<?php
-// $Id: spam.php,v 1.175 2007/06/11 14:28:07 henoheno Exp $
+// $Id: spam.php,v 1.180 2007/06/16 04:34:42 henoheno Exp $
// Copyright (C) 2006-2007 PukiWiki Developers Team
// License: GPL v2 or (at your option) any later version
//
// NOTE: If the same data exists, it must be corrupted.
function var_export_shrink($expression, $return = FALSE, $ignore_numeric_keys = FALSE)
{
- $result =preg_replace(
+ $result = var_export($expression, TRUE);
+
+ $result = preg_replace(
// Remove a newline and spaces
'# => \n *array \(#', ' => array (',
- var_export($expression, TRUE)
+ $result
);
if ($ignore_numeric_keys) {
// References:
// http://www.freebsd.org/cgi/man.cgi?query=strings (Man-page of GNU strings)
// http://www.pcre.org/pcre.txt
-function strings($binary = '', $min_len = 4, $ignore_space = FALSE)
+// Note: mb_ereg_replace() is one of mbstring extension's functions
+// and need to init its encoding.
+function strings($binary = '', $min_len = 4, $ignore_space = FALSE, $multibyte = FALSE)
{
+ // String only
+ $binary = (is_array($binary) || $binary === TRUE) ? '' : strval($binary);
+
+ $regex = $ignore_space ?
+ '[^[:graph:] \t\n]+' : // Remove "\0" etc, and readable spaces
+ '[^[:graph:][:space:]]+'; // Preserve readable spaces if possible
+
+ $binary = $multibyte ?
+ mb_ereg_replace($regex, "\n", $binary) :
+ preg_replace('/' . $regex . '/s', "\n", $binary);
+
if ($ignore_space) {
$binary = preg_replace(
array(
- '/(?:[^[:graph:] \t\n]|[\r])+/s',
'/[ \t]{2,}/',
'/^[ \t]/m',
'/[ \t]$/m',
),
array(
- "\n",
' ',
'',
''
),
$binary);
- } else {
- // Remove "\0" etc. Preserve readable spaces if possible.
- $binary = preg_replace('/(?:[^[:graph:][:space:]]|[\r])+/s', "\n", $binary);
}
if ($min_len > 1) {
+ // The last character seems "\n" or not
+ $br = (! empty($binary) && $binary[strlen($binary) - 1] == "\n") ? "\n" : '';
+
$min_len = min(1024, intval($min_len));
$regex = '/^.{' . $min_len . ',}/S';
- if (is_array($binary)) {
- foreach(array_keys($binary) as $key) {
- $binary[$key] = implode("\n", preg_grep($regex, explode("\n", $binary[$key])));
- }
- } else {
- $binary = implode("\n", preg_grep($regex, explode("\n", $binary)));
- }
+ $binary = implode("\n", preg_grep($regex, explode("\n", $binary))) . $br;
}
return $binary;
return $result;
}
+// Preprocess: Removing uninterest part for URI detection
+function spam_uri_removing_hocus_pocus($binary = '', $method = array())
+{
+ $length = 4 ; // 'http'(1) and '://'(2) and 'fqdn'(1)
+ if (is_array($method)) {
+ // '<a'(2) or 'href='(5) or '>'(1) or '</a>'(4)
+ // '[uri'(4) or ']'(1) or '[/uri]'(6)
+ if (isset($method['area_anchor']) || isset($method['uri_anchor']) ||
+ isset($method['area_bbcode']) || isset($method['uri_bbcode']))
+ $length = 1; // Seems not effective
+ }
+
+ // Removing sequential spaces and too short lines
