > 3) {
echo '<p class="error"><strong>' . _('Demasiados borradores') . ':</strong></p>';
echo '<p>' . _('Has hecho demasiados intentos, debes esperar o continuar con ellos desde la') . ' <a href="shakeit.php?meta=_discarded">' . _('cola de descartadas') . '</a></p>';
syslog(LOG_NOTICE, "Meneame, too many drafts ({$current_user->user_login}): {$_POST['url']}");
echo '</div>' . "\n";
return;
}
// Delete dangling drafts
if ($drafts > 0) {
$db->query("delete from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
}
// Check for banned IPs
if (check_ban($globals['user_ip'], 'ip', true) || check_ban_proxy()) {
echo '<p class="error"><strong>' . _('Dirección IP no permitida para enviar') . ':</strong> ' . $globals['user_ip'] . ' (' . $globals['ban_message'] . ')</p>';
syslog(LOG_NOTICE, "Meneame, banned IP {$globals['user_ip']} ({$current_user->user_login}): {$url}");
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// Number of links sent by the user
$total_sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}") - $drafts;
if ($total_sents > 0) {
$sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)") - $drafts;
} else {
$new_user = true;
$sents = 0;
}
$register_date = $current_user->Date();
if ($globals['now'] - $register_date < 86400 * 3) {
$new_user = true;
}
// check that a new user also votes, not only sends links
// it requires $globals['min_user_votes'] votes
if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < 6.1) {
$user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id={$current_user->user_id}");
$user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id={$current_user->user_id}");
$user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
$total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
echo "<!-- {$user_votes_total}, {$user_links}, {$total_links} -->\n";
if ($sents == 0) {
// If is a new user, requires more votes, to avoid spam
$min_votes = $globals['min_user_votes'];
} else {
$min_votes = min(4, intval($total_links / 20)) * $user_links;
}
if ($current_user->user_level != 'god' && $current_user->user_level != 'admin' && $user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error">';
if ($new_user) {
echo '<strong>' . _('¿es la primera vez que envías una noticia?') . '</strong></p> ';
echo '<p class="error-text">' . _('necesitas como mínimo') . " <strong>{$needed} " . _('votos') . '</strong><br/>';
} else {
echo '<strong>' . _('no tienes el mínimo de votos necesarios para enviar una nueva historia') . '</strong></p> ';
echo '<p class="error-text">' . _('necesitas votar como mínimo a') . " <strong>{$needed} " . _('noticias') . '</strong><br/>';
}
echo '<strong>' . _('no votes de forma apresurada, penaliza el karma') . '</strong><br/>';
echo '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// avoid spams, an extra security check
// it counts the numbers of links in the last hours
if ($new_user) {
$user_links_limit = 1;
$user_links_interval = 1;
} else {
$user_links_limit = 5;
$user_links_interval = 2;
}
$same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author={$current_user->user_id}") - $drafts;
$same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_ip = '" . $globals['user_ip'] . "'") - $drafts;
if ($same_user > $user_links_limit || $same_ip > $user_links_limit) {
echo '<p class="error"><strong>' . _('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP') . '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// avoid users sending continuous "rubbsih" or "propaganda", specially new users
// it takes in account the number of positive votes in the last six hours
if ($same_user > 1 && $current_user->user_karma < 12) {
$positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
$negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
echo "<!-- Positives: {$positives_received} -->\n";
echo "<!-- Negatives: {$negatives_received} -->\n";
if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
echo '<p class="error"><strong>' . _('debes esperar, has tenido demasiados votos negativos en tus últimos envíos') . '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
$linkres = new Link();
$linkres->url = $url;
$edit = false;
if (report_dupe($url)) {
return;
}
if (!$linkres->check_url($url, true, true) || !$linkres->get($url)) {
echo '<p class="error"><strong>' . _('URL erróneo o no permitido') . '</strong>: ';
if (!empty($globals['ban_match'])) {
echo $globals['ban_match'];
} else {
echo $linkres->url;
}
echo '</p>';
echo '<p><strong>' . _('Razón') . ':</strong> ' . $globals['ban_message'] . '</p>';
// If the domain is banned, decrease user's karma
if ($linkres->banned) {
$db->query("update users set user_karma = user_karma - 0.05 where user_id = {$current_user->user_id}");
}
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// If the URL has changed, check again is not dupe
if ($linkres->url != $url && report_dupe($linkres->url)) {
return;
}
$linkres->randkey = intval($_POST['randkey']);
if (!$linkres->valid) {
echo '<p class="error"><strong>' . _('error leyendo el url') . ':</strong> ' . htmlspecialchars($url) . '</p>';
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 12 && $current_user->user_level == 'normal') {
echo '<p>' . _('URL inválido, incompleto o no permitido') . '</p>';
print_empty_submit_form();
return;
}
echo '<p>' . _('No es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto') . '</p>';
}
$linkres->status = 'discard';
$linkres->author = $current_user->user_id;
if (!$linkres->trackback()) {
$linkres->pingback();
}
$trackback = htmlspecialchars($linkres->trackback);
$linkres->create_blog_entry();
$blog = new Blog();
$blog->id = $linkres->blog;
$blog->read();
$blog_url_components = @parse_url($blog->url);
$blog_url = $blog_url_components[host] . $blog_url_components[path];
// Now we check again against the blog table
// it's done because there could be banned blogs like http://lacotelera.com/something
if (check_ban($blog->url, 'hostname', false, true)) {
echo '<p class="error"><strong>' . _('URL inválido') . ':</strong> ' . htmlspecialchars($url) . '</p>';
echo '<p>' . _('El sitio') . " {$globals['ban_match']} " . _('está deshabilitado') . ' (' . $globals['ban_message'] . ') </p>';
syslog(LOG_NOTICE, "Meneame, banned site ({$current_user->user_login}): {$blog->url} <- {$_POST['url']}");
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// check for users spamming several sites and networks
// it does not allow a low "entropy"
if ($sents > 30) {
$ratio = (double) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)");
$threshold = 1 / log($sents, 2);
if ($ratio < $threshold) {
if ($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog = {$blog->id}") > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: {$ratio} < {$threshold} ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a los mismos sitios') . '</strong></p> ';
echo '<p class="error-text">' . _('varía las fuentes, podría ser considerado spam') . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
}
// Check the user does not send too many images or vídeos
// they think this is a fotolog
if ($sents > 5 && ($linkres->content_type == 'image' || $linkres->content_type == 'video')) {
$image_links = intval($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')"));
if ($image_links > $sents * 0.3) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado demasiadas imágenes o vídeos') . '</strong></p> ';
echo '<p class="error-text">' . _('disculpa, no es un fotolog') . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// avoid auto-promotion (autobombo)
$minutes = 30;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$minutes} minute) and link_author={$current_user->user_id} and link_blog={$linkres->blog} and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado un enlace al mismo sitio hace poco tiempo') . '</strong></p> ';
