[pLog-svn] r6192 -inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Jon Daley
plogworld at jon.limedaley.com
Fri Feb 29 15:32:50 EST 2008
Your idea sounds fine to me.
On Fri, 29 Feb 2008, Paul Westbrook wrote:
> Hello,
> I would assume that the regular plugin release script only pulls plugins
> that are inside the plugin repository directory. But since, this plugin
> doesn't exist in this directory, it will not be pushed to sourceforge.
>
> The changes are:
>
> 1. Digg was being blocked, so a post hosted on LifeType couldn't be
> "dugg"
> 2. Using the Akamai site accelerator would not have worked
> 3. Trackbacks from WordPress would have failed.
>
> http://www.bad-behavior.ioerror.us/2008/01/18/bad-behavior-2012/
> http://www.bad-behavior.ioerror.us/2008/01/27/bad-behavior-2013/
>
> I don't know if any of those issues really require spinning another release
> of LifeType.
>
> I believe that what would give us the most flexibility, would be to move the
> plugin back to the plugin repository directory. Then modify the script that
> bundles the LifeType releases to pull the latest version of the bad behavior
> plugin from the plugin repository directory.
>
> This would allow the plugin to easily change outside of the LifeType release
> cycle.
>
> --Paul
>
> On 2/29/08, Jon Daley <plogworld at jon.limedaley.com> wrote:
>>
>> Couldn't you run the regular plugin release script for releases
>> that you really want to release outside of a lifetype branch? For this
>> particular check-in, was it an important change?
>>
>>
>> On Fri, 29 Feb 2008, Mark Wu wrote:
>>
>>> Hi Paul:
>>>
>>> I remember we did this before, the plugins and core are seperate in
>>> different repository directories.
>>>
>>> The resaon we move the bad behavior to the core is becasue we want it as
>>> part of core ... and deliver it with lifetype official release.
>>>
>>> If there are an urgent patch or upgrade of bad behavior, I think we can
>>> release a lifetype hotfix for it.
>>>
>>> How do you think?
>>>
>>> Mark
>>>
>>>
>>> _____
>>>
>>> From: plog-svn-bounces at devel.lifetype.net
>>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
>>> Sent: Friday, February 29, 2008 4:05 PM
>>> To: LifeType Developer List
>>> Subject: Re: [pLog-svn] r6192
>>> -inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
>>>
>>>
>>> Hello,
>>> Sure. But I am wondering about something slightly different. I am
>>> thinking about when more people have moved to 2.0. I assume that there
>> will
>>> be a period that 1.2 will still be a supported release, but most
>> developers
>>> will be working on 2.0.
>>>
>>> If there is a new version of bad behavior, currently we need to do a
>> new
>>> release of LifeType, as the bad behavior plugin is not available
>> separately.
>>>
>>> I assume that at some point we will move the bad behavior plugin to the
>>> plugin branch, to make it easier to release new versions of this plugin.
>>>
>>> --Paul
>>>
>>>
>>> On 2/28/08, Mark Wu <markplace at gmail.com> wrote:
>>>
>>> Hi Paul:
>>>
>>> I think it is okay. Bcasue I always merge the 1.2 branch to trunk in a
>>> certain period . These changes will apply to 2.0-dev very soon.
>>>
>>> Regards, Mark
>>>
>>>
>>> _____
>>>
>>> From: plog-svn-bounces at devel.lifetype.net
>>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
>>> Sent: Friday, February 29, 2008 2:57 PM
>>> To: LifeType Developer List
>>> Subject: Re: [pLog-svn] r6192 -
>>> inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
>>>
>>>
>>>
>>> Hello,
>>> As development for LifeType 2.0 takes highe priority, will this
>> plugin,
>>> or the LifeType 1.2 version of it, move back to the main plugin
>> subversion
>>> branch? This would allow quick patches to the plugin to be done, with
>> out
>>> having to spin a whole LifeType release.
