summaryrefslogtreecommitdiffstats
path: root/wp-inst/wp-content/mu-plugins
diff options
context:
space:
mode:
Diffstat (limited to 'wp-inst/wp-content/mu-plugins')
-rw-r--r--wp-inst/wp-content/mu-plugins/blogs-header.php23
-rw-r--r--wp-inst/wp-content/mu-plugins/doc_referers.php712
-rw-r--r--wp-inst/wp-content/mu-plugins/invites.php357
-rw-r--r--wp-inst/wp-content/mu-plugins/wp-hashcash.php684
4 files changed, 0 insertions, 1776 deletions
diff --git a/wp-inst/wp-content/mu-plugins/blogs-header.php b/wp-inst/wp-content/mu-plugins/blogs-header.php
deleted file mode 100644
index a9ddc03..0000000
--- a/wp-inst/wp-content/mu-plugins/blogs-header.php
+++ /dev/null
@@ -1,23 +0,0 @@
-<?php
-add_action('wp_head', "header_js" );
-
-function header_js() {
- ?>
-<script type="text/javascript">
-
-function addLoadEvent(func) {
- var oldonload = window.onload;
- if (typeof window.onload != 'function') {
- window.onload = func;
- } else {
- window.onload = function() {
- oldonload();
- func();
- }
- }
-}
-</script>
- <?php
-}
-
-?>
diff --git a/wp-inst/wp-content/mu-plugins/doc_referers.php b/wp-inst/wp-content/mu-plugins/doc_referers.php
deleted file mode 100644
index d923e37..0000000
--- a/wp-inst/wp-content/mu-plugins/doc_referers.php
+++ /dev/null
@@ -1,712 +0,0 @@
-<?php
-/*
-Plugin Name: Referers
-Plugin URI: http://mu.wordpress.org/
-Description: Display referers to your site
-Version: 0.1
-Author: Donncha O Caoimh
-Author URI: http://blogs.linux.ie/xeer/
-*/
-
-/* Copyright 2005 Donncha O Caoimh (email : donncha@linux.ie)
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-*/
-
-if( defined( "WP_INSTALLING" ) )
- return true;
-
-class DOC_Referers {
-
- var $table_version = 0.2;
-
- function DOC_Referers() {
- add_action('admin_menu', array(&$this, 'admin_menu'));
- add_action('admin_footer', array(&$this, 'admin_footer'));
- add_action('wp_footer', array(&$this, 'template_redirect'));
- $this->settings = get_settings('doc_referers');
- $this->wpdb_tables();
-
- if($this->settings['table_version'] != $this->table_version)
- {
- $this->make_tables();
- $this->added_tables = true;
- }
- }
-
- function admin_footer()
- {
- update_option('doc_referers', $this->settings);
- }
-
- function admin_menu()
- {
- $pfile = basename(dirname(__FILE__)) . '/' . basename(__FILE__);
- add_submenu_page('edit.php', 'Referers', 'Referers', 0, $pfile, array(&$this, 'plugin_content'));
- }
-
- function wpdb_tables() {
- global $wpdb, $table_prefix;
-
- $wpdb->doc_referers = "{$table_prefix}referer_visitLog";
- $wpdb->doc_blacklist = "{$table_prefix}referer_blacklist";
- }
- function make_tables() {
- global $wpdb, $table_prefix;
- if(!include_once(ABSPATH . 'wp-admin/upgrade-functions.php')) {
- die(_e('There is was error adding the required tables to the database. Please refer to the documentation regarding this issue.', 'DOC_Referers'));
- }
- $qry = "CREATE TABLE IF NOT EXISTS " . $wpdb->doc_blacklist . " (
- ID int(11) NOT NULL auto_increment,
- blogID varchar(32) NOT NULL default '',
- URL varchar(250) NOT NULL default '',
- t timestamp(14) NOT NULL,
- PRIMARY KEY (ID),
- KEY blogID (blogID,URL),
- KEY URL (URL)
- );";
- $wpdb->query( $qry );
-
- $qry = "CREATE TABLE IF NOT EXISTS " . $wpdb->doc_referers . " (
- blogID char( 32 ) default NULL ,
- visitID int( 11 ) NOT NULL AUTO_INCREMENT ,
- visitTime timestamp( 14 ) NOT NULL ,
- visitURL char( 250 ) default NULL ,
- referingURL char( 250 ) default NULL ,
- baseDomain char( 250 ) default NULL ,
- refpost int( 11 ) NOT NULL default '0',
- visitTimes int( 10 ) NOT NULL default '0',
- dayofmonth smallint( 2 ) NOT NULL default '0',
- PRIMARY KEY ( visitID ) ,
- KEY blogID ( blogID ) ,
- KEY refpost ( refpost ) ,
- KEY dayofmonth ( dayofmonth )
- );";
- $wpdb->query( $qry );
-
- $this->settings['table_version'] = $this->table_version;
- update_option('doc_referers', $this->settings);
- }
-
-
- function makeHiddenVals( $day, $order, $num, $more, $ignoreDIRECT, $visitID, $internal )
- {
- $fields = array( "day", "order", "num", "more", "ignoreDIRECT", "visitID", "internal" );
- reset( $fields );
- while( list( $key, $field ) = each( $fields ) )
- {
- if( $field == 'action' )
- {
- $sep = '?';
- }
- else
- {
- $sep = '&';
- }
-
- if( $_GET[ $field ] != '' )
- $vals .= "<input type='hidden' name='".$field."' value='".htmlentities( $_GET[ $field ] )."'>\n";
- }
- return $vals;
- }
-
- function makeURL( $var, $val )
- {
- $fields = array( "action", "day", "order", "num", "more", "ignoreDIRECT", "visitID", "internal" );
- reset( $fields );
- while( list( $key, $field ) = each( $fields ) )
- {
- $sep = '&';
- if( $field != $var )
- {
- if( $_GET[ $field ] != '' )
- $url .= $sep.$field."=".htmlentities( $_GET[ $field ] );
- }
- else
- {
- $url .= $sep.$var."=".$val;
- }
- }
- return $url;
- }
-
- function plugin_content()
- {
- global $wpdb;
-
- $action = addslashes( $_GET[ 'action' ] );
- $day = intval( $_GET[ 'day' ] );
- $del = $_GET[ 'del' ];
- $num = intval( $_GET[ 'num' ] );
- $more = intval( $_GET[ 'more' ] );
- $order = addslashes( $_GET[ 'order' ] );
- $ignoreDIRECT = addslashes( $_GET[ 'ignoreDIRECT' ] );
- $internal = addslashes( $_GET[ 'internal' ] );
-
- if( $ignoreDIRECT == '' ) {
- $ignoreDIRECT = get_option( 'ignoreDIRECT' );
- } else {
- if( get_option( 'ignoreDIRECT' ) == false ) {
- add_option( 'ignoreDIRECT', $ignoreDIRECT );
- } else {
- update_option( 'ignoreDIRECT', $ignoreDIRECT );
- }
- }
- if( $internal == '' ) {
- $internal = get_option( 'doc_referers_internal' );
- } else {
- if( get_option( 'doc_referers_internal' ) == false ) {
- add_option( 'doc_referers_internal', $internal );
- } else {
- update_option( 'doc_referers_internal', $internal );
- }
- }
-
- if( $action == '' )
- {
- $action = 'listday';
- $day = date( 'j' );
- }
- if( $day == '' )
- $day = date( 'j' );
-
- print '<div class="wrap">';
-
- if( $action == 'Delete' )
- {
- if( is_array( $del ) )
- {
- reset( $del );
- while( list( $key, $val ) = each( $del ) )
- {
- $query = "DELETE FROM " . $wpdb->doc_referers . "
- WHERE visitID = '".intval( $val )."'";
- $result = $wpdb->query($query);
- }
- }
- $action = "listday";
- }
- elseif( $action == 'deletedirect' )
- {
- $query = "DELETE FROM " . $wpdb->doc_referers . " WHERE dayofmonth='".$day."' AND referingURL = 'DIRECT'";
- $result = $wpdb->query($query);
- printf ("Records deleted: %d\n", $wpdb->rows_affected);
- $action = "listday";
- }
- elseif( $action == 'Add To Blacklist' )
- {
- if( is_array( $del ) )
- {
- reset( $del );
- while( list( $key, $val ) = each( $del ) )
- {
- $query = "SELECT referingURL FROM " . $wpdb->doc_referers . " WHERE visitID = '".intval( $val )."'";
- $result=$wpdb->get_var( $query );
- if( $result )
- {
- $query = "INSERT INTO " . $wpdb->doc_blacklist . " VALUES( NULL, 0, '".$result."', NOW() )";
- $result = $wpdb->query($query);
- }
- }
- }
- $action = "listday";
- }
- elseif( $action == 'deleteblacklist' )
- {
- if( is_array( $del ) )
- {
- reset( $del );
- while( list( $key, $val ) = each( $del ) )
- {
- $query = "DELETE FROM " . $wpdb->doc_blacklist . " WHERE ID='".intval( $val )."'";
- $result = $wpdb->query($query);
- }
- }
- $action = "blacklist";
- }
-
- switch( $action )
- {
- case "blacklist":
- $query = "SELECT * FROM " . $wpdb->doc_blacklist;
- $result = $wpdb->get_results($query, ARRAY_A );
- if( $result )
- {
- print "<h2>Referer Blacklist</h2>";
- print "<form method='get'>";
- print '<input type="hidden" name="page" value="' . $_GET['page'] .'"/>';
- print "<input type='hidden' name='action' value='deleteblacklist'>";
- print "<input type='submit' value='Delete'>";
- print "<table>";
- $c = 1;
- while( list( $key, $row1 ) = each( $result ) )