echo '<p class="error-text">' . _('debes esperar') . " {$minutes} " . _(' minutos entre cada envío al mismo sitio.') . ', ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// Avoid spam, count links in last three months
$same_blog = $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog={$linkres->blog}");
// Check if the domain should be banned
$check_history = $sents > 2 && $same_blog > 0 && ($ratio = $same_blog / $sents) > 0.5;
// check clones also for new users
if ($sents == 0 || $check_history) {
// Count unique users
// TODO: we should discard users with the same IP (clones)
$unique_users = (int) $db->get_var("select count(distinct link_author) from links, users, votes where link_blog={$blog->id} and link_date > date_sub(now(), interval 30 day) and user_id = link_author and user_level != 'disabled' and vote_type='links' and vote_link_id = link_id and vote_user_id = link_author and vote_ip_int != " . $globals['user_ip_int']);
// Check for user clones
$clones = $db->get_var("select count(distinct link_author) from links, votes where link_author!={$current_user->user_id} and link_date > date_sub(now(), interval 20 day) and link_blog={$linkres->blog} link_votes > 0 and vote_type='links' and vote_link_id=link_id and link_author = vote_user_id and vote_ip_int = " . $globals['user_ip_int']);
if ($clones > 0 && $unique_users < 3) {
// we detected that another user has sent to the same URL from the same IP
echo '<p class="error"><strong>' . _('se han detectado usuarios clones que envían al sitio') . " {$blog->url}" . '</strong></p> ';
$ban_period_txt = _('un mes');
$ban = insert_ban('hostname', $blog_url, _('usuarios clones') . " {$current_user->user_login} ({$blog_url})", time() + 86400 * 30);
$banned_host = $ban->ban_text;
echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong>, ";
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a></p>';
syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to user clones ({$current_user->user_login}): {$banned_host} <- {$linkres->url}");
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// end clones
}
if ($check_history) {
// Calculate ban period according to previous karma
$avg_karma = (int) $db->get_var("select avg(link_karma) from links where link_blog={$blog->id} and link_date > date_sub(now(), interval 30 day)");
// This is the case of unique/few users sending just their site and take care of choosing goog titles and text
// the condition is stricter, more links and higher ratio
if ($sents > 3 && $ratio > 0.9 || $sents > 6 && $ratio > 0.8 || $sents > 12 && $ratio > 0.6) {
if ($unique_users < 3) {
if ($avg_karma < -10) {
$ban_period = 86400 * 30;
$ban_period_txt = _('un mes');
} else {
$ban_period = 86400 * 7;
$ban_period_txt = _('una semana');
}
syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and few users ({$unique_users}), going to ban {$blog->url} ({$current_user->user_login})");
}
// Otherwise check previous karma
} elseif ($sents > 4 && $avg_karma < 30) {
if ($avg_karma < -40) {
$ban_period = 86400 * 30;
$ban_period_txt = _('un mes');
} elseif ($avg_karma < -10) {
$ban_period = 86400 * 7;
$ban_period_txt = _('una semana');
} elseif ($avg_karma < 10) {
$ban_period = 86400;
$ban_period_txt = _('un día');
} else {
$ban_period = 7200;
$ban_period_txt = _('dos horas');
}
syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and low karma ({$avg_karma}), going to ban {$blog->url} ({$current_user->user_login})");
}
if ($ban_period > 0) {
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
echo '<p class="error-text">' . _('varía tus fuentes, es para evitar abusos y enfados por votos negativos') . ', ';
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
if (!empty($blog_url)) {
$ban = insert_ban('hostname', $blog_url, _('envíos excesivos de') . " {$current_user->user_login}", time() + $ban_period);
$banned_host = $ban->ban_text;
echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong></p> ";
syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to high ratio ({$current_user->user_login}): {$banned_host} <- {$linkres->url}");
} else {
syslog(LOG_NOTICE, "Meneame, error parsing during ban: {$blog->id}, {$blog->url} ({$current_user->user_login})");
}
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
} elseif ($sents > 0) {
// Just in case check again sent (paranoia setting)
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
echo '<p class="error-text">' . _('el sitio podría ser baneado automáticamente si continúas enviando') . ', ';
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
if ($sents > 5 && $ratio > 0.75) {
// don't allow to continue
syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ({$current_user->user_login}): {$linkres->url}");
return;
} else {
syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ({$current_user->user_login}): {$linkres->url}");
}
}
}
$links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard')");
// check there is no an "overflow" from the same site
if ($current_user->user_karma < 18) {
$site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_blog={$linkres->blog}"));
if ($site_links > 5 && $site_links > $links_12hs * 0.04) {
// Only 4% from the same site
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya se han enviado demasiadas noticias del mismo sitio, espera unos minutos por favor') . '</strong></p> ';
echo '<p class="error-text">' . _('total en 12 horas') . ": {$site_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.04) . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// check there is no an "overflow" of images
if ($linkres->content_type == 'image' || $linkres->content_type == 'video') {
$image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_content_type in ('image', 'video')"));
if ($image_links > 5 && $image_links > $links_12hs * 0.08) {
// Only 8% images and videos
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor') . '</strong></p> ';
echo '<p class="error-text">' . _('total en 12 horas') . ": {$image_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05) . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
if (check_ban($linkres->url, 'punished_hostname', false, true)) {
echo '<p class="error"><strong>' . _('Aviso') . ' ' . $globals['ban_match'] . ':</strong> <em>' . $globals['ban_message'] . '</em></p>';
echo '<p>' . _('mejor enviar el enlace a la fuente original, sino será penalizado') . '</p>';
}
// Now stores new draft
$linkres->ip = $globals['user_ip'];
$linkres->sent_date = $linkres->date = time();
$linkres->store();
echo '<h2>' . _('envío de una nueva noticia: paso 2 de 3') . '</h2>' . "\n";
echo '<div id="genericform">' . "\n";
echo '<form action="submit.php" method="post" id="thisform" name="thisform">' . "\n";
echo '<input type="hidden" name="url" id="url" value="' . htmlspecialchars($linkres->url) . '" />' . "\n";
echo '<input type="hidden" name="phase" value="2" />' . "\n";
echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n";
echo '<input type="hidden" name="key" value="' . $_POST['key'] . '" />' . "\n";
echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
echo '<fieldset><legend><span class="sign">' . _('información del enlace') . '</span></legend>' . "\n";
echo '<p class="genericformtxt"><strong>';
echo mb_substr($linkres->url_title, 0, 200);
echo '</strong><br/>';
echo htmlspecialchars($linkres->url);
echo '</p> ' . "\n";
echo '</fieldset>' . "\n";
echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n";
echo '<label for="title" accesskey="1">' . _('título de la noticia') . ':</label>' . "\n";
echo '<p><span class="genericformnote">' . _('título de la noticia. máximo: 120 caracteres') . '</span>' . "\n";
// Is it an image or video?
