[pLog-svn] r2474 - in plugins/trunk: . hotlinkprevention
hotlinkprevention/class hotlinkprevention/class/action
hotlinkprevention/class/security hotlinkprevention/class/view
hotlinkprevention/locale hotlinkprevention/templates
mark at devel.plogworld.net
mark at devel.plogworld.net
Fri Sep 16 06:39:34 GMT 2005
Author: mark
Date: 2005-09-16 06:39:33 +0000 (Fri, 16 Sep 2005)
New Revision: 2474
Added:
plugins/trunk/hotlinkprevention/
plugins/trunk/hotlinkprevention/class/
plugins/trunk/hotlinkprevention/class/action/
plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionconfigaction.class.php
plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionupdateconfigaction.class.php
plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionconfigaction.class.php
plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionupdateconfigaction.class.php
plugins/trunk/hotlinkprevention/class/security/
plugins/trunk/hotlinkprevention/class/security/hotlinkpreventionfilter.class.php
plugins/trunk/hotlinkprevention/class/view/
plugins/trunk/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php
plugins/trunk/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php
plugins/trunk/hotlinkprevention/locale/
plugins/trunk/hotlinkprevention/locale/locale_en_UK.php
plugins/trunk/hotlinkprevention/locale/locale_zh_TW.php
plugins/trunk/hotlinkprevention/pluginhotlinkprevention.class.php
plugins/trunk/hotlinkprevention/readme.txt
plugins/trunk/hotlinkprevention/templates/
plugins/trunk/hotlinkprevention/templates/globalhotlinkprevention.template
plugins/trunk/hotlinkprevention/templates/hotlinkprevention.template
Log:
Added: plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionconfigaction.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionconfigaction.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionconfigaction.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,27 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php" );
+
+ /**
+ * shows a form with the current configuration
+ */
+ class PluginGlobalHotlinkPreventionConfigAction extends AdminAction
+ {
+
+ function PluginGlobalHotlinkPreventionConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+ }
+
+ function perform()
+ {
+ $this->_view = new PluginGlobalHotlinkPreventionConfigView( $this->_blogInfo );
+
+ $this->setCommonData();
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionupdateconfigaction.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionupdateconfigaction.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/action/pluginglobalhotlinkpreventionupdateconfigaction.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,78 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+
+ /**
+ * updates the plugin configuration
+ */
+ class PluginGlobalHotlinkPreventionUpdateConfigAction extends AdminAction
+ {
+ var $_pluginEnabled;
+ var $_allowBlogOwnerOverride;
+ var $_fileExtensions;
+ var $_blankRefererEnabled;
+ var $_allowReferers;
+
+ function PluginGlobalHotlinkPreventionUpdateConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+
+ // for data validation purposes, fileExtensions can not be empty
+ $this->registerFieldValidator( "fileExtensions", new StringValidator());
+ $view = new PluginGlobalHotlinkPreventionConfigView( $this->_blogInfo );
+ $view->setErrorMessage( $this->_locale->tr("error_hotlinkprevention_fileextensions"));
+ $this->setValidationErrorView( $view );
+
+ // these fields do not need to be validated but should be there when we show the view once again
+ $this->registerField( "pluginEnabled" );
+ $this->registerField( "allowBlogOwnerOverride" );
+ $this->registerField( "blankRefererEnabled" );
+ $this->registerField( "allowReferers" );
+ }
+
+ function perform()
+ {
+ $this->_pluginEnabled = $this->_request->getValue( "pluginEnabled" );
+ $this->_pluginEnabled = ($this->_pluginEnabled != "" );
+ $this->_allowBlogOwnerOverride = $this->_request->getValue( "allowBlogOwnerOverride" );
+ $this->_allowBlogOwnerOverride = ($this->_allowBlogOwnerOverride != "" );
+ $this->_blankRefererEnabled = $this->_request->getValue( "blankRefererEnabled" );
+ $this->_blankRefererEnabled = ($this->_blankRefererEnabled != "" );
+ $this->_fileExtensions = $this->_request->getValue( "fileExtensions" );
+ $this->_allowReferers = $this->_request->getValue( "allowReferers" );
+
+ // update the plugin configurations to config
+ $config =& Config::getConfig();
+ $config->setValue( "plugin_globalhotlinkprevention_enabled", $this->_pluginEnabled );
+ $config->setValue( "plugin_globalhotlinkprevention_allowblogowneroverride", $this->_allowBlogOwnerOverride );
+ $config->setValue( "plugin_globalhotlinkprevention_fileextensions", $this->_fileExtensions );
+ $config->setValue( "plugin_globalhotlinkprevention_blankrefererenabled", $this->_blankRefererEnabled );
+ $config->setValue( "plugin_globalhotlinkprevention_allowreferers", $this->_allowReferers );
+
+ // save the config settings
+ if( !$config->save() ) {
+ $this->_view = new PluginGlobalHotlinkPreventionConfigView( $this->_blogInfo );
+ $this->_view->setErrorMessage( $this->_locale->tr("error_updating_settings"));
+ $this->setCommonData();
+
+ return false;
+ }
+
+ // if everything went ok...
