[pLog-svn] r3822 - plugins/trunk
Paul Westbrook
paul at westbrooks.org
Sat Jul 29 20:45:41 GMT 2006
Hello,
It is not strictly required. The javascript adds extra
authentication to form submissions and adds a cookie. This helps
prevent the same HTTP POST request from being reused over and over
again.
But if the cookie is not present, or if the form doesn't have the
extra field, the request will not automatically be rejected.
--paul
On Jul 29, 2006, at 7:40 AM, Glen Stansberry wrote:
> Is the
> {if !empty($badbehavior)}
> {$badbehavior->showBB2JavaScript()}
> {/if}
>
> in the header.template required?
>
> Glen
>
> On 7/29/06, Mark Wu <markplace at gmail.com> wrote:
> Great .. :)
>
> Then, I think bad-behavior 2 is ready for production use.
>
> Mark
>
> > -----Original Message-----
> > From: plog-svn-bounces at devel.lifetype.net
> > [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
> > Paul Westbrook
> > Sent: Saturday, July 29, 2006 3:00 PM
> > To: plog-svn at devel.lifetype.net
> > Subject: Re: [pLog-svn] r3822 - plugins/trunk
> >
> > Hello,
> > This change looks good, it works well for me.
> >
> > It appears that the new version of Bad behavior doesn't block
> > my scripts that use curl.
> >
> > --Paul
> >
> >
> > On Jul 28, 2006, at 9:03 PM, Mark Wu wrote:
> >
> > > Hi Paul:
> > >
> > > I think it fixed in 3822.
> > >
> > > Can you try it?
> > >
> > > BTW, does the dad-behavior block any normal request? I remember
> you
> > > said long time ago, the bad-behvior will block the reuqest that
> you
> > > did by curl.
> > > Is the new version still block that request?
> > >
> > > Mark
> > >
> > >> -----Original Message-----
> > >> From: plog-svn-bounces at devel.lifetype.net
> > >> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
> > >> mark at devel.lifetype.net
> > >> Sent: Saturday, July 29, 2006 11:11 AM
> > >> To: plog-svn at devel.lifetype.net
> > >> Subject: [pLog-svn] r3822 - plugins/trunk
> > >>
> > >> Author: mark
> > >> Date: 2006-07-29 03:10:29 +0000 (Sat, 29 Jul 2006) New
> > Revision: 3822
> > >>
> > >> Modified:
> > >> plugins/trunk/bad- behavior-lifetype.php
> > >> Log:
> > >> Add a new definition BB2_DEFAULT_LOG_TABLE for user to change the
> > >> table easily.
> > >>
> > >> Modified: plugins/trunk/bad-behavior-lifetype.php
> > >>
> ===================================================================
> > >> --- plugins/trunk/bad-behavior-lifetype.php 2006-07-28
> > >> 19:03:02 UTC (rev 3821)
> > >> +++ plugins/trunk/bad- behavior-lifetype.php 2006-07-29
> > >> 03:10:29 UTC (rev 3822)
> > >> @@ -23,13 +23,14 @@
> > >> // This file is the entry point for Bad Behavior in LifeType.
> > >>
> > >> if (!defined('PLOG_CLASS_PATH')) die('No cheating!');
> > >> -
> > >> +
> > >> // Timer start
> > >> $bb2_mtime = explode(" ", microtime());
> > >> $bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
> > >>
> > >> define('BB2_CWD', PLOG_CLASS_PATH . "plugins/badbehavior/" );
> > >> define('BB2_EMERGENCY_EMAIL', "admin at yourblog.com" );
> > >> + define('BB2_DEFAULT_LOG_TABLE', "bad_behavior" );
> > >>
> > >> // Bad Behavior callback functions.
> > >>
> > >> @@ -95,7 +96,7 @@
> > >> include_once(
> > >> PLOG_CLASS_PATH."class/config/config.class.php" );
> > >> $config =& Config::getConfig();
> > >> $prefix = Db::getPrefix();
> > >> - $logTable = $config->getValue( 'bb2_log_table',
> > >> 'bad_behavior' );
> > >> + $logTable = $config->getValue( 'bb2_log_table',
> > >> BB2_DEFAULT_LOG_TABLE
> > >> +);
> > >> $displayStats = $config->getValue(
> > 'bb2_display_stats', true );
> > >> $strict = $config->getValue( 'bb2_strict', false );
> > >> $verbose = $config->getValue( 'bb2_verbose',
> > false ); @@ -112,7
> > >> +113,7 @@
> > >> function bb2_write_settings($settings) {
> > >> include_once(
> > >> PLOG_CLASS_PATH."class/config/config.class.php" );
> > >> $config =& Config::getConfig();
> > >> - $config->setValue( 'bb2_log_table',
> > >> $settings['log_table'] );
> > >> + $config->setValue( 'bb2_log_table',
> > >> BB2_DEFAULT_LOG_TABLE );
> > >> $config->setValue( 'bb2_display_stats',
> > $settings['display_stats']
> > >> );
> > >> $config->setValue( 'bb2_strict', $settings
> ['strict'] );
> > >> $config->setValue( 'bb2_verbose',
> > >> $settings['verbose'] );
> > >>
> > >> _______________________________________________
> > >> pLog-svn mailing list
> > >> pLog-svn at devel.lifetype.net
> > >> http://devel.lifetype.net/mailman/listinfo/plog-svn
> > >
> > > _______________________________________________
> > > pLog-svn mailing list
> > > pLog-svn at devel.lifetype.net
> > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > >
> >
> > --
> > Paul Westbrook
> > paul at westbrooks.org
> > <http://www.westbrooks.org>
> >
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Paul Westbrook
paul at westbrooks.org
<http://www.westbrooks.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http:// devel.lifetype.net/pipermail/plog-svn/attachments/20060729/78b9d38d/attachment.html
More information about the pLog-svn
mailing list