X-Git-Url: http://git.osdn.net/view?a=blobdiff_plain;f=spam%2Fspam.php;h=0f324719a25cb16ec85e95338bbf84d1eec1e04e;hb=7542d07ac60ffe562656a0e1de76e644de4ab56e;hp=49458eba1bac90c7dd782371b3a1f9c5ce818495;hpb=ee258db3dd8f957e0571cd2adb3b2dcd122d1fc8;p=pukiwiki%2Fpukiwiki_sandbox.git

diff --git a/spam/spam.php b/spam/spam.php
index 49458eb..0f32471 100644
--- a/spam/spam.php
+++ b/spam/spam.php
@@ -1,5 +1,5 @@
 <?php
-// $Id: spam.php,v 1.127 2007/03/25 13:46:43 henoheno Exp $
+// $Id: spam.php,v 1.195 2007/06/29 15:35:53 henoheno Exp $
 // Copyright (C) 2006-2007 PukiWiki Developers Team
 // License: GPL v2 or (at your option) any later version
 //
@@ -7,7 +7,8 @@
 //
 // (PHP 4 >= 4.3.0): preg_match_all(PREG_OFFSET_CAPTURE): $method['uri_XXX'] related feature
 
-if (! defined('SPAM_INI_FILE')) define('SPAM_INI_FILE', 'spam.ini.php');
+if (! defined('SPAM_INI_FILE'))   define('SPAM_INI_FILE',   'spam.ini.php');
+if (! defined('DOMAIN_INI_FILE')) define('DOMAIN_INI_FILE', 'domain.ini.php');
 
 // ---------------------
 // Compat etc
@@ -37,6 +38,133 @@ function preg_grep_invert($pattern = '//', $input = array())
 	}
 }
 
+// ----
+
+// Very roughly, shrink the lines of var_export()
+// NOTE: If the same data exists, it must be corrupted.
+function var_export_shrink($expression, $return = FALSE, $ignore_numeric_keys = FALSE)
+{
+	$result = var_export($expression, TRUE);
+
+	$result = preg_replace(
+		// Remove a newline and spaces
+		'# => \n *array \(#', ' => array (',
+		$result
+	);
+
+	if ($ignore_numeric_keys) {
+		$result =preg_replace(
+			// Remove numeric keys
+			'#^( *)[0-9]+ => #m', '$1',
+			$result
+		);
+	}
+
+	if ($return) {
+		return $result;
+	} else {
+		echo   $result;
+		return NULL;
+	}
+}
+
+// Remove redundant values from array()
+function array_unique_recursive($array = array())
+{
+	if (! is_array($array)) return $array;
+
+	$tmp = array();
+	foreach($array as $key => $value){
+		if (is_array($value)) {
+			$array[$key] = array_unique_recursive($value);
+		} else {
+			if (isset($tmp[$value])) {
+				unset($array[$key]);
+			} else {
+				$tmp[$value] = TRUE;
+			}
+		}
+	}
+
+	return $array;
+}
+
+// Renumber all numeric keys from 0
+function array_renumber_numeric_keys(& $array)
+{
+	if (! is_array($array)) return $array;
+
+	$count = -1;
+	$tmp = array();
+	foreach($array as $key => $value){
+		if (is_array($value)) array_renumber_numeric_keys($array[$key]);	// Recurse
+		if (is_numeric($key)) $tmp[$key] = ++$count;
+	}
+	array_rename_keys($array, $tmp);
+
+	return $array;
+}
+
+// Roughly strings(1) using PCRE
+// This function is useful to:
+//   * Reduce the size of data, from removing unprintable binary data
+//   * Detect _bare_strings_ from binary data
+// References:
+//   http://www.freebsd.org/cgi/man.cgi?query=strings (Man-page of GNU strings)
+//   http://www.pcre.org/pcre.txt
+// Note: mb_ereg_replace() is one of mbstring extension's functions
+//   and need to init its encoding.
+function strings($binary = '', $min_len = 4, $ignore_space = FALSE, $multibyte = FALSE)
+{
+	// String only
+	$binary = (is_array($binary) || $binary === TRUE) ? '' : strval($binary);
+
+	$regex = $ignore_space ?
+		'[^[:graph:] \t\n]+' :		// Remove "\0" etc, and readable spaces
+		'[^[:graph:][:space:]]+';	// Preserve readable spaces if possible
+
+	$binary = $multibyte ?
+		mb_ereg_replace($regex,           "\n",  $binary) :
+		preg_replace('/' . $regex . '/s', "\n",  $binary);
+
+	if ($ignore_space) {
+		$binary = preg_replace(
+			array(
+				'/[ \t]{2,}/',
+				'/^[ \t]/m',
+				'/[ \t]$/m',
+			),
+			array(
+				' ',
+				'',
+				''
+			),
+			 $binary);
+	}
+
+	if ($min_len > 1) {
+		// The last character seems "\n" or not
+		$br = (! empty($binary) && $binary[strlen($binary) - 1] == "\n") ? "\n" : '';
+
+		$min_len = min(1024, intval($min_len));
+		$regex = '/^.{' . $min_len . ',}/S';
+		$binary = implode("\n", preg_grep($regex, explode("\n", $binary))) . $br;
+	}
+
+	return $binary;
+}
+
+// Reverse $string with specified delimiter
+function delimiter_reverse($string = 'foo.bar.example.com', $from_delim = '.', $to_delim = '.')
+{
+	if (! is_string($string) || ! is_string($from_delim) || ! is_string($to_delim))
+		return $string;
+
+	// com.example.bar.foo
+	return implode($to_delim, array_reverse(explode($from_delim, $string)));
+}
+
+
 // ---------------------
 // URI pickup
 