>>>
>>> --Paul
>>>
>>>
>>> On 2/28/08, pwestbro at devel.lifetype.net <pwestbro at devel.lifetype.net>
>> wrote:
>>>
>>>
>>> Author: pwestbro
>>> Date: 2008-02-29 01:49:43 -0500 (Fri, 29 Feb 2008)
>>> New Revision: 6192
>>>
>>> Modified:
>>>
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/blacklist.inc.ph
>>> p
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/msie.inc.php
>>>
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/version.inc.php
>>>
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/whitelist.inc.ph
>>> p
>>>
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/pluginbadbehavior.class.php
>>> Log:
>>> Checked in version 2.0.13 of bad behavior
>>>
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/blacklist.inc.ph
>>> p
>>> ===================================================================
>>> ---
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/blacklist.inc.ph
>>
>>> p 2008-02-28 10:54:49 UTC (rev 6191)
>>
>>> +++
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/blacklist.inc.ph
>>
>>> p 2008-02-29 06:49:43 UTC (rev 6192)
>>
>>> @@ -1,113 +1,113 @@
>>> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> -
>>> -function bb2_blacklist($package) {
>>> -
>>> - // Blacklisted user agents
>>> - // These user agent strings occur at the beginning of the line.
>>> - $bb2_spambots_0 = array(
>>> - "<sc", // XSS exploit attempts
>>> - "8484 Boston Project", // video poker/porn spam
>>> - "adwords", // referrer spam
>>> - "autoemailspider", // spam harvester
>>> - "blogsearchbot-martin", // from honeypot
>>> - "Digger", // spam harvester
>>> - "ecollector", // spam harvester
>>> - "EmailCollector", // spam harvester
>>> - "Email Extractor", // spam harvester
>>> - "Email Siphon", // spam harvester
>>> - "EmailSiphon", // spam harvester
>>> - "grub crawler", // misc comment/email spam
>>> - "HttpProxy", // misc comment/email spam
>>> - "Internet Explorer", // XMLRPC exploits seen
>>> - "Jakarta Commons", // custommised spambots
>>> - "Java 1.", // definitely a spammer
>>> - "Java/1.", // definitely a spammer
>>> - "libwww-perl", // spambot scripts
>>> - "LWP", // spambot scripts
>>> - "Microsoft URL", // spam harvester
>>> - "Missigua", // spam harvester
>>> - "MJ12bot", // crawls MUCH too fast
>>> - "Movable Type", // customised spambots
>>> - "Mozilla ", // malicious software
>>> - "Mozilla/4.0(", // from honeypot
>>> - "Mozilla/4.0+(", // suspicious harvester
>>> - "MSIE", // malicious software
>>> - "NutchCVS", // unidentified robots
>>> - "Nutscrape/", // misc comment spam
>>> - "OmniExplorer", // spam harvester
>>> - "psycheclone", // spam harvester
>>> - "PussyCat ", // misc comment spam
>>> - "PycURL", // misc comment spam
>>> - "Shockwave Flash", // spam harvester
>>> - "TrackBack/", // trackback spam
>>> - "user", // suspicious harvester
>>> - "User Agent: ", // spam harvester
>>> - "User-Agent: ", // spam harvester
>>> - "Wordpress", // malicious software
>>> - "\"", // malicious software
>>> - );
>>> -
>>> - // These user agent strings occur anywhere within the line.
>>> - $bb2_spambots = array(
>>> - "\r", // A really dumb bot
>>> - "; Widows ", // misc comment/email spam
>>> - "a href=", // referrer spam
>>> - "Bad Behavior Test", // Add this to your user-agent
>> to
>>> test BB
>>> - "compatible ; MSIE", // misc comment/email spam
>>> - "compatible-", // misc comment/email spam
>>> - "DTS Agent", // misc comment/email spam
>>> - "Gecko/25", // revisit this in 500 years
>>> - "grub-client", // search engine ignores
>> robots.txt
>>> - "hanzoweb", // very badly behaved crawler
>>> - "Indy Library", // misc comment/email spam
>>> - "larbin at unspecified", // stealth harvesters
>>> - "Murzillo compatible", // comment spam bot
>>> - ".NET CLR 1)", // free poker, etc.
