| [ Index ] |
PHP Cross Reference of phpwcms V1.4.3 _r380 (23.11.09) |
[Summary view] [Print] [Text view]
1 <?php if (!defined('BB2_CWD')) die("I said no cheating!"); 2 3 // Bad Behavior entry point is start_bad_behavior(). 4 // If you're reading this, you are probably lost. 5 // Go read the bad-behavior-generic.php file. 6 7 if(!defined('BB2_CORE')) { define('BB2_CORE', dirname(__FILE__)); } 8 9 define('BB2_COOKIE', 'bb2_screener_'); 10 11 require_once (BB2_CORE . "/functions.inc.php"); 12 13 // Our log table structure 14 function bb2_table_structure($name) 15 { 16 // It's not paranoia if they really are out to get you. 17 $name_escaped = bb2_db_escape($name); 18 return "CREATE TABLE IF NOT EXISTS `$name_escaped` ( 19 `id` INT(11) NOT NULL auto_increment, 20 `ip` TEXT NOT NULL, 21 `date` DATETIME NOT NULL default '0000-00-00 00:00:00', 22 `request_method` TEXT NOT NULL, 23 `request_uri` TEXT NOT NULL, 24 `server_protocol` TEXT NOT NULL, 25 `http_headers` TEXT NOT NULL, 26 `user_agent` TEXT NOT NULL, 27 `request_entity` TEXT NOT NULL, 28 `key` TEXT NOT NULL, 29 INDEX (`ip`(15)), 30 INDEX (`user_agent`(10)), 31 PRIMARY KEY (`id`) );"; // TODO: INDEX might need tuning 32 } 33 34 // Insert a new record 35 function bb2_insert($settings, $package, $key) 36 { 37 $ip = bb2_db_escape($package['ip']); 38 $date = bb2_db_date(); 39 $request_method = bb2_db_escape($package['request_method']); 40 $request_uri = bb2_db_escape($package['request_uri']); 41 $server_protocol = bb2_db_escape($package['server_protocol']); 42 $user_agent = bb2_db_escape($package['user_agent']); 43 $headers = "$request_method $request_uri $server_protocol\n"; 44 foreach ($package['headers'] as $h => $v) { 45 $headers .= bb2_db_escape("$h: $v\n"); 46 } 47 $request_entity = ""; 48 if (!strcasecmp($request_method, "POST")) { 49 foreach ($package['request_entity'] as $h => $v) { 50 $request_entity .= bb2_db_escape("$h: $v\n"); 51 } 52 } 53 return "INSERT INTO `" . bb2_db_escape($settings['log_table']) . "` 54 (`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `http_headers`, `user_agent`, `request_entity`, `key`) VALUES 55 ('$ip', '$date', '$request_method', '$request_uri', '$server_protocol', '$headers', '$user_agent', '$request_entity', '$key')"; 56 } 57 58 // Kill 'em all! 59 function bb2_banned($settings, $package, $key, $previous_key=false) 60 { 61 // Some spambots hit too hard. Slow them down a bit. 62 sleep(2); 63 64 require_once (BB2_CORE . "/banned.inc.php"); 65 bb2_display_denial($settings, $key, $previous_key); 66 bb2_log_denial($settings, $package, $key, $previous_key); 67 if (is_callable('bb2_banned_callback')) { 68 bb2_banned_callback($settings, $package, $key); 69 } 70 // Penalize the spammers some more 71 require_once (BB2_CORE . "/housekeeping.inc.php"); 72 bb2_housekeeping($settings, $package); 73 die(); 74 } 75 76 function bb2_approved($settings, $package) 77 { 78 // Dirk wanted this 79 if (is_callable('bb2_approved_callback')) { 80 bb2_approved_callback($settings, $package); 81 } 82 83 // Decide what to log on approved requests. 84 if (($settings['verbose'] && $settings['logging']) || empty($package['user_agent'])) { 85 bb2_db_query(bb2_insert($settings, $package, "00000000")); 86 } 87 } 88 89 // Check the results of a particular test; see below for usage 90 // Returns FALSE if test passed (yes this is backwards) 91 function bb2_test($settings, $package, $result) 92 { 93 if ($result !== FALSE) 94 { 95 bb2_banned($settings, $package, $result); 96 return TRUE; 97 } 98 return FALSE; 99 } 100 101 102 // Let God sort 'em out! 103 function bb2_start($settings) 104 { 105 // Gather up all the information we need, first of all. 106 $headers = bb2_load_headers(); 107 // Postprocess the headers to mixed-case 108 // FIXME: get the world to stop using PHP as CGI 109 $headers_mixed = array(); 110 foreach ($headers as $h => $v) { 111 $headers_mixed[uc_all($h)] = $v; 112 } 113 114 // We use these frequently. Keep a copy close at hand. 115 $ip = getRemoteIP(); 116 $request_method = $_SERVER['REQUEST_METHOD']; 117 $request_uri = $_SERVER['REQUEST_URI']; 118 $server_protocol = $_SERVER['SERVER_PROTOCOL']; 119 120 if(isset($_SERVER['HTTP_USER_AGENT'])) { 121 $user_agent = $_SERVER['HTTP_USER_AGENT']; 122 } else { 123 $user_agent = 'unknown'; 124 $headers_mixed['User-Agent'] = 'unknown'; 125 } 126 127 // Reconstruct the HTTP entity, if present. 