@@ -54,7 +182,7 @@ function uri_pickup($string = '')
 	preg_match_all(
 		// scheme://userinfo@host:port/path/or/pathinfo/maybefile.and?query=string#fragment
 		// Refer RFC3986 (Regex below is not strict)
-		'#(\b[a-z][a-z0-9.+-]{1,8}):/+' .	// 1: Scheme
+		'#(\b[a-z][a-z0-9.+-]{1,8}):[/\\\]+' .	// 1: Scheme
 		'(?:' .
 			'([^\s<>"\'\[\]/\#?@]*)' .		// 2: Userinfo (Username)
 		'@)?' .
@@ -62,7 +190,7 @@ function uri_pickup($string = '')
 			// 3: Host
 			'\[[0-9a-f:.]+\]' . '|' .				// IPv6([colon-hex and dot]): RFC2732
 			'(?:[0-9]{1,3}\.){3}[0-9]{1,3}' . '|' .	// IPv4(dot-decimal): 001.22.3.44
-			'[a-z0-9.-]+' . 						// hostname(FQDN) : foo.example.org
+			'[a-z0-9_-][a-z0-9_.-]+[a-z0-9_-]' . 		// hostname(FQDN) : foo.example.org
 		')' .
 		'(?::([0-9]*))?' .					// 4: Port
 		'((?:/+[^\s<>"\'\[\]/\#]+)*/+)?' .	// 5: Directory path or path-info
@@ -110,9 +238,9 @@ function uri_pickup_normalize(& $pickups, $destructive = TRUE)
 	if ($destructive) {
 		foreach (array_keys($pickups) as $key) {
 			$_key = & $pickups[$key];
-			$_key['scheme'] = isset($_key['scheme']) ? scheme_normalize($_key['scheme']) : '';
+			$_key['scheme']   = isset($_key['scheme']) ? scheme_normalize($_key['scheme']) : '';
 			$_key['host']     = isset($_key['host'])     ? host_normalize($_key['host']) : '';
-			$_key['port']   = isset($_key['port'])       ? port_normalize($_key['port'], $_key['scheme'], FALSE) : '';
+			$_key['port']     = isset($_key['port'])       ? port_normalize($_key['port'], $_key['scheme'], FALSE) : '';
 			$_key['path']     = isset($_key['path'])     ? strtolower(path_normalize($_key['path'])) : '';
 			$_key['file']     = isset($_key['file'])     ? file_normalize($_key['file']) : '';
 			$_key['query']    = isset($_key['query'])    ? query_normalize($_key['query']) : '';
@@ -121,14 +249,13 @@ function uri_pickup_normalize(& $pickups, $destructive = TRUE)
 	} else {
 		foreach (array_keys($pickups) as $key) {
 			$_key = & $pickups[$key];
-			$_key['scheme'] = isset($_key['scheme']) ? scheme_normalize($_key['scheme']) : '';
-			$_key['host']   = isset($_key['host'])   ? strtolower($_key['host']) : '';
-			$_key['port']   = isset($_key['port'])   ? port_normalize($_key['port'], $_key['scheme'], FALSE) : '';
-			$_key['path']   = isset($_key['path'])   ? path_normalize($_key['path']) : '';
+			$_key['scheme']   = isset($_key['scheme']) ? scheme_normalize($_key['scheme']) : '';
+			$_key['host']     = isset($_key['host'])   ? strtolower($_key['host']) : '';
+			$_key['port']     = isset($_key['port'])   ? port_normalize($_key['port'], $_key['scheme'], FALSE) : '';
+			$_key['path']     = isset($_key['path'])   ? path_normalize($_key['path']) : '';
 		}
 	}
 
-
 	return $pickups;
 }
 
@@ -217,7 +344,7 @@ function area_pickup($string = '', $method = array())
 	// [OK] <a href="http://nasty.example.com">visit http://nasty.example.com/</a>
 	// [OK] <a href=\'http://nasty.example.com/\' >discount foobar</a> 
 	// [NG] <a href="http://ng.example.com">visit http://ng.example.com _not_ended_
-	$regex = '#<a\b[^>]*\bhref\b[^>]*>.*?</a\b[^>]*(>)#i';
+	$regex = '#<a\b[^>]*\bhref\b[^>]*>.*?</a\b[^>]*(>)#is';
 	if (isset($method['area_anchor'])) {
 		$areas = array();
 		$count = isset($method['asap']) ?
@@ -243,7 +370,7 @@ function area_pickup($string = '', $method = array())
 	// [OK] [link]http://nasty.example.com/[/link]
 	// [OK] [url=http://nasty.example.com]visit http://nasty.example.com/[/url]
 	// [OK] [link http://nasty.example.com/]buy something[/link]
-	$regex = '#\[(url|link)\b[^\]]*\].*?\[/\1\b[^\]]*(\])#i';
+	$regex = '#\[(url|link)\b[^\]]*\].*?\[/\1\b[^\]]*(\])#is';
 	if (isset($method['area_bbcode'])) {
 		$areas = array();
 		$count = isset($method['asap']) ?
@@ -300,7 +427,28 @@ function area_measure($areas, & $array, $belief = -1, $a_key = 'area', $o_key =
 // ---------------------
 // Spam-uri pickup
 
