View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 290 | Composr | core | public | 2011-10-07 17:39 | 2013-04-06 20:54 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Priority | normal | Severity | feature | ||
| Status | resolved | Resolution | fixed | ||
| Summary | 290: Spammer database | ||||
| Description | Lookup IPs/browsers in a spammer database and block from posting accordingly. | ||||
| Tags | No tags attached. | ||||
| Attach Tags | |||||
| Attached Files | antispam.patch (93,486 bytes)
diff --git a/adminzone/pages/modules/admin_actionlog.php b/adminzone/pages/modules/admin_actionlog.php
index a1b04e0..649bd67 100644
--- a/adminzone/pages/modules/admin_actionlog.php
+++ b/adminzone/pages/modules/admin_actionlog.php
@@ -59,7 +59,9 @@ class Module_admin_actionlog
function run()
{
require_all_lang();
-
+
+ require_code('support2');
+
$type=get_param('type','misc');
if ($type=='misc') return $this->search();
@@ -67,6 +69,7 @@ class Module_admin_actionlog
if ($type=='view') return $this->view_action();
if (addon_installed('securitylogging'))
{
+ if ($type=='syndicate_ip_ban') return $this->syndicate_ip_ban();
if ($type=='toggle_ip_ban') return $this->toggle_ip_ban();
if ($type=='toggle_submitter_ban') return $this->toggle_submitter_ban();
if ($type=='toggle_member_ban') return $this->toggle_member_ban();
@@ -294,10 +297,10 @@ class Module_admin_actionlog
if (addon_installed('securitylogging'))
{
- $banned_test_1=array_key_exists('ip',$myrow)?$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_ip','ip',array('ip'=>$myrow['ip'])):NULL;
- $banned_test_2=$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_member','the_member',array('the_member'=>$myrow['the_user']));
+ $banned_test_1=array_key_exists('ip',$myrow)?ip_banned($myrow['ip'],true):false;
+ $banned_test_2=!is_null($GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_member','the_member',array('the_member'=>$myrow['the_user'])));
$banned_test_3=$GLOBALS['FORUM_DRIVER']->is_banned($myrow['the_user']);
- $banned=((is_null($banned_test_1)) && (is_null($banned_test_2)) && (!$banned_test_3))?do_lang_tempcode('NO'):do_lang_tempcode('YES');
+ $banned=(((!$banned_test_1)) && ((!$banned_test_2)) && (!$banned_test_3))?do_lang_tempcode('NO'):do_lang_tempcode('YES');
$result_entry[]=$banned;
}
@@ -354,11 +357,16 @@ class Module_admin_actionlog
{
if (array_key_exists('ip',$row))
{
- $banned_test_1=$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_ip','ip',array('ip'=>$row['ip']));
- $fields['IP_BANNED']=is_null($banned_test_1)?do_lang_tempcode('NO'):do_lang_tempcode('YES');
+ $banned_test_1=ip_banned($row['ip'],true);
+ $fields['IP_BANNED']=(!$banned_test_1)?do_lang_tempcode('NO'):do_lang_tempcode('YES');
if ($row['ip']!=get_ip_address())
{
$fields['IP_BANNED']->attach(do_template('ACTION_LOGS_TOGGLE_LINK',array('URL'=>build_url(array('page'=>'_SELF','type'=>'toggle_ip_ban','id'=>$row['ip']),'_SELF'))));
+ if (get_option('stopforumspam_api_key').get_option('tornevall_api_username')!='')
+ {
+ require_lang('security');
+ $fields['SYNDICATE_TO_STOPFORUMSPAM']=do_template('ACTION_LOGS_TOGGLE_LINK',array('LABEL'=>do_lang_tempcode('PROCEED'),'URL'=>build_url(array('page'=>'_SELF','type'=>'syndicate_ip_ban','ip'=>$row['ip'],'member_id'=>$row['the_user']),'_SELF')));
+ }
}
}
$banned_test_2=$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_member','the_member',array('the_member'=>$row['the_user']));
@@ -501,6 +509,41 @@ class Module_admin_actionlog
}
/**
+ * The actualiser to syndicate an IP ban.
+ *
+ * @return tempcode The UI
+ */
+ function syndicate_ip_ban()
+ {
+ $ip=either_param('ip');
+ $member_id=either_param('member_id');
+
+ $title=get_page_title('SYNDICATE_TO_STOPFORUMSPAM');
+
+ if (post_param_integer('confirm',0)==0)
+ {
+ $preview=do_lang_tempcode('DESCRIPTION_SYNDICATE_TO_STOPFORUMSPAM');
+ $url=get_self_url(false,false,NULL,true);
+ return do_template('CONFIRM_SCREEN',array('TITLE'=>$title,'PREVIEW'=>$preview,'FIELDS'=>form_input_hidden('confirm','1'),'URL'=>$url));
+ }
+
+ require_code('failure');
+ syndicate_spammer_report($ip,is_guest($member_id)?'':$GLOBALS['FORUM_DRIVER']->get_username($member_id),$GLOBALS['FORUM_DRIVER']->get_member_email_address($member_id),'',true);
+ log_it('SYNDICATED_IP_BAN',$ip);
+
+ // Show it worked / Refresh
+ $_url=get_param('redirect',NULL);
+ if (!is_null($_url))
+ {
+ $url=make_string_tempcode($_url);
+ } else
+ {
+ $url=build_url(array('page'=>'_SELF','type'=>'misc'),'_SELF');
+ }
+ return redirect_screen($title,$url,do_lang_tempcode('SUCCESS'));
+ }
+
+ /**
* The actualiser to toggle an IP ban.
*
* @return tempcode The UI
@@ -509,9 +552,7 @@ class Module_admin_actionlog
{
$ip=get_param('id');
- $test=$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_ip','ip',array('ip'=>$ip));
-
- if (is_null($test))
+ if (!ip_banned($ip,true))
{
$title=get_page_title('IP_BANNED');
diff --git a/adminzone/pages/modules/admin_config.php b/adminzone/pages/modules/admin_config.php
index e42858d..3137dd7 100644
--- a/adminzone/pages/modules/admin_config.php
+++ b/adminzone/pages/modules/admin_config.php
@@ -36,7 +36,7 @@ class Module_admin_config
$info['organisation']='ocProducts';
$info['hacked_by']=NULL;
$info['hack_version']=NULL;
- $info['version']=12;
+ $info['version']=13;
$info['locked']=true;
$info['update_require_upgrade']=1;
return $info;
@@ -72,6 +72,9 @@ class Module_admin_config
'check_broken_urls','advanced_admin_cache','collapse_user_zones','google_analytics','fixed_width','show_screen_actions','show_content_tagging','show_content_tagging_inline',
'long_google_cookies','remember_me_by_default','detect_javascript','mobile_support','mail_queue','mail_queue_debug',
'comments_to_show_in_thread','max_thread_depth',
+ 'spam_check_level','stopforumspam_api_key','tornevall_api_username','tornevall_api_password','spam_block_lists','spam_cache_time','spam_check_exclusions',
+ 'spam_stale_threshold','spam_ban_threshold','spam_block_threshold','spam_approval_threshold',
+ 'spam_check_usernames','implied_spammer_confidence','spam_blackhole_detection','honeypot_url','honeypot_phrase',
);
foreach ($config_options as $option)
@@ -184,8 +187,8 @@ class Module_admin_config
add_config_option('USE_CUSTOM_ZONE_MENU','use_custom_zone_menu','tick','return \'1\';','THEME','GENERAL');
add_config_option('TRAY_SUPPORT','tray_support','tick','return \'1\';','THEME','GENERAL');
add_config_option('SHOW_DOCS','show_docs','tick','return \'1\';','SITE','ADVANCED');
- add_config_option('CAPTCHA_NOISE','captcha_noise','tick','return addon_installed(\'captcha\')?\'1\':NULL;','SITE','ADVANCED');
- add_config_option('CAPTCHA_ON_FEEDBACK','captcha_on_feedback','tick','return addon_installed(\'captcha\')?\'0\':NULL;','SITE','ADVANCED');
+ add_config_option('CAPTCHA_NOISE','captcha_noise','tick','return addon_installed(\'captcha\')?\'1\':NULL;','SECURITY','SPAMMER_DETECTION');
+ add_config_option('CAPTCHA_ON_FEEDBACK','captcha_on_feedback','tick','return addon_installed(\'captcha\')?\'0\':NULL;','SECURITY','SPAMMER_DETECTION');
add_config_option('SHOW_POST_VALIDATION','show_post_validation','tick','return \'1\';','SITE','ADVANCED');
add_config_option('IP_FORWARDING','ip_forwarding','tick','return \'0\';','SITE','ENVIRONMENT');
add_config_option('FORCE_META_REFRESH','force_meta_refresh','tick','return \'0\';','SITE','ENVIRONMENT');
@@ -255,6 +258,25 @@ class Module_admin_config
foreach (array('send_error_emails','ocf_show_personal_myhome_link','twitter_login','twitter_password','facebook_api','facebook_appid','facebook_secret_code','facebook_uid','facebook_target_ids') as $option_to_delete)
delete_config_option($option_to_delete);
}
+ if ((is_null($upgrade_from)) || ($upgrade_from<13))
+ {
+ add_config_option('SPAM_CHECK_LEVEL','spam_check_level','list','return \'NEVER\';','SECURITY','SPAMMER_DETECTION',0,'EVERYTHING|ACTIONS|GUESTACTIONS|JOINING|NEVER');
+ add_config_option('STOPFORUMSPAM_API_KEY','stopforumspam_api_key','line','return \'\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('TORNEVALL_API_USERNAME','tornevall_api_username','line','return class_exists(\'SoapClient\')?\'\':NULL;','SECURITY','SPAMMER_DETECTION');
+ add_config_option('TORNEVALL_API_PASSWORD','tornevall_api_password','line','return class_exists(\'SoapClient\')?\'\':NULL;','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_BLOCK_LISTS','spam_block_lists','line','return \'*.opm.tornevall.org\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_CACHE_TIME','spam_cache_time','integer','return \'60\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_CHECK_EXCLUSIONS','spam_check_exclusions','line','return \'127.0.0.1,\'.ocp_srv(\'SERVER_ADDR\').\'\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_STALE_THRESHOLD','spam_stale_threshold','integer','return \'31\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_BAN_THRESHOLD','spam_ban_threshold','integer','return \'90\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_BLOCK_THRESHOLD','spam_block_threshold','integer','return \'60\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_APPROVAL_THRESHOLD','spam_approval_threshold','integer','return \'40\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_CHECK_USERNAMES','spam_check_usernames','tick','return \'0\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('IMPLIED_SPAMMER_CONFIDENCE','implied_spammer_confidence','integer','return \'80\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('SPAM_BLACKHOLE_DETECTION','spam_blackhole_detection','tick','return \'1\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('HONEYPOT_URL','honeypot_url','line','return \'\';','SECURITY','SPAMMER_DETECTION');
+ add_config_option('HONEYPOT_PHRASE','honeypot_phrase','line','return \'\';','SECURITY','SPAMMER_DETECTION');
+ }
if ((!is_null($upgrade_from)) && ($upgrade_from<8))
{
diff --git a/adminzone/pages/modules/admin_ipban.php b/adminzone/pages/modules/admin_ipban.php
index fcc0668..510cdbb 100644
--- a/adminzone/pages/modules/admin_ipban.php
+++ b/adminzone/pages/modules/admin_ipban.php
@@ -36,7 +36,7 @@ class Module_admin_ipban
$info['organisation']='ocProducts';
$info['hacked_by']=NULL;
$info['hack_version']=NULL;
- $info['version']=4;
+ $info['version']=5;
$info['locked']=true;
$info['update_require_upgrade']=1;
return $info;
@@ -78,6 +78,11 @@ class Module_admin_ipban
{
$GLOBALS['SITE_DB']->add_table_field('usersubmitban_ip','i_descrip','LONG_TEXT');
}
+ if ((!is_null($upgrade_from)) && ($upgrade_from<5))
+ {
+ $GLOBALS['SITE_DB']->add_table_field('usersubmitban_ip','i_ban_until','?TIME');
+ $GLOBALS['SITE_DB']->add_table_field('usersubmitban_ip','i_ban_positive','BINARY',1);
+ }
}
/**
@@ -124,10 +129,17 @@ class Module_admin_ipban
$GLOBALS['HELPER_PANEL_TEXT']=comcode_to_tempcode(do_lang('IP_BANNING_WILDCARDS',$lookup_url->evaluate()));
$bans='';
- $rows=$GLOBALS['SITE_DB']->query_select('usersubmitban_ip',array('ip','i_descrip'));
+ $locked_bans='';
+ $rows=$GLOBALS['SITE_DB']->query('SELECT ip,i_descrip,i_ban_until FROM '.get_table_prefix().'usersubmitban_ip WHERE i_ban_positive=1 AND (i_ban_until IS NULL'.' OR i_ban_until>'.strval(time()).')');
foreach ($rows as $row)
{
- $bans.=$row['ip'].' '.$row['i_descrip'].chr(10);
+ if (is_null($row['i_ban_until']))
+ {
+ $bans.=$row['ip'].' '.$row['i_descrip'].chr(10);
+ } else
+ {
+ $locked_bans.=do_lang('SPAM_AUTO_BAN_TIMEOUT',$row['ip'],$row['i_descrip'],get_timezoned_date($row['i_ban_until'])).chr(10);
+ }
}
$post_url=build_url(array('page'=>'_SELF','type'=>'actual'),'_SELF');
@@ -136,7 +148,7 @@ class Module_admin_ipban
list($warning_details,$ping_url)=handle_conflict_resolution();
- return do_template('IPBAN_SCREEN',array('_GUID'=>'963d24852ba87e9aa84e588862bcfecb','PING_URL'=>$ping_url,'WARNING_DETAILS'=>$warning_details,'TITLE'=>$title,'BANS'=>$bans,'URL'=>$post_url));
+ return do_template('IPBAN_SCREEN',array('_GUID'=>'963d24852ba87e9aa84e588862bcfecb','PING_URL'=>$ping_url,'WARNING_DETAILS'=>$warning_details,'TITLE'=>$title,'LOCKED_BANS'=>$locked_bans,'BANS'=>$bans,'URL'=>$post_url));
}
/**
@@ -148,7 +160,8 @@ class Module_admin_ipban
{
require_code('failure');
- $old_bans=collapse_1d_complexity('ip',$GLOBALS['SITE_DB']->query_select('usersubmitban_ip'));
+ $rows=$GLOBALS['SITE_DB']->query('SELECT ip,i_descrip FROM '.get_table_prefix().'usersubmitban_ip WHERE i_ban_until IS NULL'/*.' OR i_ban_until>'.strval(time())*/);
+ $old_bans=collapse_1d_complexity('ip',$rows);
$bans=post_param('bans');
$_bans=explode(chr(10),$bans);
foreach ($old_bans as $ban)
diff --git a/adminzone/pages/modules/admin_lookup.php b/adminzone/pages/modules/admin_lookup.php
index bb6b5c1..b8f3d0c 100644
--- a/adminzone/pages/modules/admin_lookup.php
+++ b/adminzone/pages/modules/admin_lookup.php
@@ -116,7 +116,7 @@ class Module_admin_lookup
if (is_null($id)) $id=$GLOBALS['FORUM_DRIVER']->get_guest_id();