+ $this->_session->setValue( "blogInfo", $this->_blogInfo );
+ $this->saveSession();
+
+ $this->_view = new PluginGlobalHotlinkPreventionConfigView( $this->_blogInfo );
+ $this->_view->setSuccessMessage( $this->_locale->tr("hotlinkprevention_settings_saved_ok"));
+ $this->setCommonData();
+
+ // clear the cache
+ CacheControl::resetBlogCache( $this->_blogInfo->getId());
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionconfigaction.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionconfigaction.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionconfigaction.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,27 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php" );
+
+ /**
+ * shows a form with the current configuration
+ */
+ class PluginHotlinkPreventionConfigAction extends AdminAction
+ {
+
+ function PluginHotlinkPreventionConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+ }
+
+ function perform()
+ {
+ $this->_view = new PluginHotlinkPreventionConfigView( $this->_blogInfo );
+
+ $this->setCommonData();
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionupdateconfigaction.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionupdateconfigaction.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/action/pluginhotlinkpreventionupdateconfigaction.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,76 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php" );
+ include_once( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+
+ /**
+ * updates the plugin configuration
+ */
+ class PluginHotlinkPreventionUpdateConfigAction extends AdminAction
+ {
+ var $_pluginEnabled;
+ var $_fileExtensions;
+ var $_blankRefererEnabled;
+ var $_allowReferers;
+
+ function PluginHotlinkPreventionUpdateConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+
+ // for data validation purposes, fileExtensions can not be empty
+ $this->registerFieldValidator( "fileExtensions", new StringValidator());
+ $view = new PluginHotlinkPreventionConfigView( $this->_blogInfo );
+ $view->setErrorMessage( $this->_locale->tr("error_hotlinkprevention_fileextensions"));
+ $this->setValidationErrorView( $view );
+
+ // these fields do not need to be validated but should be there when we show the view once again
+ $this->registerField( "pluginEnabled" );
+ $this->registerField( "blankRefererEnabled" );
+ $this->registerField( "allowReferers" );
+ }
+
+ function perform()
+ {
+ $this->_pluginEnabled = $this->_request->getValue( "pluginEnabled" );
+ $this->_pluginEnabled = ($this->_pluginEnabled != "" );
+ $this->_blankRefererEnabled = $this->_request->getValue( "blankRefererEnabled" );
+ $this->_blankRefererEnabled = ($this->_blankRefererEnabled != "" );
+ $this->_fileExtensions = $this->_request->getValue( "fileExtensions" );
+ $this->_allowReferers = $this->_request->getValue( "allowReferers" );
+
+ // update the plugin configurations to blog setting
+ $blogSettings = $this->_blogInfo->getSettings();
+ $blogSettings->setValue( "plugin_hotlinkprevention_enabled", $this->_pluginEnabled );
+ $blogSettings->setValue( "plugin_hotlinkprevention_fileextensions", $this->_fileExtensions );
+ $blogSettings->setValue( "plugin_hotlinkprevention_blankrefererenabled", $this->_blankRefererEnabled );
+ $blogSettings->setValue( "plugin_hotlinkprevention_allowreferers", $this->_allowReferers );
+ $this->_blogInfo->setSettings( $blogSettings );
+
+ // save the blogs settings
+ $blogs = new Blogs();
+ if( !$blogs->updateBlog( $this->_blogInfo->getId(), $this->_blogInfo )) {
+ $this->_view = new PluginHotlinkPreventionConfigView( $this->_blogInfo );
+ $this->_view->setErrorMessage( $this->_locale->tr("error_updating_settings"));
+ $this->setCommonData();
+
+ return false;
+ }
+
+ // if everything went ok...