- {
- if( substr( $row1[ 'URL' ], 0, 16 ) == 'http://www.google' )
- {
- $displayurl = "Google: ". substr( $row1[ 'URL' ], strpos( $row1[ 'URL' ], "search" )+6 );
- }
- elseif( strstr( $row1[ 'URL' ], 'search.yahoo' ) )
- {
- $displayurl = "Yahoo: ". substr( $row1[ 'URL' ], strpos( $row1[ 'URL' ], "p=" )+2 );
- }
- elseif( strpos( $row1[ 'URL' ], 'www.blueyonder.co.uk' ) )
- {
- $displayurl = "Blueyonder: ". substr( $row1[ 'URL' ], strpos( $row1[ 'URL' ], "q=" )+2 );
- }
- else
- {
- $displayurl = $row1[ 'URL' ];
- }
- print "<tr><td>$c</td><td><a href='".$row1[ 'URL' ]."'>".$displayurl."</a></td><td><input type='checkbox' name='del[]' value='".$row1['ID']."'></td></tr>\n";
- $c++;
- }
- print "</table>";
- print "</form>";
- }
- else
- {
- print "No URLs in blacklist yet!";
- }
- break;
- case "listday":
-
- $query = "select visitTimes,referingURL,date_format( visitTime, '%k:%i' ) as visitTime2, visitURL, visitID from " . $wpdb->doc_referers . " where dayofmonth='".$day."'";
-
- if( $internal == 'yes' )
- $query .= " and referingURL NOT LIKE '".get_settings( "siteurl" )."%'";
-
- if( $ignoreDIRECT == 'yes' )
- $query .= " and referingURL != 'DIRECT'";
-
- if( $order == '' || $order == 'time' )
- {
- $query .= " order by visitTime desc";
- }
- elseif( $order == 'hits' )
- {
- $query .= " order by visitTimes desc";
- }
- elseif( $order == 'url' )
- {
- $query .= " order by visitURL desc";
- }
- if( $num == '' )
- {
- $num = 0;
- }
- if( $more == '' || $more == '0' )
- $more = '30';
-
- $query .= " limit $num,$more";
-
- $result = $wpdb->get_results($query, ARRAY_A );
- $rows = $wpdb->num_rows;
- print "<h2>Referers</h2>";
- if( $result ) {
- // javascript from http://www.experts-exchange.com/Web/Web_Languages/JavaScript/Q_10105441.html and
- // http://members.aol.com/grassblad/html/chkAllBut.html
- print "<script langage='javascript'>
- <!--
- function selectAll(cbList,bSelect) {
- for (var i=0; i<cbList.length; i++)
- cbList[i].selected = cbList[i].checked = bSelect
- }
-
- function reverseAll(cbList) {
- for (var i=0; i<cbList.length; i++) {
- cbList[i].checked = !(cbList[i].checked)
- cbList[i].selected = !(cbList[i].selected)
- }
- }
- //-->
- </script>";
- $c = $num+1;
- $nav = "<br /><div align='center'>";
- $nav .= "<a href='edit.php?page=" . $_GET[ 'page' ] . "&action=month'>Month View</a> | ";
- $nav .= "<a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "num", 0 )."'>Top</a>";
- if( $ignoreDIRECT == 'yes' )
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "ignoreDIRECT", 'no' )."'>Display DIRECT requests</a>";
- }
- else
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "ignoreDIRECT", 'yes' )."'>Hide DIRECT requests</a>";
- }
- if( $internal == 'yes' )
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "internal", 'no' )."'>Display internal requests</a>";
- }
- else
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "internal", 'yes' )."'>Hide internal requests</a>";
- }
-
- if( $num >= 10 )
- {
- if( $num > $more )
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "num", ( $num - $more ) )."'>Previous $more</a>";
- }
- }
- else
- {
- $nav .= " | Previous";
- }
- if( $rows >= $more )
- {
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "num", ($num + $more) )."'>Next $more</a>";
- }
- else
- {
- $nav .= " | Next";
- }
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "more", ($more + 10) )."'>More Hits</a>";
- $nav .= " | <a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "more", ($more - 10) )."'>Less Hits</a>";
- $nav .= "<br />";
- print $nav;
- $today = date( 'd' );
- if( $day > $today )
- {
- $month = date( 'F', mktime (0,0,0,date("m")-1,date("d"), date("Y")) );
- }
- else
- {
- $month = date( 'F' );
- }
- print "<form method='GET' name='deletedirect'>";
- print '<input type="hidden" name="page" value="' . $_GET['page'] .'"/>';
- print "<input type='hidden' name='action' value='deletedirect'>";
- print $this->makeHiddenVals( $day, $order, $num, $more, $ignoreDIRECT, $visitID, $internal );
- print "</form>";
- print "<form method='GET' name='referers'>";
- print '<input type="hidden" name="page" value="' . $_GET['page'] .'"/>';
- print $this->makeHiddenVals( $day, $order, $num, $more, $ignoreDIRECT, $visitID, $internal );
- //print "<input type='hidden' name='action' value='delete'>";
- print "<table border=0 cellspacing=0 cellpadding=2>";
- print "<caption> Referers For $day $month</caption>";
- print "
- <tr><td colspan='6' align='right'><INPUT TYPE=button VALUE='Select All' ONCLICK='selectAll(this.form,true)'>
- <INPUT class='edit' TYPE=button VALUE='Clear All' ONCLICK='selectAll(this.form,false)'>
- <INPUT class='edit' TYPE=button VALUE='Reverse' ONCLICK='reverseAll(this.form)'>
- &nbsp;|&nbsp;<input class='edit' type='submit' name='action' value='Delete' onclick='javascript:document.referers.submit()'>
- &nbsp;|&nbsp;<input class='edit' type='submit' name='action' value='Add To Blacklist'>
- &nbsp;|&nbsp;<input class='edit' type='button' name='action' value='Delete Direct Referers' onclick='javascript:document.deletedirect.submit()'></td></tr>\n";
- print "<tr><th>#</th><th>Refering URL</th>
- <th><a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "order", "hits" )."' title='order by hits'>Hits</a></th>
- <th><a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "order", "url" )."' title='order by entry page'>Entry Page</a></th>
- <th><a href='edit.php?page=" . $_GET[ 'page' ] . "".$this->makeURL( "order", "time" )."' title='order by time'>Last</a></th>
- <th>Selected</th>
- </tr>";
- while( list( $key, $row1 ) = each( $result ) )
- {
- if( $col == 'f5f5f5' )
- {
- $col = 'ffffff';
- }
- else
- {
- $col = 'f5f5f5';
- }
- if( $row1[ 'referingURL' ] != 'DIRECT' )
- {
- if( substr( $row1[ 'referingURL' ], 0, 17 ) == 'http://www.google' )
- {
- $args = parse_url( $row1[ 'referingURL' ] );
- parse_str( $args[ 'query' ] );
- $url = "<a href='".$row1[ 'referingURL' ]."' title='".$row1[ 'referingURL' ]."'>Google: ".stripslashes( htmlspecialchars( $q ) )."</a>";
- }
- elseif( strstr( $row1[ 'referingURL' ], 'search.yahoo' ) )
- {
- $args = parse_url( $row1[ 'referingURL' ] );
- parse_str( $args[ 'query' ] );
- $url = "<a href='".$row1[ 'referingURL' ]."' title='".$row1[ 'referingURL' ]."'>Yahoo: ".stripslashes( htmlspecialchars( $p ) )."</a>";
- }
- elseif( strpos( $row1[ 'referingURL' ], 'www.blueyonder.co.uk' ) )
- {
- $args = parse_url( $row1[ 'referingURL' ] );
- parse_str( $args[ 'query' ] );
- $url = "<a href='".$row1[ 'referingURL' ]."' title='".$row1[ 'referingURL' ]."'>Blueyonder: ".stripslashes( htmlspecialchars( $q ) )."</a>";
- }
- elseif( strstr( $row1[ 'referingURL' ], 'bloglines.com' ) )
- {
- $args = parse_url( $row1[ 'referingURL' ] );
- $url = "<a href='".$row1[ 'referingURL' ]."' title='".$row1[ 'referingURL' ]."'>Bloglines</a>";
- }
- elseif( strpos( $row1[ 'referingURL' ], 'wp-admin/' ) )
- {
- $args = parse_url( $row1[ 'referingURL' ] );
- $u = substr( $row1[ 'referingURL' ], 0, strpos( $row1[ 'referingURL' ], "wp-admin" ) );
- $url = "<a href='".$u."' title='".$row1[ 'referingURL' ]."'>wp-admin: $u</a>";
- }
- else
- {
- $url = "<a href='".$row1[ 'referingURL' ]."' title='".$row1[ 'referingURL' ]."'>".substr( $row1[ 'referingURL' ], 0, 40 )."</a>";
- }
- }
- else
- {
- $url = 'DIRECT';
- }
- $visitID = $row1[ 'visitID' ];
- print "<tr bgcolor='#$col'>
- <td>".$c."</td>
- <td>".$url."</td>
- <td>".substr($row1[ 'visitTimes' ],0, 40 )."</td>
- <td><a href='".$row1[ 'visitURL' ]."'>".substr($row1[ 'visitURL' ],0, 40 )."</a></td>
- <td>".$row1[ 'visitTime2' ]."</td>
- <td align='right'><input type=checkbox name='del[]' value='".$visitID."'></td>
- </tr>";
- $c++;
