function bb2_table_structure($name)
{
    // It's not paranoia if they really are out to get you.
    $name_escaped = bb2_db_escape($name);
    return "CREATE TABLE IF NOT EXISTS `{$name_escaped}` (\r\n\t\t\t`id` INT(11) NOT NULL auto_increment,\r\n\t\t\t`ip` TEXT NOT NULL,\r\n\t\t\t`date` DATETIME NOT NULL default '0000-00-00 00:00:00',\r\n\t\t\t`request_method` TEXT NOT NULL,\r\n\t\t\t`request_uri` TEXT NOT NULL,\r\n\t\t\t`server_protocol` TEXT NOT NULL,\r\n\t\t\t`http_headers` TEXT NOT NULL,\r\n\t\t\t`user_agent` TEXT NOT NULL,\r\n\t\t\t`request_entity` TEXT NOT NULL,\r\n\t\t\t`key` TEXT NOT NULL,\r\n\t\t\tINDEX (`ip`(15)),\r\n\t\t\tINDEX (`user_agent`(10)),\r\n\t\t\tPRIMARY KEY (`id`) );";
    // TODO: INDEX might need tuning
}
Пример #2
0
function bb2_blacklist($settings, $package)
{
    // Blacklisted user agents
    // These user agent strings occur at the beginning of the line.
    $bb2_spambots_0 = array("8484 Boston Project", "adwords", "autoemailspider", "blogsearchbot-martin", "BrowserEmulator/", "CherryPicker", "core-project/", "Diamond", "Digger", "ecollector", "EmailCollector", "Email Siphon", "EmailSiphon", "Forum Poster", "grub crawler", "HttpProxy", "Internet Explorer", "ISC Systems iRc", "Jakarta Commons", "Java 1.", "Java/1.", "libwww-perl", "LWP", "lwp", "Microsoft Internet Explorer/", "Microsoft URL", "Missigua", "MJ12bot/v1.0.8", "Morfeus", "Movable Type", "Mozilla/0", "Mozilla/1", "Mozilla/2", "Mozilla/3", "Mozilla/4.0(", "Mozilla/4.0+(compatible;+", "Mozilla/4.0 (Hydra)", "MSIE", "MVAClient", "Nessus", "NutchCVS", "Nutscrape/", "OmniExplorer", "Opera/9.64(", "PMAFind", "psycheclone", "PussyCat ", "PycURL", "Python-urllib", "revolt", "sqlmap/", "Super Happy Fun ", "TrackBack/", "user", "User Agent: ", "User-Agent: ", "w3af", "WebSite-X Suite", "Winnie Poh", "Wordpress", "\"");
    // These user agent strings occur anywhere within the line.
    $bb2_spambots = array("\r", "<sc", "; Widows ", "a href=", "Bad Behavior Test", "compatible ; MSIE", "compatible-", "DTS Agent", "Email Extractor", "Firebird/", "Gecko/2525", "grub-client", "hanzoweb", "Havij", "Indy Library", "Ming Mong", "MSIE 7.0;  Windows NT 5.2", "Murzillo compatible", ".NET CLR 1)", ".NET CLR1", "Netsparker", "Nikto/", "Perman Surfer", "POE-Component-Client", "Teh Forest Lobster", "Turing Machine", "Ubuntu/9.25", "unspecified.mail", "User-agent: ", "WebaltBot", "WISEbot", "WISEnutbot", "Win95", "Win98", "WinME", "Win 9x 4.90", "Windows 3", "Windows 95", "Windows 98", "Windows NT 4", "Windows NT;", "Windows NT 5.0;)", "Windows NT 5.1;)", "Windows XP 5", "WordPress/4.01", "Xedant Human Emulator", "ZmEu", "\\\\)", "Bot Banned");
    // These are regular expression matches.
    $bb2_spambots_regex = array("/^[A-Z]{10}\$/", "/[bcdfghjklmnpqrstvwxz ]{8,}/", "/MSIE [2345]/");
    // Blacklisted URL strings
    // These strings are considered case-insensitive.
    $bb2_spambots_url = array("0x31303235343830303536", "../", "..\\", "%60information_schema%60", "+%2F*%21", "+and+%", "+and+1%", "+and+if", "%27--", "%27--", "%27 --", "%27%23", "%27 %23", "benchmark%28", "insert+into+", "r3dm0v3", "select+1+from", "union+all+select", "union+select", "waitfor+delay+", "w00tw00t");
    $bb2_spambot_refer = array("gamesthelife.tr.gg");
    // Do not edit below this line.