-// Domain exposure callback (See spam_uri_pickup_preprocess())
+// Preprocess: Removing uninterest part for URI detection
+function spam_uri_removing_hocus_pocus($binary = '', $method = array())
+{
+	$length = 4 ; // 'http'(1) and '://'(2) and 'fqdn'(1)
+	if (is_array($method)) {
+		// '<a'(2) or 'href='(5) or '>'(1) or '</a>'(4)
+		// '[uri'(4) or ']'(1) or '[/uri]'(6) 
+		if (isset($method['area_anchor']) || isset($method['uri_anchor']) ||
+		    isset($method['area_bbcode']) || isset($method['uri_bbcode']))
+				$length = 1;	// Seems not effective
+	}
+
+ 	// Removing sequential spaces and too short lines
+	$binary = strings($binary, $length, TRUE, FALSE); // Multibyte NOT needed
+
+	// Remove words (has no '<>[]:') between spaces
+	$binary = preg_replace('/[ \t][\w.,()\ \t]+[ \t]/', ' ', $binary);
+
+	return $binary;
+}
+
+// Preprocess: Domain exposure callback (See spam_uri_pickup_preprocess())
 // http://victim.example.org/?foo+site:nasty.example.com+bar
 // => http://nasty.example.com/?refer=victim.example.org
 // NOTE: 'refer=' is not so good for (at this time).
@@ -332,31 +480,71 @@ function _preg_replace_callback_domain_exposure($matches = array())
 // Preprocess: rawurldecode() and adding space(s) and something
 // to detect/count some URIs _if possible_
 // NOTE: It's maybe danger to var_dump(result). [e.g. 'javascript:']
+// [OK] http://victim.example.org/?site:nasty.example.org
+// [OK] http://victim.example.org/nasty.example.org
 // [OK] http://victim.example.org/go?http%3A%2F%2Fnasty.example.org
 // [OK] http://victim.example.org/http://nasty.example.org
-// TODO: link.toolbot.com, urlx.org
-function spam_uri_pickup_preprocess($string = '')
+function spam_uri_pickup_preprocess($string = '', $method = array())
 {
 	if (! is_string($string)) return '';
 
-	$string = rawurldecode($string);
+	$string = spam_uri_removing_hocus_pocus(rawurldecode($string), $method);
+	//var_dump(htmlspecialchars($string));
 
-	// Domain exposure (See _preg_replace_callback_domain_exposure())
+	// Domain exposure (simple)
+	// http://victim.example.org/nasty.example.org/path#frag
+	// => http://nasty.example.org/?refer=victim.example.org and original
+	$string = preg_replace(
+		'#h?ttp://' .
+		'(' .
+			'ime\.nu' . '|' .	// 2ch.net
+			'ime\.st' . '|' .	// 2ch.net
+			'link\.toolbot\.com' . '|' .
+			'urlx\.org' .
+		')' .
+		'/([a-z0-9.%_-]+\.[a-z0-9.%_-]+)#i',	// nasty.example.org
+		'http://$2/?refer=$1 $0',				// Preserve $0 or remove?
+		$string
+	);
+
+	// Domain exposure (gate-big5)
+	// http://victim.example.org/gate/big5/nasty.example.org/path
+	// => http://nasty.example.org/?refer=victim.example.org and original
+	$string = preg_replace(
+		'#h?ttp://' .
+		'(' .
+			'big5.51job.com'	 . '|' .
+			'big5.china.com'	 . '|' .
+			'big5.xinhuanet.com' . '|' .
+		')' .
+		'/gate/big5' .
+		'/([a-z0-9.%_-]+\.[a-z0-9.%_-]+)' .
+		 '#i',	// nasty.example.org
+		'http://$2/?refer=$1 $0',				// Preserve $0 or remove?
+		$string
+	);
+
+	// Domain exposure (site:) See _preg_replace_callback_domain_exposure()
 	$string = preg_replace_callback(
 		array(
-			'#(http)://' .
+			'#(h?ttp)://' .	// 1:Scheme
+			// 2:Host
 			'(' .
+				'(?:[a-z0-9_.-]+\.)?[a-z0-9_-]+\.[a-z0-9_-]+' .
 				// Something Google: http://www.google.com/supported_domains
-				'(?:[a-z0-9.]+\.)?google\.[a-z]{2,3}(?:\.[a-z]{2})?' .
-				'|' .
-				// AltaVista
-				'(?:[a-z0-9.]+\.)?altavista.com' .
-				
+				// AltaVista: http://es.altavista.com/web/results?q=site%3Anasty.example.org+foobar
+				// Live Search: search.live.com
+				// MySpace: http://sads.myspace.com/Modules/Search/Pages/Search.aspx?_snip_&searchString=site:nasty.example.org
+				// (also searchresults.myspace.com)
+				// alltheweb.com
+				// search.bbc.co.uk
+				// search.orange.co.uk
+				// ...
 			')' .
 			'/' .
-			'([a-z0-9?=&.%_/\'\\\+-]+)' .				// path/?query=foo+bar+
-			'\bsite:([a-z0-9.%_-]+\.[a-z0-9.%_-]+)' .	// site:nasty.example.com
-			//'()' .	// Preserve or remove?
+			'([a-z0-9?=&.%_/\'\\\+-]+)' .				// 3:path/?query=foo+bar+
+			'\bsite:([a-z0-9.%_-]+\.[a-z0-9.%_-]+)' .	// 4:site:nasty.example.com
+			'()' .										// 5:Preserve or remove?
 			'#i',
 		),
 		'_preg_replace_callback_domain_exposure',
@@ -385,7 +573,7 @@ function spam_uri_pickup($string = '', $method = array())
 		$method = check_uri_spam_method();
 	}
 
