Extension:Check Spambots/functions.php
From MediaWiki.org
This code is from it-mate.co.uk and is unmodified. See Extension:Check Spambots for full installation instructions.
functions.php [edit]
<?php // ************************************************************** // File: functions.php // Purpose: Contains functions used by Spambot Search Tool // Author: MysteryFCM // Support: http://mysteryfcm.co.uk/?mode=Contact // http://forum.hosts-file.net/viewforum.php?f=68 // http://www.temerc.com/forums/viewforum.php?f=71 // Last modified: 19-06-2009 // ************************************************************** // Determine if a URL is online or not // // Returns true if headers contain 200, otherwise returns false // // I'd originally written it to use is_array() aswell, to ensure // the headers returned were an array as expected, but that borked // for some reason. function isURLOnline($sSiteToCheck){ if(phpversion() > "5.2"){ if(function_exists('get_headers')==True && ini_get('allow_url_fopen') == true){ $sIUOTemp = @get_headers($sSiteToCheck); if($sIUOTemp == ''){ return True; // Assume it's online even when nothing is returned }else{ if(strpos($sIUOTemp[0], '200') == true){ return True; }else{ return False; } } }else{ return True; // Assume true if we can't check it ....... } }else{ return True; // get_headers apparently isn't available in PHP4 } } // Gets a URL's content // // If file_get_contents() is available, use that, otherwise use cURL // // I don't unfortunately know of a way of determining whether cURL is available // without trying to actually use it, as function_exists() doesn't seem to work // with it. Instead check_spammers.php and check_spammers_plain use curl_version() !=='Array' // until a better method is found. function getURL($sURL){ if(isURLOnline($sURL) == false){ $sURLTemp = 'Unable to connect to server'; return $sURLTemp; }else{ if(function_exists('file_get_contents') && ini_get('allow_url_fopen') == true){ // Use file_get_contents $sURLTemp = @file_get_contents($sURL); }else{ // Use cURL (if available) $curl = @curl_init(); curl_setopt($curl, CURLOPT_URL, $sURL); curl_setopt($curl, CURLOPT_VERBOSE, 1); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); $sURLTemp = @curl_exec($curl); curl_close($curl); } return $sURLTemp; } //echo 'DEBUG: $sURLTemp: '.$sURLTemp.'<br/>'; } // Determines if e-mail passed, is valid // // Returns false if no @ is present // Returns false if domain does not resolve to an IP // function IsValidEmail($sMailToCheck){ // Check it's an e-mail address if(strpos($sMailToCheck, '@') ==True){ // Check the domain part has at least one period, and it resolves to an IP (it's invalid if it doesn't) if(strpos($sMailToCheck, '.') ==True){ $sMailDomain = explode('@', $sMailToCheck); if(gethostbynamel($sMailDomain) == $sMailDomain){ return false; }else{ return true; } }else{ return false; } }else{ return false; } } // Determines if passed IP is valid // // Thanks to Mike @ BotScout (botscout.com) for this function // // http://botscout.com/forum/index.php/topic,2.msg128.html#msg128 // function IsvalidIP($ip){ if(preg_match("'\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b'", $ip)){ return true; }else{ return false; } } // Increase our counter if a match to a known spammer // function IncreaseCatchCount(){ if(!file_exists('./counter.txt')==true){ // Okay, lets try and copy the sample file if(file_exists('./counter.sample.txt')==true){ if(!copy('./counter.sample.txt', './counter.txt')){ die('counter.sample.txt and counter.txt are missing. Please restore these files'); } }else{ die('counter.sample.txt is missing, I need this to create counter.txt unless you are going to create it yourself?'); } } if(function_exists('file_put_contents')==True && ini_get('allow_url_fopen') == true){ $spambot_counter = file_get_contents('counter.txt'); // If the counter.txt file has just been created, it won't contain anything so set it to 1 if($spambot_counter ==''){ $spambot_counter='1'; }else{ $spambot_counter = $spambot_counter+1; // Increase it's count + 1 } file_put_contents('counter.txt',$spambot_counter); return true; }else{ return false; } } // Display number of spammers caught // // Requires: // // $m_opt = Whether we're displaying from DB or counter.txt // // From counter.txt : F_TEXT // From database : F_DB // // // Usage: // // $l_ret = GetSpammerCount("F_TEXT"); // function GetSpammerCount($m_opt){ if($m_opt=='F_TEXT'){ if(file_exists('./counter.txt')==True && function_exists('file_get_contents')==True && ini_get('allow_url_fopen')==True){ $l_ret = file_get_contents('counter.txt'); } if($l_ret==''){ $l_ret='0'; } }else{ // Display from MySQL count include('config.php'); $conSBST = mysql_connect($dbShost,$dbSusername,$dbSpassword); if(!