<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16608" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2>Hi Paul:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2>I remember we did this before, the plugins and core are
seperate in different repository directories.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2>The resaon we move the bad behavior to the core is becasue
we want it as part of core ... and deliver it with lifetype official
release.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=624324608-29022008><FONT face=新細明體
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><FONT face=新細明體 color=#0000ff size=2><SPAN
class=624324608-29022008>If there are an urgent patch or upgrade of bad
behavior, I think we can release a lifetype hotfix for it.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=新細明體 color=#0000ff size=2><SPAN
class=624324608-29022008></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=新細明體 color=#0000ff size=2><SPAN
class=624324608-29022008>How do you think?</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=新細明體 color=#0000ff size=2><SPAN
class=624324608-29022008></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=新細明體 color=#0000ff size=2><SPAN
class=624324608-29022008>Mark</SPAN></FONT></DIV>
<DIV><BR></DIV>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=zh-tw dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> plog-svn-bounces@devel.lifetype.net
[mailto:plog-svn-bounces@devel.lifetype.net] <B>On Behalf Of </B>Paul
Westbrook<BR><B>Sent:</B> Friday, February 29, 2008 4:05 PM<BR><B>To:</B>
LifeType Developer List<BR><B>Subject:</B> Re: [pLog-svn] r6192
-inplog/branches/lifetype-1.2/plugins/badbehavior: .
bad-behavior<BR></FONT><BR></DIV>
<DIV></DIV>Hello,<BR> Sure. But I am wondering about
something slightly different. I am thinking about when more people have
moved to 2.0. I assume that there will be a period that 1.2 will still
be a supported release, but most developers will be working on
2.0.<BR><BR> If there is a new version of bad behavior, currently
we need to do a new release of LifeType, as the bad behavior plugin is not
available separately.<BR><BR> I assume that at some point we will move
the bad behavior plugin to the plugin branch, to make it easier to release new
versions of this plugin.<BR><BR>--Paul<BR><BR>
<DIV><SPAN class=gmail_quote>On 2/28/08, <B class=gmail_sendername>Mark Wu</B>
<<A href="mailto:markplace@gmail.com">markplace@gmail.com</A>>
wrote:</SPAN>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0pt 0pt 0pt 0.8ex; BORDER-LEFT: rgb(204,204,204) 1px solid">
<DIV>
<DIV dir=ltr align=left><SPAN><FONT face="$B?7:YL@qs(B"
color=#0000ff size=2>Hi Paul:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN><FONT face="$B?7:YL@qs(B"
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN><FONT face="$B?7:YL@qs(B"
color=#0000ff size=2>I think it is okay. Bcasue I always merge the 1.2
branch to trunk in a certain period . These changes will apply to 2.0-dev
very soon.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN></SPAN><SPAN><FONT
face="$B?7:YL@qs(B" color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN><FONT face="$B?7:YL@qs(B"
color=#0000ff size=2>Regards, Mark</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: rgb(0,0,255) 2px solid; MARGIN-RIGHT: 0px">
<DIV lang=zh-tw dir=ltr align=left>
<HR>
<FONT face=Tahoma size=2><B>From:</B> <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:plog-svn-bounces@devel.lifetype.net"
target=_blank>plog-svn-bounces@devel.lifetype.net</A> [mailto:<A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:plog-svn-bounces@devel.lifetype.net"
target=_blank>plog-svn-bounces@devel.lifetype.net</A>] <B>On Behalf Of
</B>Paul Westbrook<BR><B>Sent:</B> Friday, February 29, 2008 2:57
PM<BR><B>To:</B> LifeType Developer List<BR><B>Subject:</B> Re: [pLog-svn]
r6192 - inplog/branches/lifetype-1.2/plugins/badbehavior: .
