[ Index ] |
PHP Cross Reference of phpwcms V1.4.7 _r403 (01.11.10) |
[Summary view] [Print] [Text view]
1 <?php if (!defined('BB2_CORE')) die('I said no cheating!'); 2 3 // Enforce adherence to protocol version claimed by user-agent. 4 5 function bb2_protocol($settings, $package) 6 { 7 // Always run this test; we should never see Expect: 8 if (array_key_exists('Expect', $package['headers_mixed']) && stripos($package['headers_mixed']['Expect'], "100-continue") !== FALSE) { 9 return "a0105122"; 10 } 11 12 // Is it claiming to be HTTP/1.1? Then it shouldn't do HTTP/1.0 things 13 // Blocks some common corporate proxy servers in strict mode 14 if ($settings['strict'] && !strcmp($package['server_protocol'], "HTTP/1.1")) { 15 if (array_key_exists('Pragma', $package['headers_mixed']) && strpos($package['headers_mixed']['Pragma'], "no-cache") !== FALSE && !array_key_exists('Cache-Control', $package['headers_mixed'])) { 16 return "41feed15"; 17 } 18 } 19 return false; 20 } 21 22 function bb2_cookies($settings, $package) 23 { 24 // Enforce RFC 2965 sec 3.3.5 and 9.1 25 // Bots wanting new-style cookies should send Cookie2 26 // FIXME: Amazon Kindle is broken; Amazon has been notified 9/24/08 27 if (@strpos($package['headers_mixed']['Cookie'], '$Version=0') !== FALSE && !array_key_exists('Cookie2', $package['headers_mixed']) && strpos($package['headers_mixed']['User-Agent'], "Kindle/") === FALSE) { 28 return '6c502ff1'; 29 } 30 return false; 31 } 32 33 function bb2_misc_headers($settings, $package) 34 { 35 @$ua = $package['headers_mixed']['User-Agent']; 36 37 if (!strcmp($package['request_method'], "POST") && empty($ua)) { 38 return "f9f2b8b9"; 39 } 40 41 // Broken spambots send URLs with various invalid characters 42 // Some broken browsers send the #vector in the referer field :( 43 // if (strpos($package['request_uri'], "#") !== FALSE || strpos($package['headers_mixed']['Referer'], "#") !== FALSE) { 44 if (strpos($package['request_uri'], "#") !== FALSE) { 45 return "dfd9b1ad"; 46 } 47 // A pretty nasty SQL injection attack on IIS servers 48 if (strpos($package['request_uri'], ";DECLARE%20@") !== FALSE) { 49 return "dfd9b1ad"; 50 } 51 52 // Range: field exists and begins with 0 53 // Real user-agents do not start ranges at 0 54 // NOTE: this blocks the whois.sc bot. No big loss. 55 // Exceptions: MT (not fixable); LJ (refuses to fix; may be 56 // blocked again in the future); Facebook 57 if ($settings['strict'] && array_key_exists('Range', $package['headers_mixed']) && strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) { 58 if (strncmp($ua, "MovableType", 11) && strncmp($ua, "URI::Fetch", 10) && strncmp($ua, "php-openid/", 11) && strncmp($ua, "facebookexternalhit", 19)) { 59 return "7ad04a8a"; 60 } 61 } 62 63 // Content-Range is a response header, not a request header 64 if (array_key_exists('Content-Range', $package['headers_mixed'])) { 65 return '7d12528e'; 66 } 67 68 // Lowercase via is used by open proxies/referrer spammers 69 // Exceptions: Clearswift uses lowercase via (refuses to fix; 70 // may be blocked again in the future) 71 if (array_key_exists('via', $package['headers']) && 72 strpos($package['headers']['via'],'Clearswift') === FALSE && 73 strpos($ua,'CoralWebPrx') === FALSE) { 74 return "9c9e4979"; 75 } 76 77 // pinappleproxy is used by referrer spammers 78 if (array_key_exists('Via', $package['headers_mixed'])) { 79 if (stripos($package['headers_mixed']['Via'], "pinappleproxy") !== FALSE || stripos($package['headers_mixed']['Via'], "PCNETSERVER") !== FALSE || stripos($package['headers_mixed']['Via'], "Invisiware") !== FALSE) { 80 return "939a6fbb"; 81 } 82 } 83 84 // TE: if present must have Connection: TE 85 // RFC 2616 14.39 86 // Blocks Microsoft ISA Server 2004 in strict mode. Contact Microsoft 87 // to obtain a hotfix. 88 if ($settings['strict'] && array_key_exists('Te', $package['headers_mixed'])) { 89 if (!preg_match('/\bTE\b/', $package['headers_mixed']['Connection'])) { 90 return "582ec5e4"; 91 } 92 } 93 94 if (array_key_exists('Connection', $package['headers_mixed'])) { 95 // Connection: keep-alive and close are mutually exclusive 96 if (preg_match('/\bKeep-Alive\b/i', $package['headers_mixed']['Connection']) && preg_match('/\bClose\b/i', $package['headers_mixed']['Connection'])) { 97 return "a52f0448"; 98 } 99 // Close shouldn't appear twice 100 if (preg_match('/\bclose,\s?close\b/i', $package['headers_mixed']['Connection'])) { 101 return "a52f0448"; 102 } 103 // Keey-Alive shouldn't appear twice either 104 if (preg_match('/\bkeep-alive,\s?keep-alive\b/i', $package['headers_mixed']['Connection'])) { 105 return "a52f0448"; 106 } 107 // Keep-Alive format in RFC 2068; some bots mangle these headers 108 if (stripos($package['headers_mixed']['Connection'], "Keep-Alive: ") !== FALSE) { 109 return "b0924802"; 110 } 111 // Close should not be oddly capitalized 112 113 } 114 115 116 // Headers which are not seen from normal user agents; only malicious bots 117 if (array_key_exists('X-Aaaaaaaaaaaa', $package['headers_mixed']) || array_key_exists('X-Aaaaaaaaaa', $package['headers_mixed'])) { 118 return "b9cc1d86"; 119 } 120 // Proxy-Connection does not exist and should never be seen in the wild 121 if ($settings['strict'] && array_key_exists('Proxy-Connection', $package['headers_mixed'])) { 122 return "b7830251"; 123 } 124 125 if (array_key_exists('Referer', $package['headers_mixed'])) { 126 // Referer, if it exists, must not be blank 127 if (empty($package['headers_mixed']['Referer'])) { 128 return "69920ee5"; 129 } 130 131 // Referer, if it exists, must contain a : 132 // While a relative URL is technically valid in Referer, all known 133 // legit user-agents send an absolute URL 134 if (strpos($package['headers_mixed']['Referer'], ":") === FALSE) { 135 return "45b35e30"; 136 } 137 } 138 139 // "uk" is not a language (ISO 639) nor a country (ISO 3166) 140 // oops, yes it is :( Please shoot any Ukrainian spammers you see. 141 # if (preg_match('/\buk\b/', $package['headers_mixed']['Accept-Language'])) { 142 # return "35ea7ffa"; 143 # } 144 145 return false; 146 } 147 148 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Tue Nov 16 22:51:00 2010 | Cross-referenced by PHPXref 0.7 |