Permalink
Browse files

Moved online tracking and shield protection code from the core to sep…

…arate plugins. Closed #771.
  • Loading branch information...
1 parent 4c485eb commit 29fd9db59d0c436f74700a46b55f3905b57e866f @trustmaster trustmaster committed Mar 30, 2012
Showing with 624 additions and 387 deletions.
  1. +0 −4 lang/en/admin.en.lang.php
  2. +0 −2 lang/en/main.en.lang.php
  3. +0 −4 lang/ru/admin.ru.lang.php
  4. +0 −2 lang/ru/main.ru.lang.php
  5. +2 −4 login.php
  6. +2 −2 modules/forums/inc/forums.newtopic.php
  7. +2 −2 modules/forums/inc/forums.posts.php
  8. +1 −14 modules/forums/inc/forums.sections.php
  9. +0 −25 modules/forums/inc/forums.topics.php
  10. +2 −2 modules/page/inc/page.add.php
  11. +2 −2 modules/pm/inc/pm.send.php
  12. +4 −1 modules/users/inc/users.edit.php
  13. +1 −1 modules/users/inc/users.functions.php
  14. +5 −5 modules/users/inc/users.passrecover.php
  15. +4 −1 modules/users/inc/users.profile.php
  16. +3 −3 modules/users/inc/users.register.php
  17. +2 −2 plugins/comments/comments.php
  18. +1 −2 plugins/hits/hits.setup.php
  19. +95 −0 plugins/shield/inc/shield.functions.php
  20. +18 −0 plugins/shield/lang/shield.en.lang.php
  21. +18 −0 plugins/shield/lang/shield.ru.lang.php
  22. +32 −0 plugins/shield/shield.input.php
  23. BIN plugins/shield/shield.png
  24. +28 −0 plugins/shield/shield.setup.php
  25. +34 −0 plugins/whosonline/inc/whosonline.functions.php
  26. +1 −1 plugins/whosonline/lang/whosonline.en.lang.php
  27. +1 −1 plugins/whosonline/lang/whosonline.ru.lang.php
  28. +18 −0 plugins/whosonline/setup/whosonline.install.sql
  29. +31 −0 plugins/whosonline/whosonline.forums.sections.main.php
  30. +22 −0 plugins/whosonline/whosonline.forums.sections.tags.php
  31. +44 −0 plugins/whosonline/whosonline.forums.topics.tags.php
  32. +116 −0 plugins/whosonline/whosonline.header.main.php
  33. +48 −0 plugins/whosonline/whosonline.input.php
  34. BIN plugins/whosonline/whosonline.png
  35. +2 −12 plugins/whosonline/whosonline.setup.php
  36. +21 −0 plugins/whosonline/whosonline.users.auth.check.done.php
  37. +24 −0 plugins/whosonline/whosonline.users.logout.php
  38. +30 −0 plugins/whosonline/whosonline.usertags.main.php
  39. +1 −23 setup/install.sql
  40. +4 −1 setup/siena/patch-genoa.sql
  41. +2 −0 setup/siena/patch_0.9.8-05.sql
  42. +0 −47 system/common.php
  43. +3 −221 system/functions.php
  44. +0 −3 system/header.php
@@ -170,9 +170,6 @@
$L['cfg_cookiedomain'] = array('Domain for cookies', 'Default: empty');
$L['cfg_cookielifetime'] = array('Maximum cookie lifetime', 'In seconds');
$L['cfg_cookiepath'] = array('Path for cookies', 'Default: empty');
-$L['cfg_shieldenabled'] = array('Enable the Shield', 'Anti-spamming and anti-hammering');
-$L['cfg_shieldtadjust'] = array('Adjust Shield timers (in %)', 'The higher, the harder to spam');
-$L['cfg_shieldzhammer'] = array('Anti-hammer after * fast hits', 'The smaller, the faster the auto-ban 3 minutes happens');
/**
* Config Section
@@ -208,7 +205,6 @@
* Users Subsection
*/
-$L['cfg_disablewhosonline'] = array('Disable who\'s online', 'Automatically enabled if you turn on the Shield');
$L['cfg_forcerememberme'] = array('Force "remember me"', 'Use it on multi-domain sites or if there are sudden logouts');
$L['cfg_timedout'] = array('Idle delay, in seconds', 'After this delay, user is away');
$L['cfg_usertextimg'] = array('Allow images and HTML in user signature', '\'No\' recommended, for security reasons');
View
@@ -499,8 +499,6 @@
$L['ajaxSenderror'] = 'The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the administrator and inform them of the time the error occurred, and anything you might have done that may have caused the error.';
