private function UpdateIPAddrInfo($inclogins)
{
global $sso_ipaddr_info;
$info = $this->GetInfo();
if (isset($sso_ipaddr_info["sso_login_modules"]["sso_recaptcha"])) {
$result = $sso_ipaddr_info["sso_login_modules"]["sso_recaptcha"];
} else {
$result = array("ts" => CSDB::ConvertToDBTime(time()), "logins" => 0);
}
// Check expirations and reset if necessary.
if (CSDB::ConvertFromDBTime($result["ts"]) < time() - $info["login_interval"]) {
$result["ts"] = CSDB::ConvertToDBTime(time());
$result["logins"] = 0;
}
// Increment requested.
if ($inclogins && $result["logins"] < $info["login_attempts"]) {
$result["logins"]++;
}
$sso_ipaddr_info["sso_login_modules"]["sso_recaptcha"] = $result;
// Save the information.
SSO_SaveIPAddrInfo();
}
function SSO_IsSpammer($info)
{
global $sso_settings, $sso_ipaddr, $sso_ipaddr_info, $sso_provider;
// Check for an existing entry.
if (isset($sso_ipaddr_info["spaminfo"]) && isset($sso_ipaddr_info["spaminfo"][$sso_provider])) {
return $info["allchecks"] ? isset($sso_ipaddr_info["spaminfo_cache"]["spammer"]) ? $sso_ipaddr_info["spaminfo_cache"]["spammer"] : $sso_ipaddr_info["spaminfo"][$sso_provider]["spammer"] : false;
}
// An extra cache so the various servers are only queried once for global data.
$spamcache = isset($sso_ipaddr_info["spaminfo_cache"]) ? $sso_ipaddr_info["spaminfo_cache"] : array();
// Check DNSRBL entries. Only IPv4 support for the moment.
$spaminfo = array("reasons" => array());
$spammer = false;
if (!isset($spamcache["dnsrbl"])) {
$spamcache["dnsrbl"] = array();
}
if ($sso_ipaddr["ipv4"] != "") {
$num = 0;
$ipv4 = implode(".", array_reverse(explode(".", $sso_ipaddr["ipv4"])));
$blacklists = explode("\n", str_replace("\r", "\n", $info["dnsrbl_lists"] . "\n" . $sso_settings[""]["iprestrict"]["dnsrbl_lists"]));
foreach ($blacklists as $blacklist) {
$pos = strpos($blacklist, "#");
if ($pos !== false) {
$blacklist = substr($blacklist, 0, $pos);
}
$blacklist = trim($blacklist);
if ($blacklist != "") {
$blacklist = explode("|", $blacklist);
$domain = trim(array_shift($blacklist));
$url = $domain;
if (substr($url, 0, 7) == "http://" || substr($domain, 0, 8) == "https://") {
$domain = trim(array_shift($blacklist));
}
if ($domain != "") {
if (isset($spamcache["dnsrbl"][$domain])) {
$mapips = $spamcache["dnsrbl"][$domain];
} else {
$mapips = gethostbynamel(stripos($domain, "@IP@") === false ? $ipv4 . "." . $domain : str_replace("@IP@", $ipv4, $domain));
$spamcache["dnsrbl"][$domain] = $mapips;
}
if ($mapips !== false && is_array($mapips)) {
if (!count($blacklist)) {
$spaminfo["reasons"][] = BB_Translate("IP address '%s' appears on the blacklist at '%s'.", $sso_ipaddr["ipv4"], $url);
$found = true;
} else {
$found = false;
while (count($blacklist) && !$found) {
$match = trim(array_shift($blacklist));
if (strpos($match, "&") !== false || strpos($match, "<") !== false || strpos($match, ">") !== false) {
$match = explode(".", $match);
if (count($match) == 4) {
foreach ($mapips as $mapip) {
$mapip = explode(".", $mapip);
if (count($mapip) == 4) {
for ($x = 0; $x < 4; $x++) {
$chr = substr($match[$x], 0, 1);
if ($chr == "&" && ((int) substr($match[$x], 1) & (int) $mapip[$x]) == 0) {
break;
} else {
if ($chr == "<" && (int) substr($match[$x], 1) <= (int) $mapip[$x]) {
break;
} else {
if ($chr == ">" && (int) substr($match[$x], 1) >= (int) $mapip[$x]) {
break;
} else {
if ($chr != "&" && $chr != "<" && $chr != ">" && $chr != "" && $match[$x] != $mapip[$x]) {
break;
}
}
}
}
}
if ($x == 4) {
$spaminfo["reasons"][] = BB_Translate("IP address '%s' appears on the blacklist at '%s' with return value '%s' matching pattern '%s'.", $sso_ipaddr["ipv4"], $url, implode(".", $mapip), implode(".", $match));
$found = true;
break;
}
}
}
}
} else {
if (in_array($match, $mapips)) {
$spaminfo["reasons"][] = BB_Translate("IP address '%s' appears on the blacklist at '%s' with return value '%s'.", $sso_ipaddr["ipv4"], $url, $match);
$found = true;
}
}
}
}
if ($found) {
$num++;
}
}
}
}
}
if ((int) $info["dnsrbl_mincount"] > 0 && $num >= (int) $info["dnsrbl_mincount"]) {
$spammer = true;
} else {
if ((int) $sso_settings[""]["iprestrict"]["dnsrbl_mincount"] > 0 && $num >= (int) $sso_settings[""]["iprestrict"]["dnsrbl_mincount"]) {
$spammer = true;
}
}
}
// Check geolocation blacklists.
if (!isset($spamcache["geoip"])) {
$spamcache["geoip"] = SSO_GetGeoIPInfo();
}
if ($spamcache["geoip"] !== false) {
$geoip_lists = explode("\n", str_replace("\r", "\n", $info["geoip_lists"] . "\n" . $sso_settings[""]["iprestrict"]["geoip_lists"]));
foreach ($geoip_lists as $line) {
$line = trim($line);
if ($line != "") {
$found = true;
$entries = explode(";", $line);
foreach ($entries as $entry) {
$entry = explode("=", $entry);
if (count($entry) != 2) {
$found = false;
break;
}
$key = trim($entry[0]);
$val = trim($entry[1]);
if (!isset($spamcache["geoip"][$key]) || $spamcache["geoip"][$key] != $val) {
$found = false;
break;
}
}
if ($found) {
$spaminfo["reasons"][] = BB_Translate("IP address '%s' matches geolocation '%s'.", $sso_ipaddr["ipv6"] . ($sso_ipaddr["ipv4"] != "" ? " (" . $sso_ipaddr["ipv4"] . ")" : ""), $line);
$spammer = true;
}
}
}
}
// Cache the results.
$spaminfo["spammer"] = $spammer;
if (!isset($sso_ipaddr_info["spaminfo"])) {
$sso_ipaddr_info["spaminfo"] = array();
}
$sso_ipaddr_info["spaminfo"][$sso_provider] = $spaminfo;
$sso_ipaddr_info["spaminfo_cache"] = $spamcache;
SSO_SaveIPAddrInfo();
return $info["allchecks"] ? $spammer : false;
}