    @($ua = $package['headers_mixed']['User-Agent']);
    @($uri = $package['request_uri']);
    @($refer = $package['Referer']);
    foreach ($bb2_spambots_0 as $spambot) {
        $pos = strpos($ua, $spambot);
        if ($pos !== FALSE && $pos == 0) {
            return "17f4e8c8";
        }
    }
    // custom check for known refers
    foreach ($bb2_spambot_refer as $spambot) {
        if (strpos($refer, $spambot) != FALSE) {
            return "174e8c9";
        }
    }
    foreach ($bb2_spambots as $spambot) {
        if (strpos($ua, $spambot) !== FALSE) {
            return "17f4e8c8";
        }
    }
    foreach ($bb2_spambots_regex as $spambot) {
        if (preg_match($spambot, $ua)) {
            return "17f4e8c8";
        }
    }
    foreach ($bb2_spambots_url as $spambot) {
        if (stripos($uri, $spambot) !== FALSE) {
            return "96c0bd29";
        }
    }
    // do our DB check here
    $ip = $package['ip'];
    $sql = "SELECT * FROM " . $settings['ban_table'] . " WHERE ip = INET_ATON('" . bb2_db_escape($ip) . "')";
    $result = bb2_db_query($sql);
    if (bb2_db_num_rows($result) > 0) {
        return "96c0bd30";
    }
    return FALSE;
}
function bb2_insert($settings, $package, $key)
{
    $ip = bb2_db_escape($package['ip']);
    $date = bb2_db_date();
    $request_method = bb2_db_escape($package['request_method']);
    $request_uri = bb2_db_escape($package['request_uri']);
    $server_protocol = bb2_db_escape($package['server_protocol']);
    $user_agent = bb2_db_escape($package['user_agent']);
    $headers = "{$request_method} {$request_uri} {$server_protocol}\n";
    foreach ($package['headers'] as $h => $v) {
        $headers .= bb2_db_escape("{$h}: {$v}\n");
    }
    $request_entity = "";
    if (!strcasecmp($request_method, "POST")) {
        foreach ($package['request_entity'] as $h => $v) {
            $request_entity .= bb2_db_escape("{$h}: {$v}\n");
        }
    }
    return "INSERT INTO `" . bb2_db_escape($settings['log_table']) . "`\n\t\t(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES\n\t\t('{$ip}', '{$date}', '{$request_method}', '{$request_uri}', '{$server_protocol}', '{$headers}', '{$user_agent}', '{$request_entity}', '{$key}')";
}
Пример #4
0
function bb2_insert($settings, $package, $key)
{
	$ip = bb2_db_escape($package['ip']);
	$date = bb2_db_date();
	$request_method = bb2_db_escape($package['request_method']);
	$request_uri = bb2_db_escape($package['request_uri']);
	$server_protocol = bb2_db_escape($package['server_protocol']);
	$user_agent = bb2_db_escape($package['user_agent']);
	$headers = "$request_method $request_uri $server_protocol\n";
	foreach ($package['headers'] as $h => $v) {
		$headers .= bb2_db_escape("$h: $v\n");
	}
	$request_entity = "";
	if (!strcasecmp($request_method, "POST")) {
		foreach ($package['request_entity'] as $h => $v) {
			$request_entity .= bb2_db_escape("$h: $v\n");
		}
	}
	return "INSERT INTO `" . bb2_db_escape($settings['log_table']) . "`
		(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES
		('$ip', '$date', '$request_method', '$request_uri', '$server_protocol', '$headers', '$user_agent', '$request_entity', '$key')";
}
Пример #5
0
/**
 * Create the query for inserting a record in to the database.
 * This is the main logging function for logging and verbose levels.