+ $this->_blogInfo->setSettings( $blogSettings );
+ $this->_session->setValue( "blogInfo", $this->_blogInfo );
+ $this->saveSession();
+
+ $this->_view = new PluginHotlinkPreventionConfigView( $this->_blogInfo );
+ $this->_view->setSuccessMessage( $this->_locale->tr("hotlinkprevention_settings_saved_ok"));
+ $this->setCommonData();
+
+ // clear the cache
+ CacheControl::resetBlogCache( $this->_blogInfo->getId());
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/security/hotlinkpreventionfilter.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/security/hotlinkpreventionfilter.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/security/hotlinkpreventionfilter.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,112 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/security/pipelinefilter.class.php" );
+ include_once( PLOG_CLASS_PATH."class/net/client.class.php" );
+ include_once( PLOG_CLASS_PATH."class/misc/glob.class.php" );
+
+ // custom error code that will be returned to the pipeline whenever an
+ // error is found... Be careful so as to not to have two different modules
+ // use the same code!!
+ define( "HOTLINK_PREVENTION_MATCH_FOUND", 650 );
+
+ class HotlinkPreventionFilter extends PipelineFilter
+ {
+ function HotlinkPreventionFilter( $pipelineRequest )
+ {
+ $this->PipelineFilter( $pipelineRequest );
+ }
+
+ function filter()
+ {
+ // get some info
+ $blogInfo = $this->_pipelineRequest->getBlogInfo();
+ $request = $this->_pipelineRequest->getHttpRequest();
+
+ // load global configuration settings
+ $config =& Config::getConfig();
+ $globalPluginEnabled = $config->getValue( "plugin_globalhotlinkprevention_enabled" );
+ $globalFileExtensions = $config->getValue( "plugin_globalhotlinkprevention_fileextensions" );
+ $globalBlankRefererEnabled = $config->getValue( "plugin_globalhotlinkprevention_blankrefererenabled" );
+ $globalAllowReferers = $config->getValue( "plugin_globalhotlinkprevention_allowreferers" );
+
+ // load blog configuration settings
+ $blogSettings = $blogInfo->getSettings();
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_enabled" ) ) {
+ $pluginEnabled = $blogSettings->getValue( "plugin_hotlinkprevention_enabled" );
+ } else {
+ $pluginEnabled = $globalPluginEnabled;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_fileextensions" ) ) {
+ $fileExtensions = $blogSettings->getValue( "plugin_hotlinkprevention_fileextensions" );
+ } else {
+ $fileExtensions = $globalFileExtensions;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_blankrefererenabled" ) ) {
+ $blankRefererEnabled = $blogSettings->getValue( "plugin_hotlinkprevention_blankrefererenabled" );
+ } else {
+ $blankRefererEnabled = $globalBlankRefererEnabled;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_allowreferers" ) ) {
+ $allowReferers = $blogSettings->getValue( "plugin_hotlinkprevention_allowreferers" );
+ } else {
+ $allowReferers = $globalAllowReferers;
+ }
+
+ // check if this section has been enabled or disabled
+ if( !$pluginEnabled) {
+ // if not, nothing to do here...