-$L['shield_protect'] = 'Shield protection activated, please retry in {$sec} seconds...<br />After this duration, you can refresh the current page to continue.<br />Last action was : {$action}';
-
$L['captcha_verification_failed'] = 'Wrong bot protection code';
?>
@@ -171,9 +171,6 @@
$L['cfg_cookiedomain'] = array('Домен для cookies', 'По умолчанию пусто');
$L['cfg_cookielifetime'] = array('Срок действия cookies', 'В секундах');
$L['cfg_cookiepath'] = array('Путь для cookies', 'По умолчанию пусто');
-$L['cfg_shieldenabled'] = array('Включить защиту', 'Защита против спама и хаммеринга');
-$L['cfg_shieldtadjust'] = array('Настройка таймеров защиты (в %)', 'Чем выше, тем сильнее защита против спама');
-$L['cfg_shieldzhammer'] = array('Анти-хаммер после * хитов', 'Чем меньше, тем короче срок автоблокировки пользователя');
/**
* Config Section
@@ -208,7 +205,6 @@
* Users Subsection
*/
-$L['cfg_disablewhosonline'] = array('Отключить статистику &laquo;Кто онлайн&raquo;', 'Включается автоматически при включении защиты');
$L['cfg_forcerememberme'] = array('Зафиксировать &quot;запомнить меня&quot;', 'Используйте на мультидоменных сайтах или при случайных выходах из системы');
$L['cfg_timedout'] = array('Задержка ожидания в секундах', 'По истечении данного срока пользователь считается покинувшим сайт');
$L['cfg_usertextimg'] = array('Разрешить изображения и HTML-код в подписях пользователей', 'По причине безопасности рекомендуется &laquo;Нет&raquo;!');
View
@@ -499,8 +499,6 @@
$L['ajaxSenderror'] = 'На сервере произошла внутренняя ошибка или ошибка конфигурации, в результате которой ваш запрос не был выполнен. Свяжитесь с администратором сайта и проинформируйте его о том, когда произошла ошибка и какие из ваших действий могли ее вызвать.';
-$L['shield_protect'] = 'Анти-хаммеринг активирован, попробуйте снова через {$sec} секунд...<br />После этого промежутка времени вы сможете обновить данную страницу и продолжить.<br />Последнее действие: {$action}';
-
$L['captcha_verification_failed'] = 'Неверный код защиты от роботов';
?>
View
@@ -53,7 +53,6 @@
if ($usr['id'] > 0)
{
$db->update($db_users, array('user_lastvisit' => $sys['now_offset']), "user_id = " . $usr['id']);
- $db->delete($db_online, "online_ip='{$usr['ip']}'");
$all = cot_import('all', 'G', 'BOL');
if ($all)
@@ -81,7 +80,7 @@
if ($a == 'check')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
/* === Hook for the plugins === */
foreach (cot_getextplugins('users.auth.check') as $pl)
@@ -188,14 +187,13 @@
}
/* ===== */
- $sql = $db->delete($db_online, "online_userid='-1' AND online_ip='".$usr['ip']."' LIMIT 1");
cot_uriredir_apply($cfg['redirbkonlogin']);
cot_uriredir_redirect(empty($redirect) ? cot_url('index') : base64_decode($redirect));
}
else
{
$env['status'] = '401 Unauthorized';
- cot_shield_update(7, "Log in");
+ cot_plugin_active('shield') && cot_shield_update(7, "Log in");
cot_log("Log in failed, user : ".$rusername,'usr');
/* === Hook === */
@@ -42,7 +42,7 @@
if ($a == 'newtopic')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
/* === Hook === */
foreach (cot_getextplugins('forums.newtopic.newtopic.first') as $pl)
@@ -140,7 +140,7 @@
($cfg['cache_index']) && $cache->page->clear('index');
}
- cot_shield_update(45, "New topic");
+ cot_plugin_active('shield') && cot_shield_update(45, "New topic");
cot_redirect(cot_url('forums', "m=posts&q=$q&n=last", '#bottom', true));
}
}
@@ -83,7 +83,7 @@
if ($a == 'newpost' && !empty($s) && !empty($q))
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$db->query("SELECT ft_state FROM $db_forum_topics WHERE ft_id = $q")->fetchColumn() && cot_die();
@@ -183,7 +183,7 @@
($cfg['cache_index']) && $cache->page->clear('index');
