[pLog-svn] r3822 - plugins/trunk

Paul Westbrook paul at westbrooks.org
Sat Jul 29 20:45:41 GMT 2006 

Hello,
    It is not strictly required.  The javascript adds extra  
authentication to form submissions and adds a cookie.  This helps  
prevent the same HTTP POST request from being reused over and over  
again.

    But if the cookie is not present, or if the form doesn't have the  
extra field, the request will not automatically be rejected.

--paul


On Jul 29, 2006, at 7:40 AM, Glen Stansberry wrote:

> Is the
>      {if !empty($badbehavior)}
>       {$badbehavior->showBB2JavaScript()}
>     {/if}
>
> in the header.template required?
>
> Glen
>
> On 7/29/06, Mark Wu <markplace at gmail.com> wrote:
> Great .. :)
>
> Then, I think bad-behavior 2 is ready for production use.
>
> Mark
>
> > -----Original Message-----
> > From: plog-svn-bounces at devel.lifetype.net
> > [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
> > Paul Westbrook
> > Sent: Saturday, July 29, 2006 3:00 PM
> > To: plog-svn at devel.lifetype.net
> > Subject: Re: [pLog-svn] r3822 - plugins/trunk
> >
> > Hello,
> >     This change looks good, it works well for me.
> >
> > It appears that the new version of Bad behavior doesn't block
> > my scripts that use curl.
> >
> > --Paul
> >
> >
> > On Jul 28, 2006, at 9:03 PM, Mark Wu wrote:
> >
> > > Hi Paul:
> > >
> > > I think it fixed in  3822.
> > >
> > > Can you try it?
> > >
> > > BTW, does the dad-behavior block any normal request? I remember  
> you
> > > said long time ago, the bad-behvior will block the reuqest that  
> you
> > > did by curl.
> > > Is the new version still block that request?
> > >
> > > Mark
> > >
> > >> -----Original Message-----
> > >> From: plog-svn-bounces at devel.lifetype.net
> > >> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
> > >> mark at devel.lifetype.net
> > >> Sent: Saturday, July 29, 2006 11:11 AM
> > >> To: plog-svn at devel.lifetype.net
> > >> Subject: [pLog-svn] r3822 - plugins/trunk
> > >>
> > >> Author: mark
> > >> Date: 2006-07-29 03:10:29 +0000 (Sat, 29 Jul 2006) New
> > Revision: 3822
> > >>
> > >> Modified:
> > >>    plugins/trunk/bad- behavior-lifetype.php
> > >> Log:
> > >> Add a new definition BB2_DEFAULT_LOG_TABLE for user to change the
> > >> table easily.
> > >>
> > >> Modified: plugins/trunk/bad-behavior-lifetype.php
> > >>  
> ===================================================================
> > >> --- plugins/trunk/bad-behavior-lifetype.php        2006-07-28
> > >> 19:03:02 UTC (rev 3821)
> > >> +++ plugins/trunk/bad- behavior-lifetype.php        2006-07-29
> > >> 03:10:29 UTC (rev 3822)
> > >> @@ -23,13 +23,14 @@
> > >>    // This file is the entry point for Bad Behavior in LifeType.
> > >>
> > >>    if (!defined('PLOG_CLASS_PATH')) die('No cheating!');
> > >> -
> > >> +
> > >>    // Timer start
> > >>    $bb2_mtime = explode(" ", microtime());
> > >>    $bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
> > >>
> > >>    define('BB2_CWD', PLOG_CLASS_PATH . "plugins/badbehavior/" );
> > >>    define('BB2_EMERGENCY_EMAIL', "admin at yourblog.com" );
> > >> +  define('BB2_DEFAULT_LOG_TABLE', "bad_behavior" );
> > >>
> > >>    // Bad Behavior callback functions.
> > >>
> > >> @@ -95,7 +96,7 @@
> > >>        include_once(
> > >> PLOG_CLASS_PATH."class/config/config.class.php" );
> > >>            $config =& Config::getConfig();
> > >>            $prefix = Db::getPrefix();
> > >> -          $logTable = $config->getValue( 'bb2_log_table',
> > >> 'bad_behavior' );
> > >> +          $logTable = $config->getValue( 'bb2_log_table',
> > >> BB2_DEFAULT_LOG_TABLE
> > >> +);
> > >>            $displayStats = $config->getValue(
> > 'bb2_display_stats', true );
> > >>            $strict = $config->getValue( 'bb2_strict', false );
> > >>            $verbose = $config->getValue( 'bb2_verbose',
> > false ); @@ -112,7
> > >> +113,7 @@
> > >>    function bb2_write_settings($settings) {
> > >>        include_once(
> > >> PLOG_CLASS_PATH."class/config/config.class.php" );
> > >>            $config =& Config::getConfig();
> > >> -          $config->setValue( 'bb2_log_table',
> > >> $settings['log_table'] );
> > >> +          $config->setValue( 'bb2_log_table',
> > >> BB2_DEFAULT_LOG_TABLE );
> > >>            $config->setValue( 'bb2_display_stats',
> > $settings['display_stats']
> > >> );
> > >>            $config->setValue( 'bb2_strict', $settings 
> ['strict'] );
> > >>            $config->setValue( 'bb2_verbose',
> > >> $settings['verbose'] );
> > >>
> > >> _______________________________________________
> > >> pLog-svn mailing list
> > >> pLog-svn at devel.lifetype.net
> > >> http://devel.lifetype.net/mailman/listinfo/plog-svn
> > >
> > > _______________________________________________
> > > pLog-svn mailing list
> > > pLog-svn at devel.lifetype.net
> > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > >
> >
> > --
> > Paul Westbrook
> > paul at westbrooks.org
> > <http://www.westbrooks.org>
> >
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn

--
Paul Westbrook
paul at westbrooks.org
<http://www.westbrooks.org>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http:// devel.lifetype.net/pipermail/plog-svn/attachments/20060729/78b9d38d/attachment.html

More information about the pLog-svn mailing list