+ $result = new PipelineResult();
+ return $result;
+ }
+
+ // we only have to filter the contents if the user is posting a comment
+ // so there's no point in doing anything else if that's not the case
+ if( $request->getValue( "op" ) != "ResourceServer" ) {
+ $result = new PipelineResult();
+ return $result;
+ }
+
+ // text and topic of the comment
+ $referer = $_SERVER['HTTP_REFERER'];
+ $fileName = $request->getValue( "resource" );
+ $allowRefererFound = false;
+
+ if ($referer == "" && !$blankRefererEnabled) {
+ $result = new PipelineResult( false, HOTLINK_PREVENTION_MATCH_FOUND, "error_hotlinkprevention_referer_banned" );
+ return $result;
+ } elseif ($referer == "" && $blankRefererEnabled) {
+ $allowRefererFound = true;
+ } else {
+ foreach(explode( "\r\n", $allowReferers ) as $allowReferer ) {
+ trim($allowReferer);
+ if( $allowReferer != "" && $allowReferer != "\r\n" && $allowReferer != "\r" && $allowReferer != "\n" ) {
+ if( strstr( $referer, $allowReferer )) {
+ $allowRefererFound = true;
+ break;
+ }
+ }
+ }
+ }
+
+ if ($allowRefererFound) {
+ $result = new PipelineResult();
+ return $result;
+ } else {
+ foreach(explode( " ", $fileExtensions ) as $fileExtension ) {
+ trim($fileExtension);
+ if( $fileExtension != "" && $fileExtension != " " ) {
+ if( Glob::myFnmatch( $fileExtension, $fileName )) {
+ $result = new PipelineResult( false, HOTLINK_PREVENTION_MATCH_FOUND, "error_hotlinkprevention_referer_banned" );
+ return $result;
+ }
+ }
+ }
+ $result = new PipelineResult();
+ return $result;
+ }
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/view/pluginglobalhotlinkpreventionconfigview.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,41 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+
+ /**
+ * implements the main view of the feed reader plugin
+ */
+ class PluginGlobalHotlinkPreventionConfigView extends AdminPluginTemplatedView
+ {
+
+ function PluginGlobalHotlinkPreventionConfigView( $blogInfo )
+ {
+ $this->AdminPluginTemplatedView( $blogInfo, "hotlinkprevention", "globalhotlinkprevention" );
+ }
+
+ function render()
+ {
+ // load some configuration settings
+ $config =& Config::getConfig();
+ $pluginEnabled = $config->getValue( "plugin_globalhotlinkprevention_enabled" );
+ $allowBlogOwnerOverride = $config->getValue( "plugin_globalhotlinkprevention_allowblogowneroverride" );
+ $fileExtensions = $config->getValue( "plugin_globalhotlinkprevention_fileextensions" );
+ if ($fileExtensions == "") $fileExtensions = "*.*";
+ $blankRefererEnabled = $config->getValue( "plugin_globalhotlinkprevention_blankrefererenabled" );
+ $allowReferers = $config->getValue( "plugin_globalhotlinkprevention_allowreferers" );
+ if ($allowReferers == "") {
+ $rg =& RequestGenerator::getRequestGenerator( $blogInfo );
+ $allowReferers = $rg->getBaseUrl();
+ }
+
+ // create a view and export the settings to the template
+ $this->setValue( "pluginEnabled", $pluginEnabled );
+ $this->setValue( "allowBlogOwnerOverride", $allowBlogOwnerOverride );
+ $this->setValue( "fileExtensions", $fileExtensions );
+ $this->setValue( "blankRefererEnabled", $blankRefererEnabled );
+ $this->setValue( "allowReferers", $allowReferers );
+
+ parent::render();
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/class/view/pluginhotlinkpreventionconfigview.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,60 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+
+ /**
+ * implements the main view of the feed reader plugin
+ */
+ class PluginHotlinkPreventionConfigView extends AdminPluginTemplatedView
+ {
+
+ function PluginHotlinkPreventionConfigView( $blogInfo )
+ {
+ $this->AdminPluginTemplatedView( $blogInfo, "hotlinkprevention", "hotlinkprevention" );
+ }
+
+ function render()
+ {
+ // load global configuration settings
+ $config =& Config::getConfig();
+ $globalPluginEnabled = $config->getValue( "plugin_globalhotlinkprevention_enabled" );
