post.inc.php

一个用PHP编写的

<?php if (!defined('BB2_CORE')) die('I said no cheating!');

// All tests which apply specifically to POST requests
function bb2_post($settings, $package)
{
    // LifeType mod by pwestbro: dns blacklist checks can be done in the 
    // dnsantispam plugin.

	// Check blackhole lists for known spam/malicious activity
	// require_once(BB2_CORE . "/blackhole.inc.php");
	// bb2_test($settings, $package, bb2_blackhole($package));
	// MovableType needs specialized screening
	if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
		if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
			return "7d12528e";
		}
	}

	// Trackbacks need special screening
	$request_entity = $package['request_entity'];
	if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
		require_once(BB2_CORE . "/trackback.inc.php");
		return bb2_trackback($package);
	}

	// Catch a few completely broken spambots
	foreach ($request_entity as $key => $value) {
		$pos = strpos($key, "	document.write");
		if ($pos !== FAlSE) {
			return "dfd9b1ad";
		}
	}

	// Screen by cookie/JavaScript form add
	if (isset($_COOKIE[BB2_COOKIE])) {
		$screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
	}
	if (isset($_POST[BB2_COOKIE])) {
		$screener2 = explode(" ", $_POST[BB2_COOKIE]);
	}
	$screener = max($screener1[0], $screener2[0]);

	if ($screener > 0) {
		// Posting too fast? 5 sec
		// FIXME: even 5 sec is too intrusive
		// if ($screener + 5 > time())
		//	return "408d7e72";
		// Posting too slow? 48 hr
        // LifeType mod by jondaley: since pages can be cached, the cookie might not be updated
        // and this can get tripped incorrectly
		// if ($screener + 172800 < time())
		//     return "b40c8ddc";

		// Screen by IP address
		$ip = ip2long($package['ip']);
		$ip_screener = ip2long($screener[1]);
//		FIXME: This is b0rked, but why?
//		if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
//			return "c1fa729b";

		// Screen for user agent changes
		// User connected previously with blank user agent
//		$q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
		// Damnit, too many ways for this to fail :(
//		if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
//			return "799165c2";
	}

	return false;
}

?>