if (is_null($ip)) $ip='';
- $all_banned=collapse_1d_complexity('ip',$GLOBALS['SITE_DB']->query_select('usersubmitban_ip',array('ip')));
+ $all_banned=collapse_1d_complexity('ip',$GLOBALS['SITE_DB']->query('SELECT ip FROM '.get_table_prefix().'usersubmitban_ip WHERE i_ban_positive=1 AND (i_ban_until IS NULL OR i_ban_until>'.strval(time()).')'));
$ip_list=new ocp_tempcode();
$groups=array();
@@ -204,7 +204,15 @@ class Module_admin_lookup
$alerts=($ip=='')?new ocp_tempcode():find_security_alerts(array('ip'=>$ip));
$member_banned=$GLOBALS['FORUM_DRIVER']->is_banned($id);
- $ip_banned=($ip!='') && (!is_null($GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_ip','ip',array('ip'=>$ip))));
+ $ip_banned=false;
+ if ($ip!='')
+ {
+ $ban_until=$GLOBALS['SITE_DB']->query_select('usersubmitban_ip',array('i_ban_until'),array('i_ban_positive'=>1,'ip'=>$ip));
+ if (array_key_exists(0,$ban_until))
+ {
+ $ip_banned=is_null($ban_until[0]['i_ban_until']) || $ban_until[0]['i_ban_until']>time();
+ }
+ }
$banned_test_2=$GLOBALS['SITE_DB']->query_value_null_ok('usersubmitban_member','the_member',array('the_member'=>$id));
$submitter_banned=!is_null($banned_test_2);
@@ -230,7 +238,30 @@ class Module_admin_lookup
breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu',do_lang_tempcode('MEMBERS')),array('_SELF:_SELF:misc',do_lang_tempcode('SEARCH'))));
breadcrumb_set_self(do_lang_tempcode('RESULT'));
- return do_template('LOOKUP_SCREEN',array('_GUID'=>'dc6effaa043949940b809f6aa5a1f944','TITLE'=>$title,'ALERTS'=>$alerts,'STATS'=>$stats,'IP_LIST'=>$ip_list,'IP_BANNED'=>$ip_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),'SUBMITTER_BANNED'=>$submitter_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),'MEMBER_BANNED'=>$member_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),'MEMBER_BAN_LINK'=>$member_ban_link,'SUBMITTER_BAN_LINK'=>$submitter_ban_link,'IP_BAN_LINK'=>$ip_ban_link,'ID'=>strval($id),'IP'=>$ip,'NAME'=>$name,'SEARCH_URL'=>$search_url,'AUTHOR_URL'=>$author_url,'POINTS_URL'=>$points_url,'PROFILE_URL'=>$profile_url,'ACTION_LOG_URL'=>$action_log_url));
+ return do_template(
+ 'LOOKUP_SCREEN',
+ array(
+ '_GUID'=>'dc6effaa043949940b809f6aa5a1f944',
+ 'TITLE'=>$title,
+ 'ALERTS'=>$alerts,
+ 'STATS'=>$stats,
+ 'IP_LIST'=>$ip_list,
+ 'IP_BANNED'=>$ip_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),
+ 'SUBMITTER_BANNED'=>$submitter_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),
+ 'MEMBER_BANNED'=>$member_banned?do_lang_tempcode('YES'):do_lang_tempcode('NO'),
+ 'MEMBER_BAN_LINK'=>$member_ban_link,
+ 'SUBMITTER_BAN_LINK'=>$submitter_ban_link,
+ 'IP_BAN_LINK'=>$ip_ban_link,
+ 'ID'=>strval($id),
+ 'IP'=>$ip,
+ 'NAME'=>$name,
+ 'SEARCH_URL'=>$search_url,
+ 'AUTHOR_URL'=>$author_url,
+ 'POINTS_URL'=>$points_url,
+ 'PROFILE_URL'=>$profile_url,
+ 'ACTION_LOG_URL'=>$action_log_url
+ )
+ );
}
}
diff --git a/adminzone/pages/modules/admin_trackbacks.php b/adminzone/pages/modules/admin_trackbacks.php
index 0608568..3c3cd5a 100644
--- a/adminzone/pages/modules/admin_trackbacks.php
+++ b/adminzone/pages/modules/admin_trackbacks.php
@@ -116,6 +116,7 @@ class Module_admin_trackbacks
if (is_null($trackback_ip)) break;
require_code('failure');
add_ip_ban($trackback_ip,do_lang('TRACKBACK_SPAM'));
+ syndicate_spammer_report($trackback_ip,'','',do_lang('TRACKBACK_SPAM'),true);
}
// Intentionally no 'break' line below
case '1':
diff --git a/cms/pages/modules/cms_comcode_pages.php b/cms/pages/modules/cms_comcode_pages.php
index a250fa4..228cb26 100644
--- a/cms/pages/modules/cms_comcode_pages.php
+++ b/cms/pages/modules/cms_comcode_pages.php
@@ -922,6 +922,7 @@ class Module_cms_comcode_pages
}
$validated=post_param_integer('validated',0);
+ inject_action_spamcheck();
if (!has_specific_permission(get_member(),'bypass_validation_highrange_content')) $validated=0;
$parent_page=post_param('parent_page','');
$show_as_edit=post_param_integer('show_as_edit',0);
diff --git a/lang/EN/config.ini b/lang/EN/config.ini
index b0ea40d..be7e811 100644
--- a/lang/EN/config.ini
+++ b/lang/EN/config.ini
@@ -322,3 +322,41 @@ CONFIG_OPTION_max_thread_depth=The maximum depth of threaded topics. If people r
CONFIG_OPTION_bottom_show_feedback_link=Show a feedback form link in the footer.
CONFIG_OPTION_bottom_show_privacy_link=Show a privacy link in the footer.
CONFIG_OPTION_bottom_show_sitemap_button=Show a sitemap link in the footer.
+SPAMMER_DETECTION=Spammer detection
+SPAM_CHECK_LEVEL=Spammer checking level
+CONFIG_OPTION_spam_check_level=The software has inbuilt support for integrating the <a target="_blank" title="Stop Forum Spam (this link will open in a new window)" href="http://www.stopforumspam.com/">Stop Forum Spam</a> web service, for the detection and blocking of known spammers, as well as <acronym title="Remote Block List">RBL</acronym>s. This option determines the level of checking performed. Note that the Stop Forum Spam service is intended to be non-commercial, so if you have a for-profit site you should negotiate an arrangement with them. Note that most checks only work if <acronym title="The inbuilt software forum">OCF</acronym> is being used.
+CONFIG_OPTION_spam_check_level_VALUE_EVERYTHING=Every page view (performs RBL checks always, and full check on actions)
+CONFIG_OPTION_spam_check_level_VALUE_ACTIONS=Actions (joining, posting, trackbacks)
+CONFIG_OPTION_spam_check_level_VALUE_GUESTACTIONS=Guest actions (joining, Guest posting, trackbacks)
+CONFIG_OPTION_spam_check_level_VALUE_JOINING=Joining
+CONFIG_OPTION_spam_check_level_VALUE_NEVER=Never
+STOPFORUMSPAM_API_KEY=Stop Forum Spam API key
+CONFIG_OPTION_stopforumspam_api_key=If a <a target="_blank" title="Stop Forum Spam API key (this link will open in a new window)" href="http://www.stopforumspam.com/signup">Stop Forum Spam API key</a> is filled in, automatic spammer reports will be syndicated (via the hack-attack system / flood-control system, when spammers are automatically detected). You will also be able to syndicate reports when you use the “Investigate user”, “Action Log”, “Punish Member” and “Delete Trackbacks” software features. You may manage your syndicated submissions on the <a target="_blank" title="Stop Forum Spam website (this link will open in a new window)" href="http://www.stopforumspam.com/myspammers">Stop Forum Spam website</a>.
+TORNEVALL_API_USERNAME=Tornevall API username
+CONFIG_OPTION_tornevall_api_username=If a <a target="_blank" title="tornevall API (this link will open in a new window)" href="http://www.stopforumspam.com/signup">tornevall key</a> is set up, enter the Username here. IPs will then be syndicated out like with the Stop Forum Spam service.
+TORNEVALL_API_PASSWORD=Tornevall API password
+CONFIG_OPTION_tornevall_api_password=If a <a target="_blank" title="tornevall API (this link will open in a new window)" href="http://www.stopforumspam.com/signup">tornevall key</a> is set up, enter the Password here. IPs will then be syndicated out like with the Stop Forum Spam service.
+SPAM_BLOCK_LISTS=<acronym title="Remote block list">RBL</acronym> servers
+CONFIG_OPTION_spam_block_lists=A comma-separated list of <acronym title="Remote Block List">RBL</acronym> servers designed for sharing spam blocking information. If you have an <a title="HTTP:BL key (this link will open in a new window)" href="http://www.projecthoneypot.org/httpbl_configure.php">HTTP:BL key</a>, you may set up HTTP:BL by putting in <kbd><key>.*.dnsbl.httpbl.org</kbd> (put it first, as it is the best data for web systems and will be prioritised if given first). Only certain servers are supported fully (unrecognised servers will work, but without any settings granularity, due to a lack of any common <acronym title="Remote Block List">RBL</acronym> standard).
+SPAM_CACHE_TIME=Block list cache time
+CONFIG_OPTION_spam_cache_time=The number of minutes to cache spam block list requests.
+SPAM_CHECK_EXCLUSIONS=Spammer checking exclusions
+CONFIG_OPTION_spam_check_exclusions=A comma-separated list of IP addresses to never check. It will also be impossible for IP bans to be run against these addresses, even if they are configured.
+SPAM_STALE_THRESHOLD=Spammer staleness threshold
+CONFIG_OPTION_spam_stale_threshold=Only consider IP addresses that have been detected as malicious within this previous number of days.
+SPAM_BAN_THRESHOLD=Spammer ban threshold
+CONFIG_OPTION_spam_ban_threshold=If spammer confidence is above this percentage then the user will be given an error message then immediately put into the software IP ban list (for the configured period of time).
+SPAM_BLOCK_THRESHOLD=Spammer block threshold
+CONFIG_OPTION_spam_block_threshold=If spammer confidence is above this percentage then requests will be blocked with an error message. This only applies to requests that perform a content submission/join action.
+SPAM_APPROVAL_THRESHOLD=Spammer approval threshold
+CONFIG_OPTION_spam_approval_threshold=If spammer confidence is above this percentage then bypass-validation permissions will be removed for the user.
+IMPLIED_SPAMMER_CONFIDENCE=Implied spammer confidence
+CONFIG_OPTION_implied_spammer_confidence=<acronym title="Remote Block List">RBL</acronym> servers do not generally support confidence levels. A suspected spammer will be assigned this level, which will then be compared against your threshold settings. The exception is HTTP:BL, which always has a confidence level of 0 or 100 (as it is very precise).
+HONEYPOT_URL=Honeypot URL
+CONFIG_OPTION_honeypot_url=If you have set up a <a title="Project Honeypot script (this link will open in a new window)" target="_blank" href="http://www.projecthoneypot.org/add_honey_pot.php">Project Honeypot script</a>, enter the URL to it here. The default theme has a spot where it will automatically be inserted so that you don't need to do it manually yourself.
+HONEYPOT_PHRASE=Honeypot phrase
+CONFIG_OPTION_honeypot_phrase=When setting up a Project Honeypot script, Project Honeypot gives lots of code examples to use. There'll be a random phrase or word in most of them: enter that here, or make your own up.
+SPAM_CHECK_USERNAMES=Check usernames for known spammers
+CONFIG_OPTION_spam_check_usernames=Whether to check usernames during the Stop Forum Spam check. This may result in false-positives if spammers were using very generic usernames, and doesn't really work as a reliable filter (it is easy to use lots of different usernames).
+SPAM_BLACKHOLE_DETECTION=Blackhole detection
+CONFIG_OPTION_spam_blackhole_detection=If enabled, hidden inputs will be placed on all submittable forms. No human would fill these hidden inputs, but bots would. If filled in, spam hack-attack alerts will be generated. If there are enough, automatic banning will happen, and information will be relayed to the Stop Forum Spam project (if an API key was configured).
diff --git a/lang/EN/critical_error.ini b/lang/EN/critical_error.ini
index b9b4885..da48ccd 100644
--- a/lang/EN/critical_error.ini
+++ b/lang/EN/critical_error.ini
@@ -239,3 +239,17 @@ NOTIFICATION_TYPE_error_occurred_cron=Error during background scheduler
NOTIFICATION_TYPE_error_occurred_missing_reference=Broken link in member Comcode
NOTIFICATION_TYPE_error_occurred_missing_reference_important=Broken link in site Comcode
ERRORS=Errors
+STOPPED_BY_ANTISPAM=Your IP address ({1}) has been detected in a ban list ({2}). To stop spam we check against external services that log malicious activity across the web. If your IP address has been flagged by accident we apologise – often IP addresses are shared or recycled so false-positives can occur, but we must protect our systems. If you are a genuine user please run a virus scan, secure your network, and try again in a few days.
+IPBAN_LOG_AUTOBAN_ANTISPAM=Auto-blocked by remote spam list checks ({1})
+ERROR_CHECKING_FOR_SPAMMERS=Could not run spam check using the [tt]{1}[/tt] service due to connection error. The action has been let through without a check.
+_ERROR_CHECKING_FOR_SPAMMERS=Could not run spam check using the [tt]{1}[/tt] service: {2}. The action has been let through without a check.
+NOTIFICATION_TYPE_spam_check_block=Perceived spammer blocked
+NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_BAN=Perceived spammer banned ({1})
+NOTIFICATION_SPAM_CHECK_BLOCK_BODY_BAN=A possible spammer was detected by the {2} service (IP: {1}). They have been banned.
+NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_BLOCK=Perceived spammer banned ({1})
+NOTIFICATION_SPAM_CHECK_BLOCK_BODY_BLOCK=A possible spammer was detected by the {2} service (IP: {1}). Their request has been blocked.
+NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_APPROVE=Perceived spammer banned ({1})
+NOTIFICATION_SPAM_CHECK_BLOCK_BODY_APPROVE=A possible spammer was detected by the {2} service (IP: {1}). Validation has been forcibly enabled for their request.