-
- }
- print "</table>";
- print $nav;
- print "</form>";
- } else {
- print "<p>No Referers found today!</p>";
- print "<ul><li><a href='edit.php?page=mu-plugins/doc_referers.php&action=month'>Month View</a> displays the last month of stats.</li>";
- if( $ignoreDIRECT == 'yes' )
- print "<li><a href='edit.php?page=mu-plugins/doc_referers.php".$this->makeURL( "ignoreDIRECT", 'no' )."'>Display DIRECT hits</a> - some browsers don't report what page they come from. You're hiding this information right now.</li>";
- if( $internal == 'yes' )
- print "<li><a href='edit.php?page=mu-plugins/doc_referers.php".$this->makeURL( "internal", 'no' )."'>Display internal hits</a> - it's not always very interesting where people wander around your blog. You're hiding this information right now.</li>";
- print "</ul>";
- }
- break;
- default:
- $query = "select sum( visitTimes ) as c, dayofmonth from " . $wpdb->doc_referers . " ";
- $query .= "group by " . $wpdb->doc_referers . ".dayofmonth";
- $result = $wpdb->get_results($query, ARRAY_A );
- if( $result )
- {
- $c = 0;
- $col = 'ccc';
- print "<h2>Referers</h2>";
- print "<table><td valign='top'>";
- print "<table border=1 cellspacing=0 cellpadding=2>";
- print "<tr><th>Day</th><th>Hits</th>";
- while( list( $key, $row1 ) = each( $result ) )
- {
- if( $col == 'f5f5f5' )
- {
- $col = 'ffffff';
- }
- else
- {
- $col = 'f5f5f5';
- }
- print "<tr bgcolor='#";
- if( $row1[ 'dayofmonth' ] == date( 'j' ) )
- {
- print "ffdddd";
- }
- else
- {
- print $col;
- }
- print "'><td><a href='edit.php?page=" . $_GET[ 'page' ] . "&action=listday&day=".$row1[ 'dayofmonth' ]."'>".$row1[ 'dayofmonth']."</a></td><td>".$row1[ 'c']."</td></tr>";
- $c++;
- if( $c == '15' )
- {
- print "</table>";
- print "</td><td valign='top'>";
- print "<table border=1 cellspacing=0 cellpadding=2>";
- print "<tr><th>Day</th><th>Hits</th>";
- }
-
- }
- print "</table>";
- print "</td></table>";
- print "<br><a href='edit.php?page=" . $_GET[ 'page' ] . "&action=blacklist'>View Blacklist</a>";
- }
- else
- {
- print "There are no referers for your site! Wait until Google indexes you!";
- }
- }
- print "</div>";
-
- }
-
- function template_redirect() {
- global $wpdb;
- $wpdb->hide_errors();
-
- // delete tomorrow's referers today
- $tomorrow = date( "j", mktime (0,0,0,date("m") ,date("d")+1,date("Y")) );
- $sec = date( "s" );
- $hour = date( "G" );
- if( $sec == 30 && $hour < 2 )
- {
- $sql = "delete from " . $wpdb->doc_referers . " WHERE dayofmonth = '$tomorrow'"; // delete referers from a (month + 1 day) ago.
- $wpdb->query($sql);
- }
-
- $ref = $_SERVER["HTTP_REFERER"];
- $currentURL = addslashes( $_SERVER[ 'REQUEST_URI' ] );
- $fullCurrentURL = "http://" . addslashes( $_SERVER[ 'HTTP_HOST' ] ) . addslashes( $_SERVER[ 'REQUEST_URI' ] );
- if( $ref == '' )
- {
- $ref = "DIRECT";
- }
-
- $found = false;
-
- if( $currentURL[ strlen( $currentURL ) -1 ] == '/' )
- {
- $found = true;
- }
- else
- {
- $count_files = array( "wp-admin" );
- reset( $count_files );
- while( list( $key, $val ) = each( $count_files ) )
- {
- $pos = strpos( $currentURL, $val );
- if( $pos == true )
- {
- $found = true;
- }
- }
- if( $found == true )
- {
- // Don't bother going further - no need to record request!
- return;
- }
- }
-
- $ref = $wpdb->escape($ref);
- if( $ref ) {
- $realReferer = true;
- $ignorePages = Array( 'lastupdated.php', 'b2rdf.php', 'b2rss2.php', 'b2bookmarklet.php', 'b2referers.php', 'b2commentspopup.php' );
- foreach ($ignorePages as $ignoresite){
- if (stristr($currentURL, $ignoresite)){
- $realReferer = false;
- }
- }
-
- $ignore = Array(
- 'http://www.myelin.co.nz/ecosystem/bot.php',
- 'http://radio.xmlstoragesystem.com/rcsPublic/',
- 'http://blogdex.media.mit.edu//',
- 'http://subhonker6.userland.com/rcsPublic/',
- 'mastadonte.com',
- 'http://blo.gs/ping.php'
- );
- foreach ($ignore as $ignoresite){
- if (stristr($ref, $ignoresite)){
- $realReferer = false;
- }
- }
-
- $checkRef = true;
- // Do we need to check the referer? If it's from a known site we can save some cycles.
- $checkReflist = array( "direct", "http://www.technorati.com", "http://www.google", "http://www.yahoo", "http://www.linux.ie", "http://blogs.linux.ie", "http://blo.gs" );
- reset( $checkReflist );
- while( list( $key, $val ) = each( $checkReflist ) )
- {
- $p = strpos( strtolower( $url ), $val );
- if( $p !== false )
- {
- $checkRef = false;
- }
- }
-
- $doubleCheckReferers = 0; // must make this an option
- if( $realReferer && $checkRef && $ref != 'DIRECT' && $doubleCheckReferers)
- {
- //this is so that the page up until the call to
- //logReferer will get shown before it tries to check
- //back against the refering URL.
- flush();
-
- $goodReferer = 0;
- $fp = @fopen ($ref, "r");
- if ($fp){
- socket_set_timeout($fp, 5);
- $c = 0;
- while (!feof ($fp) || $c > 5) {
- $page .= trim(fgets($fp, 4096));
- $c++;
- }
- fclose( $fp );
- if (strstr($page,$fullCurrentURL)){
- $goodReferer = 1;
- }
- }
-
- if(!$goodReferer){
- $realReferer = false;
- }
- }
-
- if( $realReferer == true && $ref != 'DIRECT' )
- {
- $query = "SELECT ID FROM " . $wpdb->doc_blacklist . " WHERE URL like '%$ref%'";
- $result = $wpdb->get_var( $query );
- if( $result )
- {
- $ref = "DIRECT";
- }
- }
-
- $ua = addslashes( $_SERVER["HTTP_USER_AGENT"] );
- $useragents = array( "http://www.syndic8.com", "http://dir.com/pompos.html", "NaverBot-1.0", "http://help.yahoo.com/help/us/ysearch/slurp", "http://www.google.com/bot.html", "http://www.blogdigger.com/", "http://search.msn.com/msnbot.htm", "Feedster, LLC.", "http://www.breakingblogs.com/timbo_bot.html", "fastbuzz.com", "http://www.pubsub.com/", "http://www.bloglines.com", "http://www.drupal.org/", "Ask Jeeves/Teoma", "ia_archiver", "http://minutillo.com/steve/feedonfeeds/", "larbin_2", "lmspider", "kinjabot", "lickBot 2.0", "Downes/Referrers", "daypopbot", "www.globalspec.com" );
- reset( $useragents );
- while( list( $key, $val ) = each( $useragents ) )
- {
- if( strpos( $ua, $val ) !== false )
- {
- $realReferer = false;
- }
- }
-
- if( $realReferer )
- {
- if( $ref == 'DIRECT' )
- {
- $anchor = $ref;
- }
- else
- {
- $anchor = preg_replace("/http:\/\//i", "", $ref);
- $anchor = preg_replace("/^www\./i", "", $anchor);
- $anchor = preg_replace("/\/.*/i", "", $anchor);
- }
- $today = date( "d" );
-
- if( strstr( $ref, 'bloglines.com' ) )
- $ref = "http://www.bloglines.com/";
-
- $sql = "UPDATE " . $wpdb->doc_referers . "
- SET visitTimes = visitTimes + 1
- WHERE dayofmonth = '$today'
- AND referingURL = '$ref'
- AND visitURL = '$currentURL'";
- $result = $wpdb->query( $sql );
- if( $result == false )
- {
- $sql ="INSERT INTO " . $wpdb->doc_referers . " (referingURL,visitURL,refpost, visitTimes, dayofmonth)
- VALUES ('$ref','$currentURL','$p','1', '$today')";
- $result = $wpdb->query( $sql );
- }
- }
- }
- $wpdb->show_errors();
- }
-}
-
-$doc_referer = new DOC_Referers();
-
-?>
diff --git a/wp-inst/wp-content/mu-plugins/invites.php b/wp-inst/wp-content/mu-plugins/invites.php
deleted file mode 100644
index 5e58f66..0000000
--- a/wp-inst/wp-content/mu-plugins/invites.php
+++ /dev/null
@@ -1,357 +0,0 @@
-<?php
-if( substr( $_SERVER[ 'PHP_SELF' ], -14 ) == 'wpmu-admin.php' || substr( $_SERVER[ 'PHP_SELF' ], -11 ) == 'invites.php' ) {
- if( false == get_site_option( "invites_default_message" ) ) {
- $msg =
-"Dear FIRSTNAME LASTNAME,
----------------------------------------------
-PERSONALMESSAGE
----------------------------------------------
-You have been invited to open a free WordPress weblog.
-
-To accept this invitation and register for your weblog, visit
-REGURL
-Your visitor pass is: VISITORPASS
-
-This invitation can only be used to set up one weblog.
