function bb2_run_whitelist($package) { # FIXME: Transitional, until port maintainters implement bb2_read_whitelist if (function_exists('bb2_read_whitelist')) { $whitelists = bb2_read_whitelist(); } else { $whitelists = @parse_ini_file(dirname(BB2_CORE) . "/whitelist.ini"); } if (@(!empty($whitelists['ip']))) { foreach ($whitelists['ip'] as $range) { if (match_cidr($package['ip'], $range)) { return true; } } } if (@(!empty($whitelists['useragent']))) { foreach ($whitelists['useragent'] as $user_agent) { if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) { return true; } } } if (@(!empty($whitelists['url']))) { if (strpos($package['request_uri'], "?") === FALSE) { $request_uri = $package['request_uri']; } else { $request_uri = substr($package['request_uri'], 0, strpos($package['request_uri'], "?")); } foreach ($whitelists['url'] as $url) { $pos = strpos($request_uri, $url); if ($pos !== false && $pos == 0) { return true; } } } return false; }
function bb2_whitelist() { $whitelists = bb2_read_whitelist(); if (empty($whitelists)) { $whitelists = array(); $whitelists['ip'] = array(); $whitelists['url'] = array(); $whitelists['useragent'] = array(); } $request_uri = $_SERVER["REQUEST_URI"]; if (!$request_uri) { $request_uri = $_SERVER['SCRIPT_NAME']; } # IIS if ($_POST) { $_POST = array_map('stripslashes_deep', $_POST); if ($_POST['ip']) { $whitelists['ip'] = array_filter(preg_split("/\\s+/m", $_POST['ip'])); } else { $whitelists['ip'] = array(); } if ($_POST['url']) { $whitelists['url'] = array_filter(preg_split("/\\s+/m", $_POST['url'])); } else { $whitelists['url'] = array(); } if ($_POST['useragent']) { $whitelists['useragent'] = array_filter(preg_split("/[\r\n]+/m", $_POST['useragent'])); } else { $whitelists['useragent'] = array(); } update_option('bad_behavior_whitelist', $whitelists); ?> <div id="message" class="updated fade"><p><strong><?php _e('Options saved.'); ?> </strong></p></div> <?php } ?> <div class="wrap"> <?php echo bb2_donate_button(admin_url("options-general.php?page=bb2_whitelist")); ?> <h2><?php _e("Bad Behavior Whitelist"); ?> </h2> <form method="post" action="<?php echo admin_url("options-general.php?page=bb2_whitelist"); ?> "> <p>Inappropriate whitelisting WILL expose you to spam, or cause Bad Behavior to stop functioning entirely! DO NOT WHITELIST unless you are 100% CERTAIN that you should.</p> <p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p> <p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options"); ?> ">Settings</a> | <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?> ">Log</a></p> <h3><?php _e('IP Address'); ?> </h3> <table class="form-table"> <tr><td><label>IP address or CIDR format address ranges to be whitelisted (one per line)<br/><textarea cols="24" rows="6" name="ip"><?php echo implode("\n", $whitelists['ip']); ?> </textarea></td></tr> </table> <h3><?php _e('URL'); ?> </h3> <table class="form-table"> <tr><td><label>URL fragments beginning with the / after your web site hostname (one per line)<br/><textarea cols="48" rows="6" name="url"><?php echo implode("\n", $whitelists['url']); ?> </textarea></td></tr> </table> <h3><?php _e('User Agent'); ?> </h3> <table class="form-table"> <tr><td><label>User agent strings to be whitelisted (one per line)<br/><textarea cols="48" rows="6" name="useragent"><?php echo implode("\n", $whitelists['useragent']); ?> </textarea></td></tr> </table> <p class="submit"><input class="button" type="submit" name="submit" value="<?php _e('Update »'); ?> " /></p> </form> <?php }