echo ' ';
$linkres->print_content_type_buttons();
echo '<br/><input type="text" id="title" name="title" value="' . $link_title . '" size="80" maxlength="120" />';
echo '</p>' . "\n";
echo '<label for="tags" accesskey="2">' . _('etiquetas') . ':</label>' . "\n";
echo '<p><span class="genericformnote"><strong>' . _('pocas palabras, genéricas, cortas y separadas por "," (coma)') . '</strong> Ejemplo: <em>web, programación, software libre</em></span>' . "\n";
echo '<br/><input type="text" id="tags" name="tags" value="' . $link_tags . '" size="70" maxlength="70" /></p>' . "\n";
print_simpleformat_buttons('bodytext');
echo '<p><label for="bodytext" accesskey="3">' . _('descripción de la noticia') . ':</label>' . "\n";
echo '<br /><span class="genericformnote">' . _('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.') . '</span>' . "\n";
echo '<br /><textarea name="bodytext" rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)"></textarea>' . "\n";
echo '<br /><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="genericformnote">' . _('caracteres libres') . '</span>';
echo '</p>' . "\n";
print_categories_form();
echo '<p><label for="trackback">' . _('trackback') . ':</label><br />' . "\n";
if (empty($trackback)) {
echo '<span class="genericformnote">' . _('puedes agregar o cambiar el trackback si ha sido detectado automáticamente') . '</span>' . "\n";
echo '<input type="text" name="trackback" id="trackback" value="' . $trackback . '" class="form-full" /></p>' . "\n";
} else {
echo '<span class="genericformnote">' . $trackback . '</span>' . "\n";
echo '<input type="hidden" name="trackback" id="trackback" value="' . $trackback . '"/></p>' . "\n";
}
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« retroceder') . '" /> ' . "\n";
echo '<input class="genericsubmit" type="submit" value="' . _('continuar »') . '" />' . "\n";
echo '</fieldset>' . "\n";
echo '</form>' . "\n";
echo '</div>' . "\n";
echo '</div>' . "\n";
}
function get_links() {
global $current_user;
$this->links = array();
$this->banned = false;
$localdomain = preg_quote(get_server_name(), '/');
preg_match_all('/([\(\[:\.\s]|^)(https*:\/\/[^ \t\n\r\]\(\)\&]{5,70}[^ \t\n\r\]\(\)]*[^ .\t,\n\r\(\)\"\'\]\?])/i', $this->content, $matches);
foreach ($matches[2] as $match) {
require_once(mnminclude.'ban.php');
$link=clean_input_url($match);
$components = parse_url($link);
if ($components && ! preg_match("/.*$localdomain$/", $components['host'])) {
$link_ban = check_ban($link, 'hostname', false, true); // Mark this comment as containing a banned link
$this->banned |= $link_ban;
if ($link_ban) {
syslog(LOG_NOTICE, "Meneame: banned link in comment: $match ($current_user->user_login)");
}
if (array_search($components['host'], $this->links) === false)
array_push($this->links, $components['host']);
}
}
}
function check_url($url, $check_local = true, $first_level = false) {
global $globals, $current_user;
if(!preg_match('/^http[s]*:/', $url)) return false;
$url_components = @parse_url($url);
if (!$url_components) return false;
if (!preg_match('/[a-z]+/', $url_components['host'])) return false;
$quoted_domain = preg_quote(get_server_name());
if($check_local && preg_match("/^$quoted_domain$/", $url_components['host'])) {
$this->ban = array();
$this->ban['comment'] = _('el servidor es local');
syslog(LOG_NOTICE, "Meneame, server name is local name ($current_user->user_login): $url");
return false;
}
require_once(mnminclude.'ban.php');
if(($this->ban = check_ban($url, 'hostname', false, $first_level))) {
syslog(LOG_NOTICE, "Meneame, server name is banned ($current_user->user_login): $url");
$this->banned = true;
return false;
}
return true;
}
<?php
// The source code packaged with this file is Free Software, Copyright (C) 2005 by
// Ricardo Galli <gallir at uib dot es>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
include 'config.php';
include mnminclude . 'html1.php';
include_once mnminclude . 'ban.php';
$page_size = $globals['page_size'] * 2;
$items = array(_('usuario'), _('karma'), _('noticias'), _('noticias publicadas'), _('comentarios'), _('votos últimos 2 meses'));
if (check_ban($globals['user_ip'], 'proxy')) {
return;
}
// Warn, empty() return true even if sortby=0
if (!strlen($_GET['sortby']) > 0) {
$sortby = 1;
} else {
$sortby = intval($_GET['sortby']);
if ($sortby < 0 || $sortby > 3) {
$sortby = 1;
}
}
switch ($sortby) {
case 0:
$select = "SELECT user_id ";
$from_where = " FROM users ";
$order_by = " ORDER BY user_login ";
break;
function check_email($email)
{
global $globals;
require_once mnminclude . 'ban.php';
if (!preg_match('/^[a-zA-Z0-9_\\-\\.]+(\\+[a-zA-Z0-9_\\-\\.]+)*@[a-zA-Z0-9_\\-\\.]+\\.[a-zA-Z]{2,4}$/', $email)) {
return false;
}
if (check_ban(preg_replace('/^.*@/', '', $email), 'email') || check_ban_list($email, $globals['forbidden_email_domains'])) {
return false;
}
return true;
}
function do_submit1()
{
global $db, $dblang, $current_user, $globals, $errors;
$url = clean_input_url(urldecode($_POST['url']));
$url = preg_replace('/#[^\\/]*$/', '', $url);
// Remove the "#", people just abuse
$url = preg_replace('/^http:\\/\\/http:\\/\\//', 'http://', $url);
// Some users forget to delete the foo http://
if (!preg_match('/^\\w{3,6}:\\/\\//', $url)) {
// http:// forgotten, add it
$url = 'http://' . $url;
}
$new_user = false;
if (!check_link_key()) {
add_submit_error(_('clave incorrecta'));
return false;
}
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) {
add_submit_error(_('no tienes el mínimo de karma para enviar una nueva historia'));
return false;
}
// Don't allow to send a link by a clone
$hours = intval($globals['user_links_clon_interval']);
$clones = $current_user->get_clones($hours + 1);
if ($hours > 0 && $clones) {
$l = implode(',', $clones);
$c = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval {$hours} hour) and link_author in ({$l})");
if ($c > 0) {
add_submit_error(_('ya se envió con otro usuario «clon» en las últimas horas') . ", " . _('disculpa las molestias'));
syslog(LOG_NOTICE, "Meneame, clon submit ({$current_user->user_login}): " . $_REQUEST['url']);
return false;
}
}
// Check the number of links sent by a user
$queued_24_hours = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval 24 hour) and link_author={$current_user->user_id}");
if ($globals['limit_user_24_hours'] && $queued_24_hours > $globals['limit_user_24_hours']) {
add_submit_error(_('debes esperar, tienes demasiados envíos en cola de las últimas 24 horas') . " ({$queued_24_hours}), " . _('disculpa las molestias'));