+SPAM_REPORT_TRIGGERED_SPAM_HEURISTICS=Multiple triggers to spam heuristics (such as blackholes, or splatter-gun link injection)
+SPAM_REPORT_SITE_FLOODING=Flooding POST requests
+SPAM_REPORT_NO_EMAIL_OR_USERNAME=Sorry, we can't report this user because either there was no known username, or no known e-mail address. Stop Forum Spam requires full details.
diff --git a/lang/EN/global.ini b/lang/EN/global.ini
index aa624de..ef3339d 100644
--- a/lang/EN/global.ini
+++ b/lang/EN/global.ini
@@ -930,4 +930,5 @@ LIKED_BY=Liked by
THREADED_REPLY_NOTICE=To reply to an existing post use the reply/quote button under it. Type fresh posts here when not replying to any existing post.\n\n{1}
QUOTED_REPLY_MESSAGE=Click to type your reply to {1}'s message, which was:\n\n{2}
READ_MORE=Read more
POST_IN=Post in topic: {1}
+DO_NOT_FILL_ME_SPAMMER_BLACKHOLE=<span>D</span>on't <span>f</span>ill this field, it is here to <span>c</span>atch <span>s</span>pam-<span>b</span>ots that fill in forms <span>a</span>utomatically
diff --git a/lang/EN/security.ini b/lang/EN/security.ini
index 261c155..f390b9b 100644
--- a/lang/EN/security.ini
+++ b/lang/EN/security.ini
@@ -22,3 +22,6 @@ POST_DATA_EXPLANATION=Any web request can be classified as either a ‘GET&r
MODULE_TRANS_NAME_admin_security=Security logging
MODULE_TRANS_NAME_admin_ssl=SSL/TLS (HTTPS) configuration
HACKER_DETECTED=Hacker/evil-bot: {1}
+SYNDICATE_TO_STOPFORUMSPAM=Syndicate to Stop Forum Spam (and beyond)
+DESCRIPTION_SYNDICATE_TO_STOPFORUMSPAM=Send off this ban to the Stop Forum Spam service, and other similar services, to share the information with other sites just as they are sharing with yours. Use this with care, <strong>you really must have a water-tight reason</strong> for suggesting they are an out-and-out spammer, <strong>not</strong> just someone abusing your terms and conditions or being a general nuisance.
+SYNDICATED_IP_BAN=Syndicated IP ban
diff --git a/lang/EN/submitban.ini b/lang/EN/submitban.ini
index 548c1ba..25c2c08 100644
--- a/lang/EN/submitban.ini
+++ b/lang/EN/submitban.ini
@@ -5,13 +5,15 @@ VIEW_ACTION_LOGS=Action logs (audit trail)
DOC_ACTION_LOG=The action log will allow you to trace what actions have been performed on the site; and where given, the reasons for doing them. This log gives a combined view of submission, administration, and moderation actions, and provides integration with the tracing and IP banning modules, as well as submitter banning of its own.
DOC_IPBAN=Banning IP addresses is useful to totally remove a user's ability to access the site; unfortunately, users can very easily switch IP addresses. More information about IP addresses is given in the "IP addresses and tracking users" tutorial.
BANNED_ADDRESSES=Banned IP addresses
+EXTERNALLY_BANNED_ADDRESSES=Externally banned addresses (will timeout according to “Block list cache time” setting)
DESCRIPTION_BANNED_ADDRESSES_A=You may ban IP addresses from accessing this website using this tool.
DESCRIPTION_BANNED_ADDRESSES_B=Each line of the text box below indicates an IP address that should be banned. Wildcards may be used. You may enter a note to the right of each address if you wish.
+SPAM_AUTO_BAN_TIMEOUT={1} {2} - until {3}
IP_BANNING_WILDCARDS=IP address bans restrict access to the website on a low level. Be careful to [url="know an IP address"]{1}[/url] before you ban it to avoid inadvertently banning a shared computer/Internet-gateway. Please also be advised that [abbr="Internet Service Provider"]ISP[/abbr]-assigned addresses are often not fixed: a computer's IP address might vary substantially from one day to the next.\n\nAddresses may contain ‘wildcards’ (asterisks) between dotted segments to symbolise that any number in that segment will match.\n\nIt is usual to have an asterisk as the final (fourth) part, as a user's IP address is very likely to change in that final component and at the same time it is very unlikely that wildcarding that last portion would result in any unintended bans. This said, extreme care is advised using wildcards at other points.
IP_BANS=IP address bans
IP_BANNED=IP banned
MEMBER_BANNED=Member banned
-SUBMITTER_BANNED=Submitter banned
+SUBMITTER_BANNED=Future submissions banned
IP_UNBANNED=IP unbanned
MEMBER_UNBANNED=Member unbanned
SUBMITTER_UNBANNED=Submitter unbanned
diff --git a/pages/comcode/EN/privacy.txt b/pages/comcode/EN/privacy.txt
index bab8008..5f8c20b 100755
--- a/pages/comcode/EN/privacy.txt
+++ b/pages/comcode/EN/privacy.txt
@@ -16,14 +16,11 @@ We will not share private details other than what can be seen in the forum profi
The staff reserve the right to read any Private Topics and posts placed on this website. Any form of conversation made through this website should be considered viewable by staff. All private-posts and posts, whether 'deleted' or not, are stored on the server and may be reviewed if we feel we have cause for an investigation. If you do want to keep something private, do not use our services for transmitting it. Situations involving investigations can be anything at our discretion, for example, to investigate specific incidents of our services being used for racism or harassment.
{+START,IF,{$ADDON_INSTALLED,shopping}}
Use of the shopping cart may cause a non-logged-in-user's session to stick around for a longer than normal period of time, using a cookie, in order to keep the cart from being lost.
-{+END}
-{+START,IF,{$OCF}}
+{+END}{+START,IF,{$OCF}}
[title="2"]Privacy settings[/title]
Logged in members may [page="_SEARCH:members:view#tab__edit__privacy"]choose which fields display publicly[/page].
-{+END}
-
-{+START,IF,{$COPPA_ON}}
+{+END}{+START,IF,{$COPPA_ON}}
[title="2"]Children's Online Privacy Protection Act[/title]
In order for children under the age of thirteen to join this website, a parent or guardian must approve it. This is in accordance with U.S. law, but is applied internationally as a civil standard.
@@ -34,5 +31,10 @@ The parent or guardian has the option to agree to the collection and use of the
{$SITE_NAME} may not require a child to disclose more information than is reasonably necessary to participate in an activity as a condition of participation.
The parent or guardian can review the child's personal information, ask to have it deleted and refuse to allow any further collection or use of the child's information. This may be done by contacting the staff in the same way as was done to approve the membership originally.
+{+END}{+START,IF,{$NEQ,{$CONFIG_OPTION,spam_check_level},NEVER}}
+[title="2"]Spam checking[/title]
-{+END}
+For the purpose of reducing spam:
+1) Your IP address, e-mail address, and username, may be checked against the [url="http://www.stopforumspam.com/"]Stop Forum Spam[/url] web service, which involves these details being transmitted within a service request.
+1) Your IP address may be checked against multiple block lists, which involves these details being transmitted within a service request.
+{+END}
\ No newline at end of file
diff --git a/pages/modules/join.php b/pages/modules/join.php
index 632b6ca..b607a0a 100644
--- a/pages/modules/join.php
+++ b/pages/modules/join.php
@@ -69,13 +69,15 @@ class Module_join
require_code('ocf_join');
- check_joining_allowed();
-
ocf_require_all_forum_stuff();
$type=get_param('type','misc');
- if ($type=='misc') return (get_option('show_first_join_page')!='1')?$this->step2():$this->step1();
+ if ($type=='misc')
+ {
+ check_joining_allowed();
+ return (get_option('show_first_join_page')!='1')?$this->step2():$this->step1();
+ }
if ($type=='step2') return $this->step2();
if ($type=='step3') return $this->step3();
if ($type=='step4') return $this->step4();
diff --git a/site/pages/modules/cedi.php b/site/pages/modules/cedi.php
index 03c6487..4e96c2e 100644
--- a/site/pages/modules/cedi.php
+++ b/site/pages/modules/cedi.php
@@ -1006,6 +1006,7 @@ class Module_cedi
// Do it
if ($mode=='post')
{
+ inject_action_spamcheck();
if (!has_specific_permission(get_member(),'bypass_validation_lowrange_content','cms_cedi',array('seedy_page',$id)))
$validated=0;
if (!has_category_access(get_member(),'seedy_page',strval($id))) access_denied('CATEGORY_ACCESS');
@@ -1014,6 +1015,13 @@ class Module_cedi
$post_id=cedi_add_post($id,$message,$validated);
+ if ($validated==0)
+ {
+ require_code('submit');
+ $edit_url=build_url(array('page'=>'cedi','type'=>'post','post_id'=>$post_id,'validated'=>1),'_SELF',NULL,false,false,true);
+ if (addon_installed('unvalidated'))
+ send_validation_request('CEDI_MAKE_POST','seedy_posts',false,strval($post_id),$edit_url);
+ }
} else
{
$rows=$GLOBALS['SITE_DB']->query_select('seedy_posts',array('*'),array('id'=>$post_id),'',1);
diff --git a/site/pages/modules/warnings.php b/site/pages/modules/warnings.php
index 3fbeb58..582ef90 100644
--- a/site/pages/modules/warnings.php
+++ b/site/pages/modules/warnings.php
@@ -371,6 +371,11 @@ class Module_warnings extends standard_aed_module
$fields->attach(form_input_tick(do_lang_tempcode('WHETHER_BANNED_IP'),do_lang_tempcode('DESCRIPTION_WHETHER_BANNED_IP'),'banned_ip',false));
}
}
+ if (get_option('stopforumspam_api_key').get_option('tornevall_api_username')!='')
+ {
+ require_lang('security');
+ $fields->attach(form_input_tick(do_lang_tempcode('SYNDICATE_TO_STOPFORUMSPAM'),do_lang_tempcode('DESCRIPTION_SYNDICATE_TO_STOPFORUMSPAM'),'stopforumspam',false));
+ }
if (addon_installed('points'))
{
if (has_actual_page_access(get_member(),'admin_points'))
@@ -680,6 +685,15 @@ class Module_warnings extends standard_aed_module
}
}
+ // Stop Forum Spam report
+ $stopforumspam=post_param_integer('stopforumspam',0);
+ if ($stopforumspam==1)
+ {
+ $banned_ip=$GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id,'m_ip_address');
+ require_code('failure');
+ syndicate_spammer_report($banned_ip,$GLOBALS['FORUM_DRIVER']->get_username($member_id),$GLOBALS['FORUM_DRIVER']->get_member_email_address($member_id),$explanation,true);
+ }
+
// Change group
$changed_usergroup_from=NULL;
if (has_specific_permission(get_member(),'member_maintenance'))
diff --git a/sources/aed_module.php b/sources/aed_module.php
index c2c62fb..f2279a6 100644
--- a/sources/aed_module.php
+++ b/sources/aed_module.php
@@ -627,6 +627,7 @@ class standard_aed_module
if (($this->user_facing) && (!is_null($this->permissions_require)))
{
+ inject_action_spamcheck();
if (!has_specific_permission(get_member(),'bypass_validation_'.$this->permissions_require.'range_content',NULL,array($this->permissions_cat_require,is_null($this->permissions_cat_name)?'':post_param($this->permissions_cat_name),$this->permissions_cat_require_b,is_null($this->permissions_cat_name_b)?'':post_param($this->permissions_cat_name_b))))
$_POST['validated']='0';
}
diff --git a/sources/antispam.php b/sources/antispam.php
new file mode 100644
index 0000000..f6af095
--- /dev/null
+++ b/sources/antispam.php
@@ -0,0 +1,396 @@
+<?php /*
+
+ ocPortal
+ Copyright (c) ocProducts, 2004-2012
+
+ See text/EN/licence.txt for full licencing information.
+
+
+ NOTE TO PROGRAMMERS:
+ Do not edit this file. If you need to make changes, save your changed file to the appropriate *_custom folder
+ **** If you ignore this advice, then your website upgrades (e.g. for bug fixes) will likely kill your changes ****
+
+*/
+
+/**
+ * @license http://opensource.org/licenses/cpal_1.0 Common Public Attribution License
+ * @copyright ocProducts Ltd
+ * @package core
+ */
+
+/**
+ * Check RBLs to see if we need to block this user.
+ *
+ * @param boolean Whether this is a page level check (i.e. we won't consider blocks or approval, just ban setting)
+ */
+function check_rbls($page_level=false)
+{
+ $user_ip=get_ip_address();
+
+ // Check ocPortal bans / caching
+ require_code('support2');
+ $is_already_ip_banned=ip_banned($user_ip,true,true);
+ if ($is_already_ip_banned===true) critical_error('BANNED');
+ if ($is_already_ip_banned===false) return; // Cached that we're not banned
+
+ // Check exclusions
+ $exclusions=explode(',',get_option('spam_check_exclusions'));
+ foreach ($exclusions as $e)
+ {
+ if (trim($e)==$user_ip) return;
+ }
+
+ // What are we blocking? Hard-coded settings for the particular supported block lists
+ $block=array(
+ 'tornevall_abuse'=>true, // TornevallRBL: Block on 'abuse'
+ 'tornevall_anonymous'=>true, // TornevallRBL: Block on anonymous access (anonymizers, TOR, etc)
+ 'tornevall_blitzed'=>true, // TornevallRBL: Block if host are found in the Blitzed RBL (R.I.P)
+ 'tornevall_checked'=>false, // TornevallRBL: Block anything that has been checked
+ 'tornevall_elite'=>true, // TornevallRBL: Block elite proxies (proxies with high anonymity)
+ 'tornevall_error'=>false, // TornevallRBL: Block proxies that has been tested but failed
+ 'tornevall_timeout'=>false, // TornevallRBL: Block proxies that has been tested but timed out
+ 'tornevall_working'=>true, // TornevallRBL: Block proxies that has been tested and works
+ 'efnet_openproxy'=>true, // EFNet: Block open proxies registered at rbl.efnet.org
+ 'efnet_spamtrap50'=>false, // EFNet: Block trojan spreading client (IRC-based)
+ 'efnet_spamtrap666'=>false, // EFNet: Block known trojan infected/spreading client (IRC-based)
+ 'efnet_tor'=>true, // EFNet: Block TOR Proxies
+ 'efnet_drones'=>false, // EFNet: Drones/Flooding (IRC-based)
+ 'njabl_dialup'=>false, // Njabl: Block dialups/dynamic ip-ranges (Be careful!)
