/
SFSbase.class.php
129 lines (103 loc) · 3.77 KB
/
SFSbase.class.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
/**
* File: SFSbase.class.php
* Stop Forum Spam (SFS) Base Class
* Copyright (C) 2014-2017 Tom Homer - WebSiteMaster AT cogeco DOT com
* Licensed under the GNU General Public License
*/
if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
die ('This file can not be used on its own!');
}
/**
* Checks number of links in post.
* based in large part on the works of Dirk Haun, Tom Willet (Spam-X) and Russ Jones (SLV)
*/
class SFSbase
{
private $_debug = false;
private $_verbose = false;
/**
* Constructor
*/
public function __construct()
{
$this->_debug = false;
$this->_verbose = false;
}
/**
* Check if spam IP
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in Geeklog's error.log
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $_TABLES;
if (!isset($_SPX_CONF['sfs_enabled'])) {
$_SPX_CONF['sfs_enabled'] = false;
}
if (!$_SPX_CONF['sfs_enabled']) {
return PLG_SPAM_NOT_FOUND; // invalid data, assume ok
}
if (!$_SPX_CONF['sfs_confidence']) {
$_SPX_CONF['sfs_enabled'] = 25;
}
if (!isset($_SPX_CONF['timeout'])) {
$_SPX_CONF['timeout'] = 5; // seconds
}
$ip = $_SERVER['REMOTE_ADDR'];
$query = "http://www.stopforumspam.com/api?f=serial&ip=$ip";
$req = new HTTP_Request2(
$query,
HTTP_Request2::METHOD_GET,
array(
'timeout' => $_SPX_CONF['timeout'],
)
);
if ($this->_verbose) {
SPAMX_log('Sending to SFS: ' . $query);
}
try {
$response = $req->send();
if ($response->getStatus() == 200) {
$result = $response->getBody();
if (strlen($result) === 0) {
return PLG_SPAM_NOT_FOUND; // Response body is not set, assume ok
}
$result = @unserialize($result);
if ($result === false) {
if ($this->_verbose) {
SPAMX_log("SFS: no spam detected");
}
return PLG_SPAM_NOT_FOUND; // Invalid data, assume ok
}
} else {
return PLG_SPAM_NOT_FOUND; // PEAR Error, assume ok
}
} catch (HTTP_Request2_Exception $e) {
COM_errorLog(__METHOD__ . ': ' . $e->getMessage());
return PLG_SPAM_NOT_FOUND; // assumes OK
}
if ($result['ip']['appears'] == 1 && $result['ip']['confidence'] > (float) $_SPX_CONF['sfs_confidence']) {
$retval = PLG_SPAM_FOUND;
SPAMX_log("SFS: spammer IP detected: " . $ip);
// Add IP to SFS IP list... assuming sfs runs after ip check so no dups
// Double Check for IP address just in case
$db_ip = DB_escapeString($ip);
$result = DB_query("SELECT value FROM {$_TABLES['spamx']}
WHERE name='IP' AND value='$db_ip'", 1);
if (DB_numRows($result) == 0) { // Not in db so add
$timestamp = DB_escapeString(date('Y-m-d H:i:s'));
$sql = "INSERT INTO {$_TABLES['spamx']} (name, value, regdate)
VALUES ('IP', '$db_ip', '$timestamp')";
DB_query($sql);
}
} elseif ($this->_verbose) {
$retval = PLG_SPAM_NOT_FOUND;
SPAMX_log("SFS: spammer IP not detected: " . $ip);
}
return $retval;
}
}