syslog(LOG_NOTICE, "Meneame, too many queued in 24 hours ({$current_user->user_login}): " . $_REQUEST['url']);
return false;
}
// check the URL is OK and that it resolves
$url_components = @parse_url($url);
if (!$url_components || !$url_components['host'] || gethostbyname($url_components['host']) == $url_components['host']) {
add_submit_error(_('URL o nombre de servidor erróneo'), _('el nombre del servidor es incorrecto o éste tiene problemas para resolver el nombre'));
syslog(LOG_NOTICE, "Meneame, hostname error ({$current_user->user_login}): {$url}");
return false;
}
$enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
if ($current_user->user_karma > $globals['limit_3_minutes_karma']) {
$enqueued_limit = $globals['limit_3_minutes'] * 1.5;
} else {
$enqueued_limit = $globals['limit_3_minutes'];
}
if ($enqueued_last_minutes > $enqueued_limit) {
//echo '<p class="error"><strong>'._('exceso de envíos').':</strong></p>';
//echo '<p>'._('se han enviado demasiadas historias en los últimos 3 minutos'). " ($enqueued_last_minutes > $enqueued_limit), "._('disculpa las molestias'). ' </p>';
//echo '</div>'. "\n";
add_submit_error(_('exceso de envíos'), _('se han enviado demasiadas historias en los últimos 3 minutos') . " ({$enqueued_last_minutes} > {$enqueued_limit}), " . _('disculpa las molestias'));
syslog(LOG_NOTICE, "Meneame, too many queued ({$current_user->user_login}): " . $_REQUEST['url']);
return false;
}
// Check the user does not have too many drafts
$minutes = intval($globals['draft_time'] / 60) + 10;
$drafts = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval {$minutes} minute) and link_status='discard' and link_votes = 0");
if ($drafts > $globals['draft_limit']) {
add_submit_error(_('demasiados borradores'), _('has hecho demasiados intentos, debes esperar o continuar con ellos desde la') . ' <a href="shakeit.php?meta=_discarded">' . _('cola de descartadas') . '</a></p>');
syslog(LOG_NOTICE, "Meneame, too many drafts ({$current_user->user_login}): " . $_REQUEST['url']);
return false;
}
// Delete dangling drafts
if ($drafts > 0) {
$db->query("delete from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
}
// Check for banned IPs
if (($ban = check_ban($globals['user_ip'], 'ip', true)) || ($ban = check_ban_proxy())) {
if ($ban['expire'] > 0) {
$expires = _('caduca') . ': ' . get_date_time($ban['expire']);
} else {
$expires = '';
}
add_submit_error(_('dirección IP no permitida para enviar'), $expires);
syslog(LOG_NOTICE, "Meneame, banned IP " . $globals['user_ip'] . " ({$current_user->user_login}): {$url}");
return false;
}
// Number of links sent by the user
$total_sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}") - $drafts;
if ($total_sents > 0) {
$sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)") - $drafts;
} else {
$new_user = true;
$sents = 0;
}
$register_date = $current_user->Date();
if ($globals['now'] - $register_date < $globals['new_user_time']) {
$new_user = true;
}
// check that a new user also votes, not only sends links
// it requires $globals['min_user_votes'] votes
if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < $globals['new_user_karma']) {
$user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id={$current_user->user_id}");
$user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id={$current_user->user_id}");
$user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
$total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
if ($sents == 0) {
// If is a new user, requires more votes, to avoid spam
$min_votes = $globals['min_user_votes'];
} else {
$min_votes = min(4, intval($total_links / 20)) * $user_links;
}
if (!$current_user->admin && $user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
if ($new_user) {
add_submit_error(_('¿es la primera vez que envías una historia?'), _('necesitas como mínimo') . " {$needed} " . _('votos'));
} else {
add_submit_error(_('no tienes el mínimo de votos necesarios para enviar una nueva historia'), _('necesitas votar como mínimo a') . " {$needed} " . _('envíos'));
}
add_submit_error(_('no votes de forma apresurada, penaliza el karma'), '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a>');
return false;
}
}
// avoid spams, an extra security check
// it counts the numbers of links in the last hours
if ($new_user) {
$user_links_limit = $globals['new_user_links_limit'];
$user_links_interval = intval($globals['new_user_links_interval'] / 3600);
} else {
$user_links_limit = $globals['user_links_limit'];
$user_links_interval = intval($globals['user_links_interval'] / 3600);
}
$same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author={$current_user->user_id}") - $drafts;
$same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_ip = '" . $globals['user_ip'] . "'") - $drafts;
if ($same_user > $user_links_limit || $same_ip > $user_links_limit) {
add_submit_error(_('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP'));
return false;
}
// avoid users sending continuous "rubbish" or "propaganda", specially new users
// it takes in account the number of positive votes in the last six hours
if ($same_user > 1 && $current_user->user_karma < $globals['karma_propaganda']) {
$positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
$negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
add_submit_error(_('debes esperar, has tenido demasiados votos negativos en tus últimos envíos'));
return false;
}
}
$link = new Link();
$link->url = $url;
$link->is_new = true;
// Disable several options in the editing form
$edit = false;
if (report_duplicated($url)) {
return true;
}
// Don't output error messages
if (!$link->check_url($url, true, true) || !$link->get($url)) {
$e = _('URL erróneo o no permitido') . ': ';
if ($link->ban && $link->ban['match']) {
$e .= $link->ban['match'];
} else {
$e .= $link->url;
}
add_submit_error($e, _('Razón') . ': ' . $link->ban['comment']);
if ($link->ban['expire'] > 0) {
add_submit_error($e, _('caduca') . ': ' . get_date_time($link->ban['expire']));
}
return false;
}
// If the URL has changed, check again is not dupe
if ($link->url != $url && report_duplicated($link->url)) {
return;
}
$link->randkey = intval($_POST['randkey']);
if (!$link->valid) {
//echo '<p class="error"><strong>'._('error leyendo el url').':</strong> '.htmlspecialchars($url).'</p>';
$e = _('error leyendo el url') . ': ' . htmlspecialchars($url);
