Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Updated to library version 2.0.32

Ignore-this: 7ad6f2eb47a565335f1e5c99db01f48b

darcs-hash:20091120102024-7ad00-5b8f1398da123c01598ebc2f09f98de004706041.gz
  • Loading branch information...
commit 190207330ab371784e6866dc5bd80ad6b0435d5e 1 parent 2f62712
Andreas Gohr authored
2  action.php
View
@@ -18,7 +18,7 @@ class action_plugin_badbehaviour extends DokuWiki_Action_Plugin {
* return some info
*/
function getInfo(){
- return confToHash(dirname(__FILE__).'/info.txt');
+ return confToHash(dirname(__FILE__).'/plugin.info.txt');
}
/**
2  admin.php
View
@@ -18,7 +18,7 @@ class admin_plugin_badbehaviour extends DokuWiki_Admin_Plugin {
* return some info
*/
function getInfo(){
- return confToHash(dirname(__FILE__).'/info.txt');
+ return confToHash(dirname(__FILE__).'/plugin.info.txt');
}
/**
2  bad-behavior/blackhole.inc.php
View
@@ -45,7 +45,7 @@ function bb2_blackhole($package) {
function bb2_httpbl($settings, $package) {
// Can't use IPv6 addresses yet
- if (@is_ipv6($package['ip'])) return;
+ if (@is_ipv6($package['ip'])) return false;
if (@!$settings['httpbl_key']) return false;
4 bad-behavior/common_tests.inc.php
View
@@ -45,6 +45,10 @@ function bb2_misc_headers($settings, $package)
if (strpos($package['request_uri'], "#") !== FALSE) {
return "dfd9b1ad";
}
+ // A pretty nasty SQL injection attack on IIS servers
+ if (strpos($package['request_uri'], ";DECLARE%20@") !== FALSE) {
+ return "dfd9b1ad";
+ }
// Range: field exists and begins with 0
// Real user-agents do not start ranges at 0
2  bad-behavior/core.inc.php
View
@@ -183,7 +183,7 @@ function bb2_start($settings)
} elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
require_once(BB2_CORE . "/msnbot.inc.php");
bb2_test($settings, $package, bb2_msnbot($package));
- } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE) {
+ } elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) {
require_once(BB2_CORE . "/google.inc.php");
bb2_test($settings, $package, bb2_google($package));
} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
2  bad-behavior/version.inc.php
View
@@ -1,3 +1,3 @@
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
-define('BB2_VERSION', "2.0.31");
+define('BB2_VERSION', "2.0.32");
?>
6 bad-behavior/whitelist.inc.php
View
@@ -68,7 +68,11 @@ function bb2_whitelist($package)
}
}
if (!empty($bb2_whitelist_urls)) {
- $request_uri = substr($settings['request_uri'], 0, strpos($settings['request_uri'], "?"));
+ if (strpos($package['request_uri'], "?") === FALSE) {
+ $request_uri = $package['request_uri'];
+ } else {
+ $request_uri = substr($package['request_uri'], 0, strpos($settings['request_uri'], "?"));
+ }
foreach ($bb2_whitelist_urls as $url) {
if (!strcmp($request_uri, $url)) return true;
}
5 info.txt → plugin.info.txt
View
@@ -1,6 +1,7 @@
+base badbehaviour
author Andreas Gohr
email andi@splitbrain.org
-date 2008-08-24
-name Bad Behaviour Plugin (based on library version 2.0.31)
+date 2009-11-20
+name Bad Behaviour Plugin (based on library version 2.0.32)
desc Protects the wiki against malicious users and spiders
url http://www.dokuwiki.org/plugin:badbehaviour
Please sign in to comment.
Something went wrong with that request. Please try again.