-	$string = spam_uri_pickup_preprocess($string);
+	$string = spam_uri_pickup_preprocess($string, $method);
 
 	$array  = uri_pickup($string);
 
@@ -701,14 +889,20 @@ function file_normalize($file = 'index.html.en')
 	if (isset($simple_defaults[$_file])) return '';
 
 
-	// [Apache 2 Content-negotiation (type-map)]
-	// Roughly removing language/character-set/encoding suffixes,
-	// (See Apache 2 document about 'mod_mime' and 'mod_negotiation',
-	//  http://www.iana.org/assignments/character-sets, RFC3066, and ISO 639))
+	// Roughly removing language/character-set/encoding suffixes
+	// References:
+	//  * Apache 2 document about 'Content-negotiaton', 'mod_mime' and 'mod_negotiation'
+	//    http://httpd.apache.org/docs/2.0/content-negotiation.html
+	//    http://httpd.apache.org/docs/2.0/mod/mod_mime.html
+	//    http://httpd.apache.org/docs/2.0/mod/mod_negotiation.html
+	//  * http://www.iana.org/assignments/character-sets
+	//  * RFC3066: Tags for the Identification of Languages
+	//    http://www.ietf.org/rfc/rfc3066.txt
+	//  * ISO 639: codes of 'language names'
 	$suffixes = explode('.', $_file);
 	$body = array_shift($suffixes);
 	if ($suffixes) {
-		// Remove the liast .gz/.z
+		// Remove the last .gz/.z
 		$last_key = end(array_keys($suffixes));
 		if (isset($encoding_suffix[$suffixes[$last_key]])) {
 			unset($suffixes[$last_key]);
@@ -736,6 +930,7 @@ function file_normalize($file = 'index.html.en')
 // [OK] nothing==&eg=dummy&eg=padding&eg=foobar  =>  eg=foobar
 function query_normalize($string = '', $equal = TRUE, $equal_cutempty = TRUE, $stortolower = TRUE)
 {
+	if (! is_string($string)) return '';
 	if ($stortolower) $string = strtolower($string);
 
 	$array = explode('&', $string);
@@ -801,6 +996,8 @@ function generate_glob_regex($string = '', $divider = '/')
 	//		23 => ']',
 		);
 
+	if (! is_string($string)) return '';
+
 	$string = str_replace($from, $mid, $string); // Hide
 	$string = preg_quote($string, $divider);
 	$string = str_replace($mid, $to, $string);   // Unhide
@@ -833,6 +1030,8 @@ function is_ip($string = '')
 // TODO: IPv4, CIDR?, IPv6
 function generate_host_regex($string = '', $divider = '/')
 {
+	if (! is_string($string)) return '';
+
 	if (mb_strpos($string, '.') === FALSE)
 		return generate_glob_regex($string, $divider);
 
@@ -857,10 +1056,15 @@ function generate_host_regex($string = '', $divider = '/')
 
 function get_blocklist($list = '')
 {
-	static $regexs;
+	static $regexes;
 
-	if (! isset($regexs)) {
-		$regexs = array();
+	if ($list === NULL) {
+		$regexes = NULL;	// Unset
+		return array();
+	}
+
+	if (! isset($regexes)) {
+		$regexes = array();
 		if (file_exists(SPAM_INI_FILE)) {
 			$blocklist = array();
 			include(SPAM_INI_FILE);
@@ -868,27 +1072,37 @@ function get_blocklist($list = '')
 			//		'*.blogspot.com',	// Blog services's subdomains (only)
 			//		'IANA-examples' => '#^(?:.*\.)?example\.(?:com|net|org)$#',
 			//	);
-			foreach(array('goodhost', 'badhost') as $_list) {
-				if (! isset($blocklist[$list])) continue;
+			if (isset($blocklist['list'])) {
+				$regexes['list'] = & $blocklist['list'];
+			} else {
+				// Default
+				$blocklist['list'] = array(
+					'goodhost' => FALSE,
+					'badhost'  => TRUE,
+				);
+			}
+			foreach(array_keys($blocklist['list']) as $_list) {
+				if (! isset($blocklist[$_list])) continue;
 				foreach ($blocklist[$_list] as $key => $value) {
 					if (is_array($value)) {
-						$regexs[$_list][$key] = array();
+						$regexes[$_list][$key] = array();
 						foreach($value as $_key => $_value) {
-							get_blocklist_add($regexs[$_list][$key], $_key, $_value);
+							get_blocklist_add($regexes[$_list][$key], $_key, $_value);
 						}
 					} else {
-						get_blocklist_add($regexs[$_list], $key, $value);
+						get_blocklist_add($regexes[$_list], $key, $value);
 					}
 				}
+				unset($blocklist[$_list]);
 			}
 		}
 	}
 
-	if ($list == '') {
-		return $regexs;	// ALL
-	} else if (isset($regexs[$list])) {
-		return $regexs[$list];
-	} else {	
+	if ($list === '') {
+		return $regexes;	// ALL
+	} else if (isset($regexes[$list])) {
+		return $regexes[$list];
+	} else {
 		return array();
 	}
 }
@@ -901,51 +1115,40 @@ function get_blocklist_add(& $array, $key = 0, $value = '*.example.org')
 	} else {
 		$array[$value] = '/^' . generate_host_regex($value, '/') . '$/i';
 	}
-} 
+}
 