-
-Regards,
-The WordPress Team
-
-(If clicking the URLs in this message does not work, copy and paste them
-into the address bar of your browser).";
- update_site_option( "invites_default_message", $msg );
- }
-
- if( false == get_site_option( "invites_default_subject" ) ) {
- $subject = "FIRSTNAME, USERNAME has invited you to use WordPress";
- update_site_option( "invites_default_subject", $subject );
- }
-
-}
-
-$u = $wpdb->escape( $_REQUEST['u'] );
-
-function invites_check_user_hash() {
- global $wpdb, $u;
- if( $u == '' ) {
- header( "Location: ".get_option( "siteurl" ) );
- die( );
- } else {
- $query = "SELECT meta_value FROM ".$wpdb->usermeta." WHERE user_id = '0' AND meta_key = 'invite' AND meta_value = '".addslashes( $u )."'";
- $userhash = $wpdb->get_results( $query, ARRAY_A );
-
- if( $userhash == false ) {
- header( "Location: ".get_option( "siteurl" ) );
- die();
- }
- }
-}
-if( get_site_option( "check_reg_for_invite" ) == 'yes' ) {
- add_action('newblogheader', 'invites_check_user_hash');
-}
-
-function invites_admin_send_email() {
- global $wpdb;
- $msg = get_site_option( "invites_default_message" );
- if( $msg == '' ) {
- $msg = "Dear FIRSTNAME LASTNAME,
----------------------------------------------
-PERSONALMESSAGE
----------------------------------------------
-You have been invited to open a free WordPress weblog.
-
-To accept this invitation and register for your weblog, visit
-REGURL
-This invitation can only be used to set up one weblog.
-
-Regards,
-The WordPress Team
-
-(If clicking the URLs in this message does not work, copy and paste them
-into the address bar of your browser).";
- update_site_option( "invites_default_message", $msg );
- }
- if( $_GET[ 'action' ] == 'invite' ) {
- if( is_email( $_POST[ 'email' ] ) ) {
- $email = $_POST[ 'email' ];
- $query = "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` )
- VALUES ( NULL, '0', 'invite' , '".md5( $email )."')";
- $wpdb->query( $query );
- $query = "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` )
- VALUES ( NULL, '0', '".md5( strtolower( $email ) )."_invited_by' , 'admin')";
- $wpdb->query( $query );
- $msg = str_replace( "REGURL", get_option( "siteurl" ) . "/invite/".md5( $email ), $msg );
- mail( $_POST[ 'email' ], "Your " . $current_site->site_name . " Invitation", $msg, "From: " . $current_site->site_name . " <donotreply@".get_option( "siteurl" ).">" );
- header( "Location: wpmu-admin.php?result=invitesent" );
- die();
- } else {
- header( "Location: wpmu-admin.php?result=invitenotsent" );
- die();
- }
- }
-}
-add_action('wpmuadminedit', 'invites_admin_send_email');
-
-function invites_admin_send_form() {
- print "<h2>Invites</h2>";
- ?>
- <p>Invite a new user to use this site!</p>
- <form action='wpmu-edit.php?action=invite' method='POST'>
- Email: <input type='text' value='' name='email' size='40'><br />
- <input type='submit' value='Send Invite'>
- </form>
- <?php
- // must also list stats on current invites and drill down into specifics.
-}
-# add_action('wpmuadmindefaultpage', 'invites_admin_send_form');
-
-function invites_admin_result() {
- switch( $_GET[ 'result' ] ) {
- case "invitesent":
- ?><div class="updated"><p><strong><?php _e('Invite Sent.') ?></strong></p></div><?php
- break;
- case "invitenotsent":
- ?><div class="updated"><p><strong><?php _e('Invite Not Sent.') ?></strong></p></div><?php
- break;
- }
-}
-add_action('wpmuadminresult', 'invites_admin_result');
-
-function invites_add_field() {
- global $u;
-
- echo "<input type='hidden' name='u' value='".$u."'>\n";
-}
-add_action('newblogform', 'invites_add_field');
-
-function invites_cleanup_db( $val ) {
- global $wpdb, $wpmuBaseTablePrefix, $url, $weblog_title;
- if( isset( $_POST[ 'u' ] ) ) {
- $u = addslashes( $_POST[ 'u' ] );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = 'invite' AND meta_value = '".$u."'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$u}_to_email'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$u}_to_name'" );
-
- $add_to_blogroll = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE meta_key = '{$u}_add_to_blogroll'" );
- if( $add_to_blogroll ) {
- $userdetails = @unserialize( $add_to_blogroll );
- if( is_array( $userdetails ) ) {
- $wpdb->query("INSERT INTO {$wpmuBaseTablePrefix}{$userdetails[ 'blogid' ]}_links (link_url, link_name, link_category, link_owner) VALUES('" . addslashes( $url ) . "','" . addslashes( $weblog_title ) . "', '1', '" . intval( $userdetails[ 'userid' ] ) . "' )" );
- }
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$u}_add_to_blogroll'" );
- }
-
-
- $id = $wpdb->get_var( "SELECT ID FROM ".$wpdb->users." WHERE user_login = '" . addslashes( $weblog_id ) . "'" );
-
- if( $id ) {
- $wpdb->query( "UPDATE ".$wpdb->usermeta." SET user_id = '".$id."', meta_key = 'invited_by' WHERE meta_key = '".$u."_invited_by'" );
- $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '{$id}', 'invites_left' , '" . get_site_option( "invites_per_user" ) . "' )" );
- $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '{$id}', 'invite_hash' , '{$u}' )" );
- }
- }
-}
-add_action('newblogfinished', 'invites_cleanup_db');
-
-/* admin functions:
- Configure invites: sig, number per user, default message
- */
-
-add_action('admin_menu', 'invites_admin_menu');
-
-function invites_admin_menu() {
- $pfile = basename(dirname(__FILE__)) . '/' . basename(__FILE__);
- if ( is_site_admin() )
- add_submenu_page('wpmu-admin.php', 'Invites', 'Invites', 0, $pfile, 'invites_admin_content');
-}
-
-add_action('admin_footer', 'timed_invites');
-
-function timed_invites() {
- global $wpdb, $current_user;
-
- $chance = mt_rand( 0, 20 );
- if( $chance == '5' ) {
- $invites_add_days = get_site_option( "invites_add_days", 7 );
- if( $invites_add_days != 0 ) {
- $days_registered = $wpdb->get_var( "SELECT TO_DAYS( NOW() ) - TO_DAYS( user_registered ) FROM $wpdb->users WHERE ID = '" . get_current_user_id() . "'" );
- if( $days_registered % get_site_option( "invites_add_days", 7 ) == 0 ) {
- $invite_day = get_user_option( "invite_day" );
- if( $invite_day != $days_registered ) {
- $invites_left = get_usermeta( $current_user->id, "invites_left" );
- if( $invites_left < get_site_option( "invites_per_user" ) ) {
- update_usermeta( get_current_user_id(), "invites_left", ($invites_left + get_site_option( "invites_add_number", 1 ) ) );
- }
- update_usermeta( get_current_user_id(), "invite_day", $days_registered );
- }
- }
- }
- }
-}
-
-add_action('admin_footer', 'expire_old_invites');
-
-function expire_old_invites() {
- global $wpdb;
-
- $chance = mt_rand( 0, 100 );
- if( $chance == '5' ) {
- $mutex = $wpdb->get_var( "SELECT meta_value FROM ".$wpdb->usermeta." WHERE meta_key = 'invite_mutex'" );
- if( $mutex == false ) {
- $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '0', 'invite_mutex' , '1' )" );
- $invites = $wpdb->get_results( "SELECT * FROM {$wpdb->usermeta} WHERE meta_key like '%_invite_timestamp' AND ( TO_DAYS( NOW() ) - TO_DAYS( FROM_UNIXTIME( meta_value ) ) ) >= " . intval( get_site_option( 'invite_time_limit', 31 ) ) );
- if( is_array( $invites ) ) {
- while( list( $key, $val ) = each( $invites ) ) {
- $email_md5 = substr( $val->meta_key, 0, strpos( $val->meta_key, "_invite_timestamp" ) );
- delete_invite( $email_md5 );
- $uid = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE meta_key = '{$email_md5}_invited_by'" );
- if( $uid ) {
- $invites_left = get_usermeta( $uid, "invites_left" );
- if( $invites_left < get_site_option( "invites_per_user" ) )
- update_usermeta( $uid, "invites_left", $invites_left++ );
- }
- }
- }
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = 'invite_mutex'" );
- } else {
- if( $mutex == '5' ) {
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = 'invite_mutex'" );
- } else {
- $wpdb->query( "UPDATE ".$wpdb->usermeta." SET meta_value = ".($mutex+1)." WHERE meta_key = 'invite_mutex'" );
- }
- }
- }
-
-}
-
-function delete_invite( $uid ) {
- global $wpdb;
-
- $uid = addslashes( $uid );
- $email = $wpdb->get_var( "SELECT meta_value FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_to_email'" );
- if( $email ) {
- $invited_by = $wpdb->get_var( "SELECT meta_value FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_invited_by'" );
- if( $invited_by ) {