+ $globalFileExtensions = $config->getValue( "plugin_globalhotlinkprevention_fileextensions" );
+ $globalBlankRefererEnabled = $config->getValue( "plugin_globalhotlinkprevention_blankrefererenabled" );
+ $globalAllowReferers = $config->getValue( "plugin_globalhotlinkprevention_allowreferers" );
+
+ // load blog configuration settings
+ $blogSettings = $this->_blogInfo->getSettings();
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_enabled" ) ) {
+ $pluginEnabled = $blogSettings->getValue( "plugin_hotlinkprevention_enabled" );
+ } else {
+ $pluginEnabled = $globalPluginEnabled;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_fileextensions" ) ) {
+ $fileExtensions = $blogSettings->getValue( "plugin_hotlinkprevention_fileextensions" );
+ } else {
+ $fileExtensions = $globalFileExtensions;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_blankrefererenabled" ) ) {
+ $blankRefererEnabled = $blogSettings->getValue( "plugin_hotlinkprevention_blankrefererenabled" );
+ } else {
+ $blankRefererEnabled = $globalBlankRefererEnabled;
+ }
+
+ if ( $blogSettings->keyExists( "plugin_hotlinkprevention_allowreferers" ) ) {
+ $allowReferers = $blogSettings->getValue( "plugin_hotlinkprevention_allowreferers" );
+ } else {
+ $allowReferers = $globalAllowReferers;
+ }
+
+ // create a view and export the settings to the template
+ $this->setValue( "pluginEnabled", $pluginEnabled );
+ $this->setValue( "fileExtensions", $fileExtensions );
+ $this->setValue( "blankRefererEnabled", $blankRefererEnabled );
+ $this->setValue( "allowReferers", $allowReferers );
+
+ parent::render();
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/locale/locale_en_UK.php
===================================================================
--- plugins/trunk/hotlinkprevention/locale/locale_en_UK.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/locale/locale_en_UK.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,40 @@
+<?php
+$messages["manageSecurityPlugins"] = "Security Management";
+$messages["HotlinkPrevention"] = "Hotlink Prevention";
+$messages["globalHotlinkPrevention"] = "Global Hotlink Prevention";
+
+$messages["hotlinkprevention_plugin"] = "Hotlink Prevention Plugin";
+$messages["hotlinkprevention_plugin_enabled"] = "Enable this plugin";
+$messages["hotlinkprevention_plugin_global_enabled"] = "Enable this plugin. The settings will apply to all users.";
+$messages["hotlinkprevention_plugin_allowblogowneroverride"] = "Allow user to config his own Hotlink Prevention settings.";
+$messages["hotlinkprevention_blankrefererenabled"] = "Allow blank referer.";
+$messages["hotlinkprevention_allowreferers"] = "Allow referer lists. It is a white list, only the url list here can hotlink to your resource.";
+$messages["hotlinkprevention_fileextensions"] = "Mamaged file extension lists. It is a white list, only the file extension list here protected by this plugin.";
+
+$messages["hotlinkprevention_settings_saved_ok"] = "Hotlink Prevention settings saved successfully!";
+$messages["error_hotlinkprevention_fileextensions"] = "File extensions shouldn't be empty!";
+
+$messages["label_configuration"] = "Configuration";
+$messages["label_enable"] = "Enable";
+$messages["label_allowblogowneroverride"] = "Allow Blog Owner Override";
+$messages["label_blankrefererenable"] = "Blank Referer";
+$messages["label_allowreferers"] = "Referer Lists";
+$messages["label_fileextensions"] = "Managed File Extension Lists";
+
+
+$messages["manageRecentPlugins"] = "Security Management";
+$messages["RecentComments"] = "Recent Comments";
+$messages["recentcomments"] = "Recent Comments";
+$messages["view_comment_by"] = "View comment by %s";
+
+$messages["recentcomments_maxcomments"] = "Maximum Showed Comments";
+$messages["recentcomments_plugin_enabled"] = "Enable this plugin";
+$messages["recentcomments_plugin"] = "Recent Comments Plugin";
+
