[pLog-svn] r4036 - plugins/trunk/badbehavior
Jon Daley
plogworld at jon.limedaley.com
Mon Sep 25 10:56:50 GMT 2006
Yeah, I guess you are right - the problem is that because it lists
dynamic ips for other reasons, unsuspecting people get hit when their ip
changes. I had a friend get on the xbl-sbl (really on the cbl) the other
day because he got someone else's ip when his router changed addresses. I
don't know how to do this correctly - does badbehavior block based on the
xbl on the first POST request? It probably should do some sort of scoring
mechanism like spamassassin does.
On Sun, 24 Sep 2006, Paul Westbrook wrote:
> Hello,
> It doesn't look like sbl-xbl returns results for dynamic ip addresses:
> http://www.spamhaus.org/xbl/index.lasso
>
> It is very easy to add dnsbl results to not be rejected, if we want to.
>
> --Paul
>
>
> On Sep 24, 2006, at 4:54 PM, Jon Daley wrote:
>
>> That sounds good - sbl-xbl also has dynamic addresses.
>>
>> On Sun, 24 Sep 2006, Paul Westbrook wrote:
>>
>>> Hello,
>>> I have integrated the 2.0.6 with the version that is checked in, so those
>>> checks are disabled.
>>>
>>> The blacklists that are configured are sbl-xbl.spamhaus.org,
>>> nsbl.sorbs.net, list.dsbl.org, opm.blitzed.org. But Bad Behavior has been
>>> configured not to reject posts from sorbs.net from dynamic IP addresses.
>>>
>>>
>>> --Paul
>>>
>>>
>>> On Sep 24, 2006, at 3:37 PM, Jon Daley wrote:
>>>
>>>> Sure. Note the one or two changes that we made to disable a couple
>>>> checks that don't work on Lifetype. I did the one javascript cached
>>>> thing, and in the same file I believe there is another test commented
>>>> out.
>>>> Which blacklists does it use? We should be conservative, I think -
>>>> there isn't much more annoying than having legitimate users blocked.
>>>> On Sun, 24 Sep 2006, Paul Westbrook wrote:
>>>>> Hello,
>>>>> Bad Behavior has been updated to 2.0.6, which now uses dns blacklists.
>>>>> Would you like me to check in this updated version?
>>>>> --Paul
>>>>> On Sep 24, 2006, at 4:33 AM, jondaley at devel.lifetype.net wrote:
>>>>>> Author: jondaley
>>>>>> Date: 2006-09-24 11:33:16 +0000 (Sun, 24 Sep 2006)
>>>>>> New Revision: 4036
>>>>>> Modified:
>>>>>> plugins/trunk/badbehavior/index.inc.php
>>>>>> Log:
>>>>>> removed extra new line from end of file - wasn't causing me any
>>>>>> trouble, but maybe elena. Also stripped dos linefeeds
>>>>>> Modified: plugins/trunk/badbehavior/index.inc.php
>>>>>> ===================================================================
>>>>>> --- plugins/trunk/badbehavior/index.inc.php 2006-09-23 20:41:57
>>>>>> UTC (rev 4035)
>>>>>> +++ plugins/trunk/badbehavior/index.inc.php 2006-09-24 11:33:16
>>>>>> UTC (rev 4036)
>>>>>> @@ -1,161 +1,161 @@
>>>>>> -<?php
>>>>>> - /*
>>>>>> - http://blog.markplace.net
>>>>>> - - Bad Behavior - LifeType Plugin
>>>>>> - Copyright (C) 2006 Mark Wu http://blog.markplace.net
>>>>>> - - This program is free software; you can redistribute it and/or
>>>>>> modify
>>>>>> - it under the terms of the GNU General Public License as published by
>>>>>> - the Free Software Foundation; either version 2 of the License, or
>>>>>> - (at your option) any later version.
>>>>>> - - This program is distributed in the hope that it will be
>>>>>> useful,
>>>>>> - but WITHOUT ANY WARRANTY; without even the implied warranty of
>>>>>> - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>>>>>> - GNU General Public License for more details.
>>>>>> - - You should have received a copy of the GNU General Public
>>>>>> License
>>>>>> - along with this program; if not, write to the Free Software
>>>>>> - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
>>>>>> - */
>>>>>> - - // This file is the entry point for Bad Behavior in LifeType.
>>>>>> -
>>>>>> - if (!defined('PLOG_CLASS_PATH')) die('No cheating!');
>>>>>> - - // Timer start
>>>>>> - $bb2_mtime = explode(" ", microtime());
>>>>>> - $bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
>>>>>> -
>>>>>> - define('BB2_CWD', PLOG_CLASS_PATH . "plugins/badbehavior/" );
>>>>>> - define('BB2_EMERGENCY_EMAIL', "admin at yourblog.com" );
>>>>>> - define('BB2_DEFAULT_LOG_TABLE', "bad_behavior" );
>>>>>> -
>>>>>> - // Bad Behavior callback functions.