- $invites_list = get_usermeta( $invited_by, "invites_list" );
- if( $invites_list ) {
- $invites_list = str_replace( $email . " ", "", $invites_list );
- update_usermeta( $invited_by, "invites_list", $invites_list );
- }
- $invites_left = get_usermeta( $invited_by, "invites_left" );
- update_usermeta( $invited_by, "invites_left", $invites_left + 1 );
- }
- }
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = 'invite' AND meta_value = '$uid'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_to_email'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_to_name'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_add_to_blogroll'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_invited_by'" );
- $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$uid}_invite_timestamp'" );
-}
-
-function invites_admin_content() {
- global $wpdb;
-
- if( is_site_admin() == false ) {
- return;
- }
-
- switch( $_GET[ 'action' ] ) {
- case "updateinvitedefaults":
- update_site_option( "invites_per_user", intval( $_GET[ 'invites_per_user' ] ) );
- update_site_option( "invites_default_message", $_GET[ 'invites_default_message' ] );
- update_site_option( "invites_default_subject", $_GET[ 'invites_default_subject' ] );
- update_site_option( "invites_add_number", intval( $_GET[ 'invites_add_number' ] ) );
- update_site_option( "invites_add_days", intval( $_GET[ 'invites_add_days' ] ) );
- update_site_option( "invite_time_limit", intval( $_GET[ 'invite_time_limit' ] ) );
- if( $_GET[ 'check_reg_for_invite' ] == 'yes' ) {
- update_site_option( "check_reg_for_invite", 'yes' );
- } else {
- update_site_option( "check_reg_for_invite", 'no' );
- }
- ?><div id="message" class="updated fade"><p><?php _e('Options saved.') ?></p></div><?php
-
- break;
- case "":
- break;
- default:
- break;
- }
- $invites_per_user = get_site_option( "invites_per_user" );
- if( $invites_per_user == '' ) {
- $invites_per_user = 5;
- update_site_option( "invites_per_user", $invites_per_user );
- }
- ?>
- <div class='wrap'>
- <h2>Invite Options</h2>
- <fieldset class="options">
- <form method='GET'>
- <input type="hidden" name="page" value="<?php echo $_GET['page'] ?>"/>
- <input type='hidden' name='action' value='updateinvitedefaults'>
- <table class='editform'>
- <tr><th scope='row' valign='top'>Invites Per User:</td><td><input type='text' size='2' maxlength='2' name='invites_per_user' value='<?php echo $invites_per_user ?>'></td></tr>
- <tr><th scope='row' valign='top'>Number of Invites To Add: </td><td><input type='text' size='2' maxlength='2' name='invites_add_number' value='<?php echo get_site_option( "invites_add_number", 1 ) ?>'> (This number of invites will be added to each user every X days.)</td></tr>
- <tr><th scope='row' valign='top'>Add Invites Every</td><td valign='top'><input type='text' size='2' maxlength='2' name='invites_add_days' value='<?php echo get_site_option( "invites_add_days", 7 ) ?>'> <strong>Days</strong> (0 to disable)</td></tr>
- <tr><th scope='row' valign='top'>Invites Expire After</td><td valign='top'><input type='text' size='2' maxlength='2' name='invite_time_limit' value='<?php echo get_site_option( "invite_time_limit", 31 ) ?>'> <strong>Days</strong></td></tr>
- <tr><th scope='row' valign='top'>Default Subject:</td><td><input type='text' size='70' maxlength='90' name='invites_default_subject' value='<?php echo get_site_option( "invites_default_subject" ) ?>'></td></tr>
- <tr><th scope='row' valign='top'>Default Message:</td><td><textarea rows="9" cols="70" name="invites_default_message" tabindex="5" id="defaultmessage"><?php echo str_replace( "\\r\\n", "\n", stripslashes( get_site_option( 'invites_default_message' ) ) ) ?></textarea></td></tr>
- <tr><th scope='row' valign='top'>Registration - check for invite: </td><td><input type='checkbox' name='check_reg_for_invite' value='yes'<?php if( get_site_option( 'check_reg_for_invite' ) == 'yes' ) echo " checked"; ?>></td></tr>
- <tr><td valign='top' colspan='2'><input type='submit'></td></tr>
- </table>
- </form>
- </fieldset>
- </div>
- <div class='wrap'>
- <h2>Invite Stats</h2>
- <ul>
- <li> Free Invites: <?php echo $wpdb->get_var( "SELECT sum( meta_value ) FROM $wpdb->usermeta WHERE meta_key = 'invites_left'" ); ?></li>
- <li> <?php echo $wpdb->get_var( "SELECT count(*) FROM $wpdb->usermeta WHERE meta_key LIKE '%invited_by'" ) ?> Invites sent, of which <?php echo $wpdb->get_var( "SELECT count(*) FROM $wpdb->usermeta WHERE meta_key='invite'" ); ?> are pending and have not been used yet.</li>
- <li> Invites Per User:<ul>
- <?php $invite_groups = $wpdb->get_results( "SELECT count(*) as c, meta_value FROM {$wpdb->usermeta} WHERE `meta_key` = 'invites_left' group by meta_value", ARRAY_A );
- while( list( $key, $val ) = each( $invite_groups ) )
- {
- print "<li> {$val[ 'c' ]} users have {$val[ 'meta_value' ]} invites.</li>";
- }
- ?>
- </ul></li>
- </ul>
- </div>
- <?php
-}
-if( get_usermeta( get_current_user_id(), 'invites_left' ) )
- add_action('admin_head', 'invites_link' );
-
-function invites_link() {
- ?>
-<script type="text/javascript">
-function invites_link() {
- inviteslink = document.createElement('a');
- inviteslink.id = 'inviteslink';
- inviteslink.innerHTML = 'Invites';
- inviteslink.href = 'invites.php';
- var userinfo = document.getElementById( 'footer' );
- userinfo.appendChild(inviteslink);
- var inviteslinkForm = document.getElementById('inviteslinkform');
-}
-
-// addLoadEvent from admin-header
-addLoadEvent( invites_link );
-
-</script>
-<style type="text/css">
-#inviteslink {
- position: absolute;
- top: 2.8em;
- right: 10em;
- display: block;
- padding: .3em .8em;
- background: #6da6d1;
- color: #fff;
- cursor: pointer;
-}
-</style>
-
-<?php
-}
-?>
diff --git a/wp-inst/wp-content/mu-plugins/wp-hashcash.php b/wp-inst/wp-content/mu-plugins/wp-hashcash.php
deleted file mode 100644
index 1853c71..0000000
--- a/wp-inst/wp-content/mu-plugins/wp-hashcash.php
+++ /dev/null
@@ -1,684 +0,0 @@
-<?php
-/*
-Plugin Name: WordPress Hashcash
-Plugin URI: http://elliottback.com/wp/archives/2005/05/11/wordpress-hashcash-20/
-Description: Client-side javascript computes an md5 code, server double checks. Blocks all spam bots. XHTML 1.1 compliant.
-Author: Elliott Back
-Author URI: http://elliottback.com
-Version: 2.3
-Hat tips: Cecil Coupe - http://ccdl.dyndns.biz/werehosed/
- C.S. - http://www.cimmanon.org/
- Denis de Bernardy - http://www.semiologic.com/
- Diego Sevilla - http://neuromancer.dif.um.es/blog/
- Gene Shepherd - http://www.imporium.org/
- John F. - http://www.stonegauge.com/
- Magenson - http://blog.magenson.de/
- Matt Mullenweg - http://photomatt.net/
- Matt Warden - http://www.mattwarden.com/
- Paul Andrew Johnston - http://pajhome.org.uk/crypt/md5/
-*/
-
-if( defined( "WP_INSTALLING" ) )
- return;
-
-if( strpos( $_SERVER[ 'SCRIPT_NAME' ], 'wp-inst/wp-newblog.php' ) == false ) {
-
-/* Start the session, if not started */
-$hashcash_session_id = session_id();
-if(empty($hashcash_session_id)){
- session_start();
-}
-
-/**
- * Type: bool
- * Purpose: If true, sends logs to the admin email address
- */
-define('HASHCASH_DEBUG', true);
-
-/**
- * Type: long
- * Purpose: Stores up to HASHCASH_LONG_SIZE characters before
- * sending logs to the admin email address
- */
-define('HASHCASH_LOG_SIZE', 64000);
-
-/**
- * Type: string
- * Purpose: Must be set to the name of your comments form action
- * for internal pattern matching purposes
- */
-define('HASHCASH_FORM_ACTION', 'wp-comments-post.php');
-
-/**
- * Type: string
- * Purpose: Must be set to the id of your comments form for
- * internal pattern matching purposes
- */
-define('HASHCASH_FORM_ID', 'commentform');
-
-/**
- * Type: bool
- * Purpose: If true, adds a "protected by" message to the form
- * that supports my work on this plugin, and my dedication to
- * supporting it.
- */
-define('HASHCASH_LINK', false);
-
-/**
- * Type: bool
- * Purpose: If true, writes user-specific information to the
- * form (default). Detects WP-Cache.
- */
-if(WP_CACHE){
- define('HASHCASH_PER_USER', false);
-} else {
- define('HASHCASH_PER_USER', true);
-}
-
-/**
- * Type: int
- * Purpose: An integer random to your installation, for use with
- * WP-Cache, a value only YOU can know. CHANGE IF USING WP 1.2!!