-function is_badhost($hosts = array(), $asap = TRUE, & $remains)
+// Blocklist metrics: Separate $host, to $blocked and not blocked
+function blocklist_distiller(& $hosts, $keys = array('goodhost', 'badhost'), $asap = FALSE)
 {
-	$result = array();
 	if (! is_array($hosts)) $hosts = array($hosts);
-	foreach(array_keys($hosts) as $key) {
-		if (! is_string($hosts[$key])) unset($hosts[$key]);
-	}
-	if (empty($hosts)) return $result;
-
-	foreach (get_blocklist('goodhost') as $regex) {
-		$hosts = preg_grep_invert($regex, $hosts);
-	}
-	if (empty($hosts)) return $result;
-
-	$tmp = array();
-	foreach (get_blocklist('badhost') as $label => $regex) {
-		if (is_array($regex)) {
-			$result[$label] = array();
-			foreach($regex as $_label => $_regex) {
-				if (is_badhost_avail($_label, $_regex, $hosts, $result[$label]) && $asap) break;
+	if (! is_array($keys))  $keys  = array($keys);
+
+	$list = get_blocklist('list');
+	$blocked = array();
+
+	foreach($keys as $key){
+		foreach (get_blocklist($key) as $label => $regex) {
+			if (is_array($regex)) {
+				foreach($regex as $_label => $_regex) {
+					$group = preg_grep($_regex, $hosts);
+					if ($group) {
+						$hosts = array_diff($hosts, $group);
+						$blocked[$key][$label][$_label] = $group;
+						if ($asap && $list[$key]) break;
+					}
+				}
+			} else {
+				$group = preg_grep($regex, $hosts);
+				if ($group) {
+					$hosts = array_diff($hosts, $group);
+					$blocked[$key][$label] = $group;
+					if ($asap && $list[$key]) break;
+				}
 			}
-			if (empty($result[$label])) unset($result[$label]);
-		} else {
-			if (is_badhost_avail($label, $regex, $hosts, $result) && $asap) break;
 		}
 	}
 
-	$remains = $hosts;
-
-	return $result;
-}
-
-// Subroutine for is_badhost()
-function is_badhost_avail($label = '*.example.org', $regex = '/^.*\.example\.org$/', & $hosts, & $result)
-{
-	$group = preg_grep($regex, $hosts);
-	if ($group) {
-		$result[$label] = & $group;
-		$hosts = array_diff($hosts, $result[$label]);
-		return TRUE;
-	} else {
-		return FALSE;
-	}
+	return $blocked;
 }
 
 // Default (enabled) methods and thresholds (for content insertion)
@@ -988,70 +1191,92 @@ function check_uri_spam_method($times = 1, $t_area = 0, $rule = TRUE)
 // Simple/fast spam check
 function check_uri_spam($target = '', $method = array())
 {
-	if (! is_array($method) || empty($method)) {
-		$method = check_uri_spam_method();
-	}
+	// Return value
 	$progress = array(
+		'method'  => array(
+			// Theme to do  => Dummy, optional value, or optional array()
+			//'quantity'    => 8,
+			//'uniqhost'    => TRUE,
+			//'non_uniqhost'=> 3,
+			//'non_uniquri' => 3,
+			//'badhost'     => TRUE,
+			//'area_anchor' => 0,
+			//'area_bbcode' => 0,
+			//'uri_anchor'  => 0,
+			//'uri_bbcode'  => 0,
+		),
 		'sum' => array(
-			'quantity'    => 0,
-			'uniqhost'    => 0,
-			'non_uniqhost'=> 0,
-			'non_uniquri' => 0,
-			'badhost'     => 0,
-			'area_anchor' => 0,
-			'area_bbcode' => 0,
-			'uri_anchor'  => 0,
-			'uri_bbcode'  => 0,
+			// Theme        => Volume found (int)
+		),
+		'is_spam' => array(
+			// Flag. If someting defined here,
+			// one or more spam will be included
+			// in this report
+		),
+		'blocked' => array(
+			// Hosts blocked
+			//'category' => array(
+			//	'host',
+			//)
+		),
+		'hosts' => array(
+			// Hosts not blocked
 		),
-		'is_spam' => array(),
-		'method'  => & $method,
-		'remains' => array(),
-		'error'   => array(),
 	);
+
+	// Aliases
 	$sum     = & $progress['sum'];
 	$is_spam = & $progress['is_spam'];
-	$remains = & $progress['remains'];
-	$error   = & $progress['error'];
+	$progress['method'] = & $method;	// Argument
+	$blocked = & $progress['blocked'];
+	$hosts   = & $progress['hosts'];
 	$asap    = isset($method['asap']);
 