>>> - "POE-Component-Client", // free poker, etc.
>>> - "Turing Machine", // www.anonymizer.com abuse
>>> - "WebaltBot", // spam harvester
>>> - "WISEbot", // spam harvester
>>> - "WISEnutbot", // spam harvester
>>> - "Windows NT 4.0;)", // wikispam bot
>>> - "Windows NT 5.0;)", // wikispam bot
>>> - "Windows NT 5.1;)", // wikispam bot
>>> - "Windows XP 5", // spam harvester
>>> - "\\\\)", // spam harvester
>>> - );
>>> -
>>> - // These are regular expression matches.
>>> - $bb2_spambots_regex = array(
>>> - "/^[A-Z]{10}$/", // misc email spam
>>> - "/^Mozilla...[05]$/i", // fake user agent/email spam
>>> - "/[bcdfghjklmnpqrstvwxz ]{8,}/",
>>> -// "/(;\){1,2}$/", // misc spammers/harvesters
>>> -// "/MSIE.*Windows XP/", // misc comment spam
>>> - );
>>> -
>>> - // Do not edit below this line.
>>> -
>>> - $ua = $package['headers_mixed']['User-Agent'];
>>> -
>>> - foreach ($bb2_spambots_0 as $spambot) {
>>> - $pos = stripos($ua, $spambot);
>>> - if ($pos !== FALSE && $pos == 0) {
>>> - return "17f4e8c8";
>>> - }
>>> - }
>>> -
>>> - foreach ($bb2_spambots as $spambot) {
>>> - if (stripos($ua, $spambot) !== FALSE) {
>>> - return "17f4e8c8";
>>> - }
>>> - }
>>> -
>>> - foreach ($bb2_spambots_regex as $spambot) {
>>> - if (preg_match($spambot, $ua)) {
>>> - return "17f4e8c8";
>>> - }
>>> - }
>>> -
>>> - return FALSE;
>>> -}
>>> -
>>> -?>
>>> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> +
>>> +function bb2_blacklist($package) {
>>> +
>>> + // Blacklisted user agents
>>> + // These user agent strings occur at the beginning of the line.
>>> + $bb2_spambots_0 = array(
>>> + "<sc", // XSS exploit attempts
>>> + "8484 Boston Project", // video poker/porn spam
>>> + "adwords", // referrer spam
>>> + "autoemailspider", // spam harvester
>>> + "blogsearchbot-martin", // from honeypot
>>> + "Digger", // spam harvester
>>> + "ecollector", // spam harvester
>>> + "EmailCollector", // spam harvester
>>> + "Email Extractor", // spam harvester
>>> + "Email Siphon", // spam harvester
>>> + "EmailSiphon", // spam harvester
>>> + "grub crawler", // misc comment/email spam
>>> + "HttpProxy", // misc comment/email spam
>>> + "Internet Explorer", // XMLRPC exploits seen
>>> + "Jakarta Commons", // custommised spambots
>>> + "Java 1.", // definitely a spammer
>>> + "Java/1.", // definitely a spammer
>>> + "libwww-perl", // spambot scripts
>>> + "LWP", // spambot scripts
>>> + "Microsoft URL", // spam harvester
>>> + "Missigua", // spam harvester
>>> + "MJ12bot", // crawls MUCH too fast
>>> + "Movable Type", // customised spambots
>>> + "Mozilla ", // malicious software
>>> + "Mozilla/4.0(", // from honeypot
>>> + "Mozilla/4.0+(", // suspicious harvester
>>> + "MSIE", // malicious software
>>> + "NutchCVS", // unidentified robots
>>> + "Nutscrape/", // misc comment spam
>>> + "OmniExplorer", // spam harvester
>>> + "psycheclone", // spam harvester
>>> + "PussyCat ", // misc comment spam
>>> + "PycURL", // misc comment spam
>>> + "Shockwave Flash", // spam harvester
>>> + "TrackBack/", // trackback spam
>>> + "user", // suspicious harvester
>>> + "User Agent: ", // spam harvester
>>> + "User-Agent: ", // spam harvester
>>> + "Wordpress", // malicious software
>>> + "\"", // malicious software
>>> + );
>>> +
>>> + // These user agent strings occur anywhere within the line.