- */
-
-if(get_bloginfo('version') < 1.5){
- define('HASHCASH_PER_USER_RAND', 98246);
-} else {
- // Says Denis to save a query
- if (!get_option('wp_hashcash_version')){
- delete_option('wp_hashcash_rand');
- update_option('wp_hashcash_version', 2.3);
- }
-
- $curr = get_option('wp_hashcash_rand');
- if(empty($curr)){
- srand((double) microtime() * 1000000);
- update_option('wp_hashcash_rand', rand(10000000, 99999999));
- }
-}
-
-/**
- * Takes: An integer l and an array of strings exclude
- * Returns: A random unique string of length l
- */
-function hashcash_random_string($l, $exclude = array()) {
- // Sanity check
- if($l < 1){
- return '';
- }
-
- srand((double) microtime() * 1000000);
-
- $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $chars = preg_split('//', $alphabet, -1, PREG_SPLIT_NO_EMPTY);
- $len = count($chars) - 1;
-
- $str = '';
- while(in_array($str, $exclude) || strlen($str) < 1){
- $str = '';
- while(strlen($str) < $l){
- $str .= $chars[rand(0, $len)];
- }
- }
-
- return $str;
-}
-
-
-/**
- * Takes: A string md5_function_name to call the md5 function
- * Returns: md5 javascript bits to be randomly spliced into the header
- */
-function hashcash_get_md5_javascript($md5_function_name){
- $p = '';
- $s = '';
-
- $names = array();
- $excl = array('a', 's', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
- 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u',
- 'v', 'w', 'x', 'y', 'z', 'num', 'cnt', 'str', 'bin',
- 'length', 'len', 'var', 'Array', 'mask', 'return', 'msw',
- 'lsw', 'olda', 'oldb', 'oldc', 'oldd', 'function', 'new');
- for($i = 0; $i < 17; $i++){
- $t = hashcash_random_string(rand(1,6), $excl);
- $names [] = $t;
- $excl [] = $t;
- }
-
- $bits = array();
- $bits [] = $p . 'function ' . $md5_function_name . '(s){return ' . $names[5] . '(' . $names[6] . '(' . $names[7] . '(s),s.length*8));}' . $s;
- $bits [] = $p . 'function ' . $names[6] . '(x,len){x[len>>5]|=0x80<<((len)%32);x[(((len+64)>>>9)<<4)+14]=len;var a=1732584193;var b=-271733879;var c=-1732584194;var d=271733878;for(var i=0;i<x.length;i+=16){var olda=a;var oldb=b;var oldc=c;var oldd=d;a=' . $names[8] . '(a,b,c,d,x[i+0],7,-680876936);d=' . $names[8] . '(d,a,b,c,x[i+1],12,-389564586);c=' . $names[8] . '(c,d,a,b,x[i+2],17,606105819);b=' . $names[8] . '(b,c,d,a,x[i+3],22,-1044525330);a=' . $names[8] . '(a,b,c,d,x[i+4],7,-176418897);d=' . $names[8] . '(d,a,b,c,x[i+5],12,1200080426);c=' . $names[8] . '(c,d,a,b,x[i+6],17,-1473231341);b=' . $names[8] . '(b,c,d,a,x[i+7],22,-45705983);a=' . $names[8] . '(a,b,c,d,x[i+8],7,1770035416);d=' . $names[8] . '(d,a,b,c,x[i+9],12,-1958414417);c=' . $names[8] . '(c,d,a,b,x[i+10],17,-42063);b=' . $names[8] . '(b,c,d,a,x[i+11],22,-1990404162);a=' . $names[8] . '(a,b,c,d,x[i+12],7,1804603682);d=' . $names[8] . '(d,a,b,c,x[i+13],12,-40341101);c=' . $names[8] . '(c,d,a,b,x[i+14],17,-1502002290);b=' . $names[8] . '(b,c,d,a,x[i+15],22,1236535329);a=' . $names[9] . '(a,b,c,d,x[i+1],5,-165796510);d=' . $names[9] . '(d,a,b,c,x[i+6],9,-1069501632);c=' . $names[9] . '(c,d,a,b,x[i+11],14,643717713);b=' . $names[9] . '(b,c,d,a,x[i+0],20,-373897302);a=' . $names[9] . '(a,b,c,d,x[i+5],5,-701558691);d=' . $names[9] . '(d,a,b,c,x[i+10],9,38016083);c=' . $names[9] . '(c,d,a,b,x[i+15],14,-660478335);b=' . $names[9] . '(b,c,d,a,x[i+4],20,-405537848);a=' . $names[9] . '(a,b,c,d,x[i+9],5,568446438);d=' . $names[9] . '(d,a,b,c,x[i+14],9,-1019803690);c=' . $names[9] . '(c,d,a,b,x[i+3],14,-187363961);b=' . $names[9] . '(b,c,d,a,x[i+8],20,1163531501);a=' . $names[9] . '(a,b,c,d,x[i+13],5,-1444681467);d=' . $names[9] . '(d,a,b,c,x[i+2],9,-51403784);c=' . $names[9] . '(c,d,a,b,x[i+7],14,1735328473);b=' . $names[9] . '(b,c,d,a,x[i+12],20,-1926607734);a=' . $names[10] . '(a,b,c,d,x[i+5],4,-378558);d=' . $names[10] . '(d,a,b,c,x[i+8],11,-2022574463);c=' . $names[10] . '(c,d,a,b,x[i+11],16,1839030562);b=' . $names[10] . '(b,c,d,a,x[i+14],23,-35309556);a=' . $names[10] . '(a,b,c,d,x[i+1],4,-1530992060);d=' . $names[10] . '(d,a,b,c,x[i+4],11,1272893353);c=' . $names[10] . '(c,d,a,b,x[i+7],16,-155497632);b=' . $names[10] . '(b,c,d,a,x[i+10],23,-1094730640);a=' . $names[10] . '(a,b,c,d,x[i+13],4,681279174);d=' . $names[10] . '(d,a,b,c,x[i+0],11,-358537222);c=' . $names[10] . '(c,d,a,b,x[i+3],16,-722521979);b=' . $names[10] . '(b,c,d,a,x[i+6],23,76029189);a=' . $names[10] . '(a,b,c,d,x[i+9],4,-640364487);d=' . $names[10] . '(d,a,b,c,x[i+12],11,-421815835);c=' . $names[10] . '(c,d,a,b,x[i+15],16,530742520);b=' . $names[10] . '(b,c,d,a,x[i+2],23,-995338651);a=' . $names[11] . '(a,b,c,d,x[i+0],6,-198630844);d=' . $names[11] . '(d,a,b,c,x[i+7],10,1126891415);c=' . $names[11] . '(c,d,a,b,x[i+14],15,-1416354905);b=' . $names[11] . '(b,c,d,a,x[i+5],21,-57434055);a=' . $names[11] . '(a,b,c,d,x[i+12],6,1700485571);d=' . $names[11] . '(d,a,b,c,x[i+3],10,-1894986606);c=' . $names[11] . '(c,d,a,b,x[i+10],15,-1051523);b=' . $names[11] . '(b,c,d,a,x[i+1],21,-2054922799);a=' . $names[11] . '(a,b,c,d,x[i+8],6,1873313359);d=' . $names[11] . '(d,a,b,c,x[i+15],10,-30611744);c=' . $names[11] . '(c,d,a,b,x[i+6],15,-1560198380);b=' . $names[11] . '(b,c,d,a,x[i+13],21,1309151649);a=' . $names[11] . '(a,b,c,d,x[i+4],6,-145523070);d=' . $names[11] . '(d,a,b,c,x[i+11],10,-1120210379);c=' . $names[11] . '(c,d,a,b,x[i+2],15,718787259);b=' . $names[11] . '(b,c,d,a,x[i+9],21,-343485551);a=' . $names[13] . '(a,olda);b=' . $names[13] . '(b,oldb);c=' . $names[13] . '(c,oldc);d=' . $names[13] . '(d,oldd);}return Array(a,b,c,d);}' . $s;
- $bits [] = $p . 'function ' . $names[12] . '(q,a,b,x,s,t){return ' . $names[13] . '(' . $names[16] . '(' . $names[13] . '(' . $names[13] . '(a,q),' . $names[13] . '(x,t)),s),b);}function ' . $names[8] . '(a,b,c,d,x,s,t){return ' . $names[12] . '((b&c)|((~b)&d),a,b,x,s,t);}' . $s;
- $bits [] = $p . 'function ' . $names[9] . '(a,b,c,d,x,s,t){return ' . $names[12] . '((b&d)|(c&(~d)),a,b,x,s,t);}' . $s;
- $bits [] = $p . 'function ' . $names[10] . '(a,b,c,d,x,s,t){return ' . $names[12] . '(b ^ c ^ d,a,b,x,s,t);}' . $s;
- $bits [] = $p . 'function ' . $names[11] . '(a,b,c,d,x,s,t){return ' . $names[12] . '(c ^(b|(~d)),a,b,x,s,t);}' . $s;
- $bits [] = $p . 'function ' . $names[13] . '(x,y){var lsw=(x&0xFFFF)+(y&0xFFFF);var msw=(x>>16)+(y>>16)+(lsw>>16);return(msw<<16)|(lsw&0xFFFF);}' . $s;
- $bits [] = $p . 'function ' . $names[16] . '(num,cnt){return(num<<cnt)|(num>>>(32-cnt));}' . $s;
- $bits [] = $p . 'function ' . $names[7] . '(str){var bin=Array();var mask=(1<<8)-1;for(var i=0;i<str.length*8;i+=8)bin[i>>5]|=(str.charCodeAt(i/8)&mask)<<(i%32);return bin;}' . $s;
- $bits [] = $p . 'function ' . $names[5] . '(' . $names[15] . '){var ' . $names[14] . '="0123456789abcdef";var str="";for(var i=0;i<' . $names[15] . '.length*4;i++){str+=' . $names[14] . '.charAt((' . $names[15] . '[i>>2]>>((i%4)*8+4))&0xF)+' . $names[14] . '.charAt((' . $names[15] . '[i>>2]>>((i%4)*8))&0xF);}return str;}' . $s;
-
- return $bits;
-}
-
-/**
- * Takes: <<void>>
- * Returns: the hashcash special code, based on the session or ip
- */
-function hashcash_special_code(){
- if(HASHCASH_PER_USER) {
- $key = strip_tags(session_id());
-
- if(!$key){
- $key = $_SERVER['REMOTE_ADDR'];
- }
-
- return md5($key . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a"));
- } else {
- if(get_bloginfo('version') < 1.5){
- return md5(ABSPATH . get_bloginfo('version') . HASHCASH_PER_USER_RAND);
- } else {
- return md5(ABSPATH . get_bloginfo('version') . get_option('wp_hashcash_rand'));
- }
- }
-}
-
-/**
- * Takes: <<void>>
- * Returns: the hashcash special field value
- */
-function hashcash_field_value(){
- global $posts;
- return $posts[0]->ID * strlen(ABSPATH);
-}
-
-/**
- * Takes: String name of function
- * Returns: Javascript to compute field value
- */