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 8 && $current_user->user_level == 'normal') {
add_submit_error($e, _('URL inválido, incompleto o no permitido. Está fuera de línea, o tiene mecanismos antibots.'));
return false;
}
add_submit_error($e, _('no es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto'));
}
$link->status = 'discard';
$link->author = $current_user->user_id;
if (!$link->pingback()) {
$link->trackback();
}
$link->trackback = htmlspecialchars($link->trackback);
$link->create_blog_entry();
$blog = new Blog();
$blog->id = $link->blog;
$blog->read();
$blog_url_components = @parse_url($blog->url);
$blog_url = $blog_url_components['host'] . $blog_url_components['path'];
// Now we check again against the blog table
// it's done because there could be banned blogs like http://lacotelera.com/something
if ($ban = check_ban($blog->url, 'hostname', false, true)) {
$e = _('URL inválido') . ': ' . htmlspecialchars($url);
add_submit_error($e, _('el sitio') . ' ' . $ban['match'] . ' ' . _('está deshabilitado') . ' (' . $ban['comment'] . ')');
if ($ban['expire'] > 0) {
add_submit_error($e, _('caduca') . ': ' . get_date_time($ban['expire']));
}
syslog(LOG_NOTICE, "Meneame, banned site ({$current_user->user_login}): {$blog->url} <- " . $_REQUEST['url']);
return false;
}
// check for users spamming several sites and networks
// it does not allow a low "entropy"
if ($sents > 30) {
$ratio = (double) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)");
$threshold = 1 / log($sents, 2);
if ($ratio < $threshold) {
if ($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog = {$blog->id}") > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: {$ratio} < {$threshold} ({$current_user->user_login}): {$link->url}");
add_submit_error(_('ya has enviado demasiados enlaces a los mismos sitios'), _('varía las fuentes, podría ser considerado spam'));
return false;
}
}
}
// Check the user does not send too many images or vídeos
// they think this is a fotolog
if ($sents > 5 && ($link->content_type == 'image' || $link->content_type == 'video')) {
$image_links = intval($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')"));
if ($image_links > $sents * 0.8) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ({$current_user->user_login}): {$link->url}");
add_submit_error(_('ya has enviado demasiadas imágenes o vídeos'));
return false;
}
}
// Avoid users sending too many links to the same site in last hours
$hours = 24;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$hours} hour) and link_author={$current_user->user_id} and link_blog={$link->blog} and link_votes > 0");
if ($same_blog >= $globals['limit_same_site_24_hours']) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many links to the same site in last {$hours} hours ({$current_user->user_login}): {$link->url}");
add_submit_error(_('demasiados enlaces al mismo sitio en las últimas horas'));
return false;
}
// avoid auto-promotion (autobombo)
$minutes = 30;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$minutes} minute) and link_author={$current_user->user_id} and link_blog={$link->blog} and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ({$current_user->user_login}): {$link->url}");
add_submit_error(_('ya has enviado un enlace al mismo sitio hace poco tiempo'), _('debes esperar') . " {$minutes} " . _('minutos entre cada envío al mismo sitio.') . ', ' . '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a>');
return false;
}
// Avoid spam (autobombo), count links in last two months
$same_blog = $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog={$link->blog}");
$check_history = $sents > 3 && $same_blog > 0 && ($ratio = $same_blog / $sents) > 0.5;
if ($check_history) {
$e = _('has enviado demasiados enlaces a') . " {$blog->url}";
if ($sents > 5 && $ratio > 0.75) {
add_submit_error($e, _('has superado los límites de envíos de este sitio'));
// don't allow to continue
syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ({$current_user->user_login}): {$link->url}");
return false;
} else {
add_submit_error($e, _('continúa, pero ten en cuenta podría recibir votos negativos') . ', ' . '<a href="' . $globals['base_url'] . $globals['legal'] . '">' . _('condiciones de uso') . '</a>');
syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ({$current_user->user_login}): {$link->url}");
}
}
$links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour)");
// check there is no an "overflow" from the same site
$site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_blog={$link->blog} and link_status in ('queued')"));
if ($site_links > 10 && $site_links > $links_12hs * 0.05) {
// Only 5% from the same site
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ({$current_user->user_login}): {$link->url}");
add_submit_error(_('ya se han enviado demasiadas artículos del mismo sitio, espera unos minutos por favor'), _('total en 12 horas') . ": {$site_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05));
return false;
}
// check there is no an "overflow" of images
if ($link->content_type == 'image' || $link->content_type == 'video') {
$image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_content_type in ('image', 'video')"));
if ($image_links > 5 && $image_links > $links_12hs * 0.15) {
// Only 15% images and videos
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ({$current_user->user_login}): {$link->url}");
add_submit_error(_('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor'), _('total en 12 horas') . ": {$image_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05));
return false;
}
}
if ($ban = check_ban($link->url, 'punished_hostname', false, true)) {
add_submit_error(_('Aviso') . ' ' . $ban['match'] . ': <em>' . $ban['comment'] . '</em>', _('mejor enviar el enlace a la fuente original, si no, será penalizado'));
}
// Now stores new draft
$link->sent_date = $link->date = time();
$link->key = $_POST['key'];
$link->randkey = $_POST['randkey'];
$link->store();
$link->url_title = mb_substr($link->url_title, 0, 200);
if (mb_strlen($link->url_description) > 40) {
$link->content = $link->url_description;
}
$link->chars_left = 550 - mb_strlen(html_entity_decode($link->content, ENT_COMPAT, 'UTF-8'), 'UTF-8');
Haanga::Load('link/submit1.html', compact('link', 'errors'));
return true;
}
$pub_coef = $min_pub_coef + (1 - $min_pub_coef) * (time() - $last_site_published) / (3600 * $hours);
$dblink->karma *= $pub_coef;