$conSBST){ return $l_ret; }else{ $m_ret = mysql_select_db($dbSname); if(!$m_ret=="0"){ $sSQL = 'SELECT fldspammer_id From tblspammers'; $sQuery = mysql_query($sSQL, $conSBST); if($sQuery){ $l_ret = mysql_num_rows($sQuery); } } mysql_close($conSBST); } } if($l_ret==''){$l_ret="0";} return $l_ret; } // Used to increment and log spammers to text file (if enabled) // // Requires: // // $sLogPath = Path to the folder you'd like the text files created // $sLDB = Database the spammer was listed in (fSpamList, StopForumSpam, SpamCop etc) // $sLName = Spammers username // $sLIP = Spammers IP address // $sLMail = Spammers e-mail address // // Usage: // // $lRet = LogSpammerToFile('./spambots/', 'fSpamList', 'volter', '123.123.123.123', 'spammer@email.com') // function LogSpammerToFile($sLogPath, $sLDB, $sLName, $sLIP, $sLMail){ if(file_exists($sLogPath) == false){ return false; } if(function_exists('file_put_contents')==false){ echo 'You\'ve asked me to dump the results to text file, but file_put_contents is not available. Please enable it or disable dumping to a text file'; return false; } if(ini_get('allow_url_fopen') == false){ echo 'Unable to save to file, allow_url_fopen is disabled on this server'; return false; } // We need a spammer database if($sLDB==''){ return false; }else{ // // bs_ = BotScout // fsl_ = fSpamlist // sfs_ = StopForumSpam // php_ = ProjectHoneyPot // sorbs_ = Sorbs // spamhaus_ = SpamHaus // scop_ = SpamCop // drone_ = DroneBL // und_ = Undisposable.net switch($sLDB){ case "BotScout"; $sSpamDB ='bs_'; break; case "fSpamlist"; $sSpamDB ='fsl_'; break; case "StopForumSpam"; $sSpamDB ='sfs_'; break; case "ProjectHoneyPot"; $sSpamDB ='php_'; break; case "Sorbs"; $sSpamDB ='sorbs_'; break; case "SpamHaus"; $sSpamDB ='spamhaus_'; break; case "SpamCop"; $sSpamDB ='scop_'; break; case "DroneBL"; $sSpamDB ='drone_'; break; case "Undisposable.net"; $sSpamDB ='und_'; break; case "AHBL"; $sSpamDB ='ahbl_'; break; } // If any of the vars are empty, change them to "NULL" if($sLName==''){$sLName='NULL';} if($sLIP==''){$sLIP='NULL';} if($sLMail==''){$sLMail='NULL';} // Since our text files are created using the e-mail address as part of the name // we can't have an empty e-mail address, or it's not going to work is it? // // In this case, we'll skip the text files creation if($sLMail !='NULL'){ $file = str_replace('*', '', $sLMail); if(file_exists($sLogPath.$sSpamDB.$file.'.txt')){ $spambot_old_info = file_get_contents($sLogPath.$sSpamDB.$file.'.txt'); $spambot_old_info = explode(',',$spambot_old_info); $spambot_old_info[2] = $spambot_old_info[2]+1; // Increase count $spambot_old_info = implode(',',$spambot_old_info); if(ini_get('allow_url_fopen') == true){ file_put_contents($sLogPath.$sSpamDB.$file.'.txt',$spambot_old_info); } }else{ $spambot_info = $sLIP.','.$sLName.',1'; if(ini_get('allow_url_fopen') == true){ file_put_contents($sLogPath.$sSpamDB.$file.'.txt',$spambot_info); } } // End if(file_exists($sLogPath.$sSpamDB.$file.'.txt')) return true; }else{ return false; } } } // Log spammer to database (if enabled) // // Requires: // // $host = MySQL server (e.g. localhost, 192.168.0.10 etc) // $dbname = Database to use (e.g. Spambots) // $username = Your MySQL username // $password = Your MySQL password // $spamdb = Database the spammer is listed in (e.g. fSpamlist) // $spammername = Spammers username // $spammerip = Spammers IP // $spammeremail = Spammers email address // // Usage: // // $lRet = LogSpammerToDB('localhost', 'SBST', 'root', '12345password', 'fSpamlist', 'volter', '123.123.123.123', 'spammer@email.com') // function LogSpammerToDB($host, $dbname, $username, $password, $spamdb, $spammername, $spammerip, $spammeremail){ // We need a host, database, username and password, if they're missing, return false if($host=='' || $dbname=='' || $username=='' || $password==''){ return false; } $conSBST = mysql_connect($host, $username, $password); if(!