+ 'njabl_formmail'=>true, // Njabl: Block systems with insecure scripts that make them into open relays
+ 'njabl_multi'=>false, // Njabl: Block multi-stage open relays (Don't know what this is? Leave it alone)
+ 'njabl_openproxy'=>true, // Njabl: Block open proxy servers
+ 'njabl_passive'=>false, // Njabl: Block passively detected 'bad hosts' (Don't know what this is? Leave it alone)
+ 'njabl_relay'=>false, // Njabl: Block open relays (as in e-mail-open-relays - be careful)
+ 'njabl_spam'=>false // Njabl: lock spam sources (Again, as in e-mail
+ );
+
+ // Handle the return data for the different RBLs
+ $blockdetails=mixed();
+ $blockedby=mixed();
+ $confidencelevel=mixed();
+ $rbllist=explode(',',get_option('spam_block_lists'));
+ foreach ($rbllist as $rbl)
+ {
+ // Blocking based on opm.tornevall.org settings (used by default because stopforumspam syndicates to this and ask us to check this first, for performance)
+ // http://dnsbl.tornevall.org/?do=usage
+ $rtornevall=array(
+ 'tornevall_checked'=>1,
+ 'tornevall_working'=>2,
+ 'tornevall_blitzed'=>4,
+ 'tornevall_timeout'=>8,
+ 'tornevall_error'=>16,
+ 'tornevall_elite'=>32,
+ 'tornevall_abuse'=>64,
+ 'tornevall_anonymous'=>128
+ );
+ if (strpos($rbl,'tornevall.org')!==false)
+ {
+ if (!is_null($confidencelevel)) continue; // We know better than this RBL can tell us, so stick with what we know
+ $rblresponse=rblresolve($user_ip,$rbl,$page_level);
+ if (is_null($rblresponse)) continue; // Error
+
+ foreach ($rtornevall as $rbl_t=>$rbl_tc)
+ {
+ if ((($rblresponse[3] & $rbl_tc)!=0) && ($block[$rbl_t]))
+ {
+ $blockdetails=$rblresponse[3];
+ $blockedby=preg_replace('#^\*\.#','',$rbl);
+ break;
+ }
+ }
+ continue;
+ }
+
+ // Blocking based on njabl.org settings (not used by default)
+ // http://njabl.org/use.html
+ $rnjabl=array(
+ 'njabl_relay'=>2,
+ 'njabl_dialup'=>3,
+ 'njabl_spam'=>4,
+ 'njabl_multi'=>5,
+ 'njabl_passive'=>6,
+ 'njabl_formmail'=>8,
+ 'njabl_openproxy'=>9
+ );
+ if (strpos($rbl,'njabl.org')!==false)
+ {
+ if (!is_null($confidencelevel)) continue; // We know better than this RBL can tell us, so stick with what we know
+ $rblresponse=rblresolve($user_ip,$rbl,$page_level);
+ if (is_null($rblresponse)) continue; // Error
+
+ foreach ($rnjabl as $njcheck=>$value)
+ {
+ if (($rblresponse[3]==$value) && ($block[$njcheck]))
+ {
+ $blockdetails=$rblresponse[3];
+ $blockedby=preg_replace('#^\*\.#','',$rbl);
+ break;
+ }
+ }
+ continue;
+ }
+
+ // Blocking based on efnet.org settings (not used by default)
+ // http://efnetrbl.org/
+ $refnet=array(
+ 'efnet_openproxy'=>1,
+ 'efnet_spamtrap666'=>2,
+ 'efnet_spamtrap50'=>3,
+ 'efnet_tor'=>4,
+ 'efnet_drones'=>5
+ );
+ if (strpos($rbl,'efnet.org')!==false)
+ {
+ if (!is_null($confidencelevel)) continue; // We know better than this RBL can tell us, so stick with what we know
+ $rblresponse=rblresolve($user_ip,$rbl,$page_level);
+ if (is_null($rblresponse)) continue; // Error
+
+ foreach ($refnet as $efcheck=>$value)
+ {
+ if (($rblresponse[3]==$value) && ($block[$njcheck]))
+ {
+ $blockdetails=$rblresponse[3];
+ $blockedby=preg_replace('#^\*\.#','',$rbl);
+ break;
+ }
+ }
+ continue;
+ }
+
+ // Blocking based on HTTP:BL settings (not used by default, because it requires getting a key)
+ // http://www.projecthoneypot.org/httpbl_api.php
+ if (strpos($rbl,'dnsbl.httpbl.org')!==false)
+ {
+ if (strpos($rbl,'*')===false) // Fix a misconfiguration based on the admin copy and pasting the given HTTP:BL setup example
+ {
+ $rbl=str_replace('7.1.1.127','*',$rbl);
+ }
+
+ $rblresponse=rblresolve($user_ip,$rbl,$page_level);
+ if (is_null($rblresponse)) continue; // Error
+
+ $_confidencelevel=floatval($rblresponse[2])/255.0;
+ if ($_confidencelevel!=0.0)
+ {
+ $spam_stale_threshold=intval(get_option('spam_stale_threshold'));
+
+ if (intval($rblresponse[1])>$spam_stale_threshold) break; // We know this IP is stale now so don't check other RBLs as no others support stale checks
+
+ if (($confidencelevel===NULL) || ($_confidencelevel>$confidencelevel))
+ {
+ //$confidencelevel=$_confidencelevel; Actually, this is a threat level, not a confidence level. If it's not zero, it is 100% confidence.
+ $confidencelevel=1.0;
+ $blockdetails=$rblresponse[3];
+ $blockedby='dnsbl.httpbl.org';
+ }
+ break;
+ }
+ continue;
+ }
+
+ // Unknown RBL, basic support only
+ if ($rblresponse[3]!=0)
+ {
+ if (!is_null($confidencelevel)) continue; // We know better than this RBL can tell us, so stick with what we know
+ $rblresponse=rblresolve($user_ip,$rbl,$page_level);
+ if (is_null($rblresponse)) continue; // Error
+
+ $blockdetails=$rblresponse[3];
+ $blockedby=preg_replace('#^\*\.#','',$rbl);
+ break;
+ }
+ }
+
+ // Now deal with it
+ if ($blockdetails!==NULL) // If there's a block
+ {
+ if ($confidencelevel===NULL) $confidencelevel=floatval(get_option('implied_spammer_confidence'))/100.0;
+ handle_perceived_spammer($user_ip,$confidencelevel,$blockedby,$page_level);
+ } else
+ {
+ require_code('failure');
+ add_ip_ban($user_ip,'',time()+60*intval(get_option('spam_cache_time')),false); // Mark a negative ban (i.e. cache)
+ }
+}
+
+/**
+ * Do an RBL lookup.
+ *
+ * @param IP The IP address to lookup
+ * @param ID_TEXT The RBL domain
+ * @param boolean Whether this is a page level check (i.e. we won't consider blocks or approval, just ban setting)
+ * @return ?array Return result (NULL: error)
+ */
+function rblresolve($ip,$rbldomain,$page_level)
+{
+ if (strpos($ip,'.')!==false) // ipv4
+ {
+ $arpa=implode('.',array_reverse(explode('.',$ip)));
+ } else // ipv6
+ {
+ $_ip=explode(':',$ip);
+ $normalised_ip='';
+ $normalised_ip.=str_pad('',(4*(8-count($_ip))),'0000',STR_PAD_LEFT); // Fill out trimmed 0's on left
+ foreach ($_ip as $seg) // Copy rest in
+ $normalised_ip.=str_pad($seg,4,'0',STR_PAD_LEFT); // Pad out each component in full, building up $normalised_ip
+ $arpa=implode('.',array_reverse(preg_split('//',$normalised_ip,NULL,PREG_SPLIT_NO_EMPTY)));
+ }
+
+ $lookup=str_replace('*',$arpa,$rbldomain);
+
+ $_result=gethostbyname($lookup);
+ $result=explode('.',$_result);
+
+ if (implode('.',$result)==$lookup) // This is how gethostbyname indicates an error happened; however it likely actually means no block happened (as the RBL returned no data on the IP)
+ {
+ return NULL;
+ }
+
+ if ($result[0]!='127') // This is how the RBL indicates an error happened
+ {
+ if (!$page_level)
+ {
+ require_code('failure');
+ $error=do_lang('_ERROR_CHECKING_FOR_SPAMMERS',$rbldomain,$_result);
+ relay_error_notification($error,false,'error_occurred');
+ }
+ return NULL;
+ }
+
+ // Some kind of response
+ return $result;
+}
+
+/**
+ * Deal with a perceived spammer.
+ *
+ * @param IP IP address
+ * @param float Confidence level (0.0 to 1.0)
+ * @param ID_TEXT Identifier for whatever did the blocking
+ * @param boolean Whether this is a page level check (i.e. we won't consider blocks or approval, just ban setting)
+ */
+function handle_perceived_spammer($user_ip,$confidencelevel,$blockedby,$page_level)
+{
+ // Ban
+ $spam_ban_threshold=intval(get_option('spam_ban_threshold'));
+ if (intval($confidencelevel*100.0)>=$spam_ban_threshold)
+ {
+ require_code('failure');
+ add_ip_ban($user_ip,do_lang('IPBAN_LOG_AUTOBAN_ANTISPAM',$blockedby),time()+60*intval(get_option('spam_cache_time')));
+
+ require_code('notifications');
+ $subject=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_BAN',$user_ip,$blockedby,NULL,get_site_default_lang());
+ $message=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_MESSAGE_BAN',$user_ip,$blockedby,NULL,get_site_default_lang());
+ dispatch_notification('spam_check_block',NULL,$subject,$message,NULL,A_FROM_SYSTEM_PRIVILEGED);
+
+ warn_exit(do_lang_tempcode('STOPPED_BY_ANTISPAM',escape_html($user_ip),escape_html($blockedby)));
+ }
+
+ // Block
+ if (!$page_level)
+ {
+ $spam_block_threshold=intval(get_option('spam_block_threshold'));
+ if (intval($confidencelevel*100.0)>=$spam_block_threshold)
+ {
+ require_code('notifications');
+ $subject=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_BLOCK',$user_ip,$blockedby,NULL,get_site_default_lang());
+ $message=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_MESSAGE_BLOCK',$user_ip,$blockedby,NULL,get_site_default_lang());
+ dispatch_notification('spam_check_block',NULL,$subject,$message,NULL,A_FROM_SYSTEM_PRIVILEGED);
+
+ warn_exit(do_lang_tempcode('STOPPED_BY_ANTISPAM',escape_html($user_ip),escape_html($blockedby)));
+ }
+ }
+
+ // Require approval
+ $spam_approval_threshold=intval(get_option('spam_approval_threshold'));
+ if (intval($confidencelevel*100.0)>=$spam_approval_threshold)
+ {
+ global $SPAM_REMOVE_VALIDATION;
+ $SPAM_REMOVE_VALIDATION=true;
+
+ require_code('notifications');
+ $subject=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_SUBJECT_APPROVE',$user_ip,$blockedby,NULL,get_site_default_lang());
+ $message=do_lang('NOTIFICATION_SPAM_CHECK_BLOCK_MESSAGE_APPROVE',$user_ip,$blockedby,NULL,get_site_default_lang());
+ dispatch_notification('spam_check_block',NULL,$subject,$message,NULL,A_FROM_SYSTEM_PRIVILEGED);
+ }
+}
+
+/**
+ * Check RBLs to see if we need to block this user.
+ *
+ * @param ?string Check this particular username that has just been supplied (NULL: none)
+ * @param ?string Check this particular email address that has just been supplied (NULL: none)
+ */
+function check_stopforumspam($username=NULL,$email=NULL)
+{
+ // http://www.stopforumspam.com/usage
+
+ if (get_option('spam_block_lists')=='') return;
+
+ // Check exclusions
+ $user_ip=get_ip_address();
+ $exclusions=explode(',',get_option('spam_check_exclusions'));
+ foreach ($exclusions as $e)
+ {
+ if (trim($e)==$user_ip) return;
+ }
+
+ // Are we really going to check that username?
+ if (get_option('spam_check_usernames')=='0') $username=NULL;
+ $confidencelevel=mixed();
+
+ // Do the query with every detail we have
+ require_code('files');
+ require_code('character_sets');
+ $key=get_option('stopforumspam_api_key');
+ $url='http://www.stopforumspam.com/api?f=serial&unix&confidence&ip='.urlencode($user_ip);
+ if (!is_null($username)) $url.='&username='.urlencode(convert_to_internal_encoding($username,get_charset(),'utf-8'));
+ if (!is_null($email)) $url.='&email='.urlencode(convert_to_internal_encoding($email,get_charset(),'utf-8'));
+ if ($key!='') $url.='&api_key='.urlencode($key); // Key not needed for read requests, but give it as a courtesy
+ $_result=http_download_file($url,NULL,false);
+
+ $result=@unserialize($_result);
+ if ($result!==false)
+ {
+ if ($result['success'])
+ {
+ foreach (array('username','email','ip') as $criterion)
+ {
+ if (array_key_exists($criterion,$result))
+ {
+ $c=$result[$criterion];
+ if ($c['appears']==1)
+ {
+ $spam_stale_threshold=intval(get_option('spam_stale_threshold'));
+ $days_ago=floatval(time()-intval($c['lastseen']))/(24.0*60.0*60.0);
+ if ($days_ago<=floatval($spam_stale_threshold))
+ {
+ $_confidencelevel=$c['confidence']/100.0;
+ if (($confidencelevel===NULL) || ($_confidencelevel>$confidencelevel))
+ {
+ $confidencelevel=$_confidencelevel;
+ }
+ }
+
+ // NB: frequency figure is ignored, not used in our algorithm
+ }
+ }
+ }
+ } else
+ {
+ require_code('failure');
+ $error=do_lang('_ERROR_CHECKING_FOR_SPAMMERS','stopforumspam.com',$result['error']);
+ relay_error_notification($error,false,'error_occurred');
+ }
+ } else
+ {
+ require_code('failure');
+ $error=do_lang('ERROR_CHECKING_FOR_SPAMMERS','stopforumspam.com');
+ relay_error_notification($error,false,'error_occurred');
+ }
+
+ if ($confidencelevel!==NULL)
+ {
+ handle_perceived_spammer($user_ip,$confidencelevel,'stopforumspam.com',false);
+ }
+}
diff --git a/sources/banners2.php b/sources/banners2.php
index 01bfc0e..c3089e3 100644
--- a/sources/banners2.php
+++ b/sources/banners2.php
@@ -261,8 +261,6 @@ function edit_banner($old_name,$name,$imgurl,$title_text,$caption,$campaignremai
$_caption=$GLOBALS['SITE_DB']->query_value('banners','caption',array('name'=>$old_name));
- if (!has_specific_permission(get_member(),'bypass_validation_midrange_content','cms_banners')) $validated=0;
-
require_code('files2');
delete_upload('uploads/banners','banners','img_url','name',$old_name,$imgurl);
diff --git a/sources/failure.php b/sources/failure.php
index 2dcc31f..7fd6549 100644
--- a/sources/failure.php
+++ b/sources/failure.php
@@ -11,6 +11,7 @@
**** If you ignore this advice, then your website upgrades (e.g. for bug fixes) will likely kill your changes ****
*/
+/*EXTRA FUNCTIONS: TornUserinfoClass|SoapClient*/
/**
* @license http://opensource.org/licenses/cpal_1.0 Common Public Attribution License
@@ -421,11 +422,17 @@ function _log_hack_attack_and_exit($reason,$reason_param_a='',$reason_param_b=''
$rows=$GLOBALS['SITE_DB']->query_select('hackattack',array('*'),array('ip'=>$alt_ip?$ip2:$ip));
$rows[]=$new_row;
$summary='';
+ $is_spammer=false;
foreach ($rows as $row)
{
+ if ($row['reason']=='LAME_SPAM_HACK') $is_spammer=true;
$full_reason=do_lang($row['reason'],$row['reason_param_a'],$row['reason_param_b'],NULL,get_site_default_lang());
$summary.="\n".' - '.$full_reason.' ['.$row['url'].']';
}
+ if ($is_spammer)
+ {
+ syndicate_spammer_report($alt_ip?$ip2:$ip,is_guest()?'':$GLOBALS['FORUM_DRIVER']->get_username(get_member()),$GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member()),do_lang('SPAM_REPORT_TRIGGERED_SPAM_HEURISTICS'));
+ }
add_ip_ban($alt_ip?$ip2:$ip,$full_reason);
$_ip_ban_url=build_url(array('page'=>'admin_ipban','type'=>'misc'),get_module_zone('admin_ipban'),NULL,false,false,true);
$ip_ban_url=$_ip_ban_url->evaluate();
@@ -468,15 +475,20 @@ function _log_hack_attack_and_exit($reason,$reason_param_a='',$reason_param_b=''
*
* @param IP The IP address to ban
* @param LONG_TEXT Explanation for ban
+ * @param ?TIME When to ban until (NULL: no limit)
+ * @param boolean Whether this is a positive ban (as opposed to a cached negative)
*/
-function add_ip_ban($ip,$descrip='')
+function add_ip_ban($ip,$descrip='',$ban_until=NULL,$ban_positive=true)
{
if (!addon_installed('securitylogging')) return;
+ require_code('support2');
+ if ((!is_null($ban_until)) && (ip_banned($ip,true))) return; // Don't allow shortening ban period automatically, or having a negative ban negating a positive one!