-	// Recurse
+	// Init
+	if (! is_array($method) || empty($method)) {
+		$method = check_uri_spam_method();
+	}
+	foreach(array_keys($method) as $key) {
+		if (! isset($sum[$key])) $sum[$key] = 0;
+	}
+	if (! isset($sum['quantity'])) $sum['quantity'] = 0;
+
 	if (is_array($target)) {
 		foreach($target as $str) {
-			// Recurse
-			$_progress = check_uri_spam($str, $method);
-			$_sum      = & $_progress['sum'];
-			$_is_spam  = & $_progress['is_spam'];
-			$_remains  = & $_progress['remains'];
-			$_error    = & $_progress['error'];
+			if (! is_string($str)) continue;
+
+			$_progress = check_uri_spam($str, $method);	// Recurse
+
+			// Merge $sum
+			$_sum = & $_progress['sum'];
 			foreach (array_keys($_sum) as $key) {
-				$sum[$key] += $_sum[$key];
-			}
-			foreach (array_keys($_is_spam) as $key) {
-				if (is_array($_is_spam[$key])) {
-					// Marge keys (badhost)
-					foreach(array_keys($_is_spam[$key]) as $_key) {
-						if (! isset($is_spam[$key][$_key])) {
-							$is_spam[$key][$_key] =  $_is_spam[$key][$_key];
-						} else {
-							$is_spam[$key][$_key] += $_is_spam[$key][$_key];
-						}
-					}
+				if (! isset($sum[$key])) {
+					$sum[$key] = & $_sum[$key];
 				} else {
-					$is_spam[$key] = TRUE;
+					$sum[$key] += $_sum[$key];
 				}
 			}
-			foreach ($_remains as $key=>$value) {
-				foreach ($value as $_key=>$_value) {
-					if (is_int($_key)) {
-						$remains[$key][]      = $_value;
-					} else {
-						$remains[$key][$_key] = $_value;
-					}
-				}
+
+			// Merge $is_spam
+			$_is_spam = & $_progress['is_spam'];
+			foreach (array_keys($_is_spam) as $key) {
+				$is_spam[$key] = TRUE;
+				if ($asap) break;
 			}
-			if (! empty($_error)) $error += $_error;
 			if ($asap && $is_spam) break;
+
+			// Merge only
+			$blocked = array_merge_recursive($blocked, $_progress['blocked']);
+			$hosts   = array_merge_recursive($hosts,   $_progress['hosts']);
 		}
+
+		// Unique values
+		$blocked = array_unique_recursive($blocked);
+		$hosts   = array_unique_recursive($hosts);
+
+		// Recount $sum['badhost']
+		$sum['badhost'] = array_count_leaves($blocked);
+
 		return $progress;
 	}
 
@@ -1085,8 +1310,7 @@ function check_uri_spam($target = '', $method = array())
 	if ($asap && $is_spam) return $progress;
 
 	// URI: Pickup
-	$pickups = spam_uri_pickup($target, $method);
-	//$remains['uri_pickup'] = & $pickups;
+	$pickups = uri_pickup_normalize(spam_uri_pickup($target, $method));
 
 	// Return if ...
 	if (empty($pickups)) return $progress;
@@ -1134,8 +1358,6 @@ function check_uri_spam($target = '', $method = array())
 	// URI: Uniqueness (and removing non-uniques)
 	if ((! $asap || ! $is_spam) && isset($method['non_uniquri'])) {
 
-		uri_pickup_normalize($pickups);
-
 		$uris = array();
 		foreach (array_keys($pickups) as $key) {
 			$uris[$key] = uri_pickup_implode($pickups[$key]);
@@ -1159,10 +1381,8 @@ function check_uri_spam($target = '', $method = array())
 	if ($asap && $is_spam) return $progress;
 
 	// Host: Uniqueness (uniq / non-uniq)
-	$hosts = array();
 	foreach ($pickups as $pickup) $hosts[] = & $pickup['host'];
 	$hosts = array_unique($hosts);
-	//$remains['uniqhost'] = & $hosts;
 	$sum['uniqhost'] += count($hosts);
 	if ((! $asap || ! $is_spam) && isset($method['non_uniqhost'])) {
 		$sum['non_uniqhost'] = $sum['quantity'] - $sum['uniqhost'];
@@ -1174,51 +1394,82 @@ function check_uri_spam($target = '', $method = array())
 	// Return if ...
 	if ($asap && $is_spam) return $progress;
 
-	// URI: Bad host
+	// URI: Bad host (Separate good/bad hosts from $hosts)
 	if ((! $asap || ! $is_spam) && isset($method['badhost'])) {
-		$__remains = array();
-		$badhost = is_badhost($hosts, $asap, $__remains);
-		if (! $asap) {
-			if ($__remains) {
-				$remains['badhost'] = array();
-				foreach ($__remains as $value) {
-					$remains['badhost'][$value] = TRUE;
-				}
-			}
-		}
-		unset($__remains);
-		if (! empty($badhost)) {
-			//var_dump($badhost);	// BADHOST detail
-			$sum['badhost'] += array_count_leaves($badhost);
-			foreach(array_keys($badhost) as $keys) {
-				$is_spam['badhost'][$keys] =
-					array_count_leaves($badhost[$keys]);
-			}
-			unset($badhost);
+
+		// is_badhost()
+		$list = get_blocklist('list');
+		$blocked = blocklist_distiller($hosts, array_keys($list), $asap);
+		foreach($list as $key=>$type){
+			if (! $type) unset($blocked[$key]); // Ignore goodhost etc
 		}
+		unset($list);
+
+		if (! empty($blocked)) $is_spam['badhost'] = TRUE;
 	}
 
 	return $progress;
 }
 
-// Count leaves
-function array_count_leaves($array = array(), $count_empty_array = FALSE)
+// Count leaves (A leaf = value that is not an array, or an empty array)
+function array_count_leaves($array = array(), $count_empty = FALSE)
 {
-	if (! is_array($array) || (empty($array) && $count_empty_array))
-		return 1;
+	if (! is_array($array) || (empty($array) && $count_empty)) return 1;
 