+ $binary = strings($binary, $length, TRUE, FALSE); // Multibyte NOT needed
+
+ // Remove words (has no '<>[]:') between spaces
+ $binary = preg_replace('/[ \t][\w.,()\ \t]+[ \t]/', ' ', $binary);
+
+ return $binary;
+}
+
// Preprocess: rawurldecode() and adding space(s) and something
// to detect/count some URIs _if possible_
// NOTE: It's maybe danger to var_dump(result). [e.g. 'javascript:']
// [OK] http://victim.example.org/nasty.example.org
// [OK] http://victim.example.org/go?http%3A%2F%2Fnasty.example.org
// [OK] http://victim.example.org/http://nasty.example.org
-function spam_uri_pickup_preprocess($string = '')
+function spam_uri_pickup_preprocess($string = '', $method = array())
{
if (! is_string($string)) return '';
- $string = rawurldecode($string);
+ $string = spam_uri_removing_hocus_pocus(rawurldecode($string), $method);
+ //var_dump(htmlspecialchars($string));
// Domain exposure (simple)
// http://victim.example.org/nasty.example.org/path#frag
$method = check_uri_spam_method();
}
- $string = spam_uri_pickup_preprocess($string);
+ $string = spam_uri_pickup_preprocess($string, $method);
$array = uri_pickup($string);
foreach(array_keys($method) as $key) {
if (! isset($sum[$key])) $sum[$key] = 0;
}
+ if (! isset($sum['quantity'])) $sum['quantity'] = 0;
if (is_array($target)) {
foreach($target as $str) {
empty($progress['hosts'])) return '';
$result = '';
- if (FALSE) {
- // Sort by domain
- $tmp = array();
- foreach($progress['hosts'] as $value) {
- $tmp[delimiter_reverse($value)] = $value;
- }
- ksort($tmp, SORT_STRING);
- $result = count($tmp) . ' (' .implode(', ', $tmp) . ')';
- } else {
- $tmp = array();
- foreach($progress['hosts'] as $value) {
- $tmp = array_merge_recursive(
- $tmp,
- array_leaf(explode('.', delimiter_reverse($value)), TRUE, $value)
- );
- }
-//var_dump($tmp);
-// TODO: IP address 1.2.3.4 => "0"-3-2-1 by array_shrinkbranch_leaves()
+ // Generate a $trie
+ $trie = array();
+ foreach($progress['hosts'] as $value) {
- array_shrinkbranch_leaves($tmp, '.', TRUE); // "domain.tld"
- array_joinbranch_leaf($tmp, '.', 0, TRUE);
- foreach($tmp as $key => $value) {
- if (is_array($value)) {
- ksort($tmp[$key], SORT_STRING);
- $tmp[$key] = implode(', ', array_flat_leaves($value));
- }
+ // Try to shorten (pre) -- array('example.com', 'bar', 'foo')
+ $resp = whois_responsibility($value); // 'example.com'
+ $rest = rtrim(substr($value, 0, - strlen($resp)), '.'); // 'foo.bar'
+ if ($rest) {
+ $parts = explode('.', delimiter_reverse('.' . $rest));
+ array_unshift($parts, $resp);
+ } else {
+ $parts = array($resp, $rest);
}
- ksort($tmp, SORT_STRING);
- $result = var_export_shrink($tmp, TRUE, TRUE);
+ $trie = array_merge_recursive(
+ $trie,
+ array_leaf($parts, TRUE, $value)
+ );
+ }
+
+ // Try to shorten (post, non-recursive) -- 'foo.bar.example.com'