}
- cot_shield_update(30, "New post");
+ cot_plugin_active('shield') && cot_shield_update(30, "New post");
cot_redirect(cot_url('forums', "m=posts&q=$q&n=last", '#bottom', true));
}
}
@@ -48,18 +48,6 @@
$cache && $cache->db->store('cot_sections_act', $cot_sections_act, 'system', 7200);
}
-$cache && $cache->mem && $cot_sections_vw = $cache->mem->get('sections_wv', 'forums');
-if (!$cot_sections_vw)
-{
- $sqltmp = $db->query("SELECT online_subloc, COUNT(*) FROM $db_online WHERE online_location='Forums' GROUP BY online_subloc");
- while ($tmprow = $sqltmp->fetch())
- {
- $cot_sections_vw[$tmprow['online_subloc']] = $tmprow['COUNT(*)'];
- }
- $sqltmp->closeCursor();
- $cache && $cache->mem && $cache->mem->store('sections_vw', $cot_sections_vw, 'forums', 120);
-}
-
$sql_forums = $db->query("SELECT * FROM $db_forum_stats WHERE 1 ORDER by fs_cat DESC");
foreach ($sql_forums->fetchAll() as $row)
{
@@ -130,8 +118,7 @@
'FORUMS_RSS' => cot_url('rss', 'c=forums'),
'FORUMS_SECTIONS_PAGETITLE' => cot_breadcrumbs($title, $cfg['homebreadcrumb']),
'FORUMS_SECTIONS_MARKALL' => ($usr['id'] > 0) ? cot_rc_link($url_markall, $L['forums_markallasread']) : '',
- 'FORUMS_SECTIONS_MARKALL_URL' => ($usr['id'] > 0) ? $url_markall : '',
- 'FORUMS_SECTIONS_WHOSONLINE' => $out['whosonline']." : ".$out['whosonline_reg_list']
+ 'FORUMS_SECTIONS_MARKALL_URL' => ($usr['id'] > 0) ? $url_markall : ''
));
@@ -163,31 +163,6 @@
$mskin = cot_tplfile(array('forums' ,'topics', $structure['forums'][$s]['tpl']));
$t = new XTemplate($mskin);
-if ($cfg['forums'][$s]['allowviewers'])
-{
-
- $v = 0;
- $sql_forums_view = $db->query("SELECT online_name, online_userid FROM $db_online WHERE online_location='Forums' AND online_subloc=".$db->quote($structure['forums'][$s]['title']));
- while ($rowv = $sql_forums_view->fetch())
- {
- if ($rowv['online_name'] != 'v')
- {
- $fs_viewers_names .= ($v>0) ? ', ' : '';
- $fs_viewers_names .= cot_build_user($rowv['online_userid'], htmlspecialchars($rowv['online_name']));
- $v++;
- }
- }
- $sql_forums_view->closeCursor();
- $fs_viewers = $v;
-
- $t->assign(array(
- 'FORUMS_TOPICS_VIEWERS' => $fs_viewers,
- 'FORUMS_TOPICS_VIEWER_NAMES' => $fs_viewers_names
- ));
- $t->parse('MAIN.FORUMS_SECTIONS_VIEWERS');
-
-}
-
$arraychilds = cot_structure_children('forums', $s, false, false);
if (count($arraychilds) > 0)
{
@@ -41,7 +41,7 @@
if ($a == 'add')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
/* === Hook === */
foreach (cot_getextplugins('page.add.add.first') as $pl)
@@ -175,7 +175,7 @@
$cache->page->clear('index');
}
}
- cot_shield_update(30, "r page");
+ cot_plugin_active('shield') && cot_shield_update(30, "r page");
cot_redirect($r_url);
}
else
@@ -34,7 +34,7 @@
/* ===== */
if ($a == 'send')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$newpmtitle = cot_import('newpmtitle', 'P', 'TXT');
$newpmtext = cot_import('newpmtext', 'P', 'HTM');
$newpmrecipient = cot_import('newpmrecipient', 'P', 'TXT');
@@ -163,7 +163,7 @@
/* ===== */
if($stats_enabled) { cot_stat_inc('totalpms'); }
- cot_shield_update(30, "New private message (".$totalrecipients.")");
+ cot_plugin_active('shield') && cot_shield_update(30, "New private message (".$totalrecipients.")");
cot_redirect(cot_url('pm', 'f=sentbox'));
}
}
@@ -169,7 +169,10 @@
require_once cot_incfile('pm', 'module');
$db->update($db_pm, array('pm_fromuser' => $newname), 'pm_fromuser = ?', array($oldname));
}
- $db->update($db_online, array('online_name' => $newname), 'online_name = ?', array($oldname));
+ if (cot_plugin_active('whosonline'))
+ {
+ $db->update($db_online, array('online_name' => $newname), 'online_name = ?', array($oldname));
+ }
}
$ruser['user_auth'] = '';