+
$GLOBALS['SITE_DB']->query_delete('usersubmitban_ip',array('ip'=>$ip),'',1);
- $GLOBALS['SITE_DB']->query_insert('usersubmitban_ip',array('ip'=>$ip,'i_descrip'=>$descrip),false,true); // To stop weird race-like conditions
+ $GLOBALS['SITE_DB']->query_insert('usersubmitban_ip',array('ip'=>$ip,'i_descrip'=>$descrip,'i_ban_until'=>$ban_until,'i_ban_positive'=>$ban_positive?1:0),false,true); // To stop weird race-like conditions
persistant_cache_delete('IP_BANS');
- if (is_writable_wrap(get_file_base().'/.htaccess'))
+ if ((is_writable_wrap(get_file_base().'/.htaccess')) && (is_null($ban_until)))
{
$original_contents=file_get_contents(get_file_base().'/.htaccess',FILE_TEXT);
$ip_cleaned=str_replace('*','',$ip);
@@ -934,7 +946,7 @@ function get_html_trace()
* Show a helpful access-denied page. Has a login ability if it senses that logging in could curtail the error.
*
* @param ID_TEXT The class of error (e.g. SPECIFIC_PERMISSION)
- * @param string The parameteter given to the error message
+ * @param string The parameter given to the error message
* @param boolean Force the user to login (even if perhaps they are logged in already)
*/
function _access_denied($class,$param,$force_login)
@@ -1009,3 +1021,96 @@ function _access_denied($class,$param,$force_login)
warn_exit($message);
}
+/**
+ * Syndicate a spammer report out to wherever we can.
+ *
+ * @param IP IP address to report
+ * @param ID_TEXT Username address to report
+ * @param EMAIL Email address to report
+ * @param string The reason for the report (blank: none)
+ * @param boolean Whether to throw an ocPortal error, on error. Should not be 'true' for automatic spammer reports, as the spammer should not see the submission process in action!
+ */
+function syndicate_spammer_report($ip_addr,$username,$email,$reason='',$trigger_error=false)
+{
+ $did_something=false;
+
+ // Syndicate to dnsbl.tornevall.org
+ // ================================
+
+ $can_do_torn=(class_exists('SoapClient')) && (get_option('tornevall_api_username')!='');
+
+ if ($can_do_torn)
+ {
+ $torn_url='http://dnsbl.tornevall.org/soap/soapsubmit.php';
+
+ if (!class_exists('TornUserinfoClass'))
+ {
+ class TornUserinfoClass
+ {
+ var $Username;
+ var $Password;
+ }
+ }
+
+ $soapconf=array(
+ 'location'=>$torn_url,
+ 'uri'=>$torn_url,
+ 'trace'=>0,
+ 'exceptions'=>0,
+ 'connection_timeout'=>0
+ );
+
+ $userinfo=new TornUserinfoClass();
+ $userinfo->Username=get_option('tornevall_api_username');
+ $userinfo->Password=get_option('tornevall_api_password');
+
+ $add=array();
+ $add['ip']=$ip_addr;
+ if ($username!='') $add['username']=$username;
+ if ($email!='') $add['mail']=$email;
+
+ $client=new SoapClient(null,$soapconf);
+ $udata=array('userinfo'=>$userinfo);
+ $result=$client->submit($udata,array('add'=>$add));
+ if ($trigger_error)
+ {
+ if (isset($result['error']))
+ {
+ attach_message('dnsbl.tornevall.org: '.$result['error']['message'],'warn');
+ }
+ }
+
+ $did_something=true;
+ }
+
+ // Syndicate to Stop Forum Spam
+ // ============================
+
+ $stopforumspam_key=get_option('stopforumspam_api_key');
+ $can_do_stopforumspam=($stopforumspam_key!='') && ($username!='') && ($email!='');
+
+ if ($can_do_stopforumspam)
+ {
+ require_code('files');
+ require_code('character_sets');
+ $url='http://www.stopforumspam.com/add.php?api_key='.urlencode($stopforumspam_key).'&ip_addr='.urlencode($ip_addr);
+ if ($username!='') $url.='&username='.urlencode(convert_to_internal_encoding($username,get_charset(),'utf-8'));
+ if ($email!='') $url.='&email='.urlencode(convert_to_internal_encoding($email,get_charset(),'utf-8'));
+ if ($reason!='') $url.='&evidence='.urlencode(convert_to_internal_encoding($reason,get_charset(),'utf-8'));
+ $result=http_download_file($url,NULL,$trigger_error);
+ if (($trigger_error) && ($result!=''))
+ {
+ attach_message($result.' [ '.$url.' ]','warn');
+ }
+
+ $did_something=true;
+ }
+
+ // ---
+
+ // Did we get anything done?
+ if (($trigger_error) && (!$did_something))
+ {
+ attach_message(do_lang('SPAM_REPORT_NO_EMAIL_OR_USERNAME'),'warn');
+ }
+}
diff --git a/sources/feedback.php b/sources/feedback.php
index 6761596..3e7b48d 100644
--- a/sources/feedback.php
+++ b/sources/feedback.php
@@ -928,6 +928,8 @@ function actualise_post_trackback($allow_trackbacks,$content_type,$content_id)
{
if ((get_option('is_on_trackbacks')=='0') || (!$allow_trackbacks)) return false;
+ inject_action_spamcheck();
+
$url=either_param('url',NULL);
if (is_null($url)) return false;
$title=either_param('title',$url);
diff --git a/sources/forum/ocf.php b/sources/forum/ocf.php
index aeb17e8..eca5d8d 100644
--- a/sources/forum/ocf.php
+++ b/sources/forum/ocf.php
@@ -1559,9 +1559,10 @@ class forum_driver_ocf extends forum_driver_base
{
$ip=get_ip_address();
require_code('failure');
- add_ip_ban($ip);
+ add_ip_ban($ip,do_lang('SPAM_REPORT_SITE_FLOODING'));
require_code('notifications');
dispatch_notification('auto_ban',NULL,do_lang('AUTO_BAN_SUBJECT',$ip,NULL,NULL,get_site_default_lang()),do_lang('AUTO_BAN_DOS_MESSAGE',$ip,integer_format($count_threshold),integer_format($time_threshold),get_site_default_lang()),NULL,A_FROM_SYSTEM_PRIVILEGED);
+ syndicate_spammer_report($ip,is_guest()?'':$GLOBALS['FORUM_DRIVER']->get_username(get_member()),$GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member()),do_lang('SPAM_REPORT_SITE_FLOODING'));
}
if (!function_exists('require_lang')) require_code('lang');
if (!function_exists('do_lang_tempcode')) require_code('tempcode');
diff --git a/sources/global2.php b/sources/global2.php
index 87ec841..c7478b3 100644
--- a/sources/global2.php
+++ b/sources/global2.php
@@ -332,6 +332,7 @@ function init__global2()
}
require_code('zones'); // Zone is needed because zones are where all ocPortal pages reside
require_code('config'); // Config is needed for much active stuff
+
if ((get_option('collapse_user_zones',true)==='1') && ($RELATIVE_PATH=='site'))
{
get_base_url();/*force calculation first*/
@@ -389,6 +390,17 @@ function init__global2()
@header('Content-type: text/html; charset='.get_charset());
+ // Check RBL's
+ $spam_check_level=get_option('spam_check_level',true);
+ if ($spam_check_level==='EVERYTHING')
+ {
+ if (get_option('spam_block_lists')!='')
+ {
+ require_code('antispam');
+ check_rbls(true);
+ }
+ }
+
if (($MICRO_AJAX_BOOTUP==0) && ($MICRO_BOOTUP==0))
{
// Before anything gets outputted
@@ -554,6 +566,15 @@ function init__global2()
enter_chat_lobby();
}
+ // Detect and deal with spammers that triggered the spam blackhole
+ if (get_option('spam_blackhole_detection')=='1')
+ {
+ if (post_param(md5(get_site_name().': antispam'),'')!='')
+ {
+ log_hack_attack_and_exit('LAME_SPAM_HACK','<blackhole>'.post_param(md5(get_site_name().': antispam'),'').'</blackhole>');
+ }
+ }
+
// Startup hooks
if (!running_script('upgrader'))
{
@@ -2141,3 +2162,21 @@ function will_be_unicode_neutered($data)
}
return true;
}
+
+/**
+ * Should be called when an action happens that results in content submission. Does a spammer check.
+ *
+ * @param ?string Check this particular username that has just been supplied (NULL: none)
+ * @param ?string Check this particular email address that has just been supplied (NULL: none)
+ */
+function inject_action_spamcheck($username=NULL,$email=NULL)
+{
+ // Check RBL's/stopforumspam
+ $spam_check_level=get_option('spam_check_level',true);
+ if (($spam_check_level==='EVERYTHING') || ($spam_check_level==='ACTIONS') || ($spam_check_level==='GUESTACTIONS') && (is_guest()))
+ {
+ require_code('antispam');
+ check_rbls();
+ check_stopforumspam($username,$email);
+ }
+}
diff --git a/sources/hooks/modules/admin_import/ocp_merge.php b/sources/hooks/modules/admin_import/ocp_merge.php
index a58a0e8..fe94352 100644
--- a/sources/hooks/modules/admin_import/ocp_merge.php
+++ b/sources/hooks/modules/admin_import/ocp_merge.php
@@ -1408,7 +1408,7 @@ class Hook_ocp_merge
$rows=$db->query('SELECT * FROM '.$table_prefix.'usersubmitban_ip');
foreach ($rows as $row)
{
- add_ip_ban($row['ip'],array_key_exists('i_descrip',$row)?$row['i_descrip']:'');
+ add_ip_ban($row['ip'],array_key_exists('i_descrip',$row)?$row['i_descrip']:'',array_key_exists('i_ban_until',$row)?$row['i_ban_until']:NULL,array_key_exists('i_ban_positive',$row)?($row['i_ban_positive']==1):1);
}
$rows=$db->query('SELECT * FROM '.$table_prefix.'usersubmitban_member');
$on_same_msn=($this->on_same_msn($file_base));
diff --git a/sources/hooks/systems/addon_registry/core.php b/sources/hooks/systems/addon_registry/core.php
index f3184e4..ecf6985 100644
--- a/sources/hooks/systems/addon_registry/core.php
+++ b/sources/hooks/systems/addon_registry/core.php
@@ -74,6 +74,8 @@ class Hook_addon_registry_core
{
return array(
+ 'sources/antispam.php',
+ 'sources/hooks/systems/notifications/spam_check_block.php',
'sources/hooks/systems/notifications/low_disk_space.php',
'sources/hooks/systems/notifications/hack_attack.php',
'sources/hooks/systems/notifications/auto_ban.php',
@@ -860,7 +862,6 @@ class Hook_addon_registry_core
return array(
'ACTION_LOGS_SCREEN.tpl'=>'administrative__action_logs_screen',
'ACTION_LOGS_TOGGLE_LINK.tpl'=>'administrative__action_logs_toggle_link',
- 'IPBAN_SCREEN.tpl'=>'ipban_screen',
'LOOKUP_IP_LIST_ENTRY.tpl'=>'administrative__lookup_screen',
'LOOKUP_IP_LIST_GROUP.tpl'=>'administrative__lookup_screen',
'LOOKUP_SCREEN.tpl'=>'administrative__lookup_screen',
@@ -1015,29 +1016,6 @@ class Hook_addon_registry_core
*
* @return array Array of previews, each is Tempcode. Normally we have just one preview, but occasionally it is good to test templates are flexible (e.g. if they use IF_EMPTY, we can test with and without blank data).
*/
- function tpl_preview__ipban_screen()
- {
- return array(
- lorem_globalise(
- do_lorem_template('IPBAN_SCREEN',array(
- 'PING_URL'=>placeholder_url(),
- 'WARNING_DETAILS'=>'',
- 'TITLE'=>lorem_title(),
- 'BANS'=>placeholder_ip(),
- 'URL'=>placeholder_url(),
- )
- ),NULL,'',true),
- );
- }
-
-
- /**
- * Get a preview(s) of a (group of) template(s), as a full standalone piece of HTML in Tempcode format.
- * Uses sources/lorem.php functions to place appropriate stock-text. Should not hard-code things, as the code is intended to be declaritive.
- * Assumptions: You can assume all Lang/CSS/Javascript files in this addon have been pre-required.
- *
- * @return array Array of previews, each is Tempcode. Normally we have just one preview, but occasionally it is good to test templates are flexible (e.g. if they use IF_EMPTY, we can test with and without blank data).
- */
function tpl_preview__administrative__lookup_screen()
{
$inner_ip_list = new ocp_tempcode();
diff --git a/sources/hooks/systems/addon_registry/securitylogging.php b/sources/hooks/systems/addon_registry/securitylogging.php
index 32f367d..e512eab 100644
--- a/sources/hooks/systems/addon_registry/securitylogging.php
+++ b/sources/hooks/systems/addon_registry/securitylogging.php
@@ -100,6 +100,7 @@ class Hook_addon_registry_securitylogging
'SECURITY_SCREEN.tpl'=>'administrative__security_screen',
'SECURITY_ALERT_SCREEN.tpl'=>'administrative__security_alert_screen',
'HACK_ATTEMPT_MAIL.tpl'=>'administrative__hack_attempt_mail',
+ 'IPBAN_SCREEN.tpl'=>'ipban_screen',
);
}
@@ -110,6 +111,29 @@ class Hook_addon_registry_securitylogging
*
* @return array Array of previews, each is Tempcode. Normally we have just one preview, but occasionally it is good to test templates are flexible (e.g. if they use IF_EMPTY, we can test with and without blank data).
*/
+ function tpl_preview__ipban_screen()
+ {
+ return array(
+ lorem_globalise(
+ do_lorem_template('IPBAN_SCREEN',array(
+ 'PING_URL'=>placeholder_url(),
+ 'WARNING_DETAILS'=>'',
+ 'TITLE'=>lorem_title(),
+ 'BANS'=>placeholder_ip(),
+ 'LOCKED_BANS'=>placeholder_ip(),
+ 'URL'=>placeholder_url(),
+ )
+ ),NULL,'',true),
+ );
+ }
+
+ /**
+ * Get a preview(s) of a (group of) template(s), as a full standalone piece of HTML in Tempcode format.
+ * Uses sources/lorem.php functions to place appropriate stock-text. Should not hard-code things, as the code is intended to be declaritive.
+ * Assumptions: You can assume all Lang/CSS/Javascript files in this addon have been pre-required.
+ *
+ * @return array Array of previews, each is Tempcode. Normally we have just one preview, but occasionally it is good to test templates are flexible (e.g. if they use IF_EMPTY, we can test with and without blank data).