+ array_joinbranch_leaf($trie, '.', 0, TRUE);
+
+ // Sort and flatten -- 'A.foo.bar.example.com, B.foo.bar.example.com'
+ foreach(array_keys($trie) as $key) {
+ if (is_array($trie[$key])) {
+ ksort_by_domain($trie[$key]);
+ $trie[$key] = implode(', ', array_flat_leaves($trie[$key]));
+ }
}
- return $result;
+ // TODO: ltrim('.') from $trie
+
+ ksort_by_domain($trie);
+
+ // TODO: from array('foobar' => 'foobar') to 'foobar'
+
+ return var_export_shrink($trie, TRUE, TRUE);
+}
+
+// ksort() by domain
+function ksort_by_domain(& $array)
+{
+ $sort = array();
+ foreach(array_keys($array) as $key) {
+ $sort[delimiter_reverse($key)] = $key;
+ }
+ ksort($sort, SORT_STRING);
+ $result = array();
+ foreach($sort as $key) {
+ $result[$key] = & $array[$key];
+ }
+ $array = $result;
}
// array('F' => array('B' => array('C' => array('d' => array('' => 'foobar')))))
}
-// array('A' => array('B' => 'C')) to
-// array('A.B' => 'C')
-// array(
-// 'A' => array(
-// 'B' => array(
-// 'C' => array(
-// 'D' => '1'
-// ),
-// ),
-// ),
-// 'G' => array(
-// 'H' => '2'
-// ),
-// )
-// to
-// array (
-// 'G.H' => '2',
-// 'A.B.C.D' => '1',
-// )
-function array_shrinkbranch_leaves(& $array, $delim = '.', $reverse = FALSE, $recurse = FALSE)
-{
- $result = 0;
- if (! is_array($array) || empty($array)) return $result;
-
- foreach(array_keys($array) as $key) {
- $branch = & $array[$key];
- if (! is_array($branch) || empty($branch)) continue;
-
- foreach(array_keys($branch) as $bkey) {
- $joinkey = $reverse ?
- $bkey . $delim . $key :
- $key . $delim . $bkey;
- $array[$joinkey] = & $branch[$bkey];
- unset($array[$key]);
- ++$result;
- }
- }
-
- // Rescan (Recurse)
- if ($recurse && $result) {
- $result = array_shrinkbranch_leaves($array, $delim, $reverse, $recurse);
- }
-
- return $result; // Tell me how many
-}
-//$a = array (
-// 'edu' => array (
-// 'berkeley' => array (
-// 'polisci' => array (
-// '' => 'polisci.berkeley.edu',
-// ),
-// ),
-// 'cmich' => array (
-// 'rso' => array (
-// '' => 'rso.cmich.edu',
-// ),
-// ),
-// ),
-//);
-//array_shrinkbranch_leaves($a, '.', TRUE);
-//var_export($a);
-
-//$a = array (
-// '4' => array (
-// '5' => array (
-// '6' => array (
-// '' => '7.8.9',
-// ),
-// ),
-// ),
-//);
-//array_shrinkbranch_leaves($a, '.', TRUE);
-//var_export($a);
-
-
-
// Check responsibility-root of the FQDN
-// 'foobar.example.co.jp' => 'example.co.jp' (.co.jp seems public)
-// 'foobar.example.act.edu.au' => 'example.act.edu.au' (.act.edu.au seems public)
-// 'foobar.example.com' => 'example.com' (.com seems public)
-function domain_responsibility($fqdn = 'fqdn.foo.bar.example.com', $implicit = TRUE)
+// 'foo.bar.example.com' => 'example.com' (.com has the last whois for it)
+// 'foo.bar.example.au' => 'example.au' (.au has the last whois for it)