>>>>>> - - // Return current time in the format preferred by your
>>>>>> database.
>>>>>> - function bb2_db_date() {
>>>>>> - return gmdate('Y-m-d H:i:s');
>>>>>> - }
>>>>>> - - // Return affected rows from most recent query.
>>>>>> - function bb2_db_affected_rows() {
>>>>>> - include_once( PLOG_CLASS_PATH."class/database/db.class.php"
>>>>>> );
>>>>>> - $db =& Db::getDb();
>>>>>> - - return $db->Affected_Rows();
>>>>>> - }
>>>>>> - - // Escape a string for database usage
>>>>>> - function bb2_db_escape($string) {
>>>>>> - include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> -
>>>>>> - return Db::qstr($string);
>>>>>> - }
>>>>>> - - // Return the number of rows in a particular query.
>>>>>> - function bb2_db_num_rows($result) {
>>>>>> - return $result->RecordCount();
>>>>>> - }
>>>>>> -
>>>>>> - // Run a query and return the results, if any.
>>>>>> - // Should return FALSE if an error occurred.
>>>>>> - function bb2_db_query($query) {
>>>>>> - include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> - $db =& Db::getDb();
>>>>>> -
>>>>>> - $result = $db->Execute( $query );
>>>>>> - - if (!$result)
>>>>>> - return FALSE;
>>>>>> -
>>>>>> - return $result;
>>>>>> - }
>>>>>> -
>>>>>> - // Return all rows in a particular query.
>>>>>> - // Should contain an array of all rows generated by calling
>>>>>> mysql_fetch_assoc()
>>>>>> - // or equivalent and appending the result of each call to an array.
>>>>>> - function bb2_db_rows($result) {
>>>>>> - $rows = array();
>>>>>> - while( $row = $result->FetchRow()) {
>>>>>> - $rows[] = $row;
>>>>>> - }
>>>>>> -
>>>>>> - return $rows;
>>>>>> - }
>>>>>> - - // Return emergency contact email address.
>>>>>> - function bb2_email() {
>>>>>> - return BB2_EMERGENCY_EMAIL;
>>>>>> - }
>>>>>> -
>>>>>> - // retrieve settings from lifetype config
>>>>>> - function bb2_read_settings() {
>>>>>> - include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> - include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> - $config =& Config::getConfig();
>>>>>> - $prefix = Db::getPrefix();
>>>>>> - $logTable = $config->getValue( 'bb2_log_table',
>>>>>> BB2_DEFAULT_LOG_TABLE );
>>>>>> - $displayStats = $config->getValue( 'bb2_display_stats', true
>>>>>> );
>>>>>> - $strict = $config->getValue( 'bb2_strict', false );
>>>>>> - $verbose = $config->getValue( 'bb2_verbose', false );
>>>>>> - $isInstalled = $config->getValue( 'bb2_installed', false );
>>>>>> - - return array('log_table' => $prefix .
>>>>>> $logTable,
>>>>>> - 'display_stats' => $displayStats,
>>>>>> - 'strict' => $strict,
>>>>>> - 'verbose' => $verbose,
>>>>>> - 'is_installed' => $isInstalled );
>>>>>> - }
>>>>>> - - // write settings to lifetype config
>>>>>> - function bb2_write_settings($settings) {
>>>>>> - include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> - $config =& Config::getConfig();
>>>>>> - $config->setValue( 'bb2_log_table', BB2_DEFAULT_LOG_TABLE );
>>>>>> - $config->setValue( 'bb2_display_stats',
>>>>>> $settings['display_stats'] );
>>>>>> - $config->setValue( 'bb2_strict', $settings['strict'] );
>>>>>> - $config->setValue( 'bb2_verbose', $settings['verbose'] );
>>>>>> - $config->setValue( 'bb2_installed', $settings['is_installed']
>>>>>> );
>>>>>> - $config->save();
>>>>>> - }
>>>>>> - - // installation
>>>>>> - function bb2_install() {
>>>>>> - $settings = bb2_read_settings();
>>>>>> - if( $settings['is_installed'] == false )
>>>>>> - {
>>>>>> - bb2_db_query(bb2_table_structure($settings['log_table']));
>>>>>> - $settings['is_installed'] = true;
>>>>>> - bb2_write_settings( $settings );
>>>>>> - }
>>>>>> - }
>>>>>> - - // Return the top-level relative path of wherever we are (for
>>>>>> cookies)
>>>>>> - function bb2_relative_path() {
>>>>>> - include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> - $config =& Config::getConfig();