128 $request_entity = array(); 129 if (!strcasecmp($request_method, "POST") || !strcasecmp($request_method, "PUT")) { 130 foreach ($_POST as $h => $v) { 131 $request_entity[$h] = $v; 132 } 133 } 134 135 $package = array('ip' => $ip, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $request_method, 'request_uri' => $request_uri, 'server_protocol' => $server_protocol, 'request_entity' => $request_entity, 'user_agent' => $user_agent, 'is_browser' => false); 136 137 // Please proceed to the security checkpoint and have your 138 // identification and boarding pass ready. 139 140 // First check the whitelist 141 require_once (BB2_CORE . "/whitelist.inc.php"); 142 if (!bb2_whitelist($package)) { 143 // Now check the blacklist 144 require_once (BB2_CORE . "/blacklist.inc.php"); 145 bb2_test($settings, $package, bb2_blacklist($package)); 146 147 // Check for common stuff 148 require_once (BB2_CORE . "/common_tests.inc.php"); 149 bb2_test($settings, $package, bb2_protocol($settings, $package)); 150 bb2_test($settings, $package, bb2_misc_headers($settings, $package)); 151 152 // Specific checks 153 $ua = $headers_mixed['User-Agent']; 154 // MSIE checks 155 if (stripos($ua, "MSIE") !== FALSE) { 156 $package['is_browser'] = true; 157 if (stripos($ua, "Opera") !== FALSE) { 158 require_once (BB2_CORE . "/opera.inc.php"); 159 bb2_test($settings, $package, bb2_opera($package)); 160 } else { 161 require_once (BB2_CORE . "/msie.inc.php"); 162 bb2_test($settings, $package, bb2_msie($package)); 163 } 164 } elseif (stripos($ua, "Konqueror") !== FALSE) { 165 $package['is_browser'] = true; 166 require_once (BB2_CORE . "/konqueror.inc.php"); 167 bb2_test($settings, $package, bb2_konqueror($package)); 168 } elseif (stripos($ua, "Opera") !== FALSE) { 169 $package['is_browser'] = true; 170 require_once (BB2_CORE . "/opera.inc.php"); 171 bb2_test($settings, $package, bb2_opera($package)); 172 } elseif (stripos($ua, "Safari") !== FALSE) { 173 $package['is_browser'] = true; 174 require_once (BB2_CORE . "/safari.inc.php"); 175 bb2_test($settings, $package, bb2_safari($package)); 176 } elseif (stripos($ua, "Lynx") !== FALSE) { 177 $package['is_browser'] = true; 178 require_once (BB2_CORE . "/lynx.inc.php"); 179 bb2_test($settings, $package, bb2_lynx($package)); 180 } elseif (stripos($ua, "MovableType") !== FALSE) { 181 require_once (BB2_CORE . "/movabletype.inc.php"); 182 bb2_test($settings, $package, bb2_movabletype($package)); 183 } elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) { 184 require_once (BB2_CORE . "/msnbot.inc.php"); 185 bb2_test($settings, $package, bb2_msnbot($package)); 186 } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE) { 187 require_once (BB2_CORE . "/google.inc.php"); 188 bb2_test($settings, $package, bb2_google($package)); 189 } elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) { 190 $package['is_browser'] = true; 191 require_once (BB2_CORE . "/mozilla.inc.php"); 192 bb2_test($settings, $package, bb2_mozilla($package)); 193 } 194 195 // More intensive screening applies to POST requests 196 if (!strcasecmp('POST', $package['request_method'])) { 197 require_once (BB2_CORE . "/post.inc.php"); 198 bb2_test($settings, $package, bb2_post($settings, $package)); 199 } 200 } 201 202 // Last chance screening. 203 require_once (BB2_CORE . "/screener.inc.php"); 204 bb2_screener($settings, $package); 205 206 // And that's about it. 207 bb2_approved($settings, $package); 208 return true; 209 } 210 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Dec 30 05:55:15 2009 | Cross-referenced by PHPXref 0.7 |