 	// Recurse
-	$result = 0;
+	$count = 0;
 	foreach ($array as $part) {
-		$result += array_count_leaves($part, $count_empty_array);
+		$count += array_count_leaves($part, $count_empty);
 	}
-	return $result;
+	return $count;
 }
 
+// An array-leaves to a flat array
+function array_flat_leaves($array, $unique = TRUE)
+{
+	if (! is_array($array)) return $array;
+
+	$tmp = array();
+	foreach(array_keys($array) as $key) {
+		if (is_array($array[$key])) {
+			// Recurse
+			foreach(array_flat_leaves($array[$key]) as $_value) {
+				$tmp[] = $_value;
+			}
+		} else {
+			$tmp[] = & $array[$key];
+		}
+	}
+
+	return $unique ? array_values(array_unique($tmp)) : $tmp;
+}
+
+// An array() to an array leaf
+function array_leaf($array = array('A', 'B', 'C.D'), $stem = FALSE, $edge = TRUE)
+{
+	if (! is_array($array)) return $array;
+
+	$leaf = array();
+	$tmp  = & $leaf;
+	foreach($array as $arg) {
+		if (! is_string($arg) && ! is_int($arg)) continue;
+		$tmp[$arg] = array();
+		$parent    = & $tmp;
+		$tmp       = & $tmp[$arg];
+	}
+	if ($stem) {
+		$parent[key($parent)] = & $edge;
+	} else {
+		$parent = key($parent);
+	}
+
+	return $leaf;	// array('A' => array('B' => 'C.D'))
+}
+
+
 // ---------------------
 // Reporting
 
-// TODO: Don't show unused $method!
 // Summarize $progress (blocked only)
 function summarize_spam_progress($progress = array(), $blockedonly = FALSE)
 {
@@ -1229,7 +1480,7 @@ function summarize_spam_progress($progress = array(), $blockedonly = FALSE)
 		$method = & $progress['method'];
 		if (isset($progress['sum'])) {
 			foreach ($progress['sum'] as $key => $value) {
-				if (isset($method[$key])) {
+				if (isset($method[$key]) && $value) {
 					$tmp[] = $key . '(' . $value . ')';
 				}
 			}
@@ -1239,15 +1490,174 @@ function summarize_spam_progress($progress = array(), $blockedonly = FALSE)
 	return implode(', ', $tmp);
 }
 
+function summarize_detail_badhost($progress = array())
+{
+	if (! isset($progress['blocked']) || empty($progress['blocked'])) return '';
+
+	// Flat per group
+	$blocked = array();
+	foreach($progress['blocked'] as $list => $lvalue) {
+		foreach($lvalue as $group => $gvalue) {
+			$flat = implode(', ', array_flat_leaves($gvalue));
+			if ($flat === $group) {
+				$blocked[$list][]       = $flat;
+			} else {
+				$blocked[$list][$group] = $flat;
+			}
+		}
+	}
+
+	// Shrink per list
+	// From: 'A-1' => array('ie.to')
+	// To:   'A-1' => 'ie.to'
+	foreach($blocked as $list => $lvalue) {
+		if (is_array($lvalue) &&
+		   count($lvalue) == 1 &&
+		   is_numeric(key($lvalue))) {
+		    $blocked[$list] = current($lvalue);
+		}
+	}
+
+	return var_export_shrink($blocked, TRUE, TRUE);
+}
+
+function summarize_detail_newtral($progress = array())
+{
+	if (! isset($progress['hosts'])    ||
+	    ! is_array($progress['hosts']) ||
+	    empty($progress['hosts'])) return '';
+
+	// Generate a responsible $trie
+	$trie = array();
+	foreach($progress['hosts'] as $value) {
+		// 'A.foo.bar.example.com'
+		$resp = whois_responsibility($value);	// 'example.com'
+		if (empty($resp)) {
+			// One or more test, or do nothing here
+			$resp = strval($value);
+			$rest = '';
+		} else {
+			$rest = rtrim(substr($value, 0, - strlen($resp)), '.');	// 'A.foo.bar'
+		}
+		$trie = array_merge_recursive($trie, array($resp => array($rest => NULL)));
+	}
+
+	// Format: var_export_shrink() -like output
+	$result = array();
+	ksort_by_domain($trie);
+	foreach(array_keys($trie) as $key) {
+		ksort_by_domain($trie[$key]);
+		if (count($trie[$key]) == 1 && key($trie[$key]) == '') {
+			// Just one 'responsibility.example.com'
+			$result[] = '  \'' . $key . '\',';
+		} else {
+			// One subdomain-or-host, or several ones
+			$subs = array();
+			foreach(array_keys($trie[$key]) as $sub) {
+				if ($sub == '') {
+					$subs[] = $key;
+				} else {
+					$subs[] = $sub . '.' . $key;
+				}
+			}
+			$result[] = '  \'' . $key . '\' => \'' . implode(', ', $subs) . '\',';
+		}
+		unset($trie[$key]);
+	}
+	return
+		'array (' . "\n" .
+			implode("\n", $result) . "\n" .
+		')';
+}
+
+// ksort() by domain
+function ksort_by_domain(& $array)
+{
+	$sort = array();
+	foreach(array_keys($array) as $key) {
+		$sort[delimiter_reverse($key)] = $key;
+	}
+	ksort($sort, SORT_STRING);
+	$result = array();
+	foreach($sort as $key) {
+		$result[$key] = & $array[$key];
+	}
+	$array = $result;
+}
+
+// Check responsibility-root of the FQDN
+// 'foo.bar.example.com'        => 'example.com'        (.com        has the last whois for it)
+// 'foo.bar.example.au'         => 'example.au'         (.au         has the last whois for it)
+// 'foo.bar.example.edu.au'     => 'example.edu.au'     (.edu.au     has the last whois for it)
+// 'foo.bar.example.act.edu.au' => 'example.act.edu.au' (.act.edu.au has the last whois for it)
+function whois_responsibility($fqdn = 'foo.bar.example.com', $parent = FALSE, $implicit = TRUE)
+{
+	static $domain;
+
+	if ($fqdn === NULL) {
+		$domain = NULL;	// Unset
+		return '';
+	}
+	if (! is_string($fqdn)) return '';
+
+	if (is_ip($fqdn))       return $fqdn;
+
+ 	if (! isset($domain)) {
+		$domain = array();
+ 		if (file_exists(DOMAIN_INI_FILE)) {
+			include(DOMAIN_INI_FILE);	// Set
+		}
+	}
+
+	$result  = array();
+	$dcursor = & $domain;
+	$array   = array_reverse(explode('.', $fqdn));
+	$i = 0;
+	while(TRUE) {
+		if (! isset($array[$i])) break;
+		$acursor = $array[$i];
+		if (is_array($dcursor) && isset($dcursor[$acursor])) {
+			$result[] = & $array[$i];
+			$dcursor  = & $dcursor[$acursor];
+		} else {
+			if (! $parent && isset($acursor)) {
+				$result[] = & $array[$i];	// Whois servers must know this subdomain
+			}
+			break;
+		}
+		++$i;
+	}
+
+	// Implicit responsibility: Top-Level-Domains must not be yours
+	// 'bar.foo.something' => 'foo.something'
+	if ($implicit && count($result) == 1 && count($array) > 1) {
+		$result[] = & $array[1];
+	}
+
+	return $result ? implode('.', array_reverse($result)) : '';
+}
+
+
 // ---------------------
 // Exit
 
