|
|
@ -19,6 +19,7 @@ class Filter { |
|
|
|
} |
|
|
|
|
|
|
|
public function match($condition, $match) { |
|
|
|
print_err("Filter condition: " . $condition); |
|
|
|
$condition = strtolower($condition); |
|
|
|
|
|
|
|
$post = &$this->post; |
|
|
@ -68,9 +69,18 @@ class Filter { |
|
|
|
$flood_check_matched[] = $flood_post; |
|
|
|
} |
|
|
|
|
|
|
|
// is there any reason for this assignment? |
|
|
|
$this->flood_check = $flood_check_matched; |
|
|
|
|
|
|
|
return !empty($this->flood_check); |
|
|
|
case 'flood-time-any': |
|
|
|
foreach ($this->flood_check as $flood_post) { |
|
|
|
if (time() - $flood_post['time'] <= $match) { |
|
|
|
print_err("rejecting post with flood id: " . $flood_post['id']); |
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
return false; |
|
|
|
case 'flood-time': |
|
|
|
foreach ($this->flood_check as $flood_post) { |
|
|
|
if (time() - $flood_post['time'] <= $match) { |
|
|
@ -178,7 +188,9 @@ class Filter { |
|
|
|
if ($condition[0] == '!') { |
|
|
|
$NOT = true; |
|
|
|
$condition = substr($condition, 1); |
|
|
|
} else $NOT = false; |
|
|
|
} else { |
|
|
|
$NOT = false; |
|
|
|
} |
|
|
|
|
|
|
|
if ($this->match($condition, $value) == $NOT) |
|
|
|
return false; |
|
|
@ -217,14 +229,26 @@ function do_filters(array $post) { |
|
|
|
if (!isset($config['filters']) || empty($config['filters'])) |
|
|
|
return; |
|
|
|
|
|
|
|
// look at the flood table regardless of IP |
|
|
|
$noip = false; |
|
|
|
|
|
|
|
foreach ($config['filters'] as $filter) { |
|
|
|
if (isset($filter['condition']['flood-match'])) { |
|
|
|
if (isset($filter['condition']['flood-match']) && (!isset($filter['noip']) || $filter['noip'] == false)) { |
|
|
|
$has_flood = true; |
|
|
|
break; |
|
|
|
} else if ($filter['noip'] == true) { |
|
|
|
print_err("filters noip is true"); |
|
|
|
$noip = true; |
|
|
|
$find_time = time() - $filter['find-time']; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if (isset($has_flood)) { |
|
|
|
if ($noip) { |
|
|
|
print_err("SELECT * FROM flood WHERE time > " . strval($find_time)); |
|
|
|
$query = prepare("SELECT * FROM ``flood`` WHERE `time` > $find_time"); |
|
|
|
$query->execute() or error(db_error($query)); |
|
|
|
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC); |
|
|
|
} else if (isset($has_flood)) { |
|
|
|
if ($post['has_file']) { |
|
|
|
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash"); |
|
|
|
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); |
|
|
@ -242,11 +266,13 @@ function do_filters(array $post) { |
|
|
|
} |
|
|
|
|
|
|
|
foreach ($config['filters'] as $filter_array) { |
|
|
|
print_err("creating new filter, running check"); |
|
|
|
$filter = new Filter($filter_array); |
|
|
|
$filter->flood_check = $flood_check; |
|
|
|
if ($filter->check($post)) |
|
|
|
if ($filter->check($post)) { |
|
|
|
$filter->action(); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
purge_flood_table(); |
|
|
|
} |
|
|
|