$link->message .= '<br/> Last published: ' . intval((time() - $last_site_published) / 3600) . ' hours ago.';
}
// Check domain and user punishments
if (check_ban($link->url, 'punished_hostname', false, true)) {
$dblink->karma *= 0.75;
$link->message .= '<br/>' . $globals['ban_message'];
}
// check if it's "media" and the metacategory coefficient is low
if ($meta_coef[$dblink->parent] < 1.1 && ($link->content_type == 'image' || $link->content_type == 'video')) {
$dblink->karma *= 0.9;
$link->message .= '<br/>Image';
}
// Check if the user is banned disabled
if (check_ban($link->url, 'hostname', false, true)) {
$dblink->karma *= 0.66;
$link->message .= '<br/>Domain banned. ';
}
// Check if the domain is banned
if ($user->level == 'disabled') {
if (preg_match('/^_+[0-9]+_+$/', $user->username)) {
$link->message .= "<br/>{$user->username} disabled herself, penalized.";
} else {
$link->message .= "<br/>{$user->username} disabled, probably due to abuses, penalized.";
}
$dblink->karma *= 0.66;
}
// check differences, if > 4 store it
if (abs($link->karma - $dblink->karma) > 4) {
$link->message = sprintf("<br/>updated karma: %6d (%d, %d, %d) -> %-6d (%d, %d, %d)\n", $link->karma, $link->votes, $link->anonymous, $link->negatives, round($dblink->karma), $votes_pos, $votes_pos_anon, $votes_neg) . $link->message;
function update_link_karma($site, $link)
{
global $db, $globals;
if (time() - $link->time_annotation('link-karma') < 75) {
echo "ALREADY CALCULATED {$link->uri}, ignoring\n";
return 0;
}
$site_info = SitesMgr::get_info($site);
echo "START {$site_info->name} WITH {$link->uri}\n";
$user = new User();
$user->id = $link->author;
$user->read();
$karma_pos_user = 0;
$karma_neg_user = 0;
$karma_pos_ano = 0;
User::calculate_affinity($link->author, $past_karma * 0.3);
// Calculate the real karma for the link
$link->calculate_karma();
$karma_new = $link->karma;
$link->message = '';
$changes = 0;
// TODO: $subs_coef is not available
// if (DEBUG ) $link->message .= "Sub: $link->sub_id coef: ".$subs_coef[$link->sub_id]." Init values: previous: $link->old_karma calculated: $link->karma new: $karma_new<br>\n";
// Verify last published from the same site
$hours = 8;
$min_pub_coef = 0.8;
$last_site_published = (int) $db->get_var("select SQL_NO_CACHE UNIX_TIMESTAMP(max(link_date)) from sub_statuses, links where id = {$site} and status = 'published' and date > date_sub(now(), interval {$hours} hour) and link_id = link and link_blog = {$link->blog} ");
if ($last_site_published > 0) {
$pub_coef = $min_pub_coef + (1 - $min_pub_coef) * (time() - $last_site_published) / (3600 * $hours);
$karma_new *= $pub_coef;
$link->message .= 'Last published: ' . intval((time() - $last_site_published) / 3600) . ' hours ago.<br/>';
}
if ($ban = check_ban($link->url, 'hostname', false, true)) {
// Check if the domain is banned
$karma_new *= 0.5;
$link->message .= 'Domain banned.<br/>';
$link->annotation .= _('dominio baneado') . ": " . $ban['comment'] . "<br/>";
} elseif ($user->level == 'disabled' || $user->level == 'autodisabled') {
// Check if the user is banned disabled
if ($user->level == 'autodisabled') {
$link->message .= "{$user->username} disabled herself, penalized.<br/>";
$karma_new *= 0.2;
} else {
$link->message .= "{$user->username} disabled, probably due to abuses, penalized.<br/>";
$karma_new *= 0.4;
}
$link->annotation .= _('cuenta deshabilitada') . "<br/>";
} elseif (check_ban($link->url, 'punished_hostname', false, true)) {
// Check domain and user punishments
$karma_new *= 0.75;
$link->message .= $globals['ban_message'] . '<br/>';
}
// Check if it was depubished before
$depublished = (int) $db->get_var("select count(*) from logs where log_type = 'link_depublished' and log_ref_id = {$link->id}");
if ($depublished > 0) {
$karma_new *= 0.4;
$link->message .= 'Previously depublished' . '<br/>';
$link->annotation .= _('previamente quitada de portada') . "<br/>";
}
// Check if the are previously published during last hours from the same sub
if ($link->sub_id > 0 && $link->is_sub && $link->sub_owner > 0 && $link->sub_id != $site && $site_info->owner == 0) {
$sub_published = $db->get_var("select UNIX_TIMESTAMP(date) from sub_statuses where id = {$site} and origen = {$link->sub_id} and status = 'published' and date > date_sub(now(), interval 24 hour) order by date desc limit 1");
if ($sub_published > 0) {
$m_diff = intval((time() - $sub_published) / 60);
$c = min(1, max(0.3, $m_diff / 1440));
$karma_new *= $c;
$link->message .= 'Published from the same sub, c' . sprintf(': %4.2f <br/>', $c);
$link->annotation .= _('publicada del mismo sub recientemente, coeficiente') . sprintf(': %4.2f <br/>', $c);
}
}
$link->karma = round($karma_new);
/// Commons votes
if ($link->karma > 20) {
$days = 7;
$commons_votes = $db->get_col("select SQL_NO_CACHE value from sub_statuses, link_commons where id = {$site} and status = 'published' and sub_statuses.date > date_sub(now(), interval {$days} day) and link_commons.link = sub_statuses.link order by value asc");
$common = $link->calculate_common_votes();
echo "Calculating diversity ({$common}-" . count($commons_votes) . ")\n";
if ($common != false && $commons_votes && count($commons_votes) > 5) {
$common_probability = cdf($commons_votes, $common);
$p = round($common_probability, 2);
echo "common: {$common} common_probability: {$common_probability}\n";
$link->common_probability = $common_probability;
$link->message .= 'Voters density: ' . sprintf("%5.2f", $common) . ' diversity coef: ' . sprintf("%3.2f%%", (1 - $common_probability) * 100) . " Probability: {$p}<br/>";
$link->annotation .= _('Densidad diversidad') . ': ' . sprintf("%5.2f", $common) . ' ' . _('coeficiente') . ": " . sprintf("%3.2f%%", (1 - $common_probability) * 100) . " (" . _('probabilidad') . ": {$p})<br/>";
// Bonus for diversity
$c = $common_probability / 0.5;
if ($c <= 1) {
$c = 1 - $c;
if ($link->low_karma_perc > 60) {
$low_karma_coef = (50 - ($link->low_karma_perc - 50)) / 50;
} else {
$low_karma_coef = 1;
}
$bonus = round($c * 0.5 * $link->karma * $low_karma_coef * (1 - 5 * $link->negatives / $link->votes));
echo "BONUS: {$link->karma} {$p}, {$c} -> {$bonus} ({$link->low_karma_perc}, {$low_karma_coef}, {$link->negatives}/{$link->votes})\n";
} else {
// Decrease for high affinity between voters
$c = $c - 1;
$bonus = -round($c * 0.5 * $link->karma);
echo "PENALIZATION: {$link->karma} {$p}, {$c} -> {$bonus}\n";
}
if (abs($bonus) > 10) {
$old = $link->karma;
$link->karma += $bonus;