+// 'foo.bar.example.edu.au' => 'example.edu.au' (.edu.au has the last whois for it)
+// 'foo.bar.example.act.edu.au' => 'example.act.edu.au' (.act.edu.au has the last whois for it)
+function whois_responsibility($fqdn = 'foo.bar.example.com', $parent = FALSE, $implicit = TRUE)
{
// Domains who have 2nd and/or 3rd level domains
static $domain = array(
- // ccTLD: Australia http://www.auda.org.au/ http://www.aunic.net/ http://www.ausregistry.com.au/
+ // ccTLD: Australia
+ // http://www.auda.org.au/
+ // NIC : http://www.aunic.net/
+ // Whois: http://www.ausregistry.com.au/
'au' => array(
- // ".au Second Level Domains" http://www.auda.org.au/domains/
+ // .au Second Level Domains
+ // http://www.auda.org.au/domains/
'asn' => TRUE,
'com' => TRUE,
'conf' => TRUE,
'csiro' => TRUE,
'edu' => array( // http://www.domainname.edu.au/
+ // Geographic
'act' => TRUE,
'nt' => TRUE,
'nsw' => TRUE,
'wa' => TRUE,
),
'gov' => array(
+ // Geographic
'act' => TRUE, // Australian Capital Territory
'nt' => TRUE, // Northern Territory
'nsw' => TRUE, // New South Wales
'info' => TRUE,
),
- // ccTLD: Japan http://jprs.co.jp/en/ http://whois.jprs.jp/en/
+ // ccTLD: China
+ // NIC : http://www.cnnic.net.cn/en/index/
+ // Whois: http://ewhois.cnnic.cn/
+ 'cn' => array(
+ // Provisional Administrative Rules for Registration of Domain Names in China
+ // http://www.cnnic.net.cn/html/Dir/2003/11/27/1520.htm
+
+ // Organizational
+ 'ac' => TRUE,
+ 'com' => TRUE,
+ 'edu' => TRUE,
+ 'gov' => TRUE,
+ 'net' => TRUE,
+ 'org' => TRUE,
+
+ // Geographic
+ 'ah' => TRUE,
+ 'bj' => TRUE,
+ 'cq' => TRUE,
+ 'fj' => TRUE,
+ 'gd' => TRUE,
+ 'gs' => TRUE,
+ 'gx' => TRUE,
+ 'gz' => TRUE,
+ 'ha' => TRUE,
+ 'hb' => TRUE,
+ 'he' => TRUE,
+ 'hi' => TRUE,
+ 'hk' => TRUE,
+ 'hl' => TRUE,
+ 'hn' => TRUE,
+ 'jl' => TRUE,
+ 'js' => TRUE,
+ 'jx' => TRUE,
+ 'ln' => TRUE,
+ 'mo' => TRUE,
+ 'nm' => TRUE,
+ 'nx' => TRUE,
+ 'qh' => TRUE,
+ 'sc' => TRUE,
+ 'sd' => TRUE,
+ 'sh' => TRUE,
+ 'sn' => TRUE,
+ 'sx' => TRUE,
+ 'tj' => TRUE,
+ 'tw' => TRUE,
+ 'xj' => TRUE,
+ 'xz' => TRUE,
+ 'yn' => TRUE,
+ 'zj' => TRUE,
+ ),
+
+ // ccTLD: South Korea
+ // NIC : http://www.nic.or.kr/english/
+ // Whois: http://whois.nida.or.kr/english/
+ 'kr' => array(
+ // .kr domain policy [appendix 1] : Qualifications for Second Level Domains
+ // http://domain.nida.or.kr/eng/policy.jsp
+
+ // Organizational
+ 'co' => TRUE,
+ 'ne ' => TRUE,
+ 'or ' => TRUE,
+ 're ' => TRUE,
+ 'pe' => TRUE,
+ 'go ' => TRUE,
+ 'mil' => TRUE,
+ 'ac' => TRUE,
+ 'hs' => TRUE,
+ 'ms' => TRUE,
+ 'es' => TRUE,
+ 'sc' => TRUE,
+ 'kg' => TRUE,
+
+ // Geographic
+ 'seoul' => TRUE,
+ 'busan' => TRUE,
+ 'daegu' => TRUE,
+ 'incheon' => TRUE,
+ 'gwangju' => TRUE,
+ 'daejeon' => TRUE,
+ 'ulsan' => TRUE,
+ 'gyeonggi' => TRUE,
+ 'gangwon' => TRUE,
+ 'chungbuk' => TRUE,
+ 'chungnam' => TRUE,
+ 'jeonbuk' => TRUE,