-function hashcash_field_value_js($val_name){
- $js = 'function ' . $val_name . '(){';
-
- $type = rand(0, 5);
- switch($type){
- /* Addition of n times of field value / n, + modulus */
- case 0:
- $eax = hashcash_random_string(rand(8,10));
- $val = hashcash_field_value();
- $inc = rand(1, $val - 1);
- $n = floor($val / $inc);
- $r = $val % $inc;
-
- $js .= "var $eax = $inc; ";
- for($i = 0; $i < $n - 1; $i++){
- $js .= "$eax += $inc; ";
- }
-
- $js .= "$eax += $r; ";
- $js .= "return $eax; ";
-
- break;
-
- /* Conversion from binary */
- case 1:
- $eax = hashcash_random_string(rand(8,10));
- $ebx = hashcash_random_string(rand(8,10));
- $ecx = hashcash_random_string(rand(8,10));
- $val = hashcash_field_value();
- $binval = strrev(base_convert($val, 10, 2));
-
- $js .= "var $eax = \"$binval\"; ";
- $js .= "var $ebx = 0; ";
- $js .= "var $ecx = 0; ";
- $js .= "while($ecx < $eax.length){ ";
- $js .= "if($eax.charAt($ecx) == \"1\") { ";
- $js .= "$ebx += Math.pow(2, $ecx); ";
- $js .= "} ";
- $js .= "$ecx++; ";
- $js .= "} ";
- $js .= "return $ebx; ";
-
- break;
-
- /* Multiplication of square roots */
- case 2:
- $val = hashcash_field_value();
- $sqrt = floor(sqrt($val));
- $r = $val - ($sqrt * $sqrt);
- $js .= "return $sqrt * $sqrt + $r; ";
- break;
-
- /* Closest sum up to n */
- case 3:
- $val = hashcash_field_value();
- $n = floor((sqrt(8*$val+1)-1)/2);
- $sum = $n * ($n + 1) / 2;
- $r = $val - $sum;
- $eax = hashcash_random_string(rand(8,10));
-
- $js .= "var $eax = $r; ";
- for($i = 0; $i <= $n; $i++){
- $js .= "$eax += $i; ";
- }
- $js .= "return $eax; ";
- break;
-
- /* Closest sum up to n #2 */
- case 4:
- $val = hashcash_field_value();
- $n = floor((sqrt(8*$val+1)-1)/2);
- $sum = $n * ($n + 1) / 2;
- $r = $val - $sum;
-
- $js .= "return $r ";
- for($i = 0; $i <= $n; $i++){
- $js .= "+ $i ";
- }
- $js .= ";";
- break;
-
- /* Closest sum up to n #3 */
- case 5:
- $val = hashcash_field_value();
- $n = floor((sqrt(8*$val+1)-1)/2);
- $sum = $n * ($n + 1) / 2;
- $r = $val - $sum;
- $eax = hashcash_random_string(rand(8,10));
-
- $js .= "var $eax = $r; var i; ";
- $js .= "for(i = 0; i <= $n; i++){ ";
- $js .= "$eax += i; ";
- $js .= "} ";
- $js .= "return $eax; ";
- break;
- }
-
- $js .= "} ";
- return $js;
-}
-
-/**
- * Takes: An array matching the form
- * Returns: The form code, with input elements disabled
- */
-function hashcash_disable_callback($matches){
- $text = $matches[0];
- return preg_replace('/<input([^>]*?id="(submit|author|email|url)")/si', '<input disabled="disabled"$1', $text);
-}
-
-/**
- * Takes: An array matching the form
- * Returns: The form code, with a protected by link
- */
-function hashcash_link_callback($matches){
- $text = $matches[0];
- $r = rand(0, 4);
- switch($r){
- case 0:
- return str_replace('</form>', '<p>Protected by <a href="http://elliottback.com/" title="Elliott Back\'s Antispam Protection">WP-Hashcash</a>.</p>' . "\n" . '</form>', $text);
- break;
- case 1:
- return str_replace('</form>', '<p><a href="http://elliottback.com/" title="Elliott Back">WP-Hashcash</a>: protecting you from spam.</p>' . "\n" . '</form>', $text);
- break;
- case 2:
- return str_replace('</form>', '<p>Powered by <a href="http://elliottback.com/" title="Elliott Back, Spam Protection">WP-Hashcash</a>.</p>' . "\n" . '</form>', $text);
- break;
- case 3:
- return str_replace('</form>', '<p>I\'m <a href="http://elliottback.com/" title="Elliott Back">WP-Hashcash</a>. I eat spam.</p>' . "\n" . '</form>', $text);
- break;
- case 4:
- return str_replace('</form>', '<p>What\'s a blog without spam? <a href="http://elliottback.com/" title="Elliott Back + Spam Protection">WP-Hashcash</a>.</p>' . "\n" . '</form>', $text);
- break;
- }
-}
-
-/**
- * Takes: An array matching the form
- * Returns: The form code, with a noscript attribution
- */
-function hashcash_script_callback($matches){
- $text = $matches[0];
- return str_replace('<form', '<noscript><p>WP-Hashcash by <a href="http://elliottback.com/" title="Elliott Back\'s Blog">Elliott Back</a> protects <strong>you</strong> from spam. Please enable javascript and reload this page to add your comment.</p></noscript>' . "\n" . '<form', $text);
-}
-
-/**
- * Takes: An array matching the form
- * Returns: The form code, with appropriate javascript action
- */
-function hashcash_add_action_callback($matches){
- global $hashcash_form_action;
- return str_replace('<form', '<form onsubmit="' . $hashcash_form_action . '(\'' . hashcash_special_code() . '\');" ', $matches[0]);
-}
-
-/**
- * Takes: A WordPress single page
- * Returns: The same page with a random hidden field and others added.
- * This is the workhorse of WP-Hashcash
- */
-function hashcash_add_hidden_tag($page) {
- global $posts, $single, $hashcash_form_action, $post;
-
- if ($single && $post->comment_status == 'open'){
- $field_id = hashcash_random_string(rand(6,18));
- $field_name = hashcash_random_string(rand(6,18));
- $hashcash_form_action = hashcash_random_string(rand(6,18));
- $md5_name = hashcash_random_string(rand(6,18));
- $val_name = hashcash_random_string(rand(6,18));
- $eElement = hashcash_random_string(rand(6,18));
- $in_str = hashcash_random_string(rand(6,18));
- $fn_enable_name = hashcash_random_string(rand(6,18));
-
- /**
- * 1) Hidden hashcode
- */
-
- // Write in hidden field
- $page = str_replace('<input type="hidden" name="comment_post_ID"', '<input type="hidden" id="' . $field_id . '" name="' . $field_name . '" value="' . rand(100, 99999999) . '" /> <input type="hidden" name="comment_post_ID"', $page);
-
- // The form action
- $page = preg_replace_callback('/<form[^>]*?' . HASHCASH_FORM_ACTION . '.*?<\/form>/si', 'hashcash_add_action_callback', $page);
-
- // The javascript
- $hashcash_bits = hashcash_get_md5_javascript($md5_name);
- $hashcash_bits [] = "function $hashcash_form_action($in_str){ "
- . "$eElement = document.getElementById(\"$field_id\"); "
- . "if(!$eElement){ return false; } else { $eElement" . ".name = $md5_name($in_str); $eElement" . ".value = $val_name(); return true; }}";
-
- $hashcash_bits [] = hashcash_field_value_js($val_name);
-
- /**
- * 2) Javascript enabled form fields
- */
-
- // Disable form fields
- $page = preg_replace_callback('/<form[^>]*?' . HASHCASH_FORM_ACTION . '.*?<\/form>/si', 'hashcash_disable_callback', $page);
-
- // Try to enable all form fields from javascript
- $fields = array('submit', 'author', 'email', 'url');
- $page = str_replace('<body', '<script language="Javascript">addLoadEvent( ' . $fn_enable_name . ' );</script><body', $page);
-
- $script = 'function ' . $fn_enable_name . '(){';
- shuffle($fields);
- foreach($fields as $field){
- $field_temp = hashcash_random_string(rand(6,18));
- $script .= "$field_temp = document.getElementById('$field'); if(!$field_temp){} else { $field_temp.disabled = false; } ";
- }
-
- // Other things that happen onload()
- $script .= "document.getElementById('" . HASHCASH_FORM_ID . "').style.display = 'block';";
-
- // Terminator
- $script .= '}';
- $hashcash_bits [] = $script;
-
- /**
- * 3) Hide form for non-users of javascript
- */
-
- $page = preg_replace_callback('/<form[^>]*?' . HASHCASH_FORM_ACTION . '.*?<\/form>/si', 'hashcash_script_callback', $page);
- $page = str_replace('</head>', '<style type="text/css">#' . HASHCASH_FORM_ID . '{ display: none; }</style>' . "\n" . '</head>', $page);
-
- /**
- * 4) Write all the javascript bits to various lines of <head>
- */
-
- shuffle($hashcash_bits);
- $js = '<script type="text/javascript">' . "\n"
- . '<!--' . "\n"
- . implode(" ", $hashcash_bits) . "\n"
- . '-->' . "\n"
- . '</script>' . "\n";
- $page = str_replace('</head>', $js . '</head>', $page);
-
- /**
- * 5) Powered by WP-Hashcash
- */
-
- if(HASHCASH_LINK)
- $page = preg_replace_callback('/<form[^>]*?' . HASHCASH_FORM_ACTION . '.*?<\/form>/si', 'hashcash_link_callback', $page);