>>>>>> - - $url = parse_url( $config->getValue(
>>>>>> 'base_url' ) );
>>>>>> - if( empty($url['path']) )
>>>>>> - return '/';
>>>>>> - else {
>>>>>> - if( substr( $url['path'], -1, 1 ) == '/' )
>>>>>> - return $url['path'];
>>>>>> - else
>>>>>> - return $url['path'] . '/';
>>>>>> - }
>>>>>> - }
>>>>>> - - // Load Bad Behavior Core
>>>>>> - require_once(BB2_CWD . "bad-behavior/core.inc.php");
>>>>>> - bb2_install();
>>>>>> - $settings = bb2_read_settings();
>>>>>> - bb2_start($settings);
>>>>>> -
>>>>>> - // Time Stop
>>>>>> - $bb2_mtime = explode(" ", microtime());
>>>>>> - $bb2_timer_stop = $bb2_mtime[1] + $bb2_mtime[0];
>>>>>> - $bb2_timer_total = $bb2_timer_stop - $bb2_timer_start;
>>>>>> -?>
>>>>>> +<?php
>>>>>> + /*
>>>>>> + http://blog.markplace.net
>>>>>> + + Bad Behavior - LifeType Plugin
>>>>>> + Copyright (C) 2006 Mark Wu http://blog.markplace.net
>>>>>> + + This program is free software; you can redistribute it and/or
>>>>>> modify
>>>>>> + it under the terms of the GNU General Public License as published by
>>>>>> + the Free Software Foundation; either version 2 of the License, or
>>>>>> + (at your option) any later version.
>>>>>> + + This program is distributed in the hope that it will be
>>>>>> useful,
>>>>>> + but WITHOUT ANY WARRANTY; without even the implied warranty of
>>>>>> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>>>>>> + GNU General Public License for more details.
>>>>>> + + You should have received a copy of the GNU General Public
>>>>>> License
>>>>>> + along with this program; if not, write to the Free Software
>>>>>> + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
>>>>>> + */
>>>>>> + + // This file is the entry point for Bad Behavior in LifeType.
>>>>>> +
>>>>>> + if (!defined('PLOG_CLASS_PATH')) die('No cheating!');
>>>>>> + + // Timer start
>>>>>> + $bb2_mtime = explode(" ", microtime());
>>>>>> + $bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
>>>>>> +
>>>>>> + define('BB2_CWD', PLOG_CLASS_PATH . "plugins/badbehavior/" );
>>>>>> + define('BB2_EMERGENCY_EMAIL', "admin at yourblog.com" );
>>>>>> + define('BB2_DEFAULT_LOG_TABLE', "bad_behavior" );
>>>>>> +
>>>>>> + // Bad Behavior callback functions.
>>>>>> + + // Return current time in the format preferred by your
>>>>>> database.
>>>>>> + function bb2_db_date() {
>>>>>> + return gmdate('Y-m-d H:i:s');
>>>>>> + }
>>>>>> + + // Return affected rows from most recent query.
>>>>>> + function bb2_db_affected_rows() {
>>>>>> + include_once( PLOG_CLASS_PATH."class/database/db.class.php"
>>>>>> );
>>>>>> + $db =& Db::getDb();
>>>>>> + + return $db->Affected_Rows();
>>>>>> + }
>>>>>> + + // Escape a string for database usage
>>>>>> + function bb2_db_escape($string) {
>>>>>> + include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> +
>>>>>> + return Db::qstr($string);
>>>>>> + }
>>>>>> + + // Return the number of rows in a particular query.
>>>>>> + function bb2_db_num_rows($result) {
>>>>>> + return $result->RecordCount();
>>>>>> + }
>>>>>> +
>>>>>> + // Run a query and return the results, if any.
>>>>>> + // Should return FALSE if an error occurred.
>>>>>> + function bb2_db_query($query) {
>>>>>> + include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> + $db =& Db::getDb();
>>>>>> +
>>>>>> + $result = $db->Execute( $query );
>>>>>> + + if (!$result)
>>>>>> + return FALSE;
>>>>>> +
>>>>>> + return $result;
>>>>>> + }
>>>>>> +
>>>>>> + // Return all rows in a particular query.
>>>>>> + // Should contain an array of all rows generated by calling
>>>>>> mysql_fetch_assoc()
>>>>>> + // or equivalent and appending the result of each call to an array.
>>>>>> + function bb2_db_rows($result) {
>>>>>> + $rows = array();
>>>>>> + while( $row = $result->FetchRow()) {
>>>>>> + $rows[] = $row;
>>>>>> + }
>>>>>> +
>>>>>> + return $rows;
>>>>>> + }
>>>>>> + + // Return emergency contact email address.
