[Summary view] [Print] [Text view]

   1  <?php if (!defined('BB2_CWD')) die("I said no cheating!");
   2  
   3  // Bad Behavior entry point is bb2_start()
   4  // If you're reading this, you are probably lost.
   5  // Go read the bad-behavior-generic.php file.
   6  
   7  //define('BB2_CORE', dirname(__FILE__));
   8  define('BB2_COOKIE', 'bb2_screener_');
   9  
  10  require_once (BB2_CORE . "/functions.inc.php");
  11  
  12  // Kill 'em all!
  13  function bb2_banned($settings, $package, $key, $previous_key=false)
  14  {
  15      // Some spambots hit too hard. Slow them down a bit.
  16      sleep(2);
  17  
  18      require_once (BB2_CORE . "/banned.inc.php");
  19      bb2_display_denial($settings, $package, $key, $previous_key);
  20      bb2_log_denial($settings, $package, $key, $previous_key);
  21      if (is_callable('bb2_banned_callback')) {
  22          bb2_banned_callback($settings, $package, $key);
  23      }
  24      // Penalize the spammers some more
  25      require_once (BB2_CORE . "/housekeeping.inc.php");
  26      bb2_housekeeping($settings, $package);
  27      die();
  28  }
  29  
  30  function bb2_approved($settings, $package)
  31  {
  32      // Dirk wanted this
  33      if (is_callable('bb2_approved_callback')) {
  34          bb2_approved_callback($settings, $package);
  35      }
  36  
  37      // Decide what to log on approved requests.
  38      if (($settings['verbose'] && $settings['logging']) || empty($package['user_agent'])) {
  39          bb2_db_query(bb2_insert($settings, $package, "00000000"));
  40      }
  41  }
  42  
  43  
  44  // Let God sort 'em out!
  45  function bb2_start($settings)
  46  {
  47      // Gather up all the information we need, first of all.
  48      $headers = bb2_load_headers();
  49      // Postprocess the headers to mixed-case
  50      // TODO: get the world to stop using PHP as CGI
  51      $headers_mixed = array();
  52      foreach ($headers as $h => $v) {
  53          $headers_mixed[uc_all($h)] = $v;
  54      }
  55  
  56      // IPv6 - IPv4 compatibility mode hack
  57      $_SERVER['REMOTE_ADDR'] = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
  58  
  59      // Reconstruct the HTTP entity, if present.
  60      $request_entity = array();
  61      if (!strcasecmp($_SERVER['REQUEST_METHOD'], "POST") || !strcasecmp($_SERVER['REQUEST_METHOD'], "PUT")) {
  62          foreach ($_POST as $h => $v) {
  63              $request_entity[$h] = $v;
  64          }
  65      }
  66  
  67      $request_uri = empty($_SERVER["REQUEST_URI"]) ? $_SERVER['SCRIPT_NAME'] : $_SERVER["REQUEST_URI"]; # IIS
  68  
  69      # Nasty CloudFlare hack provided by butchs at simplemachines
  70      $ip_temp = preg_replace("/^::ffff:/", "", (array_key_exists('Cf-Connecting-Ip', $headers_mixed)) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : $_SERVER['REMOTE_ADDR']);
  71      $cloudflare_ip = preg_replace("/^::ffff:/", "", $_SERVER['REMOTE_ADDR']);
  72  
  73      @$package = array('ip' => $ip_temp, 'headers' => $headers, 'headers_mixed' => $headers_mixed, 'request_method' => $_SERVER['REQUEST_METHOD'], 'request_uri' => $request_uri, 'server_protocol' => $_SERVER['SERVER_PROTOCOL'], 'request_entity' => $request_entity, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'is_browser' => false, 'cloudflare' => $cloudflare_ip);
  74  
  75      $result = bb2_screen($settings, $package);
  76      if ($result && !defined('BB2_TEST')) bb2_banned($settings, $package, $result);
  77      return $result;
  78  }
  79  
  80  function bb2_screen($settings, $package)
  81  {
  82      // Please proceed to the security checkpoint and have your
  83      // identification and boarding pass ready.