$conSBST){ return false; }else{ // Check our database exists shall we? $ret = mysql_select_db($dbname); if($ret == "0"){ // Okay, lets try and create it then .... $ret = CreateDatabase($host, $username, $password, $dbname); $ret = mysql_select_db($dbname); if($ret == "0"){ mysql_close($conSBST); return false; } } // Change empty vars to "NULL" if($spammername==''){$spammername='NULL';} if($spammerip==''){$spammerip='NULL';} if($spammeremail==''){$spammeremail='NULL';} // Trim anything that could screw with the SQL $spammername=str_replace(array("0x", ",", "%", "'","\r\n", "\r", "\n"), "", $spammername); $spammername=mysql_real_escape_string($spammername); $spammerip=str_replace(array("0x", ",", "%", "'","\r\n", "\r", "\n"), "", $spammerip); $spammerip=mysql_real_escape_string($spammerip); $spammeremail=str_replace(array("0x", ",", "%", "'","\r\n", "\r", "\n"), "", $spammeremail); $spammeremail=mysql_real_escape_string($spammeremail); $bAddNewSpammer='ADD'; // Check to see if our spammer already exists (compares username/IP/E-mail AND the database they are listed in, returns false if only one matches) $sSQL = "SELECT fldspammer_id, fldspammer_name, fldspammer_count, fldspammer_ip, fldspammer_mail FROM tblspammers WHERE fldspammer_name='$spammername' OR fldspammer_ip='$spammerip' OR fldspammer_mail='$spammeremail' AND flddb_matched='$spamdb'"; $sQuery = mysql_query($sSQL, $conSBST); if(!$sQuery){ die(mysql_error()); }else{ $num = mysql_num_rows($sQuery); while ($row = mysql_fetch_array($sQuery)) { $bAddNewSpammer=$row['fldspammer_id']; $lSpammerCount=$row['fldspammer_count']; } } if($bAddNewSpammer=='ADD'){ // ADD SPAMMER $sDate = date("YmdHis", time()); $sSQL = "INSERT INTO tblspammers (fldspammer_name, fldspammer_ip, fldspammer_mail, flddb_matched, fldspammer_count, fldadded) VALUES('$spammername', '$spammerip', '$spammeremail', '$spamdb', '1','$sDate')"; if(!mysql_query($sSQL, $conSBST)){ die(mysql_error()); } }else{ // UPDATE SPAMMER $lSpammerCount = $lSpammerCount+1; $sSQL = "UPDATE tblspammers SET fldspammer_count='$lSpammerCount' WHERE fldspammer_id='$bAddNewSpammer'"; if(!mysql_query($sSQL, $conSBST)){ die(mysql_error()); } } mysql_close($conSBST); return true; } } // Create the SBST database and table if it doesn't exist // // Requires: // // $host = MySQL server (e.g. localhost) // $username = MySQL Username (e.g. SBSTUser) // $password = MySQL password // $dbname = Database to create (e.g. SBST) // // Usage: // // $ret = CreateDatabase('localhost', 'sbstuser', 'sbst1234', 'SBST'); // if($ret == "0"){ // echo 'I couldn\'t create the SBST database, something went wrong ....'; // mysql_close($conSBST); // } // // function CreateDatabase($host, $username, $password, $dbname){ $conSBST = mysql_connect($host,$username,$password); if(!$conSBST){ return false; }else{ // Create the database if it doesn't exist if (!mysql_query("CREATE DATABASE ".$dbname,$conSBST)){ return mysql_error(); } // Create table if it doesn't exist mysql_select_db($dbname, $conSBST); $sSQL = "CREATE TABLE IF NOT EXISTS tblspammers ( fldspammer_id int NOT NULL AUTO_INCREMENT, PRIMARY KEY(fldspammer_id), fldspammer_name varchar(255), fldspammer_ip varchar(15), fldspammer_mail varchar(255), flddb_matched varchar(255), fldadded DATE, fldspammer_count int )"; // Execute query if(!mysql_query($sSQL,$conSBST)){ return mysql_error(); } // ******************************** // Not currently required // ******************************** // Create counter table //mysql_select_db($dbname, $conSBST); //$sSQL = "CREATE TABLE IF NOT EXISTS tblspamcount(fldspam_count int)"; // Execute query //if(!mysql_query($sSQL,$conSBST)){ // return mysql_error(); //} // Cleanup if(!mysql_close($conSBST)){ return mysql_error(); } // Finish return true; } }