+$messages["recentcomments_settings_saved_ok"] = "Recent Comments settings saved successfully!";
+$messages["recentcomments_error_maxcomments"] = "Maximum Showed Comments Should > 0!";
+
+$messages["label_configuration"] = "Configuration";
+$messages["label_enable"] = "Enable";
+$messages["label_maxcomments"] = "Max Comments";
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/locale/locale_zh_TW.php
===================================================================
--- plugins/trunk/hotlinkprevention/locale/locale_zh_TW.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/locale/locale_zh_TW.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,23 @@
+<?php
+$messages["manageSecurityPlugins"] = "網誌安全管理";
+$messages["HotlinkPrevention"] = "防止盜連設定";
+$messages["globalHotlinkPrevention"] = "全域防止盜連設定";
+
+$messages["hotlinkprevention_plugin"] = "防止盜連外掛程式";
+$messages["hotlinkprevention_plugin_enabled"] = "啟動外掛程式";
+$messages["hotlinkprevention_plugin_global_enabled"] = "啟動外掛程式。此設定將應用到所有使用者,成為所有使用者的外掛程式預設值。";
+$messages["hotlinkprevention_plugin_allowblogowneroverride"] = "允許使用者自行設定本外掛程式。";
+$messages["hotlinkprevention_blankrefererenabled"] = "允許逆向連結為空白值。";
+$messages["hotlinkprevention_allowreferers"] = "允許逆向連結列表。此表為正向表列,列在下列表中的網站將可以直接連結你的資源;沒有列在下方的網站將無法連結你的資源。";
+$messages["hotlinkprevention_fileextensions"] = "管制擴充檔名列表。此表為正向表列,列在下方的擴充檔名將受本外掛程式的管制;沒有列在下方的擴充檔名將可以讓其他網站任意連結。";
+
+$messages["hotlinkprevention_settings_saved_ok"] = "防止盜連設定儲存成功。";
+$messages["error_hotlinkprevention_fileextensions"] = "擴充檔名不可為空白!";
+
+$messages["label_configuration"] = "設定";
+$messages["label_enable"] = "啟動";
+$messages["label_allowblogowneroverride"] = "使用者設定";
+$messages["label_blankrefererenable"] = "空白逆向連結";
+$messages["label_allowreferers"] = "逆向連結列表";
+$messages["label_fileextensions"] = "擴充檔名";
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/pluginhotlinkprevention.class.php
===================================================================
--- plugins/trunk/hotlinkprevention/pluginhotlinkprevention.class.php 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/pluginhotlinkprevention.class.php 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,52 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
+ include_once( PLOG_CLASS_PATH."class/plugin/pluginmanager.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/hotlinkprevention/class/security/hotlinkpreventionfilter.class.php" );
+
+ /**
+ * Plugin that offers features to return a recent article comments from the current blog
+ */
+ class PluginHotlinkPrevention extends PluginBase
+ {
+ var $pluginEnabled;
+ var $allowBlogOwnerOverride;
+
+ function PluginHotlinkPrevention()
+ {
+ $this->PluginBase();
+
+ $this->id = "hotlinkprevention";
+ $this->author = "Mark Wu";
+ $this->desc = "This plugin offers the hotlink prevention to resource.";
+
+ $config =& Config::getConfig();
+ $this->pluginEnabled = $config->getValue( "plugin_globalhotlinkprevention_enabled" );
+ $this->allowBlogOwnerOverride = $config->getValue( "plugin_globalhotlinkprevention_allowblogowneroverride" );
+
+ $this->locales = Array( "en_UK" , "zh_TW" );
+
+ $this->init();
+ }
+
+ function init()
+ {
+ // we only need to register a filter
+ $this->registerFilter( "HotlinkPreventionFilter" );
+
+ $this->registerAdminAction( "globalHotlinkPrevention", "PluginGlobalHotlinkPreventionConfigAction" );
+ $this->registerAdminAction( "updateGlobalHotlinkPreventionConfig", "PluginGlobalHotlinkPreventionUpdateConfigAction" );
+ $this->registerAdminAction( "hotlinkprevention", "PluginHotlinkPreventionConfigAction" );
+ $this->registerAdminAction( "updateHotlinkPreventionConfig", "PluginHotlinkPreventionUpdateConfigAction" );
+
+ $this->addMenuEntry( "/menu/adminSettings/GlobalSettings", "globalHotlinkPrevention", "?op=globalHotlinkPrevention", "" );
+
+ if($this->pluginEnabled && $this->allowBlogOwnerOverride) {
+ $menu =& Menu::getMenu();
