<?php
-// $Id: spam.php,v 1.90 2007/01/03 07:05:59 henoheno Exp $
+// $Id: spam.php,v 1.114 2007/02/01 14:46:55 henoheno Exp $
// Copyright (C) 2006-2007 PukiWiki Developers Team
// License: GPL v2 or (at your option) any later version
-
// Functions for Concept-work of spam-uri metrics
// (PHP 4 >= 4.3.0): preg_match_all(PREG_OFFSET_CAPTURE): $method['uri_XXX'] related feature
if (! defined('SPAM_INI_FILE')) define('SPAM_INI_FILE', 'spam.ini.php');
// ---------------------
-// Compat
+// Compat etc
// (PHP 4 >= 4.2.0): var_export(): mail-reporting and dump related
if (! function_exists('var_export')) {
function var_export() {
- return 'var_export() is not found' . "\n";
+ return 'var_export() is not found on this server' . "\n";
+ }
+}
+
+// (PHP 4 >= 4.2.0): preg_grep() enables invert option
+function preg_grep_invert($pattern = '//', $input = array())
+{
+ static $invert;
+ if (! isset($invert)) $invert = defined('PREG_GREP_INVERT');
+
+ if ($invert) {
+ return preg_grep($pattern, $input, PREG_GREP_INVERT);
+ } else {
+ $result = preg_grep($pattern, $input);
+ if ($result) {
+ return array_diff($input, preg_grep($pattern, $input));
+ } else {
+ return $input;
+ }
}
}
// 3: Host
'\[[0-9a-f:.]+\]' . '|' . // IPv6([colon-hex and dot]): RFC2732
'(?:[0-9]{1-3}\.){3}[0-9]{1-3}' . '|' . // IPv4(dot-decimal): 001.22.3.44
- '[^\s<>"\'\[\]:/\#?&\\\]+' . // FQDN: foo.example.org
+ '[a-z0-9.-]+' . // hostname(FQDN) : foo.example.org
')' .
'(?::([0-9]*))?' . // 4: Port
'((?:/+[^\s<>"\'\[\]/\#]+)*/+)?' . // 5: Directory path or path-info
// Domain exposure (See _preg_replace_callback_domain_exposure())
$string = preg_replace_callback(
array(
- // Something Google: http://www.google.com/supported_domains
- '#(http)://([a-z0-9.]+\.google\.[a-z]{2,3}(?:\.[a-z]{2})?)/' .
- '([a-z0-9?=&.%_+-]+)' . // ?query=foo+
- '\bsite:([a-z0-9.%_-]+)' . // site:nasty.example.com
+ '#(http)://' .
+ '(' .
+ // Something Google: http://www.google.com/supported_domains
+ '(?:[a-z0-9.]+\.)?google\.[a-z]{2,3}(?:\.[a-z]{2})?' .
+ '|' .
+ // AltaVista
+ '(?:[a-z0-9.]+\.)?altavista.com' .
+
+ ')' .
+ '/' .
+ '([a-z0-9?=&.%_/\'\\\+-]+)' . // path/?query=foo+bar+
+ '\bsite:([a-z0-9.%_-]+\.[a-z0-9.%_-]+)' . // site:nasty.example.com
//'()' . // Preserve or remove?
'#i',
),
'_preg_replace_callback_domain_exposure',
$string
);
+
+
// URI exposure (uriuri => uri uri)
$string = preg_replace(
}
}
-// TODO: Ignore list
-// TODO: preg_grep() ?
-// TODO: Multi list
-function is_badhost($hosts = '', $asap = TRUE)
+function get_blocklist($list = '')
{
- static $regex;
-
- if (! isset($regex)) {
- $regex = array();
- $regex['badhost'] = array();
-
- // Sample
- if (FALSE) {
- $blocklist['badhost'] = array(
- //'*', // Deny all uri
- //'10.20.*.*', // 10.20.example.com also matches
- //'*.blogspot.com', // Blog services subdomains
- //array('blogspot.com', '*.blogspot.com')
- );
- foreach ($blocklist['badhost'] as $part) {
- $_part = is_array($part) ? implode('/', $part) : $part;
- $regex['badhost'][$_part] = '/^' . generate_glob_regex($part) . '$/i';
- }
- }
-
- // Load
+ static $regexs;
+
+ if (! isset($regexs)) {
+ $regexs = array();
+ // $blocklist['badhost'] = array(
+ // '*', // Deny all uri
+ // '10.20.*.*', // 10.20.example.com also matches
+ // '*.blogspot.com', // Blog services's subdomains (only)
+ // 'IANA-examples' => '#^(?:.*\.)?example\.(?:com|net|org)$#',
+ // 'net-10.20' => '#^10\.20\.[0-9]+\.[0-9]+$#', // 10.20.12345.12 also matches
+ // );
if (file_exists(SPAM_INI_FILE)) {
$blocklist = array();
require(SPAM_INI_FILE);
- foreach ($blocklist['badhost'] as $part) {
- $_part = is_array($part) ? implode('/', $part) : $part;
- $regex['badhost'][$_part] = '/^' . generate_glob_regex($part) . '$/i';