+// Freeing memories
+function spam_dispose()
+{
+	get_blocklist(NULL);
+	whois_responsibility(NULL);
+}
+
 // Common bahavior for blocking
 // NOTE: Call this function from various blocking feature, to disgueise the reason 'why blocked'
 function spam_exit($mode = '', $data = array())
 {
+	$exit = TRUE;
+
 	switch ($mode) {
-		case '':	echo("\n");	break;
+		case '':
+			echo("\n");
+			break;
 		case 'dump':
 			echo('<pre>' . "\n");
 			echo htmlspecialchars(var_export($data, TRUE));
@@ -1255,8 +1665,7 @@ function spam_exit($mode = '', $data = array())
 			break;
 	};
 
-	// Force exit
-	exit;
+	if ($exit) exit;	// Force exit
 }
 
 
@@ -1269,11 +1678,18 @@ function pkwk_spamfilter($action, $page, $target = array('title' => ''), $method
 {
 	$progress = check_uri_spam($target, $method);
 
-	if (! empty($progress['is_spam'])) {
-		// Mail to administrator(s)
-		pkwk_spamnotify($action, $page, $target, $progress, $method);
+	if (empty($progress['is_spam'])) {
+		spam_dispose();
+	} else {
+
+// TODO: detect encoding from $target for mbstring functions
+//		$tmp = array();
+//		foreach(array_keys($target) as $key) {
+//			$tmp[strings($key, 0, FALSE, TRUE)] = strings($target[$key], 0, FALSE, TRUE);	// Removing "\0" etc
+//		}
+//		$target = & $tmp;
 
-		// Exit
+		pkwk_spamnotify($action, $page, $target, $progress, $method);
 		spam_exit($exitmode, $progress);
 	}
 }
@@ -1294,23 +1710,13 @@ function pkwk_spamnotify($action, $page, $target = array('title' => ''), $progre
 	if (! $asap) {
 		$summary['METRICS'] = summarize_spam_progress($progress);
 	}
-	if (isset($progress['is_spam']['badhost'])) {
-		$badhost = array();
-		foreach($progress['is_spam']['badhost'] as $glob=>$number) {
-			$badhost[] = $glob . '(' . $number . ')';
-		}
-		$summary['DETAIL_BADHOST'] = implode(', ', $badhost);
-	}
-	if (! $asap && $progress['remains']['badhost']) {
-		$count = count($progress['remains']['badhost']);
-		$summary['DETAIL_NEUTRAL_HOST'] = $count .
-			' (' .
-				preg_replace(
-					'/[^, a-z0-9.-]/i', '',
-					implode(', ', array_keys($progress['remains']['badhost']))
-				) .
-			')';
-	}
+
+	$tmp = summarize_detail_badhost($progress);
+	if ($tmp != '') $summary['DETAIL_BADHOST'] = $tmp;
+
+	$tmp = summarize_detail_newtral($progress);
+	if (! $asap && $tmp != '') $summary['DETAIL_NEUTRAL_HOST'] = $tmp;
+
 	$summary['COMMENT'] = $action;
 	$summary['PAGE']    = '[blocked] ' . (is_pagename($page) ? $page : '');
 	$summary['URI']     = get_script_uri() . '?' . rawurlencode($page);