1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
<?php namespace HashOver;
// Copyright (C) 2010-2018 Jacob Barkdull
// This file is part of HashOver.
//
// HashOver is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// HashOver is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with HashOver. If not, see <http://www.gnu.org/licenses/>.
class SpamCheck
{
public $blocklist;
public $database;
public $error;
public function __construct (Setup $setup)
{
// JSON IP address blocklist file
$this->blocklist = $setup->getAbsolutePath ('config/blocklist.json');
// CSV spam database file
$this->database = $setup->getAbsolutePath ('spam-database.csv');
}
// Compare array of IP addresses to user's IP
public function checkIPs ($ips = array ())
{
// Do nothing if input isn't an array
if (!is_array ($ips)) {
return false;
}
// Run through each IP
for ($ip = count ($ips) - 1; $ip >= 0; $ip--) {
// Return true if they match
if ($ips[$ip] === $_SERVER['REMOTE_ADDR']) {
return true;
}
}
// Otherwise, return false
return false;
}
// Return false if visitor's IP address is in block list file
public function checkList ()
{
// Do nothing if blocklist file doesn't exist
if (!file_exists ($this->blocklist)) {
return false;
}
// Read blocklist file
$data = @file_get_contents ($this->blocklist);
// Parse blocklist file
$blocklist = @json_decode ($data, true);
// Check user's IP address against blocklist
if ($blocklist !== null) {
return $this->checkIPs ($blocklist);
}
return false;
}
// Get Stop Forum Spam remote spam database JSON
public function getStopForumSpamJSON ()
{
// Stop Forum Spam API URL
$url = 'http://www.stopforumspam.com/api?ip=' . $_SERVER['REMOTE_ADDR'] . '&f=json';
// Check if we have cURL
if (function_exists ('curl_init')) {
// If so, initiate cURL
$ch = curl_init ();
$options = array (CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true);
curl_setopt_array ($ch, $options);
// Fetch response from Stop Forum Spam database check
$output = curl_exec ($ch);
// Close cURL
curl_close ($ch);
} else {
// If not, open file via URL if allowed
if (ini_get ('allow_url_fopen')) {
$output = @file_get_contents ($url);
}
}
// Parse response as JSON
if (!empty ($output)) {
$json = @json_decode ($output, true);
if ($json !== null) {
return $json;
}
}
return array ();
}
// Stop Forum Spam remote spam database check
public function remote ()
{
// Get Stop Forum Spam JSON
$spam_database = $this->getStopForumSpamJSON ();
// Set error message and return true if spam check failed
if (!isset ($spam_database['success'])) {
$this->error = 'Spam check failed!';
return true;
}
// Set error message and return true if response was invalid
if (!isset ($spam_database['ip']['appears'])) {
$this->error = 'Spam check received invalid JSON!';
return true;
}
// If spam check was successful
if ($spam_database['success'] === 1) {
// Return true if user's IP appears in the database
if ($spam_database['ip']['appears'] === 1) {
return true;
}
}
return false;
}
// Local CSV spam database check
public function local ()
{
// Do nothing if CSV spam database file doesn't exist
if (!file_exists ($this->database)) {
return false;
}
// Read CSV spam database file
$data = @file_get_contents ($this->database);
// Check if file read successfully
if ($data !== false) {
// If so, convert CSV database into array
$ips = explode (',', $data);
// And check user's IP address against CSV database
return $this->checkIPs ($ips);
} else {
// If not, set error message
$this->error = 'No local database found!';
}
return false;
}
}
|