 *
 * @param array $settings
 * @param array $package
 * @param string $key
 * @return string
 */
function bb2_insert($settings, $package, $key)
{
    global $user_info, $sc;
    // Logging not enabled
    if (!$settings['logging']) {
        return '';
    }
    // Clean the data that bb sent us
    $ip = bb2_db_escape($package['ip']);
    $date = (int) bb2_db_date();
    $request_method = bb2_db_escape($package['request_method']);
    $request_uri = bb2_db_escape($package['request_uri']);
    $server_protocol = bb2_db_escape($package['server_protocol']);
    $user_agent = bb2_db_escape($package['user_agent']);
    $member_id = (int) (!empty($user_info['id'])) ? $user_info['id'] : 0;
    $session = !empty($sc) ? (string) $sc : '';
    // Prepare the headers etc for db insertion
    // We are passed at least
    //	Host, User-Agent, Accept, Accept-Language, Accept-Encoding, DNT, Connection, Referer, Cookie, Authorization
    $headers = '';
    $length = 0;
    $skip = array('User-Agent', 'Accept-Encoding', 'DNT', 'X-Wap-Profile');
    foreach ($package['headers'] as $h => $v) {
        if (!in_array($h, $skip)) {
            // Make sure this header it will fit in the db, if not move on to the next
            // @todo increase the db space to 512 or convert to text?
            $check = $length + Util::strlen($h) + Util::strlen($v) + 2;
            if ($check < 255) {
                $headers .= bb2_db_escape($h . ': ' . $v . "\n");
                $length = $check;
            }
        }
    }
    $request_entity = '';
    if (!strcasecmp($request_method, "POST")) {
        foreach ($package['request_entity'] as $h => $v) {
            if (is_array($v)) {
                $v = bb2_multi_implode($v, ' | ');
            }
            $request_entity .= bb2_db_escape("{$h}: {$v}\n");
        }
        // Only such much space in this column, so brutally cut it
        // @todo in 1.1 improve logging or drop this?
        $request_entity = substr($request_entity, 0, 254);
    }
    // Add it
    return "INSERT INTO {db_prefix}log_badbehavior\n\t\t(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `valid`, `id_member`, `session`) VALUES\n\t\t('{$ip}', '{$date}', '{$request_method}', '{$request_uri}', '{$server_protocol}', '{$headers}', '{$user_agent}', '{$request_entity}', '{$key}', '{$member_id}' , '{$session}')";
}
Пример #6
0
function bb2_insert($settings, $package, $key)
{
    if (!$settings['logging']) {
        return "";
    }
    $ip = bb2_db_escape($package['ip']);
    $date = bb2_db_escape(bb2_db_date());
    $request_method = bb2_db_escape($package['request_method']);
    $request_uri = bb2_db_escape($package['request_uri']);
    $server_protocol = bb2_db_escape($package['server_protocol']);
    $user_agent = bb2_db_escape($package['user_agent']);
    $headers = "{$request_method} {$request_uri} {$server_protocol}\n";
    foreach ($package['headers'] as $h => $v) {
        $headers .= "{$h}: {$v}\n";
    }
    $headers = bb2_db_escape($headers);
    $request_entity = "";
    if (!strcasecmp($request_method, "POST")) {
        foreach ($package['request_entity'] as $h => $v) {
            $request_entity .= "{$h}: {$v}\n";
        }
    }
    $request_entity = bb2_db_escape($request_entity);
    return 'INSERT INTO `' . $settings['log_table'] . '`' . '(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES' . '(' . $ip . ', ' . $date . ', ' . $request_method . ', ' . $request_uri . ', ' . $server_protocol . ', ' . $headers . ', ' . $user_agent . ', ' . $request_entity . ', ' . bb2_db_escape($key) . ')';
}
function bb2_insert($settings, $package, $key)
{
    if (!$settings['logging']) {
        return "";
    }
    $sql = "INSERT INTO `{$settings['log_table']}`\r\n\t\t(`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES\r\n\t\t(:ip, :date, :request_method, :request_uri, :server_protocol, :headers, :user_agent, :request_entity, :key)";
    $assigns = ["ip" => bb2_db_escape($package['ip']), "date" => bb2_db_date(), "request_method" => bb2_db_escape($package['request_method']), "request_uri" => bb2_db_escape($package['request_uri']), "server_protocol" => bb2_db_escape($package['server_protocol']), "headers" => NULL, "user_agent" => bb2_db_escape($package['user_agent']), "request_entity" => "", "key" => $key];
    $assigns['headers'] = "{$assigns['request_method']} {$assigns['request_uri']} {$assigns['server_protocol']}\n";
    foreach ($package['headers'] as $h => $v) {
        $assigns['headers'] .= bb2_db_escape("{$h}: {$v}\n");
    }
    $assigns['request_entity'] = "";
    if (!strcasecmp($assigns['request_method'], "POST")) {
        foreach ($package['request_entity'] as $h => $v) {
            $assigns['request_entity'] .= bb2_db_escape("{$h}: {$v}\n");
        }
    }
    return [$sql, $assigns];
}