+ */
function tpl_preview__administrative__hack_attempt_mail()
{
return array(
diff --git a/sources/hooks/systems/notifications/spam_check_block.php b/sources/hooks/systems/notifications/spam_check_block.php
new file mode 100644
index 0000000..f6116bf
--- /dev/null
+++ b/sources/hooks/systems/notifications/spam_check_block.php
@@ -0,0 +1,42 @@
+<?php /*
+
+ ocPortal
+ Copyright (c) ocProducts, 2004-2012
+
+ See text/EN/licence.txt for full licencing information.
+
+*/
+
+/**
+ * @license http://opensource.org/licenses/cpal_1.0 Common Public Attribution License
+ * @copyright ocProducts Ltd
+ * @package core
+ */
+
+class Hook_Notification_spam_check_block extends Hook_Notification__Staff
+{
+ /**
+ * Find the initial setting that members have for a notification code (only applies to the member_could_potentially_enable members).
+ *
+ * @param ID_TEXT Notification code
+ * @param ?SHORT_TEXT The category within the notification code (NULL: none)
+ * @return integer Initial setting
+ */
+ function get_initial_setting($notification_code,$category=NULL)
+ {
+ return A_NA;
+ }
+
+ /**
+ * Get a list of all the notification codes this hook can handle.
+ * (Addons can define hooks that handle whole sets of codes, so hooks are written so they can take wide authority)
+ *
+ * @return array List of codes (mapping between code names, and a pair: section and labelling for those codes)
+ */
+ function list_handled_codes()
+ {
+ $list=array();
+ $list['spam_check_block']=array(do_lang('security:SECURITY'),do_lang('NOTIFICATION_TYPE_spam_check_block'));
+ return $list;
+ }
+}
diff --git a/sources/ocf_join.php b/sources/ocf_join.php
index 879e6a7..aa6e893 100644
--- a/sources/ocf_join.php
+++ b/sources/ocf_join.php
@@ -25,6 +25,15 @@ function check_joining_allowed()
{
if (get_forum_type()!='ocf') warn_exit(do_lang_tempcode('NO_OCF'));
+ // Check RBL's/stopforumspam
+ $spam_check_level=get_option('spam_check_level',true);
+ if (($spam_check_level==='EVERYTHING') || ($spam_check_level==='ACTIONS') || ($spam_check_level==='GUESTACTIONS') || ($spam_check_level==='JOINING'))
+ {
+ require_code('antispam');
+ check_rbls();
+ check_stopforumspam();
+ }
+
global $LDAP_CONNECTION;
if ((!is_null($LDAP_CONNECTION)) && (get_option('ldap_allow_joining',true)==='0'))
warn_exit(do_lang_tempcode('JOIN_DISALLOW'));
@@ -280,6 +289,15 @@ function ocf_join_actual($captcha_if_enabled=true,$intro_message_if_enabled=true
}
}
+ // Check RBL's/stopforumspam
+ $spam_check_level=get_option('spam_check_level',true);
+ if (($spam_check_level==='EVERYTHING') || ($spam_check_level==='ACTIONS') || ($spam_check_level==='GUESTACTIONS') || ($spam_check_level==='JOINING'))
+ {
+ require_code('antispam');
+ check_rbls();
+ check_stopforumspam($username,$email_address);
+ }
+
if ($captcha_if_enabled)
{
if (addon_installed('captcha'))
diff --git a/sources/ocf_posts_action.php b/sources/ocf_posts_action.php
index aa9defa..b83fe96 100644
--- a/sources/ocf_posts_action.php
+++ b/sources/ocf_posts_action.php
@@ -105,6 +105,8 @@ function ocf_make_post($topic_id,$title,$post,$skip_sig=0,$is_starter=false,$val
{
if (is_null($poster)) $poster=get_member();
+ inject_action_spamcheck($poster_name_if_guest,get_param('email',NULL));
+
if ($check_permissions)
{
if (strlen($title)>120)
diff --git a/sources/permissions.php b/sources/permissions.php
index fbf192a..4d4522e 100644
--- a/sources/permissions.php
+++ b/sources/permissions.php
@@ -48,6 +48,9 @@ function init__permissions()
global $PERMISSION_CHECK_LOGGER,$PERMISSIONS_ALREADY_LOGGED;
$PERMISSION_CHECK_LOGGER=NULL;
$PERMISSIONS_ALREADY_LOGGED=array();
+
+ global $SPAM_REMOVE_VALIDATION;
+ $SPAM_REMOVE_VALIDATION=false;
}
/**
@@ -518,6 +521,12 @@ function has_specific_permission($member,$permission,$page=NULL,$cats=NULL)
if ($page===NULL) $page=get_page_name();
+ global $SPAM_REMOVE_VALIDATION;
+ if (($SPAM_REMOVE_VALIDATION) && ($member==get_member()) && (($permission=='bypass_validation_highrange_content') || ($permission=='bypass_validation_midrange_content') || ($permission=='bypass_validation_lowrange_content')))
+ {
+ return false;
+ }
+
$groups=_get_where_clause_groups($member);
if ($groups===NULL) return true;
diff --git a/sources/support.php b/sources/support.php
index edf715c..f42fc45 100644
--- a/sources/support.php
+++ b/sources/support.php
@@ -862,10 +862,10 @@ function get_ip_address($amount=4)
{
// return strval(mt_rand(0,255)).'.'.strval(mt_rand(0,255)).'.'.strval(mt_rand(0,255)).'.'.strval(mt_rand(0,255)); // Nice little test for if sessions break
- $fw=ocp_srv('HTTP_X_FORWARDED_FOR');
+ /*$fw=ocp_srv('HTTP_X_FORWARDED_FOR'); Presents too many security and maintenance problems. Can easily be faked, or changed.
if (ocp_srv('HTTP_CLIENT_IP')!='') $fw=ocp_srv('HTTP_CLIENT_IP');
if (($fw!='') && ($fw!='127.0.0.1') && (substr($fw,0,8)!='192.168.') && (substr($fw,0,3)!='10.') && (is_valid_ip($fw)) && ($fw!=ocp_srv('SERVER_ADDR'))) $ip=$fw;
- else $ip=ocp_srv('REMOTE_ADDR');
+ else */$ip=ocp_srv('REMOTE_ADDR');
if (!is_valid_ip($ip)) return '';
diff --git a/sources/support2.php b/sources/support2.php
index 50e74f2..bc8949f 100644
--- a/sources/support2.php
+++ b/sources/support2.php
@@ -114,12 +114,31 @@ function shuffle_for($by,$in)
* Check to see if an IP address is banned.
*
* @param string The IP address to check for banning (potentially encoded with *'s)
- * @return boolean Whether the IP address is banned
+ * @param boolean Force check via database
+ * @param boolean Handle uncertainities (used for the external bans - if true, we may return NULL, showing we need to do an external check). Only works with $force_db.
+ * @return ?boolean Whether the IP address is banned (NULL: unknown)
*/
-function ip_banned($ip) // This is the very first query called, so we will be a bit smarter, checking for errors
+function ip_banned($ip,$force_db=false,$handle_uncertainties=false) // This is the very first query called, so we will be a bit smarter, checking for errors
{
+ static $cache=array();
+ if ($handle_uncertainties)
+ {
+ if (array_key_exists($ip,$cache)) return $cache[$ip];
+ }
+
if (!addon_installed('securitylogging')) return false;
-
+
+ // Check exclusions first
+ $_exclusions=get_option('spam_check_exclusions',true);
+ if (!is_null($_exclusions))
+ {
+ $exclusions=explode(',',$_exclusions);
+ foreach ($exclusions as $exclusion)
+ {
+ if (trim($ip)==$exclusion) return false;
+ }
+ }
+
$ip4=(strpos($ip,'.')!==false);
if ($ip4)
{
@@ -130,7 +149,7 @@ function ip_banned($ip) // This is the very first query called, so we will be a
}
global $SITE_INFO;
- if (((isset($SITE_INFO['known_suexec'])) && ($SITE_INFO['known_suexec']=='1')) || (is_writable_wrap(get_file_base().'/.htaccess')))
+ if ((!$force_db) && (((isset($SITE_INFO['known_suexec'])) && ($SITE_INFO['known_suexec']=='1')) || (is_writable_wrap(get_file_base().'/.htaccess'))))
{
$bans=array();
$ban_count=preg_match_all('#\ndeny from (.*)#',file_get_contents(get_file_base().'/.htaccess'),$bans);
@@ -144,7 +163,7 @@ function ip_banned($ip) // This is the very first query called, so we will be a
$ip_bans=persistant_cache_get('IP_BANS');
if (is_null($ip_bans))
{
- $ip_bans=$GLOBALS['SITE_DB']->query('SELECT ip FROM '.get_table_prefix().'usersubmitban_ip',NULL,NULL,true);
+ $ip_bans=$GLOBALS['SITE_DB']->query('SELECT * FROM '.get_table_prefix().'usersubmitban_ip',NULL,NULL,true);
if (!is_null($ip_bans))
{
persistant_cache_set('IP_BANS',$ip_bans);
@@ -155,6 +174,12 @@ function ip_banned($ip) // This is the very first query called, so we will be a
$self_ip=NULL;
foreach ($ip_bans as $ban)
{
+ if ((!is_null($ban['i_ban_until'])) && ($ban['i_ban_until']<time()))
+ {
+ $GLOBALS['SITE_DB']->query('DELETE FROM '.get_table_prefix().'usersubmitban_ip WHERE i_ban_until IS NOT NULL AND i_ban_until<'.strval(time()));
+ continue;
+ }
+
if ((($ip4) && (compare_ip_address_ip4($ban['ip'],$ip_parts))) || ((!$ip4) && (compare_ip_address_ip6($ban['ip'],$ip_parts))))
{
if (is_null($self_ip))
@@ -173,13 +198,32 @@ function ip_banned($ip) // This is the very first query called, so we will be a
}
}
if (($self_ip!='') && (!compare_ip_address($ban['ip'],$self_ip))) continue;
if (compare_ip_address($ban['ip'],'127.0.0.1')) continue;
if (compare_ip_address($ban['ip'],'fe00:0000:0000:0000:0000:0000:0000:0000')) continue;
- return true;
+
+ if (array_key_exists('i_ban_positive',$ban))
+ {
+ $ret=($ban['i_ban_positive']==1);
+ } else
+ {
+ $ret=true;
+ }
+
+ if ($handle_uncertainties)
+ {
+ $cache[$ip]=$ret;
+ }
+ return $ret;
}
}
- return false;
+
+ $ret=$handle_uncertainties?NULL:false;
+ if ($handle_uncertainties)
+ {
+ $cache[$ip]=$ret;
+ }
+ return $ret;
}
/**
diff --git a/sources/symbols.php b/sources/symbols.php
index b5f4522..d52de19 100644
--- a/sources/symbols.php
+++ b/sources/symbols.php
@@ -1818,6 +1818,62 @@ function ecv($lang,$escaped,$type,$name,$param)
}
break;
+ case 'INSERT_SPAMMER_BLACKHOLE':
+ if (get_option('spam_blackhole_detection')=='1')
+ {
+ $field_name=md5(get_site_name().': antispam');
+ $value='<div id="'.escape_html($field_name).'_wrap" style="display:none"><label for="'.escape_html($field_name).'">'.do_lang('DO_NOT_FILL_ME_SPAMMER_BLACKHOLE').'</label><input id="'.escape_html($field_name).'" name="'.escape_html($field_name).'" value="" type="text" /></div>';
+ if (!$GLOBALS['SEMI_DEBUG_MODE'])
+ $value.='<script type="text/javascript">// <![CDATA['.chr(10).'var wrap=document.getElementById(\''.escape_html($field_name).'_wrap\'); wrap.parentNode.removeChild(wrap);'.chr(10).'//]]></script>';
+ }
+ break;
+
+ case 'HONEYPOT_LINK':
+ $honeypot_url=get_option('honeypot_url',true);
+ if ($honeypot_url!=='')
+ {
+ $first_char=substr(md5(get_page_name()),0,1);
+ $bot_phrase=get_option('honeypot_phrase');
+ switch ($first_char)
+ {
+ case '0':
+ case '1':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'"><!-- '.escape_html($bot_phrase).' --></a>';
+ break;
+ case '2':
+ case '3':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'"><img alt="'.escape_html($bot_phrase).'" src="'.escape_html(find_theme_image('blank')).'" height="1" width="1" border="0"></a>';
+ break;
+ case '4':
+ case '5':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'" style="display: none;">'.escape_html($bot_phrase).'</a>';
+ break;
+ case '6':
+ case '7':
+ $value='<div style="display: none;"><a rel="nofollow" href="'.escape_html($honeypot_url).'">'.escape_html($bot_phrase).'</a></div>';
+ break;
+ case '8':
+ case '9':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'"></a>';
+ break;
+ case 'a':
+ case 'b':
+ $value='<!-- <a rel="nofollow" href="'.escape_html($honeypot_url).'">'.escape_html($bot_phrase).'</a> -->';
+ break;
+ case 'c':
+ case 'd':
+ $value='<div style="position: absolute; top: -250px; left: -250px;"><a rel="nofollow" href="'.escape_html($honeypot_url).'">'.escape_html($bot_phrase).'</a></div>';
+ break;
+ case 'e':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'"><span style="display: none;">'.escape_html($bot_phrase).'</span></a>';
+ break;
+ case 'f':
+ $value='<a rel="nofollow" href="'.escape_html($honeypot_url).'"><div style="height: 0px; width: 0px;"></div></a>';
+ break;
+ }
+ }
+ break;
+
case 'MAILTO':
require_code('obfuscate');
diff --git a/themes/default/templates/ACTION_LOGS_TOGGLE_LINK.tpl b/themes/default/templates/ACTION_LOGS_TOGGLE_LINK.tpl
index 6b5d610..21ee666 100755
--- a/themes/default/templates/ACTION_LOGS_TOGGLE_LINK.tpl
+++ b/themes/default/templates/ACTION_LOGS_TOGGLE_LINK.tpl
@@ -1 +1 @@
- – <form title="{!TOGGLE}" class="inline" action="{URL*}" method="post"><input class="buttonhyperlink" type="submit" value="{!TOGGLE}" /></form>
+ <span class="associated_details">[<form title="{!TOGGLE}" class="inline" action="{URL*}" method="post"><input class="buttonhyperlink" type="submit" value="{+START,IF_PASSED,LABEL}{LABEL*}{+END}{+START,IF_NON_PASSED,LABEL}{!TOGGLE}{+END}" /></form>]</span>
diff --git a/themes/default/templates/BLOCK_MAIN_NEWSLETTER_SIGNUP.tpl b/themes/default/templates/BLOCK_MAIN_NEWSLETTER_SIGNUP.tpl
index 536f2a6..f0f27d7 100644
--- a/themes/default/templates/BLOCK_MAIN_NEWSLETTER_SIGNUP.tpl
+++ b/themes/default/templates/BLOCK_MAIN_NEWSLETTER_SIGNUP.tpl
@@ -5,6 +5,8 @@
{+START,BOX,{!NEWSLETTER}{$?,{$NEQ,{NEWSLETTER_TITLE},{!GENERAL}},: {NEWSLETTER_TITLE*}},,{$?,{$GET,in_panel},panel,classic}}
<form title="{!NEWSLETTER}" onsubmit="if ((checkFieldForBlankness(this.elements['address'],event)) && (this.elements['address{NID*}'].value.match(/^[a-zA-Z0-9\._\-\+]+@[a-zA-Z0-9\._\-]+$/))) { disable_button_just_clicked(this); return true; } window.fauxmodal_alert('{!NOT_A_EMAIL;=*}'); return false;" action="{URL*}" method="post">
+ {$INSERT_SPAMMER_BLACKHOLE}
+
<p class="accessibility_hidden"><label for="baddress">{!EMAIL_ADDRESS}</label></p>
<div class="constrain_field">
diff --git a/themes/default/templates/CATALOGUE_ADDING_SCREEN.tpl b/themes/default/templates/CATALOGUE_ADDING_SCREEN.tpl
index 52e13a8..df4b9ce 100644
--- a/themes/default/templates/CATALOGUE_ADDING_SCREEN.tpl
+++ b/themes/default/templates/CATALOGUE_ADDING_SCREEN.tpl
@@ -5,6 +5,8 @@
<div class="required_field_warning"><span class="required_star">*</span> {!REQUIRED}</div>
<form title="{!PRIMARY_PAGE_FORM}" method="post" action="{URL*}" target="_top">