>>> + $bb2_spambots = array(
>>> + "\r", // A really dumb bot
>>> + "; Widows ", // misc comment/email spam
>>> + "a href=", // referrer spam
>>> + "Bad Behavior Test", // Add this to your user-agent
>> to
>>> test BB
>>> + "compatible ; MSIE", // misc comment/email spam
>>> + "compatible-", // misc comment/email spam
>>> + "DTS Agent", // misc comment/email spam
>>> + "Gecko/25", // revisit this in 500 years
>>> + "grub-client", // search engine ignores
>> robots.txt
>>> + "hanzoweb", // very badly behaved crawler
>>> + "Indy Library", // misc comment/email spam
>>> + "larbin at unspecified", // stealth harvesters
>>> + "Murzillo compatible", // comment spam bot
>>> + ".NET CLR 1)", // free poker, etc.
>>> + "POE-Component-Client", // free poker, etc.
>>> + "Turing Machine", // www.anonymizer.com abuse
>>> + "WebaltBot", // spam harvester
>>> + "WISEbot", // spam harvester
>>> + "WISEnutbot", // spam harvester
>>> + "Windows NT 4.0;)", // wikispam bot
>>> + "Windows NT 5.0;)", // wikispam bot
>>> + "Windows NT 5.1;)", // wikispam bot
>>> + "Windows XP 5", // spam harvester
>>> + "\\\\)", // spam harvester
>>> + );
>>> +
>>> + // These are regular expression matches.
>>> + $bb2_spambots_regex = array(
>>> + "/^[A-Z]{10}$/", // misc email spam
>>> + "/^Mozilla...[05]$/i", // fake user agent/email spam
>>> + "/[bcdfghjklmnpqrstvwxz ]{8,}/",
>>> +// "/(;\){1,2}$/", // misc spammers/harvesters
>>> +// "/MSIE.*Windows XP/", // misc comment spam
>>> + );
>>> +
>>> + // Do not edit below this line.
>>> +
>>> + $ua = $package['headers_mixed']['User-Agent'];
>>> +
>>> + foreach ($bb2_spambots_0 as $spambot) {
>>> + $pos = strpos($ua, $spambot);
>>> + if ($pos !== FALSE && $pos == 0) {
>>> + return "17f4e8c8";
>>> + }
>>> + }
>>> +
>>> + foreach ($bb2_spambots as $spambot) {
>>> + if (strpos($ua, $spambot) !== FALSE) {
>>> + return "17f4e8c8";
>>> + }
>>> + }
>>> +
>>> + foreach ($bb2_spambots_regex as $spambot) {
>>> + if (preg_match($spambot, $ua)) {
>>> + return "17f4e8c8";
>>> + }
>>> + }
>>> +
>>> + return FALSE;
>>> +}
>>> +
>>> +?>
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
>>> ===================================================================
>>> --- plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/msie.inc.php
>>> 2008-02-28 10:54:49 UTC (rev 6191)
>>> +++ plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/msie.inc.php
>>> 2008-02-29 06:49:43 UTC (rev 6192)
>>> @@ -1,24 +1,25 @@
>>> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> -
>>> -// Analyze user agents claiming to be MSIE
>>> -
>>> -function bb2_msie($package)
>>> -{
>>> - if (!array_key_exists('Accept', $package['headers_mixed'])) {
>>> - return "17566707";
>>> - }
>>> -
>>> - // MSIE does NOT send "Windows ME" or "Windows XP" in the user
>> agent
>>> - if (strpos($package['headers_mixed']['User-Agent'], "Windows
>> ME")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
>> XP")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
>> 2000")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
>> !==
>>> FALSE) {
>>> - return "a1084bad";
>>> - }
>>> -
>>> - // MSIE does NOT send Connection: TE
>>> - if (preg_match('/\bTE\b/i',
>>> $package['headers_mixed']['Connection'])) {
>>> - return "2b90f772";
>>> - }
>>> -
>>> - return false;
>>> -}
>>> -
>>> -?>