- }
-
- return $page;
-}
-
-/**
- * Takes: <<void>>
- * Returns: Buffered page output w/ hashcash inserted
- */
-function hashcash_call_stopgap() {
- ob_start('hashcash_add_hidden_tag');
-}
-
-add_action('wp_head', 'hashcash_call_stopgap');
-
-/**
- * Takes: The text of a comment
- * Returns: <<void>>, writes comment to log
- */
-function write_comment_log($comment){
-
- /* Information to write to log */
- $user = array();
- $user[] = date("F j, Y, g:i a");
- $user[] = $_SERVER['REMOTE_ADDR'];
- $user[] = $_SERVER['HTTP_USER_AGENT'];
- $user[] = $_SERVER['HTTP_REFERER'];
- $user[] = $_POST['author'];
- $user[] = $_POST['email'];
- $user[] = $_POST['url'];
- $user[] = preg_replace('/[\n\r]+/','<br />', $comment);
- $user[] = $_POST['comment_post_ID'];
-
- $lines = join($user, "\n");
-
- /* In 1.5, use options. */
- $path = ABSPATH . "wp-content/plugins/wp-hashcash.log";
- if(get_bloginfo('version') < 1.5){
- /* Open the file */
- $file = fopen($path, 'a+');
- if(!$file) die("File \"$path\" failed to open");
-
- /* Save the log */
- $status = fwrite($file, "\n" . $lines);
-
- /* Close the file */
- fclose($file);
- if(!status) die("Spam-log write failed...");
-
- /* Read the file */
- $new = file($path);
- } else {
- add_option('wp_hashcash_log', '', 'Log option for the wp-hashcash plugin', 'no');
- $current = get_option('wp_hashcash_log');
- $new = $current . "\n" . $lines;
- update_option('wp_hashcash_log', $new);
- }
-
- /* If we're here, the file exists. Check size, email every 64kb */
- if( strlen($new) > HASHCASH_LOG_SIZE ) {
- $header = "<html><head><style>tr { margin: 0px 0px 5px 20px; }</style></head><body><h2>Spam Report:</h2>";
- $footer = "</body></html>";
-
- // Process log
- $log = $header;
- $i = false;
-
- $temp = explode("\n", $new);
-
- $count = count($temp) / 9;
- $log .= "<p>There were $count spam...</p>";
-
- // Table
- $log .= "<table>";
- for ($j = 0; $j < count($temp) - 1; $j++) {
- if ($i)
- $log .= '<tr style="background-color: #eee">';
- else
- $log .= '<tr>';
-
- $log .= "<td>";
- $log .= $temp[$j]; $j++;
- $log .= "<blockquote>";
- $log .= "<strong>IP:</strong> $temp[$j]<br />"; $j++;
- $log .= "<strong>User-Agent:</strong> $temp[$j]<br />"; $j++;
- $log .= "<strong>Referer:</strong> <a href=\"$temp[$j]\">$temp[$j]</a><br />"; $j++;
- $log .= "<strong>Author:</strong> $temp[$j]<br />"; $j++;
- $log .= "<strong>Email:</strong> <a href=\"mailto:$temp[$j]\">$temp[$j]</a><br />"; $j++;
- $log .= "<strong>URL:</strong> <a href=\"$temp[$j]\">$temp[$j]</a><br />"; $j++;
- $log .= "<br />";
- $log .= $temp[$j]; $j++;
- $log .= "<br /><br />";
- $log .= "on post <a href=\"" . get_settings('siteurl') . "/index.php?p=" . $temp[$j] . "\">" . $temp[$j] . "</a>";
- $log .= "</blockquote>";
- $log .="</td>";
- $log .= "</tr>";
- $i = !$i;
- }
- $log .= "</table>";
-
- // Footer
- $log .= $footer;
-
- // Send email
- $headers = "Content-type: text/html; charset=" . get_settings('blog_charset') . "\r\n";
- mail(get_settings('admin_email'), '[' . get_settings('blogname') . '] Spam Report', $log, $headers);
-
- // Clear file
- if(get_bloginfo('version') < 1.5){
- $file = fopen($path, 'w');
- if(!file){
- die("Unable to truncate old log file");
- } else{
- fclose($file);
- }
- } else {
- update_option('wp_hashcash_log', '');
- }
- }
-}
-
-/**
- * Takes: The text of a comment
- * Returns: The comment iff it matches the hidden md5'ed tag
- */
-function hashcash_check_hidden_tag($comment) {
- // Our special codes, fixed to check the previous hour
- $special = array();
-
- if(HASHCASH_PER_USER){
- $special[] = md5($_SERVER['REMOTE_ADDR'] . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a"));
- $special[] = md5($_SERVER['REMOTE_ADDR'] . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a", time()-(60*60)));
- $special[] = md5(strip_tags(session_id()) . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a"));
- $special[] = md5(strip_tags(session_id()) . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a", time()-(60*60)));
- } else {
- if(get_bloginfo('version') < 1.5){
- $special[] = md5(ABSPATH . get_bloginfo('version') . HASHCASH_PER_USER_RAND);
- } else {
- $special[] = md5(ABSPATH . get_bloginfo('version') . get_option('wp_hashcash_rand'));
- }
- }
-
- foreach($special as $val){
- if($_POST[md5($val)] == ($_POST['comment_post_ID'] * strlen(ABSPATH))){
- return $comment;
- }
- }
-
- // If here, the comment has failed the check
- if( HASHCASH_DEBUG )
- write_comment_log($comment);
-
- // Be more user friendly if we detect spam, and it sends a referer
- if(strlen(trim($_SERVER['HTTP_REFERER'])) > 0 && preg_match('|' . get_bloginfo('url') . '|i', $_SERVER['HTTP_REFERER']))
- echo '
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head profile="http://gmpg.org/xfn/11">
- <title>WP-Hashcash Check Failed</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
- <style type="text/css">
- body {
- font-family: Arial, Verdana, Helvetica;
- color: #3F3F3F;
- }
-
- h1 {
- margin: 0px;
- color: #6A8E1C;
- font-size: 1.8em;
- }
-
- a:link {
- color: #78A515;
- font-weight: bold;
- text-decoration: none;
- }
-
- a:visited { color: #999; }
-
- a:hover, a:active {
- background: #78A515;
- color: #fff;
- text-decoration: none;
- }
- </style>
- </head>
-
- <body>
- <div style="margin: 0 auto; margin-top:50px; padding: 20px; text-align: left; width: 400px; border: 1px solid #78A515;">
- <h1>WP-Hashcash Check Failed</h1>
-
- <p>Your client has failed to compute the special javascript hashcode required to comment on this blog.
- If you believe this to be in error, please contact the blog administrator, and check for javascript,
- validation, or php errors. It is also possible that you are trying to spam this blog.</p>
-
- <p>If you are using Google Web Accelerator, a proxy, or some other caching system, WP-Hashcash may not let you comment.
- There are known issues with caching that are fundamentally insoluble, because the page being written to you must be generated freshly.
- Turn off your caching software and reload the page. If you are using a proxy, commenting should work, but it is untested.</p>';
-
-/* Possible sources of error */
-
-if(!session_id()){
- echo '<p style="border: 2px solid red; color:red; padding:4px;">Unable to generate you a Session ID, falling back on your remote address,
-which appears to be ' . $_SERVER['REMOTE_ADDR'] . '. If this is not your remote address, this is the cause of the error.</p>';
-}
-
-if(!session_id() && strlen($_SERVER['REMOTE_ADDR']) < 1){
- echo '<p style="border: 2px solid red; color:red; padding:4px;">Your remote address is null.</p>';
-}
-
-if(!in_array($_POST['comment_post_ID'] * strlen(ABSPATH), $_POST)){
- echo '<p style="border: 2px solid red; color:red; padding:4px;">The value you submitted (' . $_POST[md5($val)] . ')
- is incorrect. Check the javascript to assure that the value part of the (hash, value) pair is being correctly
- generated.</p>';
-}
-
-$hashash = false;
-foreach($special as $spec){
- if(array_key_exists($spec, $_POST))
- $hashash = true;
-}
-
-if($hashash) {
- echo '<p style="border: 2px solid red; color:red; padding:4px;">The hash does not exist.
- Check the javascript to assure that the md5 hash part of the (hash, value) pair is
- being correctly generated.</p>';
-}
-
-if(WP_CACHE && HASHCASH_PER_USER){
- echo '<p style="border: 2px solid red; color:red; padding:4px;">WP-Cache is detected, but for
- some reason, HASHCASH_PER_USER is set to true.</p>';
-}
-
-echo' <p>This comment has been logged, and will not be displayed on the blog.</p>
- </div>
- </body>
-</html>';
-
- die();
-}
-
-add_filter('post_comment_text', 'hashcash_check_hidden_tag');
-
-}
-
-?>
generated by cgit (git 2.34.1) at 2024-06-07 22:57:08 +0000