+ if( !$menu->entryExists( "/menu/controlCenter/manageSecurityPlugins" ))
+ $this->addMenuEntry( "/menu/controlCenter", "manageSecurityPlugins", "", "", true, false );
+ $this->addMenuEntry( "/menu/controlCenter/manageSecurityPlugins", "HotlinkPrevention", "?op=hotlinkprevention", "" );
+ }
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/readme.txt
===================================================================
--- plugins/trunk/hotlinkprevention/readme.txt 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/readme.txt 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,30 @@
+Plugin: Hotlink Prevention
+Author: Mark Wu
+License: CC-SA-NC
+Restriction: CAN'T USE THIS PLUGIN IN COMMERCIAL PURPOSE OR ENVIRONMENT. If you want to use this plugin in commercial purpose or environment, just donate US$ 20 to pLog team or me. I'll grant the permission to you after I got the donation.
+Release Date: 2005/09/16
+Version: 1.0
+
+This plugin offers the most powerful hotlink prevention for your resource. Usage as follow:
+
+Install:
+========
+1. Install this plugin to your ./plugins folder
+2. Site owner can reach the control panel through "Admin Settings >> Global Settings >> Hotlink Prevention"
+3. Blog owner can reach the control panel through "Control Center >> Security Management >> Hotlink Prevention"
+
+Hotlink Prevention Algorithm:
+=============================
+1. Check the request referer.
+ - If the referer is blank, check the "blankrefererenabled" parameter is enable or not. - If "blankrefererenabled" parameter enabled, go to step 3. if disabled, banned the request.
+ - If the referer is not blank, go to step 2.
+2. Check the request referer is available in allow referer list or not.
+ - If yes, return the request content to user.
+ - If not, go to step 3.
+3. Check the file extension is protected or not.
+ - If yes, banned the request.
+ - If not, return the request content to user.
+
+Notice:
+=======
+If you found this plugin is useful, please kindly make donation to pLog project or myself (Mark).
\ No newline at end of file
Added: plugins/trunk/hotlinkprevention/templates/globalhotlinkprevention.template
===================================================================
--- plugins/trunk/hotlinkprevention/templates/globalhotlinkprevention.template 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/templates/globalhotlinkprevention.template 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,55 @@
+{include file="$admintemplatepath/header.template"}
+{include file="$admintemplatepath/navigation.template" showOpt=globalHotlinkPrevention title=$locale->tr("hotlinkprevention_plugin")}
+<form name="globalHotlinkPreventionPluginConfig" method="post">
+ <fieldset class="inputField">
+ <legend>{$locale->tr("label_configuration")}</legend>
+ {include file="$admintemplatepath/successmessage.template"}
+ {include file="$admintemplatepath/errormessage.template"}
+ <div class="field">
+ <label for="pluginEnabled">{$locale->tr("label_enable")}</label>
+ <span class="required"></span>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="pluginEnabled" id="pluginEnabled" {if $pluginEnabled} checked="checked" {/if} value="1" />{$locale->tr("hotlinkprevention_plugin_global_enabled")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="allowBlogOwnerOverride">{$locale->tr("label_allowblogowneroverride")}</label>
+ <span class="required"></span>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="allowBlogOwnerOverride" id="allowBlogOwnerOverride" {if $allowBlogOwnerOverride} checked="checked" {/if} value="1" />{$locale->tr("hotlinkprevention_plugin_allowblogowneroverride")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="blankRefererEnabled">{$locale->tr("label_blankrefererenable")}</label>