>>> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> +
>>> +// Analyze user agents claiming to be MSIE
>>> +
>>> +function bb2_msie($package)
>>> +{
>>> + if (!array_key_exists('Accept', $package['headers_mixed'])) {
>>> + return "17566707";
>>> + }
>>> +
>>> + // MSIE does NOT send "Windows ME" or "Windows XP" in the user
>> agent
>>> + if (strpos($package['headers_mixed']['User-Agent'], "Windows
>> ME")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
>> XP")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows
>> 2000")
>>> !== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
>> !==
>>> FALSE) {
>>> + return "a1084bad";
>>> + }
>>> +
>>> + // MSIE does NOT send Connection: TE but Akamai does
>>> + // Bypass this test when Akamai detected
>>> + if (!array_key_exists('Akamai-Origin-Hop',
>>> $package['headers_mixed']) && preg_match('/\bTE\b/i',
>>> $package['headers_mixed']['Connection'])) {
>>> + return "2b90f772";
>>> + }
>>> +
>>> + return false;
>>> +}
>>> +
>>> +?>
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/version.inc.php
>>> ===================================================================
>>> ---
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/version.inc.php
>>> 2008-02-28 10:54:49 UTC (rev 6191)
>>> +++
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/version.inc.php
>>> 2008-02-29 06:49:43 UTC (rev 6192)
>>> @@ -1,3 +1,3 @@
>>> -<?php if (!defined('BB2_CWD')) die("I said no cheating!");
>>> -define('BB2_VERSION', "2.0.11");
>>> -?>
>>> +<?php if (!defined('BB2_CWD')) die("I said no cheating!");
>>> +define('BB2_VERSION', "2.0.13");
>>> +?>
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/whitelist.inc.ph
>>> p
>>> ===================================================================
>>> ---
>>
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/whitelist.inc.ph
>>
>>> p 2008-02-28 10:54:49 UTC (rev 6191)
>>
>>> +++
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/bad-behavior/whitelist.inc.ph
>>
>>> p 2008-02-29 06:49:43 UTC (rev 6192)
>>
>>> @@ -1,56 +1,58 @@
>>> -<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> -
>>> -function bb2_whitelist($package)
>>> -{
>>> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> -
>>> - // Inappropriate whitelisting WILL expose you to spam, or cause
>> Bad
>>> - // Behavior to stop functioning entirely! DO NOT WHITELIST
>> unless
>>> you
>>> - // are 100% CERTAIN that you should.
>>> -
>>> - // IP address ranges use the CIDR format.
>>> -
>>> - // Includes four examples of whitelisting by IP address and
>>> netblock.
>>> - $bb2_whitelist_ip_ranges = array(
>>> - "10.0.0.0/8",
>>> - "172.16.0.0/12",
>>> - "192.168.0.0/16",
>>> -// "127.0.0.1",
>>> - );
>>> -
>>> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> -
>>> - // Inappropriate whitelisting WILL expose you to spam, or cause
>> Bad
>>> - // Behavior to stop functioning entirely! DO NOT WHITELIST
>> unless
>>> you
>>> - // are 100% CERTAIN that you should.
>>> -
>>> - // You should not whitelist search engines by user agent. Use
>> the IP
>>> - // netblock for the search engine instead. See
>>> http://whois.arin.net/
>>> - // to locate the netblocks for an IP.
>>> -
>>> - // User agents are matched by exact match only.
>>> -
>>> - // Includes one example of whitelisting by user agent.
>>> - // All are commented out.