@@ -62,7 +62,7 @@ function cot_add_user($ruser, $email = null, $name = null, $password = null, $ma
$ruser['user_birthdate'] = ($ruser['user_birthdate'] > $sys['now']) ? ($sys['now'] - 31536000) : $ruser['user_birthdate'];
$ruser['user_birthdate'] = ($ruser['user_birthdate'] == '0') ? '0000-00-00' : cot_stamp2date($ruser['user_birthdate']);
$ruser['user_lostpass'] = md5(microtime());
- cot_shield_update(20, "Registration");
+ cot_plugin_active('shield') && cot_shield_update(20, "Registration");
$ruser['user_hideemail'] = 1;
$ruser['user_theme'] = $cfg['defaulttheme'];
@@ -27,7 +27,7 @@
if ($a == 'request' && $email != '')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$sql = $db->query("SELECT user_id, user_name, user_lostpass FROM $db_users WHERE user_email='".$db->prep($email)."' ORDER BY user_id ASC LIMIT 1");
if ($row = $sql->fetch())
@@ -42,7 +42,7 @@
$sql = $db->update($db_users, array('user_lostpass' => $validationkey, 'user_lastip' => $usr['ip']), "user_id=$ruserid");
}
- cot_shield_update(60, "Password recovery email sent");
+ cot_plugin_active('shield') && cot_shield_update(60, "Password recovery email sent");
$rinfo = sprintf($L['pasrec_email1b'], $usr['ip'], cot_date('datetime_medium'));
@@ -55,15 +55,15 @@
}
else
{
- cot_shield_update(10, "Password recovery requested");
+ cot_plugin_active('shield') && cot_shield_update(10, "Password recovery requested");
$env['status'] = '403 Forbidden';
cot_log("Pass recovery failed, user : ".$rusername);
cot_redirect(cot_url('message', 'msg=151', '', true));
}
}
elseif ($a == 'auth' && mb_strlen($v) == 32)
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$sql = $db->query("SELECT user_name, user_id, user_email, user_password, user_maingrp, user_banexpire FROM $db_users WHERE user_lostpass='".$db->prep($v)."'");
@@ -102,7 +102,7 @@
else
{
$env['status'] = '403 Forbidden';
- cot_shield_update(7, "Log in");
+ cot_plugin_active('shield') && cot_shield_update(7, "Log in");
cot_log("Pass recovery failed, user : ".$rusername);
cot_redirect(cot_url('message', 'msg=151', '', true));
}
@@ -122,7 +122,10 @@
session_unset();
session_destroy();
}
- $db->delete($db_online, "online_ip='{$usr['ip']}'");
+ if (cot_plugin_active('whosonline'))
+ {
+ $db->delete($db_online, "online_ip='{$usr['ip']}'");
+ }
cot_redirect(cot_url('message', 'msg=102', '', true));
}
else
@@ -33,7 +33,7 @@
if ($a=='add')
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$ruser = array();
@@ -119,7 +119,7 @@
}
/* ===== */
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$sql = $db->query("SELECT * FROM $db_users WHERE user_lostpass='$v' AND (user_maingrp=2 OR user_maingrp='-1') LIMIT 1");
if ($row = $sql->fetch())
@@ -171,7 +171,7 @@
else
{
$env['status'] = '403 Forbidden';
- cot_shield_update(7, "Account validation");
+ cot_plugin_active('shield') && cot_shield_update(7, "Account validation");
cot_log("Wrong validation URL", 'sec');
cot_redirect(cot_url('message', 'msg=157', '', true));
}
@@ -179,7 +179,7 @@
if ($a == 'send' && $usr['auth_write'])
{
- cot_shield_protect();
+ cot_plugin_active('shield') && cot_shield_protect();
$rtext = cot_import('rtext', 'P', 'HTM');
$rname = cot_import('rname', 'P', 'TXT');
$comarray = array();
@@ -249,7 +249,7 @@
cot_message($L['com_commentadded']);
- cot_shield_update(20, 'New comment');
+ cot_plugin_active('shield') && cot_shield_update(20, 'New comment');
}
cot_redirect(cot_url($url_area, $url_params, '#c' . $id, true));
}
@@ -14,8 +14,7 @@
Lock_guests=12345A
Auth_members=RW
Lock_members=
-Recommends_modules=
-Recommends_plugins=
+Requires_plugins=whosonline
[END_COT_EXT]
[BEGIN_COT_EXT_CONFIG]
Oops, something went wrong.

0 comments on commit 29fd9db

Please sign in to comment.