+ <span class="required"></span>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="blankRefererEnabled" id="blankRefererEnabled" {if $blankRefererEnabled} checked="checked" {/if} value="1" />{$locale->tr("hotlinkprevention_blankrefererenabled")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="allowReferers">{$locale->tr("label_allowreferers")}</label>
+ <span class="required">*</span>
+ <div class="formHelp">{$locale->tr("hotlinkprevention_allowreferers")}</div>
+ <textarea rows="5" id="allowReferers" name="allowReferers" style="width:100%">{$allowReferers}</textarea>
+ </div>
+
+ <div class="field">
+ <label for="fileExtensions">{$locale->tr("label_fileextensions")}</label>
+ <span class="required">*</span>
+ <div class="formHelp">{$locale->tr("hotlinkprevention_fileextensions")}</div>
+ <input class="text" type="text" name="fileExtensions" id="fileExtensions" value="{$fileExtensions}" width="10" />
+ </div>
+
+ </fieldset>
+
+ <div class="buttons">
+ <input type="hidden" name="op" value="updateGlobalHotlinkPreventionConfig" />
+ <input type="reset" name="{$locale->tr("reset")}" />
+ <input type="submit" name="{$locale->tr("update_settings")}" value="{$locale->tr("update")}" />
+ </div>
+</form>
+{include file="$admintemplatepath/footernavigation.template"}
+{include file="$admintemplatepath/footer.template"}
Added: plugins/trunk/hotlinkprevention/templates/hotlinkprevention.template
===================================================================
--- plugins/trunk/hotlinkprevention/templates/hotlinkprevention.template 2005-09-15 20:01:57 UTC (rev 2473)
+++ plugins/trunk/hotlinkprevention/templates/hotlinkprevention.template 2005-09-16 06:39:33 UTC (rev 2474)
@@ -0,0 +1,47 @@
+{include file="$admintemplatepath/header.template"}
+{include file="$admintemplatepath/navigation.template" showOpt=HotlinkPrevention title=$locale->tr("hotlinkprevention_plugin")}
+<form name="hotlinkpreventionPluginConfig" method="post">
+ <fieldset class="inputField">
+ <legend>{$locale->tr("label_configuration")}</legend>
+ {include file="$admintemplatepath/successmessage.template"}
+ {include file="$admintemplatepath/errormessage.template"}
+ <div class="field">
+ <label for="pluginEnabled">{$locale->tr("label_enable")}</label>
+ <span class="required"></span>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="pluginEnabled" id="pluginEnabled" {if $pluginEnabled} checked="checked" {/if} value="1" />{$locale->tr("hotlinkprevention_plugin_enabled")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="blankRefererEnabled">{$locale->tr("label_blankrefererenable")}</label>
+ <span class="required"></span>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="blankRefererEnabled" id="blankRefererEnabled" {if $blankRefererEnabled} checked="checked" {/if} value="1" />{$locale->tr("hotlinkprevention_blankrefererenabled")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="allowReferers">{$locale->tr("label_allowreferers")}</label>
+ <span class="required">*</span>
+ <div class="formHelp">{$locale->tr("hotlinkprevention_allowreferers")}</div>
+ <textarea rows="5" id="allowReferers" name="allowReferers" style="width:100%">{$allowReferers}</textarea>
+ </div>
+
+ <div class="field">
+ <label for="fileExtensions">{$locale->tr("label_fileextensions")}</label>
+ <span class="required">*</span>
+ <div class="formHelp">{$locale->tr("hotlinkprevention_fileextensions")}</div>
+ <input class="text" type="text" name="fileExtensions" id="fileExtensions" value="{$fileExtensions}" width="10" />
+ </div>
+
+ </fieldset>
+
+ <div class="buttons">
+ <input type="hidden" name="op" value="updateHotlinkPreventionConfig" />
+ <input type="reset" name="{$locale->tr("reset")}" />
+ <input type="submit" name="{$locale->tr("update_settings")}" value="{$locale->tr("update")}" />
+ </div>
+</form>
+{include file="$admintemplatepath/footernavigation.template"}
+{include file="$admintemplatepath/footer.template"}
More information about the pLog-svn
mailing list