Check-in [42cf69cf05]
Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Prevent garbage filltext spam |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
42cf69cf052d4ad5dc2a7b67756459db |
| User & Date: | mario 2021-05-27 14:55:07 |
Context
|
2021-05-27
| ||
| 15:17 | Rephrase notes in "Publish" section. (Note that multiple edits are possible, instead of offputting "proofread". And it's IndieAuth/OpenID now.) check-in: c12e389b5a user: mario tags: trunk | |
| 14:55 | Prevent garbage filltext spam check-in: 42cf69cf05 user: mario tags: trunk | |
|
2021-04-05
| ||
| 08:27 | Fix forum (PHP7.4 compat for Parsedown, stray empty name= in template, didn't test for emtpy lastInsertedId) check-in: 42ca3b7d11 user: mario tags: trunk | |
Changes
Changes to aux.php.
| ︙ | ︙ | |||
39 40 41 42 43 44 45 |
#-- Template helpers
// Wrap tag list into links
function wrap_tags($tags, $r="") {
foreach (str_getcsv($tags) as $id) {
$id = trim($id);
| | | 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
#-- Template helpers
// Wrap tag list into links
function wrap_tags($tags, $r="") {
foreach (str_getcsv($tags) as $id) {
$id = trim($id);
$r .= "<a class=p-category href=\"/search?tag=$id\">$id </a>";
}
return $r;
}
// Return DAY MONTH and TIME or YEAR for older entries
function date_fmt($time) {
$lastyear = time() - $time > 250*24*3600;
|
| ︙ | ︙ | |||
324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 |
// server ENV already contained Apache unique request id etc.
$id = sha1(serialize($_SERVER->__vars));
$store[$id] = time() + 3600; // timeout
return "<input type=hidden name=.ct value=$id>";
}
}
/**
* Trivial check against well-known project spam.
*
*/
function data_blacklisted($release) {
$rules = array(
"summary" => "/wilmix/i",
"submitter" => "/wilmix|jemin/i",
| > > > > > > > > > > > > > > > > | | | | 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 |
// server ENV already contained Apache unique request id etc.
$id = sha1(serialize($_SERVER->__vars));
$store[$id] = time() + 3600; // timeout
return "<input type=hidden name=.ct value=$id>";
}
}
/**
* Detect "AEipUedocbyWuDKj, UKcPXdlZWwRea, bAfqstVUhGImr" garbage submissions in multiple fields.
*
*/
function random_text_spam($release, $count=0) {
$rx = "/^\s* (?=(.*[A-Z\d]+.*){3,}) (?=(.*[a-z]+.*){3,}) \w{5,20} \s*$/x";
$fields = ["name", "title", "description", "tags", "version", "changes", "urls", "autoupdate_regex", "submitter", "lock", "summary"];
foreach ($fields as $field) {
if (preg_match($rx, $release[$field])) {
$count++;
}
}
return $count >= 5;
}
/**
* Trivial check against well-known project spam.
*
*/
function data_blacklisted($release) {
$rules = array(
"summary" => "/wilmix/i",
"submitter" => "/wilmix|jemin/i",
"homepage" => "~webixytech.com|wilmix|zeesmovie|softwarereviews|diclofenac|viagra|\/\/buy-|fmeextensions|creditloans|casino|cashapp|quickbooks~i",
"urls" => "~[gjch]dollar|wilmix~i",
"name" => "/DOLLAR|JDollar|Jehovah|Millionaire *s/",
"description" => "/invented by|viagra|levitra|tetracycline*s|quickbooks|wilmix|productcustomization|creditloans|web(site)? development (company|service)|<a href=\"/i",
);
foreach ($rules as $field => $rx) {
if (preg_match($rx, $release[$field])) {
return TRUE;
}
}
return random_text_spam($release) or false;
}
#-- Some string parsing
|
| ︙ | ︙ |