$link->annotation .= _('Karma por diversidad') . ": {$old} -> {$link->karma}<br/>";
}
}
}
// check differences, if > 4 store it
if (abs($link->old_karma - $link->karma) > 6) {
// Check percentage of low karma votes if difference > 20 (to avoid sending too many messages
if ($link->old_karma > $link->karma + 20 && !empty($globals['adm_email']) && intval($link->low_karma_perc) >= 90 && $link->votes > 50) {
echo "LOW KARMA WARN {$link->uri}\n";
$subject = _('AVISO: enlace con muchos votos de karma menor que la media');
$body = "Perc: {$link->low_karma_perc}% User votes: {$link->votes} Negatives: {$link->negatives}\n\n";
$body .= $link->get_permalink();
mail($globals['adm_email'], $subject, $body);
}
$link->message = sprintf("updated karma: %6d (%d, %d, %d) -> %-6d<br/>\n", $link->old_karma, $link->votes, $link->anonymous, $link->negatives, $link->karma) . $link->message;
//$link->annotation .= _('ajuste'). ": $link->old_karma -> $link->karma <br/>";
if ($link->old_karma > $link->karma) {
$changes = 1;
} else {
$changes = 2;
}
// increase
if (!DEBUG) {
$link->save_annotation('link-karma', $site_info->name);
// Update relevant values
$db->query("UPDATE links set link_karma={$link->karma}, link_votes_avg={$link->votes_avg} WHERE link_id={$link->id}");
} else {
$link->message .= "To store: previous: {$link->old_karma} new: {$link->karma}<br>\n";
}
}
return $changes;
}
function check_email($email) {
global $globals;
require_once(mnminclude.'ban.php');
if (! preg_match('/^[a-z0-9_\-\.]+(\+[a-z0-9_\-\.]+)*@[a-z0-9_\-\.]+\.[a-z]{2,4}$/i', $email)) return false;
$username = preg_replace('/@.+$/', '', $email);
if ( substr_count($username, '.') > 2 || preg_match('/\.{2,}/', $username) ) return false; // Doesn't allow "..+" or more than 2 dots
if(check_ban(preg_replace('/^.*@/', '', $email), 'email')) return false;
return true;
}
break;
case 'ban_proxy':
if (strlen($name)>64) {
echo _('nombre demasiado largo');
return;
}
require_once(mnminclude.'ban.php');
if(($ban = check_ban($name, 'proxy'))) {
echo $ban['comment'];
return;
}
echo "OK";
break;
case 'ban_words':
if (strlen($name)>64) {
echo _('nombre demasiado largo');
return;
}
require_once(mnminclude.'ban.php');
if(($ban = check_ban($name, 'words'))) {
echo $ban['comment'];
return;
}
echo "OK";
break;
default:
echo "KO $type";
}
?>
function pingback_ping($args)
{
global $db, $globals;
$pagelinkedfrom = clean_input_string($args[0]);
//$pagelinkedfrom = str_replace('&', '&', $pagelinkedfrom);
$pagelinkedto = clean_input_string($args[1]);
$title = '';
$urlfrom = parse_url($pagelinkedfrom);
$urltest = parse_url($pagelinkedto);
if (!$urlfrom || !$urltest) {
return new IXR_Error(0, 'Is there no link to us?');
}
if ($urltest['host'] != get_server_name()) {
return new IXR_Error(0, 'Is there no link to us?');
}
$base_uri = preg_quote($globals['base_url'] . $globals['base_story_url'], '/');
$uri = preg_replace("/^{$base_uri}/", '', $urltest[path]);
if (check_ban($globals['user_ip'], 'ip')) {
syslog(LOG_NOTICE, "Meneame: pingback, IP is banned ({$globals['user_ip']}): {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(33, 'IP is banned.');
}
// Antispam of sites like xxx.yyy-zzz.info/archives/xxx.php
if (preg_match('/http:\\/\\/[a-z0-9]\\.[a-z0-9]+-[^\\/]+\\.info\\/archives\\/.+\\.php$/', $pagelinkedfrom)) {
return new IXR_Error(33, 'Host not allowed.');
}
if (check_ban($urlfrom[host], 'hostname', false)) {
syslog(LOG_NOTICE, "Meneame: pingback, site is banned: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(33, 'Site is banned.');
}
$link = new Link();
$link->uri = preg_replace('/#[\\w\\-\\_]+$/', '', $uri);
if (empty($uri) || !$link->read('uri')) {
syslog(LOG_NOTICE, "Meneame: pingback, story does not exist: {$pagelinkedto}");
return new IXR_Error(33, 'Story doesn\'t exist.');
}
if ($link->get_permalink() == $pagelinkedfrom) {
syslog(LOG_NOTICE, "Meneame: pingback, points to the same post: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(48, 'The pingback points to the same post.');
}
if ($link->date < time() - 86400 * 15) {
syslog(LOG_NOTICE, "Meneame: pingback, story is too old: {$pagelinkedto}");
return new IXR_Error(33, 'Story is too old for pingbacks.');
}
$trackres = new Trackback();
$trackres->link_id = $link->id;
$trackres->type = 'in';
$trackres->link = $pagelinkedfrom;
$trackres->url = $pagelinkedfrom;
if ($trackres->abuse()) {
return new IXR_Error(33, 'Don\'t send so many pings.');
}
$dupe = $trackres->read();
if ($dupe) {
syslog(LOG_NOTICE, "Meneame: pingback, we already have a ping from that URI for this post: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(48, 'The pingback has already been registered.');
}
// very stupid, but gives time to the 'from' server to publish !
sleep(1);
// Let's check the remote site
if (version_compare(phpversion(), '5.1.0') >= 0) {
$contents = @file_get_contents($pagelinkedfrom, FALSE, NULL, 0, 100000);
} else {
$contents = @file_get_contents($pagelinkedfrom);
}
if (!$contents) {
syslog(LOG_NOTICE, "Meneame: pingback, the provided URL does not seem to work: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(16, 'The source URL does not exist.');
}
if (preg_match('/charset=([a-zA-Z0-9-_]+)/i', $contents, $matches)) {
$this->encoding = trim($matches[1]);
if (strcasecmp($this->encoding, 'utf-8') != 0) {
$contents = iconv($this->encoding, 'UTF-8//IGNORE', $contents);
}
}
// Check is links back to us
$permalink = $link->get_permalink();
$permalink_q = preg_quote($permalink, '/');
$pattern = "/<\\s*a[^>]+href=[\"']" . $permalink_q . "[#\\/0-9a-z\\-]*[\"'][^>]*>/i";
if (!preg_match($pattern, $contents)) {
syslog(LOG_NOTICE, "Meneame: pingback, the provided URL does not have a link back to us: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(17, 'The source URL does not contain a link to the target URL, and so cannot be used as a source.');
}
// Search Title
if (preg_match('/<title[^<>]*>([^<>]*)<\\/title>/si', $contents, $matches)) {
$url_title = clean_text($matches[1]);
if (mb_strlen($url_title) > 3) {
$title = $url_title;
}
}
if (empty($title)) {
syslog(LOG_NOTICE, "Meneame: pingback, cannot find a title on that page: {$pagelinkedfrom} - {$pagelinkedto}");
return new IXR_Error(32, 'We cannot find a title on that page.');
}
$title = mb_strlen($title) > 120 ? mb_substr($title, 0, 120) . '...' : $title;
$trackres->title = $title;
$trackres->status = 'ok';
$trackres->store();
syslog(LOG_NOTICE, "Meneame: pingback ok: {$pagelinkedfrom} - {$pagelinkedto}");