+ foreach(array('goodhost', 'badhost') as $_list) {
+ if (! isset($blocklist[$list])) continue;
+ foreach ($blocklist[$_list] as $key=>$value) {
+ if (is_string($key)) {
+ // Pre-defined regex
+ $regexs[$_list][$key] = $value;
+ } else {
+ // Glob to regex
+ $regexs[$_list][$value] = '/^' . generate_glob_regex($value) . '$/i';
+ }
+ }
}
}
}
+ if ($list == '') {
+ return $regexs;
+ } else if (isset($regexs[$list])) {
+ return $regexs[$list];
+ } else {
+ return array();
+ }
+}
+
+function is_badhost($hosts = array(), $asap = TRUE, & $remains)
+{
$result = array();
if (! is_array($hosts)) $hosts = array($hosts);
+ foreach(array_keys($hosts) as $key) {
+ if (! is_string($hosts[$key])) unset($hosts[$key]);
+ }
+ if (empty($hosts)) return $result;
- foreach($hosts as $host) {
- if (! is_string($host)) $host = '';
- foreach ($regex['badhost'] as $part => $_regex) {
- if (preg_match($_regex, $host)) {
- if (! isset($result[$part])) $result[$part] = array();
- $result[$part][] = $host;
- if ($asap) {
- return $result;
- } else {
- break;
- }
- }
+ foreach (get_blocklist('goodhost') as $regex) {
+ $hosts = preg_grep_invert($regex, $hosts);
+ }
+ if (empty($hosts)) return $result;
+
+ $tmp = array();
+ foreach (get_blocklist('badhost') as $label => $regex) {
+ $result[$label] = preg_grep($regex, $hosts);
+ if (empty($result[$label])) {
+ unset($result[$label]);
+ } else {
+ $hosts = array_diff($hosts, $result[$label]);
+ if ($asap) break;
}
}
+ $remains = $hosts;
+
return $result;
}
// Thresholds
'quantity' => 8 * $times, // Allow N URIs
'non_uniqhost' => 3 * $times, // Allow N duped (and normalized) Hosts
- 'non_uniquri' => 0 * $times, // Allow N duped (and normalized) URIs
+ //'non_uniquri'=> 3 * $times, // Allow N duped (and normalized) URIs
// Areas
'area_anchor' => $t_area, // Using <a href> HTML tag
),
'is_spam' => array(),
'method' => & $method,
+ 'remains' => array(),
);
$sum = & $progress['sum'];
$is_spam = & $progress['is_spam'];
+ $remains = & $progress['remains'];
$asap = isset($method['asap']);
// Return if ...
$_progress = check_uri_spam($str, $method);
$_sum = & $_progress['sum'];
$_is_spam = & $_progress['is_spam'];
+ $_remains = & $_progress['remains'];
foreach (array_keys($_sum) as $key) {
$sum[$key] += $_sum[$key];
}
- foreach(array_keys($_is_spam) as $key) {
+ foreach (array_keys($_is_spam) as $key) {
if (is_array($_is_spam[$key])) {
// Marge keys (badhost)
foreach(array_keys($_is_spam[$key]) as $_key) {
$is_spam[$key] = TRUE;
}
}
+ foreach ($_remains as $key=>$value) {
+ foreach ($value as $_key=>$_value) {
+ $remains[$key][$_key] = $_value;
+ }
+ }
if ($asap && $is_spam) break;
}
return $progress;
// URI: Bad host
if ((! $asap || ! $is_spam) && isset($method['badhost'])) {
- $badhost = is_badhost($hosts, $asap);
+ $__remains = array();
+ if ($asap) {
+ $badhost = is_badhost($hosts, $asap, $__remains);
+ } else {
+ $badhost = is_badhost($hosts, $asap, $__remains);
+ if ($__remains) {
+ $progress['remains']['badhost'] = array();
+ foreach ($__remains as $value) {
+ $progress['remains']['badhost'][$value] = TRUE;
+ }
+ }
+ }
+ unset($__remains);
if (! empty($badhost)) {
$sum['badhost'] += array_count_leaves($badhost);
foreach(array_keys($badhost) as $keys) {
}
$summary['DETAIL_BADHOST'] = implode(', ', $badhost);
}
+ if (! $asap && $progress['remains']['badhost']) {
+ $count = count($progress['remains']['badhost']);
+ $summary['DETAIL_NEUTRAL_HOST'] = $count .
+ ' (' .
+ preg_replace(
+ '/[^, a-z0-9.-]/i', '',
+ implode(', ', array_keys($progress['remains']['badhost']))
+ ) .
+ ')';
+ }
$summary['COMMENT'] = $action;
$summary['PAGE'] = '[blocked] ' . (is_pagename($page) ? $page : '');
$summary['URI'] = get_script_uri() . '?' . rawurlencode($page);