>>>>>> + function bb2_email() {
>>>>>> + return BB2_EMERGENCY_EMAIL;
>>>>>> + }
>>>>>> +
>>>>>> + // retrieve settings from lifetype config
>>>>>> + function bb2_read_settings() {
>>>>>> + include_once( PLOG_CLASS_PATH."class/database/db.class.php" );
>>>>>> + include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> + $config =& Config::getConfig();
>>>>>> + $prefix = Db::getPrefix();
>>>>>> + $logTable = $config->getValue( 'bb2_log_table',
>>>>>> BB2_DEFAULT_LOG_TABLE );
>>>>>> + $displayStats = $config->getValue( 'bb2_display_stats', true
>>>>>> );
>>>>>> + $strict = $config->getValue( 'bb2_strict', false );
>>>>>> + $verbose = $config->getValue( 'bb2_verbose', false );
>>>>>> + $isInstalled = $config->getValue( 'bb2_installed', false );
>>>>>> + + return array('log_table' => $prefix .
>>>>>> $logTable,
>>>>>> + 'display_stats' => $displayStats,
>>>>>> + 'strict' => $strict,
>>>>>> + 'verbose' => $verbose,
>>>>>> + 'is_installed' => $isInstalled );
>>>>>> + }
>>>>>> + + // write settings to lifetype config
>>>>>> + function bb2_write_settings($settings) {
>>>>>> + include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> + $config =& Config::getConfig();
>>>>>> + $config->setValue( 'bb2_log_table', BB2_DEFAULT_LOG_TABLE );
>>>>>> + $config->setValue( 'bb2_display_stats',
>>>>>> $settings['display_stats'] );
>>>>>> + $config->setValue( 'bb2_strict', $settings['strict'] );
>>>>>> + $config->setValue( 'bb2_verbose', $settings['verbose'] );
>>>>>> + $config->setValue( 'bb2_installed', $settings['is_installed']
>>>>>> );
>>>>>> + $config->save();
>>>>>> + }
>>>>>> + + // installation
>>>>>> + function bb2_install() {
>>>>>> + $settings = bb2_read_settings();
>>>>>> + if( $settings['is_installed'] == false )
>>>>>> + {
>>>>>> + bb2_db_query(bb2_table_structure($settings['log_table']));
>>>>>> + $settings['is_installed'] = true;
>>>>>> + bb2_write_settings( $settings );
>>>>>> + }
>>>>>> + }
>>>>>> + + // Return the top-level relative path of wherever we are (for
>>>>>> cookies)
>>>>>> + function bb2_relative_path() {
>>>>>> + include_once( PLOG_CLASS_PATH."class/config/config.class.php" );
>>>>>> + $config =& Config::getConfig();
>>>>>> + + $url = parse_url( $config->getValue(
>>>>>> 'base_url' ) );
>>>>>> + if( empty($url['path']) )
>>>>>> + return '/';
>>>>>> + else {
>>>>>> + if( substr( $url['path'], -1, 1 ) == '/' )
>>>>>> + return $url['path'];
>>>>>> + else
>>>>>> + return $url['path'] . '/';
>>>>>> + }
>>>>>> + }
>>>>>> + + // Load Bad Behavior Core
>>>>>> + require_once(BB2_CWD . "bad-behavior/core.inc.php");
>>>>>> + bb2_install();
>>>>>> + $settings = bb2_read_settings();
>>>>>> + bb2_start($settings);
>>>>>> +
>>>>>> + // Time Stop
>>>>>> + $bb2_mtime = explode(" ", microtime());
>>>>>> + $bb2_timer_stop = $bb2_mtime[1] + $bb2_mtime[0];
>>>>>> + $bb2_timer_total = $bb2_timer_stop - $bb2_timer_start;
>>>>>> +?>
>>>>>> \ No newline at end of file
>>>>>> _______________________________________________
>>>>>> pLog-svn mailing list
>>>>>> pLog-svn at devel.lifetype.net
>>>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>>> --
>>>>> Paul Westbrook
>>>>> paul at westbrooks.org
>>>>> <http://www.westbrooks.org>
>>>>> _______________________________________________
>>>>> pLog-svn mailing list
>>>>> pLog-svn at devel.lifetype.net
>>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>> --
>>>> Jon Daley
>>>> http://jon.limedaley.com/
>>>> Sic friatur crustum dulce.
>>>> -- Latin for All Occasions
>>>> _______________________________________________
>>>> pLog-svn mailing list
>>>> pLog-svn at devel.lifetype.net
>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>
>>> --
>>> Paul Westbrook
>>> paul at westbrooks.org
>>> <http://www.westbrooks.org>
>>>
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com/
>>
>> Sympathy is never wasted except when you give it to yourself.
>> -- John W. Draper
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>
> --
> Paul Westbrook
> paul at westbrooks.org
> <http://www.westbrooks.org>
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Jon Daley
http://jon.limedaley.com/
If you think the problem is bad now, just wait until we've solved it.
-- Kasspe
More information about the pLog-svn
mailing list