| [ Index ] |
|
Code source de Phorum 5.1.25 |
1 <?php 2 3 //////////////////////////////////////////////////////////////////////////////// 4 // // 5 // Copyright (C) 2006 Phorum Development Team // 6 // http://www.phorum.org // 7 // // 8 // This program is free software. You can redistribute it and/or modify // 9 // it under the terms of either the current Phorum License (viewable at // 10 // phorum.org) or the Phorum License that was distributed with this file // 11 // // 12 // This program is distributed in the hope that it will be useful, // 13 // but WITHOUT ANY WARRANTY, without even the implied warranty of // 14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // 15 // // 16 // You should have received a copy of the Phorum License // 17 // along with this program. // 18 //////////////////////////////////////////////////////////////////////////////// 19 20 if(!defined("PHORUM")) return; 21 22 23 function phorum_gen_password($charpart=4, $numpart=3) 24 { 25 $vowels = array("a", "e", "i", "o", "u"); 26 $cons = array("b", "c", "d", "g", "h", "j", "k", "l", "m", "n", "p", "r", "s", "t", "u", "v", "w", "tr", "cr", "br", "fr", "th", "dr", "ch", "ph", "wr", "st", "sp", "sw", "pr", "sl", "cl"); 27 28 $num_vowels = count($vowels); 29 $num_cons = count($cons); 30 31 $password=""; 32 33 for($i = 0; $i < $charpart; $i++){ 34 $password .= $cons[mt_rand(0, $num_cons - 1)] . $vowels[mt_rand(0, $num_vowels - 1)]; 35 } 36 37 $password = substr($password, 0, $charpart); 38 39 if($numpart){ 40 $max=(int)str_pad("", $numpart, "9"); 41 $min=(int)str_pad("1", $numpart, "0"); 42 43 $num=(string)mt_rand($min, $max); 44 } 45 46 return strtolower($password.$num); 47 } 48 49 // ---------------------------------------------------------------------------- 50 // Banlist checking 51 // ---------------------------------------------------------------------------- 52 53 /** 54 * This function can perform multiple banlist checks at once and will 55 * automatically generate an appropriate error message when a banlist 56 * match is found. 57 * @param bans - an array of bans to check. Each element in this array is an 58 * array itself with two elements: the value to check and the 59 * type of banlist to check against. One special case: 60 * if the type if PHORUM_BAD_IPS, the value may be NULL. 61 * In that case the IP/hostname of the client will be checked. 62 * @return - An error message in case a banlist match was found or NULL 63 * if no match was found. 64 */ 65 function phorum_check_bans($bans) 66 { 67 $PHORUM = $GLOBALS["PHORUM"]; 68 69 // A mapping from bantype -> error message to return on match. 70 $phorum_bantype2error = array ( 71 PHORUM_BAD_NAMES => "ErrBannedName", 72 PHORUM_BAD_EMAILS => "ErrBannedEmail", 73 PHORUM_BAD_USERID => "ErrBannedUser", 74 PHORUM_BAD_IPS => "ErrBannedIP", 75 PHORUM_BAD_SPAM_WORDS => "ErrBannedContent", 76 ); 77 78 // These language strings are set dynamically, so the language 79 // tool won't recognize them automatically. Therefore they are 80 // mentioned here. 81 // $PHORUM["DATA"]["LANG"]["ErrBannedName"] 82 // $PHORUM["DATA"]["LANG"]["ErrBannedEmail"] 83 // $PHORUM["DATA"]["LANG"]["ErrBannedUser"] 84 // $PHORUM["DATA"]["LANG"]["ErrBannedIP"] 85 86 // Load the ban lists. 87 if (! isset($GLOBALS["PHORUM"]["banlists"])) 88 $GLOBALS["PHORUM"]["banlists"] = phorum_db_get_banlists(); 89 if(! isset($GLOBALS['PHORUM']['banlists'])) return NULL; 90 91 // Run the checks. 92 for (;;) { 93 // An array for adding ban checks on the fly. 94 $add_bans = array(); 95 96 foreach ($bans as $ban) { 97 // Checking IP/hostname, but no value set? Then add the IP-address 98 // and hostname (if DNS lookups are enabled) to the end of the checking 99 // queue and continue with the next check. 