return "Pingback from registered. Keep the web talking! :-)";
}
return;
}
echo "OK";
break;
case 'ban_proxy':
if (strlen($name) > 64) {
echo _('nombre demasiado largo');
return;
}
require_once mnminclude . 'ban.php';
if (check_ban($name, 'proxy')) {
echo $globals['ban_message'];
return;
}
echo "OK";
break;
case 'ban_words':
if (strlen($name) > 64) {
echo _('nombre demasiado largo');
return;
}
require_once mnminclude . 'ban.php';
if (check_ban($name, 'words')) {
echo $globals['ban_message'];
return;
}
echo "OK";
break;
default:
echo "KO {$type}";
}
$title .= " -{$user_login}-";
if ($categories) {
$cats = implode(',', $categories);
$from_where .= " AND link_category in ({$cats}) ";
}
}
$order_by = " ORDER BY {$order_field} DESC ";
$last_modified = $db->get_var("SELECT UNIX_TIMESTAMP({$order_field}) {$from_where} {$order_by} LIMIT 1");
if ($if_modified > 0) {
$from_where .= " AND {$order_field} > FROM_UNIXTIME({$if_modified})";
}
$sql = "SELECT link_id {$from_where} {$order_by} LIMIT {$rows}";
}
do_header($title);
// Don't allow banned IPs o proxies
if (!check_ban($globals['user_ip'], 'ip', true) && !check_ban_proxy()) {
$links = $db->get_col($sql);
} else {
$links = false;
}
if ($links) {
foreach ($links as $link_id) {
$link = Link::from_db($link_id);
if (!$link) {
continue;
}
$category_name = $db->get_var("SELECT category_name FROM categories WHERE category_id = {$link->category} AND category_lang='{$dblang}'");
$content = text_to_html(htmlentities2unicodeentities($link->content));
$permalink = $link->get_short_permalink();
/*
if (isset($_REQUEST['local']) || $globals['bot']) {
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
To contact any of the authors about special permissions send
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
if ($CONFIG_disable_account || check_ban()) {
redir("motd.php", "main_div", "Disabled");
}
if ($CONFIG_max_accounts) {
$query = sprintf(MAX_ACCOUNTS);
$result = execute_query($query, 'account.php');
$maxaccounts = $result->fetch_row();
if ($maxaccounts[0] >= $CONFIG_max_accounts) {
redir("motd.php", "main_div", $lang['ACCOUNT_MAX_REACHED']);
}
}
if (isset($POST_opt)) {
if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "account")) {
$session = $_SESSION[$CONFIG_name . 'sessioncode'];
if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($POST_code) != substr(strtoupper(md5("Mytext" . $session['account'])), 0, 6)) {
alert($lang['INCORRECT_CODE']);
$excerpt = @iconv($charset, 'UTF-8//IGNORE', $excerpt);
$blog_name = @iconv($charset, 'UTF-8//IGNORE', $blog_name);
}
$tb_id = intval($_GET['id']);
$link = new Link();
$link->id = $tb_id;
$urlfrom = parse_url($tb_url);
// Antispam of sites like xxx.yyy-zzz.info/archives/xxx.php
if (preg_match('/http:\\/\\/[a-z0-9]\\.[a-z0-9]+-[^\\/]+\\.info\\/archives\\/.+\\.php$/', $tb_url)) {
die;
}
if (check_ban($globals['user_ip'], 'ip')) {
syslog(LOG_NOTICE, "Meneame: trackback, IP is banned: {$urlfrom['host']}, {$globals['user_ip']}");
trackback_response(1, 'Server banned.');
}
if (check_ban($urlfrom[host], 'hostname', false)) {
syslog(LOG_NOTICE, "Meneame: trackback, server is banned: {$urlfrom['host']}");
trackback_response(1, 'Server banned.');
}
if (!$tb_id > 0 || !$link->read()) {
trackback_response(1, 'I really need an ID for this to work.');
}
if (empty($title) && empty($tb_url) && empty($blog_name)) {
// If it doesn't look like a trackback at all...
header('Location: ' . $link->get_permalink());
exit;
}
// Antispam, avoid trackbacks in old articles
if ($link->date < time() - 86400 * 7) {
//syslog(LOG_NOTICE, "Meneame: Too old: $tb_url -> " . $link->get_permalink());
die;
if ($ban = check_ban($link->url, 'hostname', false, true)) {
// Check if the domain is banned
$karma_new *= 0.5;
$link->message .= 'Domain banned.<br/>';
$link->annotation .= _('dominio baneado') . ": " . $ban['comment'] . "<br/>";
} elseif ($user->level == 'disabled' || $user->level == 'autodisabled') {
// Check if the user is banned disabled
if ($user->level == 'autodisabled') {
$link->message .= "{$user->username} disabled herself, penalized.<br/>";
$karma_new *= 0.2;
} else {
$link->message .= "{$user->username} disabled, probably due to abuses, penalized.<br/>";
$karma_new *= 0.4;
}
$link->annotation .= _('cuenta deshabilitada') . "<br/>";
} elseif (check_ban($link->url, 'punished_hostname', false, true)) {
// Check domain and user punishments
$karma_new *= 0.75;
$link->message .= $globals['ban_message'] . '<br/>';
}
/*
elseif ($meta_coef[$dblink->parent] < 1 && ($link->content_type == 'image')) {
// check if it's "media" and the metacategory coefficient is low
$karma_new *= 0.9;
$link->message .= 'Image/Video '.$meta_coef[$dblink->parent].'<br/>';
}
*/
// Check if it was depubished before
$depublished = (int) $db->get_var("select count(*) from logs where log_type = 'link_depublished' and log_ref_id = {$link->id}");
if ($depublished > 0) {
$karma_new *= 0.5;
} else {
$result['status'] = 'nope';
$result['error_msg'] = 'interOps is currently down for maintenance.';
}
} else {
$result['status'] = 'nope';
//$result['error_msg'] = 'User is not allowed to play';
$result['error_msg'] = 'Online playing privileges revoked';
if ($canhave[$userID]['can_play_reason']['value']) {
$result['error_msg'] .= ' - ' . str_replace('#', '@', $canhave[$userID]['can_play_reason']['value']);
}
if ($canhave[$userID]['can_play_expire']['value']) {
$result['error_msg'] .= ' (will expire in ' . duration($canhave[$userID]['can_play_expire']['value'] - time()) . ')';
}
}
$banReason = check_ban($userID, '', '', 1);
if ($banReason != "") {
$result['status'] = 'nope';
$result['error_msg'] = 'User is banned';
$canPlay = false;
}
}
// start buffering (to allow kill)
ob_start();
// output the results
echo ($result['status'] == LOGIN_SUCCESS ? 'ok' : 'fail') . '#';
echo ($result['error_msg'] ? isset($user->lang[$result['error_msg']]) ? $user->lang[$result['error_msg']] : $result['error_msg'] : 'Success.') . '#';
echo ($result['status'] == LOGIN_SUCCESS ? $user->data['user_id'] : '1') . '#';
echo ($result['status'] == LOGIN_SUCCESS ? $user->data['username'] : '******') . '#';
echo ($result['status'] == LOGIN_SUCCESS ? $user->data['user_email'] : '*****@*****.**') . '#';
echo ($result['status'] == LOGIN_SUCCESS ? $user->session_id : '0') . '#';
function check_ban_proxy()
{
global $globals;
return check_ban($globals['user_ip'], 'proxy') || check_ban($_SERVER['REMOTE_ADDR'], 'proxy');
}