>>> - $bb2_whitelist_user_agents = array(
>>> - // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
>>> It's me, let me in",
>>> - );
>>> -
>>> - // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> -
>>> - // Do not edit below this line
>>> -
>>> - if (!empty($bb2_whitelist_ip_ranges)) {
>>> - foreach ($bb2_whitelist_ip_ranges as $range) {
>>> - if (match_cidr($package['ip'], $range)) return
>> true;
>>> - }
>>> - }
>>> - if (!empty($bb2_whitelist_user_agents)) {
>>> - foreach ($bb2_whitelist_user_agents as $user_agent) {
>>> - if
>> (!strcmp($package['headers_mixed']['User-Agent'],
>>> $user_agent)) return true;
>>> - }
>>> - }
>>> - return false;
>>> -}
>>> -
>>> -?>
>>> +<?php if (!defined('BB2_CORE')) die('I said no cheating!');
>>> +
>>> +function bb2_whitelist($package)
>>> +{
>>> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> +
>>> + // Inappropriate whitelisting WILL expose you to spam, or cause
>> Bad
>>> + // Behavior to stop functioning entirely! DO NOT WHITELIST
>> unless
>>> you
>>> + // are 100% CERTAIN that you should.
>>> +
>>> + // IP address ranges use the CIDR format.
>>> +
>>> + // Includes four examples of whitelisting by IP address and
>>> netblock.
>>> + $bb2_whitelist_ip_ranges = array(
>>> + "64.191.203.34/32", // Digg whitelisted as of 2.0.12
>>> + "208.67.217.130/32", // Digg whitelisted as of 2.0.12
>>> + "10.0.0.0/8",
>>> + "172.16.0.0/12",
>>> + "192.168.0.0/16",
>>> +// "127.0.0.1",
>>> + );
>>> +
>>> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> +
>>> + // Inappropriate whitelisting WILL expose you to spam, or cause
>> Bad
>>> + // Behavior to stop functioning entirely! DO NOT WHITELIST
>> unless
>>> you
>>> + // are 100% CERTAIN that you should.
>>> +
>>> + // You should not whitelist search engines by user agent. Use
>> the IP
>>> + // netblock for the search engine instead. See
>>> http://whois.arin.net/
>>> + // to locate the netblocks for an IP.
>>> +
>>> + // User agents are matched by exact match only.
>>> +
>>> + // Includes one example of whitelisting by user agent.
>>> + // All are commented out.
>>> + $bb2_whitelist_user_agents = array(
>>> + // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
>>> It's me, let me in",
>>> + );
>>> +
>>> + // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
>> DANGER!
>>> +
>>> + // Do not edit below this line
>>> +
>>> + if (!empty($bb2_whitelist_ip_ranges)) {
>>> + foreach ($bb2_whitelist_ip_ranges as $range) {
>>> + if (match_cidr($package['ip'], $range)) return
>> true;
>>> + }
>>> + }
>>> + if (!empty($bb2_whitelist_user_agents)) {
>>> + foreach ($bb2_whitelist_user_agents as $user_agent) {
>>> + if
>> (!strcmp($package['headers_mixed']['User-Agent'],
>>> $user_agent)) return true;
>>> + }
>>> + }
>>> + return false;
>>> +}
>>> +
>>> +?>
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/pluginbadbehavior.class.php
>>> ===================================================================
>>> ---
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/pluginbadbehavior.class.php
>>> 2008-02-28 10:54:49 UTC (rev 6191)
>>> +++
>>> plog/branches/lifetype-1.2
>> /plugins/badbehavior/pluginbadbehavior.class.php
>>> 2008-02-29 06:49:43 UTC (rev 6192)
>>> @@ -20,7 +20,7 @@
>>> $this->desc = "Bad Behavior for LifeType";
>>> $this->author = "The Lifetype Project";
>>> $this->db =& Db::getDb();
>>> - $this->version = "20071205";
>>> + $this->version = "20080228";
>>>
>>> $config =& Config::getConfig();
>>> $prefix = Db::getPrefix();
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://limedaley.com/mailman/listinfo/plog-svn
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://limedaley.com/mailman/listinfo/plog-svn
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com/
>>
>> No idea that sits in your head is there rent free.
>> If the idea is not "useful", get rid of it.
>> -- Dr. Richard Farmer
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>>
>
--
Jon Daley
http://jon.limedaley.com/
A fellow can't keep people from having a bad opinion of him,
but he can keep them from being right about it. -- Unknown
More information about the pLog-svn
mailing list