100 if ($ban[1] == PHORUM_BAD_IPS && $ban[0] == NULL) { 101 $add_bans[] = array($_SERVER["REMOTE_ADDR"], PHORUM_BAD_IPS); 102 if ($PHORUM["dns_lookup"]) { 103 $resolved = @gethostbyaddr($_SERVER["REMOTE_ADDR"]); 104 if (!empty($resolved) && $resolved != $_SERVER["REMOTE_ADDR"]) { 105 $add_bans[] = array($resolved, PHORUM_BAD_IPS); 106 } 107 } 108 continue; 109 } 110 111 // Do a single banlist check. Return an error if we find a match. 112 if (! phorum_check_ban_lists($ban[0], $ban[1])) { 113 $msg = $PHORUM["DATA"]["LANG"][$phorum_bantype2error[$ban[1]]]; 114 // Replace %name% with the blocked string. 115 $msg = str_replace('%name%', htmlspecialchars($ban[0]), $msg); 116 return $msg; 117 } 118 } 119 120 // Bans added on the fly? Then restart the loop. 121 if (count($add_bans) == 0) { 122 break; 123 } else { 124 $bans = $add_bans; 125 } 126 } 127 128 return NULL; 129 } 130 131 /** 132 * Check a single banlist for a match. 133 * @param value - The value to check. 134 * @param type - The type of banlist to check the value against. 135 * @return True if all is okay. False if a match has been found. 136 */ 137 function phorum_check_ban_lists($value, $type) 138 { 139 // Load the ban lists. 140 if (! isset($GLOBALS["PHORUM"]["banlists"])) 141 $GLOBALS["PHORUM"]["banlists"] = phorum_db_get_banlists(); 142 if(! isset($GLOBALS['PHORUM']['banlists'])) return true; 143 144 $banlists = $GLOBALS['PHORUM']['banlists']; 145 146 $value = trim($value); 147 148 if (!empty($value)) { 149 if (isset($banlists[$type]) && is_array($banlists[$type])) { 150 foreach($banlists[$type] as $item) { 151 if ( !empty($item['string']) && ( 152 ($item["pcre"] && @preg_match("/\b".$item['string']."\b/i", $value)) || 153 (!$item["pcre"] && stristr($value , $item["string"]) && $type != PHORUM_BAD_USERID) || 154 ($type == PHORUM_BAD_USERID && $value == $item["string"])) ) { 155 return false; 156 } 157 } 158 } 159 } 160 161 return true; 162 } 163 164 165 /* 166 167 function phorum_dyn_profile_html($field, $value="") 168 { 169 170 // $PHORUM["PROFILE_FIELDS"][]=array("name"=>"real_name", "type"=>"text", "length"=>100, "required"=>0); 171 // $PHORUM["PROFILE_FIELDS"][]=array("name"=>"email", "type"=>"text", "length"=>100, "required"=>1); 172 // $PHORUM["PROFILE_FIELDS"][]=array("name"=>"hide_email", "type"=>"bool", "default"=>1); 173 // $PHORUM["PROFILE_FIELDS"][]=array("name"=>"sig", "type"=>"text", "length"=>0, "required"=>0); 174 175 176 $PHORUM=$GLOBALS["PHORUM"]; 177 178 $html=""; 179 180 switch ($field["type"]){ 181 182 case "text": 183 if($field["length"]==0){ 184 $html="<textarea name=\"$field[name]\" rows=\"15\" cols=\"50\" style=\"width: 100%\">$value</textarea>"; 185 } else { 186 $html="<input type=\"text\" name=\"$field[name]\" size=\"30\" maxlength=\"$field[length]\" value=\"$value\" />"; 187 } 188 break; 189 case "check": 190 $html ="<input type=\"checkbox\" name=\"$field[name]\" value=\"1\" "; 191 if($value) $html.="checked "; 192 $html.="/> $field[caption]"; 193 break; 194 case "radio": 195 foreach($field["options"] as $option){ 196 $html.="<input type=\"radio\" name=\"$field[name]\" value=\"$option\" "; 197 if($value==$option) $html.="checked "; 198 $html.="/> $option "; 199 } 200 break; 201 case "select": 202 $html ="<select name=\"$field[name]\" size=\"1\">"; 203 foreach($field["options"] as $option){ 204 $html.="<option value=\"$option\""; 205 if($value==$option) $html.=" selected"; 206 $html.=">$option</option>"; 207 } 208 $html.="</select>"; 209 break; 210 211 } 212 213 return $html; 214 215 } 216 217 */ 218 219 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Thu Nov 29 12:22:27 2007 | par Balluche grâce à PHPXref 0.7 |
|
|