+ {$INSERT_SPAMMER_BLACKHOLE}
+
<div>
{HIDDEN}
diff --git a/themes/default/templates/CHAT_SCREEN.tpl b/themes/default/templates/CHAT_SCREEN.tpl
index 63bdeff..5891922 100755
--- a/themes/default/templates/CHAT_SCREEN.tpl
+++ b/themes/default/templates/CHAT_SCREEN.tpl
@@ -9,6 +9,8 @@
<div class="float_surrounder chat_posting_area">
<div style="float: {!en_left};">
<form title="{!MESSAGE}" action="{MESSAGES_PHP*}?action=post&room_id={ROOM_ID*}" method="post" style="display: inline;">
+ {$INSERT_SPAMMER_BLACKHOLE}
+
<div style="display: inline;">
<p class="accessibility_hidden"><label for="post">{!MESSAGE}</label></p>
<textarea style="font-family: {FONT_NAME_DEFAULT*;}" class="input_text_required"{+START,IF,{$NOT,{$MOBILE}}} onkeyup="manageScrollHeight(this);"{+END} onkeypress="if (enter_pressed(event)) return chat_post(event,{ROOM_ID*},'post',document.getElementById('font_name').options[document.getElementById('font_name').selectedIndex].value,document.getElementById('text_colour').value); return true;" id="post" name="message" onfocus="if (typeof window.picker_node!='undefined') picker_node.style.visibility='hidden';" cols="{$?,{$MOBILE},37,39}" rows="1"></textarea>
diff --git a/themes/default/templates/COMMENTS_POSTING_FORM.tpl b/themes/default/templates/COMMENTS_POSTING_FORM.tpl
index e25eec1..f0cfb4d 100644
--- a/themes/default/templates/COMMENTS_POSTING_FORM.tpl
+++ b/themes/default/templates/COMMENTS_POSTING_FORM.tpl
@@ -1,6 +1,7 @@
{+START,IF_NON_EMPTY,{COMMENT_URL}}
<form{$?,{$VALUE_OPTION,html5}, role="form"} title="{TITLE*}" id="comments_form" onsubmit="return ({+START,IF_PASSED,MORE_URL}(this.getAttribute('action')=='{MORE_URL*}') || {+END}(checkFieldForBlankness(this.elements['post'],event)){+START,IF,{$AND,{GET_EMAIL},{$NOT,{EMAIL_OPTIONAL}}}} && (checkFieldForBlankness(this.elements['email'],event)){+END});" action="{COMMENT_URL*}{+START,IF_PASSED,COMMENTS}#last_comment{+END}" method="post" enctype="multipart/form-data">
-<input type="hidden" name="_comment_form_post" value="1" />
+ {$INSERT_SPAMMER_BLACKHOLE}
+ <input type="hidden" name="_comment_form_post" value="1" />
{+END}
<input type="hidden" name="_validated" value="1" />
diff --git a/themes/default/templates/FOOTER.tpl b/themes/default/templates/FOOTER.tpl
index 81cc429..8d2630c 100644
--- a/themes/default/templates/FOOTER.tpl
+++ b/themes/default/templates/FOOTER.tpl
@@ -73,6 +73,7 @@
{+START,IF,{$CONFIG_OPTION,bottom_show_feedback_link}}<a rel="site_contact" accesskey="9" href="{$PAGE_LINK*,:feedback}{+START,IF,{$NOT,{$IN_STR,{$PAGE_LINK,:feedback},?}}}?{+END}{+START,IF,{$NOT,{$NOT,{$IN_STR,{$PAGE_LINK,:feedback},?}}}}&{+END}redirect={$SELF_URL*&,1}">{!FEEDBACK}</a> <span class="linkcolor">·</span>{+END}
{+START,IF,{$CONFIG_OPTION,mobile_support}}{+START,IF,{$MOBILE,1}}<a href="{$SELF_URL*,1,0,0,keep_mobile=0}">{!NONMOBILE_VERSION}</a>{+END}{+START,IF,{$NOT,{$MOBILE,1}}}<a href="{$SELF_URL*,1,0,0,keep_mobile=1}">{!MOBILE_VERSION}</a>{+END} <span class="linkcolor">·</span>{+END}
{+START,IF,{$NOR,{$IS_HTTPAUTH_LOGIN},{$IS_GUEST}}}<form title="{!LOGOUT}" class="inline" method="post" action="{$PAGE_LINK*,:login:logout}"><input class="buttonhyperlink" type="submit" title="{!_LOGOUT,{$USERNAME*}}" value="{!LOGOUT}" /></form>{+END}{+START,IF,{$OR,{$IS_HTTPAUTH_LOGIN},{$IS_GUEST}}}<a href="{$PAGE_LINK*,:login:{$?,{$NOR,{$GET,login_screen},{$EQ,{$ZONE}:{$PAGE},:login}},redirect={$SELF_URL*&,1}}}">{!_LOGIN}</a>{+END}
+ {$HONEYPOT_LINK}
{+START,IF,{$AND,{$NOT,{$_GET,keep_has_js}},{$JS_ON}}}
<noscript>· <a href="{$SELF_URL*,1,0,1}&keep_has_js=0">{!MARK_JAVASCRIPT_DISABLED}</a></noscript>
diff --git a/themes/default/templates/FORM.tpl b/themes/default/templates/FORM.tpl
index 099b2fb..3b8a1ab 100644
--- a/themes/default/templates/FORM.tpl
+++ b/themes/default/templates/FORM.tpl
@@ -12,6 +12,8 @@
{$JAVASCRIPT_INCLUDE,javascript_validation}
<form title="{!PRIMARY_PAGE_FORM}" {+START,IF_PASSED,TARGET}target="{TARGET*}" {+END} {+START,IF_NON_PASSED,GET}method="post" action="{URL*}"{+START,IF,{$IN_STR,{FIELDS},"file"}} enctype="multipart/form-data"{+END}{+END}{+START,IF_PASSED,GET}method="get" action="{$URL_FOR_GET_FORM*,{URL}}"{+END} {+START,IF_NON_PASSED,TARGET}target="_top" {+END}{+START,IF_PASSED,AUTOCOMPLETE}{+START,IF,{AUTOCOMPLETE}}class="autocomplete" {+END}{+END}>
+ {+START,IF_NON_PASSED,GET}{$INSERT_SPAMMER_BLACKHOLE}{+END}
+
{+START,IF_PASSED,GET}{$HIDDENS_FOR_GET_FORM,{URL}}{+END}
{+START,IF_PASSED,SKIPPABLE}
diff --git a/themes/default/templates/FORM_GROUPED.tpl b/themes/default/templates/FORM_GROUPED.tpl
index 7a9fb1d..a270637 100755
--- a/themes/default/templates/FORM_GROUPED.tpl
+++ b/themes/default/templates/FORM_GROUPED.tpl
@@ -4,6 +4,8 @@
{$JAVASCRIPT_INCLUDE,javascript_validation}
<form title="{!PRIMARY_PAGE_FORM}" {+START,IF_NON_PASSED,GET}method="post" action="{URL*}"{+START,IF,{$IN_STR,{FIELD_GROUPS},"file"}} enctype="multipart/form-data"{+END}{+END}{+START,IF_PASSED,GET}method="get" action="{$URL_FOR_GET_FORM*,{URL}}"{+END} target="_top" {+START,IF_PASSED,AUTOCOMPLETE}{+START,IF,{AUTOCOMPLETE}}class="autocomplete" {+END}{+END}>
+ {+START,IF_NON_PASSED,GET}{$INSERT_SPAMMER_BLACKHOLE}{+END}
+
{+START,IF_PASSED,GET}{$HIDDENS_FOR_GET_FORM,{URL}}{+END}
<div>
diff --git a/themes/default/templates/FORM_SCREEN.tpl b/themes/default/templates/FORM_SCREEN.tpl
index 7eea9d8..1f27d8c 100644
--- a/themes/default/templates/FORM_SCREEN.tpl
+++ b/themes/default/templates/FORM_SCREEN.tpl
@@ -18,10 +18,14 @@
{$JAVASCRIPT_INCLUDE,javascript_validation}
{+START,IF_NON_PASSED,IFRAME_URL}
<form title="{!PRIMARY_PAGE_FORM}" id="main_form" {+START,IF_NON_PASSED,GET}method="post" action="{URL*}"{+START,IF,{$IN_STR,{FIELDS},"file"}} enctype="multipart/form-data"{+END}{+END}{+START,IF_PASSED,GET}method="get" action="{$URL_FOR_GET_FORM*,{URL}}"{+END} {+START,IF_PASSED,TARGET}target="{TARGET*}" {+END}{+START,IF_NON_PASSED,TARGET}target="_top" {+END}{+START,IF_PASSED,AUTOCOMPLETE}{+START,IF,{AUTOCOMPLETE}}class="autocomplete" {+END}{+END}>
+ {+START,IF_NON_PASSED,GET}{$INSERT_SPAMMER_BLACKHOLE}{+END}
+
{+START,IF_PASSED,GET}{$HIDDENS_FOR_GET_FORM,{URL}}{+END}
{+END}
{+START,IF_PASSED,IFRAME_URL}
<form title="{!PRIMARY_PAGE_FORM}" id="main_form" {+START,IF_NON_PASSED,GET}method="post" action="{IFRAME_URL*}"{+START,IF,{$IN_STR,{FIELDS},"file"}} enctype="multipart/form-data"{+END}{+END}{+START,IF_PASSED,GET}method="get" action="{$URL_FOR_GET_FORM*,{IFRAME_URL}}"{+END} target="iframe_under" {+START,IF_PASSED,AUTOCOMPLETE}{+START,IF,{AUTOCOMPLETE}}class="autocomplete" {+END}{+END}>
+ {$INSERT_SPAMMER_BLACKHOLE}
+
{+START,IF_PASSED,GET}{$HIDDENS_FOR_GET_FORM,{IFRAME_URL}}{+END}
{+END}
diff --git a/themes/default/templates/IPBAN_SCREEN.tpl b/themes/default/templates/IPBAN_SCREEN.tpl
index 18494c6..b16b308 100755
--- a/themes/default/templates/IPBAN_SCREEN.tpl
+++ b/themes/default/templates/IPBAN_SCREEN.tpl
@@ -10,14 +10,23 @@
{!DESCRIPTION_BANNED_ADDRESSES_B}
</p>
+<br />
+
<form title="{!PRIMARY_PAGE_FORM}" action="{URL*}" method="post">
- <div>
+ <p>
<label for="bans" class="field_name">{!BANNED_ADDRESSES}:</label>
- </div>
+ </p>
<div class="constrain_field">
<textarea cols="30" rows="14" class="wide_field textarea_scroll" id="bans" name="bans">{BANS*}</textarea>
</div>
+ <p>
+ <label for="locked_bans" class="field_name">{!EXTERNALLY_BANNED_ADDRESSES}:</label>
+ </p>
+ <div class="constrain_field">
+ <textarea readonly="readonly" cols="30" rows="14" class="wide_field textarea_scroll" id="locked_bans" name="locked_bans">{LOCKED_BANS*}</textarea>
+ </div>
+
<div class="proceed_button">
<input accesskey="u" onclick="disable_button_just_clicked(this);" class="button_page" type="submit" value="{!SAVE}" />
</div>
diff --git a/themes/default/templates/LOOKUP_SCREEN.tpl b/themes/default/templates/LOOKUP_SCREEN.tpl
index 09e930b..16d831e 100755
--- a/themes/default/templates/LOOKUP_SCREEN.tpl
+++ b/themes/default/templates/LOOKUP_SCREEN.tpl
@@ -2,7 +2,7 @@
<h2>{!DETAILS}</h2>
-<div class="wide_table_wrap"><table summary="{!MAP_TABLE}" class="solidborder wide_table">
+<div class="wide_table_wrap"><table summary="{!MAP_TABLE}" class="solidborder wide_table spaced_table">
<colgroup>
<col style="width: 140px" />
<col style="width: 100%" />
@@ -17,14 +17,30 @@
<tr>
<th>{!MEMBER_ID}</th>
<td>
- #<strong>{ID*}</strong> <em>{!MEMBER_BANNED}: {MEMBER_BANNED*}</em>{+START,IF_PASSED,MEMBER_BAN_LINK} {MEMBER_BAN_LINK}{+END} <em>{!SUBMITTER_BANNED}: {SUBMITTER_BANNED*}</em>{+START,IF_PASSED,SUBMITTER_BAN_LINK} {SUBMITTER_BAN_LINK}{+END}
+ #<strong>{ID*}</strong><br />
+
+ <div class="mini_indent">
+ <em>{!MEMBER_BANNED}, {$LCASE,{MEMBER_BANNED*}}</em>{+START,IF_PASSED,MEMBER_BAN_LINK} {MEMBER_BAN_LINK}{+END}<br />
+ <em>{!SUBMITTER_BANNED}, {$LCASE,{SUBMITTER_BANNED*}}</em>{+START,IF_PASSED,SUBMITTER_BAN_LINK} {SUBMITTER_BAN_LINK}{+END}
+ </div>
</td>
</tr>
{+END}
{+START,IF_NON_EMPTY,{IP}}
<tr>
<th>{!IP_ADDRESS}</th>
- <td><strong>{IP*}</strong> <em>{!_BANNED}: {IP_BANNED*}</em>{+START,IF_PASSED,IP_BAN_LINK} {IP_BAN_LINK}{+END}</td>
+ <td>
+ <strong>{IP*}</strong><br />
+
+ <div class="mini_indent">
+ <em>{!_BANNED}, {$LCASE,{IP_BANNED*}}</em>{+START,IF_PASSED,IP_BAN_LINK} {IP_BAN_LINK}{+END}
+
+ {+START,IF_NON_EMPTY,{$CONFIG_OPTION,stopforumspam_api_key}{$CONFIG_OPTION,tornevall_api_username}}
+ <br />
+ <span class="associated_details">[<a href="{$PAGE_LINK*,_SEARCH:admin_actionlog:syndicate_ip_ban:ip={IP}:member_id={ID}:redirect={$SELF_URL&}}">{!SYNDICATE_TO_STOPFORUMSPAM}</a>]</span>
+ {+END}
+ </div>
+ </td>
</tr>
{+END}
<tr>
@@ -80,7 +96,7 @@
</p>
{+END}
-<h2>{!_VIEWS}</h2>
+<h2>{!_VIEWS} ({!IP_ADDRESS})</h2>
{STATS}
diff --git a/themes/default/templates/POLL.tpl b/themes/default/templates/POLL.tpl
index 2e9b9fc..7bef039 100755
--- a/themes/default/templates/POLL.tpl
+++ b/themes/default/templates/POLL.tpl
@@ -3,6 +3,8 @@
<a name="poll_jump" id="poll_jump" rel="dovote"></a>
<form title="{!VOTE}" target="_self" action="{VOTE_URL*}" method="post" class="poll_form">
+ {$INSERT_SPAMMER_BLACKHOLE}
+
<div>
{CONTENT}
</div>
diff --git a/themes/default/templates/POSTING_FORM.tpl b/themes/default/templates/POSTING_FORM.tpl
index 8ca6c0c..89493a0 100644
--- a/themes/default/templates/POSTING_FORM.tpl
+++ b/themes/default/templates/POSTING_FORM.tpl
@@ -3,6 +3,8 @@
{+END}
<form title="{!PRIMARY_PAGE_FORM}" id="posting_form" method="post" enctype="multipart/form-data" action="{URL*}" {+START,IF_PASSED,AUTOCOMPLETE}{+START,IF,{AUTOCOMPLETE}}class="autocomplete" {+END}{+END}>
+ {$INSERT_SPAMMER_BLACKHOLE}
+
<div>
{+START,IF_PASSED,DEFAULT_PARSED}
<textarea cols="1" rows="1" style="display: none" readonly="readonly" name="post_parsed">{DEFAULT_PARSED*}</textarea>
diff --git a/themes/default/templates/RATING_FORM.tpl b/themes/default/templates/RATING_FORM.tpl
index a1feff8..dc2579b 100644
--- a/themes/default/templates/RATING_FORM.tpl
+++ b/themes/default/templates/RATING_FORM.tpl
@@ -2,6 +2,7 @@
{+START,IF,{$OR,{$JS_ON},{$NOT,{$GET,block_embedded_forms}}}}
{+START,IF,{$NOT,{$GET,block_embedded_forms}}}
<form title="{!RATE}" onsubmit="if (this.elements[0].selectedIndex==0) { window.fauxmodal_alert('{!IMPROPERLY_FILLED_IN=;}'); return false; } else return true;" action="{URL*}" method="post">
+ {$INSERT_SPAMMER_BLACKHOLE}
{+END}
{+START,LOOP,ALL_RATING_CRITERIA}
<a name="rating__{CONTENT_TYPE*}__{TYPE*}__{ID*}_jump" id="rating__{CONTENT_TYPE*}__{TYPE*}__{ID*}_jump" rel="dorating"></a>
diff --git a/themes/default/templates/VIEW_SPACE_SCREEN.tpl b/themes/default/templates/VIEW_SPACE_SCREEN.tpl
index 02dd975..36e1e85 100755
--- a/themes/default/templates/VIEW_SPACE_SCREEN.tpl
+++ b/themes/default/templates/VIEW_SPACE_SCREEN.tpl
@@ -4,7 +4,7 @@
<p>{TEXT*}</p>
{+END}
-<div class="wide_table_wrap"><table summary="{!MAP_TABLE}" class="wide_table solidborder">
+<div class="wide_table_wrap"><table summary="{!MAP_TABLE}" class="wide_table solidborder spaced_table">
{+START,IF,{$NOT,{$MOBILE}}}
<colgroup>
<col style="width: 300px" />
| ||||
| Time estimation (hours) | 3 | ||||
| Sponsorship open | |||||
|
|
I think it would be better to lookup IP/Username/Email and flag with option to block user (or quarantine with option to allow user). |
|
|
This should check both at member registration and for each post. |
|
|
@Bobs: Most spammer databases contain only IP numbers, Email addresses, and user names. if you are checking for spammers at registration time, most likely you won't have any getting the chance to make posts. A better spam filter would be needed for post submission checking. Perhaps something that would allow admins to enter the new word violation directly from the post. |
|
|
I'm thinking of the situation where the above information is used to register and then the registration lays idle for a period of time. Checking again at time of post would catch those situations although I guess you could also employ member ranks with appropriate permissions to catch most of this stuff. |
|
|
I understand what you are thinking about. The extra queries at post submission would put a lot of added traffic on the database website especially if you have a busy forum. Most spammers make it into the database after they have done a lot of spamming and flagging and quarantining them at registration would keep them from making any posts. The mod I used on the old SMF allowed you to check any/all members against the database at anytime and at registration time. |