  84  
  85      // Check for CloudFlare CDN since IP to be screened may be different
  86      // Thanks to butchs at Simple Machines
  87      if (array_key_exists('Cf-Connecting-Ip', $package['headers_mixed'])) {
  88          require_once (BB2_CORE . "/cloudflare.inc.php");
  89          $r = bb2_cloudflare($package);
  90          if ($r !== false && $r != $package['ip']) return $r;
  91      }
  92  
  93      // First check the whitelist
  94      require_once (BB2_CORE . "/whitelist.inc.php");
  95      if (!bb2_whitelist($package)) {
  96          // Now check the blacklist
  97          require_once (BB2_CORE . "/blacklist.inc.php");
  98          if ($r = bb2_blacklist($package)) return $r;
  99  
 100          // Check the http:BL
 101          require_once (BB2_CORE . "/blackhole.inc.php");
 102          if ($r = bb2_httpbl($settings, $package)) return $r;
 103  
 104          // Check for common stuff
 105          require_once (BB2_CORE . "/common_tests.inc.php");
 106          if ($r = bb2_protocol($settings, $package)) return $r;
 107          if ($r = bb2_cookies($settings, $package)) return $r;
 108          if ($r = bb2_misc_headers($settings, $package)) return $r;
 109  
 110          // Specific checks
 111          @$ua = $package['user_agent'];
 112          // MSIE checks
 113          if (stripos($ua, "; MSIE") !== FALSE) {
 114              $package['is_browser'] = true;
 115              if (stripos($ua, "Opera") !== FALSE) {
 116                  require_once (BB2_CORE . "/opera.inc.php");
 117                  if ($r = bb2_opera($package)) return $r;
 118              } else {
 119                  require_once (BB2_CORE . "/msie.inc.php");
 120                  if ($r = bb2_msie($package)) return $r;
 121              }
 122          } elseif (stripos($ua, "Konqueror") !== FALSE) {
 123              $package['is_browser'] = true;
 124              require_once (BB2_CORE . "/konqueror.inc.php");
 125              if ($r = bb2_konqueror($package)) return $r;
 126          } elseif (stripos($ua, "Opera") !== FALSE) {
 127              $package['is_browser'] = true;
 128              require_once (BB2_CORE . "/opera.inc.php");
 129              if ($r = bb2_opera($package)) return $r;
 130          } elseif (stripos($ua, "Safari") !== FALSE) {
 131              $package['is_browser'] = true;
 132              require_once (BB2_CORE . "/safari.inc.php");
 133              if ($r = bb2_safari($package)) return $r;
 134          } elseif (stripos($ua, "Lynx") !== FALSE) {
 135              $package['is_browser'] = true;
 136              require_once (BB2_CORE . "/lynx.inc.php");
 137              if ($r = bb2_lynx($package)) return $r;
 138          } elseif (stripos($ua, "MovableType") !== FALSE) {
 139              require_once (BB2_CORE . "/movabletype.inc.php");
 140              if ($r = bb2_movabletype($package)) return $r;
 141          } elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
 142              require_once (BB2_CORE . "/msnbot.inc.php");
 143              if ($r = bb2_msnbot($package)) return $r;
 144          } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) {
 145              require_once (BB2_CORE . "/google.inc.php");
 146              if ($r = bb2_google($package)) return $r;
 147          } elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
 148              $package['is_browser'] = true;
 149              require_once (BB2_CORE . "/mozilla.inc.php");
 150              if ($r = bb2_mozilla($package)) return $r;
 151          }
 152  
 153          // More intensive screening applies to POST requests
 154          if (!strcasecmp('POST', $package['request_method'])) {
 155              require_once (BB2_CORE . "/post.inc.php");
 156              if ($r = bb2_post($settings, $package)) return $r;
 157          }
 158      }
 159  
 160      // Last chance screening.
 161      require_once (BB2_CORE . "/screener.inc.php");
 162      bb2_screener($settings, $package);
 163  
 164      // And that's about it.
 165      bb2_approved($settings, $package);
 166      return false;
 167  }
 168  ?>