+ 'jeonnam' => TRUE,
+ 'gyeongbuk' => TRUE,
+ 'gyeongnam' => TRUE,
+ 'jeju' => TRUE,
+ ),
+
+ // ccTLD: Japan
+ // NIC : http://jprs.co.jp/en/
+ // Whois: http://whois.jprs.jp/en/
'jp' => array(
+ // Guide to JP Domain Name
// http://jprs.co.jp/en/jpdomain.html
// Organizational
'yokohama' => TRUE,
),
- // ccTLD: Ukraine http://www.nic.net.ua/ http://whois.com.ua/
+ // ccTLD: Ukraine
+ // NIC : http://www.nic.net.ua/
+ // Whois: http://whois.com.ua/
'ua' => array(
- 'cherkassy' => TRUE, // www.cherkassy.ua
- 'chernigov' => TRUE,
+ // policy for alternative 2nd level domain names (a2ld)
+ // http://www.nic.net.ua/doc/a2ld
+ // http://whois.com.ua/
+ 'cherkassy' => TRUE,
+ 'chernigov' => TRUE,
'chernovtsy' => TRUE,
'ck' => TRUE,
'cn' => TRUE,
'zt' => TRUE,
),
- // ccTLD: United Kingdom http://www.nic.uk/
+ // ccTLD: United Kingdom
+ // NIC : http://www.nic.uk/
'uk' => array(
- // http://www.nominet.org.uk/registrants/faq/#available
+ // Second Level Domains
+ // http://www.nic.uk/registrants/aboutdomainnames/sld/
'co' => TRUE,
'ltd' => TRUE,
'me' => TRUE,
'plc' => TRUE,
'sch' => TRUE,
- // "Delegated Second Level Domains" http://www.nominet.org.uk/registrants/aboutdomainnames/sld/delegated/
+ // Delegated Second Level Domains
+ // http://www.nic.uk/registrants/aboutdomainnames/sld/delegated/
'ac' => TRUE,
'gov' => TRUE,
'mil' => TRUE,
'police' => TRUE,
),
- // ccTLD: United States of America http://nic.us/ http://whois.us/
- 'us' => array( // RFC1480
+ // ccTLD: United States of America
+ // NIC : http://nic.us/
+ // Whois: http://whois.us/
+ 'us' => array(
+ // See RFC1480
+
+ // Organizational
+ 'dni',
+ 'fed',
+ 'isa',
+ 'kids',
+ 'nsn',
- // State abbreviations for postal codes http://www.usps.com/ncsc/lookups/abbreviations.html
+ // Geographical
+ // United States Postal Service: State abbreviations (for postal codes)
+ // http://www.usps.com/ncsc/lookups/abbreviations.html
'ak' => TRUE, // Alaska
'al' => TRUE, // Alabama
'ar' => TRUE, // Arkansas
'wi' => TRUE, // Wisconsin
'wv' => TRUE, // West Virginia
'wy' => TRUE, // Wyoming
-
- // Others
- 'dni',
- 'fed',
- 'isa',
- 'kids',
- 'nsn',
),
);
$result[] = & $array[$i];
$dcursor = & $dcursor[$acursor];
} else {
- if (isset($acursor)) {
+ if (! $parent && isset($acursor)) {
$result[] = & $array[$i]; // Whois servers must know this subdomain
}
break;
if (empty($progress['is_spam'])) {
spam_dispose();
} else {
- $target = string($target, 0); // Removing "\0" etc
+
+// TODO: detect encoding from $target for mbstring functions
+// $tmp = array();
+// foreach(array_keys($target) as $key) {
+// $tmp[strings($key, 0, FALSE, TRUE)] = strings($target[$key], 0, FALSE, TRUE); // Removing "\0" etc
+// }
+// $target = & $tmp;
+
pkwk_spamnotify($action, $page, $target, $progress, $method);
spam_exit($exitmode, $progress);
}
OSDN Git Service
