| 1 | <?php if (!defined('BB2_CORE')) die('I said no cheating!'); |
| 2 | |
| 3 | // All tests which apply specifically to POST requests |
| 4 | function bb2_post($settings, $package) |
| 5 | { |
| 6 | // Check blackhole lists for known spam/malicious activity |
| 7 | require_once(BB2_CORE . "/blackhole.inc.php"); |
| 8 | bb2_test($settings, $package, bb2_blackhole($package)); |
| 9 | |
| 10 | // MovableType needs specialized screening |
| 11 | if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) { |
| 12 | if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) { |
| 13 | return "7d12528e"; |
| 14 | } |
| 15 | } |
| 16 | |
| 17 | // Trackbacks need special screening |
| 18 | $request_entity = $package['request_entity']; |
| 19 | if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) { |
| 20 | require_once(BB2_CORE . "/trackback.inc.php"); |
| 21 | return bb2_trackback($package); |
| 22 | } |
| 23 | |
| 24 | // Catch a few completely broken spambots |
| 25 | foreach ($request_entity as $key => $value) { |
| 26 | $pos = strpos($key, " document.write"); |
| 27 | if ($pos !== FALSE) { |
| 28 | return "dfd9b1ad"; |
| 29 | } |
| 30 | } |
| 31 | |
| 32 | // If Referer exists, it should refer to a page on our site |
| 33 | if (array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) { |
| 34 | return "cd361abb"; |
| 35 | } |
| 36 | |
| 37 | // Screen by cookie/JavaScript form add |
| 38 | if (isset($_COOKIE[BB2_COOKIE])) { |
| 39 | $screener1 = explode(" ", $_COOKIE[BB2_COOKIE]); |
| 40 | } else { |
| 41 | $screener1 = array(0); |
| 42 | } |
| 43 | if (isset($_POST[BB2_COOKIE])) { |
| 44 | $screener2 = explode(" ", $_POST[BB2_COOKIE]); |
| 45 | } else { |
| 46 | $screener2 = array(0); |
| 47 | } |
| 48 | $screener = max($screener1[0], $screener2[0]); |
| 49 | |
| 50 | if ($screener > 0) { |
| 51 | // Posting too fast? 5 sec |
| 52 | // FIXME: even 5 sec is too intrusive |
| 53 | // if ($screener + 5 > time()) |
| 54 | // return "408d7e72"; |
| 55 | // Posting too slow? 48 hr |
| 56 | if ($screener + 172800 < time()) |
| 57 | return "b40c8ddc"; |
| 58 | |
| 59 | // Screen by IP address |
| 60 | $ip = ip2long($package['ip']); |
| 61 | $ip_screener = ip2long($screener[1]); |
| 62 | // FIXME: This is b0rked, but why? |
| 63 | // if ($ip && $ip_screener && abs($ip_screener - $ip) > 256) |
| 64 | // return "c1fa729b"; |
| 65 | |
| 66 | if (!empty($package['headers_mixed']['X-Forwarded-For'])) { |
| 67 | $ip = $package['headers_mixed']['X-Forwarded-For']; |
| 68 | } |
| 69 | // Screen for user agent changes |
| 70 | // User connected previously with blank user agent |
| 71 | // $q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)"); |
| 72 | // Damnit, too many ways for this to fail :( |
| 73 | // if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0) |
| 74 | // return "799165c2"; |
| 75 | } |
| 76 | |
| 77 | return false; |
| 78 | } |
| 79 | |
| 80 | ?> |
| 81 | |