|
|
what i can see in this that what we can do is add block and module for maxmind... or a other services. that will auto look up ISP/IP/and if they are spammers or not.. in this module it will also have block for sign up with captcha that will auto match with there real IP and not proxy IP... this can or will help to save you time... it will also stop from the posting on your site and forums and there Sig.. please note that maxmind is not free.. but they do have free sign up to get you started. any questions? |
|
|
I have been using the Cloudflare service which has support built-in for anti-spam and other threats, They use the Project Honeypot service to issue a challenge-response. All unsuccessful challenges are left in quarantine for permanent disposition or they can be left there indefinitely. I really like this system which has caught a lot of threats I would have otherwise missed just checking a spammer database. I think it would be worthwhile seeing if you could build this service based on Project Honeypot with the possible inclusion of a honeypot to catch and report spammers back to the project. They have fairly demanding requirements to work with them (in order to protect their assets) but it might be worth looking into. |
|
|
API info for Project Honey Pot's Http:BL https://www.projecthoneypot.org/httpbl_api.php |
|
|
"Most spammer databases contain only IP numbers, Email addresses, and user names" As far as I can tell, it is only IP numbers. Do you know of one that does email addresses and user names? I suspect that'd be a privacy issue actually. |
|
|
I am seeing some discussion here about checking at registration, or at posting. From my perspective I think it should be both. Both these things are relatively rare compared to page views, and checks are not awfully complex things. I note a popular HTTP:BL implementation checks on every page view and apparently still has great performance (I think it probably relies on the server's DNS caching for that, as the checks happen via DNS). |
|
|
NB: Also see discussion topic http://compo.sr/forum/topicview/misc/deploying/sponsorship-for-feature_2.htm |
|
|
"Most spammer databases contain only IP numbers, Email addresses, and user names" "As far as I can tell, it is only IP numbers. Do you know of one that does email addresses and user names? I suspect that'd be a privacy issue actually." This is the mod I was using for my SMF based forum: http://custom.simplemachines.org/mods/index.php?mod=1547 It did an excellent job of weeding out the spammers. That mod pulls from the StopForumSpam database. Here is a short list: http://www.stopforumspam.com/ http://www.fspamlist.com/ http://www.spambusted.com/ Other resources: http://akismet.com/development/api/ http://www.anatoa.com/ http://www.block-disposable-email.com/ http://blogspam.net/api/ http://www.easyantispam.com/wiki/api:home http://spamid.servebeer.com:8081/spamid/spamid/apis.jsp http://blocklistpro.com/ http://dnsbl.tornevall.org/ |
|
|
"I am seeing some discussion here about checking at registration, or at posting. From my perspective I think it should be both. Both these things are relatively rare compared to page views, and checks are not awfully complex things." You need to watch out for a maximum amount of free queries from these databases. Some of these databases have a limit on the number of queries per day. Checking at post time may not seem like much, but when you have 100's or 1000's of forums querying a database at each post it could create an extra load on the database provider that the provider may not be happy about. Most of these databases are provided free of charge as a service to forum administrators. If you are stopping them at registration time, they will not get the chance to create a spam post. If by chance you do get a spam post, more than likely that poster is using a new ip/email/username that was never on a database to begin with and you will most likely will miss catching them at post time. A spammer can make many posts on different forums before they are caught and reported, providing they are even reported. A busy forum should have active moderators catching the very few spammers that will slip through past detection. |
|
|
"You need to watch out for a maximum amount of free queries from these databases. Some of these databases have a limit on the number of queries per day. Checking at post time may not seem like much, but when you have 100's or 1000's of forums querying a database at each post it could create an extra load on the database provider that the provider may not be happy about. Most of these databases are provided free of charge as a service to forum administrators." This is an advantage for Project Honey Pot/HTTP:BL which, to my knowledge, does not impose a quota although they do encourage high-traffic sites to download the BL to their DNS servers and keep them synced. I agree that whatever automated solutions are developed, manual moderation is still a requirement but, hopefully, with a much smaller number of issues. |
|
|
Ok so this is currently being implemented, 60% done so far. However before I forget I want to mention that this is going to do a DB version jump of one of the core modules, so when the patch is released it'll be necessary to run a database upgrade in the upgrader. This code is not going to be in v8. A patch will be released for v8, for people wanting to try it ahead of whenever is released (v9?). This is as per new policy - feature sponsorship results in supported patches for the latest version at the patch construction time, and the code is added to Composr's unstable branch, but does release roadmaps are unaffected. |
|
|
"This is an advantage for Project Honey Pot/HTTP:BL which, to my knowledge, does not impose a quota although they do encourage high-traffic sites to download the BL to their DNS servers and keep them synced.". There'll be an option controlling when it happens. stopwebspam will never run for all page views, but RBL checks will be able to. |
|
|
Btw, thanks sholzy, as you may have noticed your notes were incorporated into the plans. |
|
|
Code written. Code Quality Checker passed. Test set written (but not ran through yet)... "Spammer checking level": "Every page view", really does run RBL checks on each page view "Spammer checking level": "Every page view", does not run Stop Web Spam checks on each page view "Spammer checking level": "Every page view", does run Stop Web Spam checks on posting "Spammer checking level": "Actions", really does run Stop Web Spam checks on posting as a member "Spammer checking level": "Guest Actions", really does run Stop Web Spam checks on posting as a Guest "Spammer checking level": "Guest Actions", really does run Stop Web Spam checks on joining "Spammer checking level": "Never", really does not run RBL checks on joining "Spammer checking level": "Never", really does not run Stop Web Spam checks on joining RBL check works for tornevall, with a confidence equal to the "Implied spammer confidence" option RBL check works for HTTP:BL with a correct confidence level (HTTP:BL needs setting up in config first, with a key) If an invalid RBL is configured,it does not kill Composr, but it does send an error notification If an RBL check bans a spammer, it is only for as long as the configured "Block list cache time" If an IP is in "Spammer checking exclusions", it is not checked against RBLs If an IP is in "Spammer checking exclusions", it is not checked against Stop Web Spam If an IP is in "Spammer checking exclusions", any existing IP bans for it will be ignored HTTP:BL bans over the "Spammer ban threshold" result in bans Bans result in appropriate ban notifications indicating the reason and IP HTTP:BL bans over the "Spammer block threshold" but less than "Spammer ban threshold" result in blocks Blocks result in appropriate block notifications indicating the reason and IP HTTP:BL bans over the "Spammer approval threshold" but less than "Spammer block threshold" result in content requiring approval, even for an admin Approval-requires result in appropriate approval notifications indicating the reason and IP Stop Web Spam results older than "Spammer staleness threshold" but above an action threshold do not result in any action Stop Web Spam results newer than "Spammer staleness threshold" but above an action threshold do result in any action If "Honeypot URL" is configured, honeypots are correctly advertised If "Honeypot URL" is configured, honeypot URL injection methods are different on different pages, but are constant on each particular page If the "Check usernames against known spammers" option is enabled then known Stop Web Spam usernames will be blocked on joining If the "Check usernames against known spammers" option is enabled then known Stop Web Spam usernames will not blocked on joining Stop Web Spam email addresses will be blocked on joining If a service request to Stop Web Spam fails, an error notification is sent If "Blackhole detection" is enabled, fiddling with browser developer tools to fill up the blackhole will result in a hack-attack alert If "Blackhole detection" is enabled, NOT fiddling with browser developer tools to fill up the blackhole will NOT result in a hack-attack alert The Blackhole is marked up so as not to be visible The Blackhole is marked up so as someone with a screenreader would not accidentally fill it in Ban syndication not available from the action log if no key provided Ban syndication works from the action log Ban syndication not available from investigate user if no key provided Ban syndication works from investigate user Ban syndication not available from punish member if no key provided Ban syndication works from punish member IP ban management correctly shows the temporary bans, with all the details required (including IP, expiry time, and block reason) but they are uneditable directly When saving IP ban management, temporary bans are not wiped Marking a trackback as spam results in ban syndication "Scattergun link injection" spam (detected spam that creates a hack-attack in Composr) results in ban syndication The privacy policy mentions spam checks, if not set to 'Never' The privacy policy does not mention spam checks, if set to 'Never' |
|
|
Uploaded an image of the config options. As you can see, we now have some serious power, and a new USP for Composr :). |
|
|
"Btw, thanks sholzy, as you may have noticed your notes were incorporated into the plans." Welcome. :-) I might not have been able to help sponsor this monetarily, but I was able to help sponsor in another way -- sharing my knowledge from research. |
|
|
I may need to unblock the Punjab region spammers (182.178.*.*, 110.36.*.*, 182.177.*.*) to try out this mod. They were the only real problem I had after moving the old SMF forum to Composr. |
|
|
In the image and the description, there is reference to Stop Web Spam. Is this supposed to be Stop Forum Spam or is this something different? |
|
|
Good catch :). |
|
|
I saw that and was thinking Chris added a new feature - a spam filter for the whole internet. ;-) |
|
|
Somewhat irritatingly, Stop Forum Spam API submission requires all of IP address, username, and password. So therefore is not suitable for automated submission of detected Guest spammers. http://www.stopforumspam.com/forum/viewtopic.php?id=2256 So Tornevall API support will also be there. We support tornevall RBL already, so that means we both can feed off and into this. HOWEVER! It requires PHP to have the SoapClient installed, and I'm also not sure how readily they give out API keys. You have to email to ask for access and I'm still awaiting mine. |
|
|
This is one of the reasons that I like HTTP: BL (and probably others) as they seem anxious to identify potential threats and start reporting on them. As much as I like all the new features, I will continue using CloudFront to catch the most egregious scoundrels, plus it provides for efficient blocking by country. This will produce a nice "funnel" where IPs let through are challenged using a separate system (stopforumspam) which parallels what I currently do manually. I can sort of see where StopForumSpa is coming from — they want to be a spammer database only. I just question whether that is a good long-term strategy. |
|
|
Done! Well, my time estimate was off by a factor of 4, but I did a good job ;). |
|
|
Before I forget to mention, the patch I post will be compatible with the next v8 RC. I found a few small v8 bugs whilst doing this, and those will be fixed in there (if I put them into the patch, it'll create conflicts later). |
|
|
Actually, ignore that. I'm going to post the patch now, and the above statement is true. However I will roll in the handful of v8 RC5 fixes to the zip I attach later on today. In theory the attached zip will be fine with v8-final as well as v8 RC6, as we are so close to release now. |
|
|
And ignore that again - as RC6 is coming out now, this will be require RC6. |