bad-behavior<BR></FONT><BR></DIV>
<DIV><SPAN class=e id=q_11864000bab543cd_1>
<DIV></DIV>Hello,<BR> As development for LifeType 2.0 takes
highe priority, will this plugin, or the LifeType 1.2 version of it, move
back to the main plugin subversion branch? This would allow quick
patches to the plugin to be done, with out having to spin a whole LifeType
release.<BR><BR>--Paul<BR><BR>
<DIV><SPAN class=gmail_quote>On 2/28/08, <B class=gmail_sendername><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:pwestbro@devel.lifetype.net"
target=_blank>pwestbro@devel.lifetype.net</A></B> <<A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:pwestbro@devel.lifetype.net"
target=_blank>pwestbro@devel.lifetype.net</A>> wrote:</SPAN>
<BLOCKQUOTE class=gmail_quote
style="PADDING-LEFT: 1ex; MARGIN: 0pt 0pt 0pt 0.8ex; BORDER-LEFT: rgb(204,204,204) 1px solid">Author:
pwestbro<BR>Date: 2008-02-29 01:49:43 -0500 (Fri, 29 Feb 2008)<BR>New
Revision: 6192<BR><BR>Modified:<BR>
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php<BR>
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php<BR>
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php<BR>
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php<BR>
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php<BR>Log:<BR>Checked
in version 2.0.13 of bad behavior<BR><BR><BR>Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php<BR>===================================================================<BR>---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php
2008-02-28 10:54:49 UTC (rev 6191)<BR>+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.php
2008-02-29 06:49:43 UTC (rev 6192)<BR>@@ -1,113 +1,113 @@<BR>-<?php
if (!defined('BB2_CORE')) die('I said no cheating!');<BR>-<BR>-function
bb2_blacklist($package) {<BR>-<BR>-
// Blacklisted user agents<BR>- //
These user agent strings occur at the beginning of the
line.<BR>- $bb2_spambots_0 =
array(<BR>-
"<sc", //
XSS exploit
attempts<BR>-
"8484 Boston Project", // video poker/porn
spam<BR>-
"adwords", //
referrer
spam<BR>-
"autoemailspider", // spam
harvester<BR>-
"blogsearchbot-martin", // from
honeypot<BR>-
"Digger",
// spam
harvester<BR>-
"ecollector",
// spam
harvester<BR>-
"EmailCollector", // spam
harvester<BR>-
"Email Extractor", // spam
harvester<BR>-
"Email Siphon", // spam
harvester<BR>-
"EmailSiphon", //
spam
harvester<BR>-
"grub crawler", // misc
comment/email
spam<BR>-
"HttpProxy", //
misc comment/email
spam<BR>-
"Internet Explorer", // XMLRPC exploits
seen<BR>-
"Jakarta Commons", // custommised
spambots<BR>-
"Java
1.", //
definitely a
spammer<BR>-
"Java/1.", //
definitely a
spammer<BR>-
"libwww-perl", //
spambot
scripts<BR>-
"LWP", //
spambot
scripts<BR>-
"Microsoft URL", // spam
harvester<BR>-
"Missigua",
// spam
harvester<BR>-
"MJ12bot", //
crawls MUCH too
fast<BR>-
"Movable Type", //
customised
spambots<BR>-
"Mozilla
",
// malicious
software<BR>-
"Mozilla/4.0(", // from
honeypot<BR>-
"Mozilla/4.0+(", //
suspicious
harvester<BR>-
"MSIE",
// malicious
software<BR>-
"NutchCVS",
// unidentified
robots<BR>-
"Nutscrape/",
// misc comment
spam<BR>-
"OmniExplorer", // spam
harvester<BR>-
"psycheclone", //
spam
harvester<BR>-
"PussyCat
", //
misc comment
spam<BR>-
"PycURL",
// misc comment
spam<BR>-
"Shockwave Flash", // spam
harvester<BR>-
"TrackBack/",
// trackback
spam<BR>-
"user",
// suspicious
harvester<BR>-
"User Agent: ", // spam
harvester<BR>-
"User-Agent: ", // spam
harvester<BR>-
"Wordpress", //
malicious
software<BR>-
"\"",
// malicious software<BR>-
);<BR>-<BR>- // These user agent
strings occur anywhere within the
line.<BR>- $bb2_spambots =
array(<BR>-
"\r",
// A really dumb
bot<BR>-
"; Widows
", //
misc comment/email
spam<BR>-
"a
href=", //
referrer
spam<BR>-
"Bad Behavior Test", // Add this to your
user-agent to test
BB<BR>-
"compatible ; MSIE", // misc comment/email
spam<BR>-
"compatible-", //
misc comment/email
spam<BR>-
"DTS
Agent", //
misc comment/email
spam<BR>-
"Gecko/25",
// revisit this in 500
years<BR>-
"grub-client", //
search engine ignores
robots.txt<BR>-
"hanzoweb",
// very badly behaved
crawler<BR>-
"Indy Library", // misc
comment/email
spam<BR>-
"larbin@unspecified", // stealth
harvesters<BR>-
"Murzillo compatible", // comment spam
bot<BR>-
".NET CLR
1)", // free
poker,
etc.<BR>-
"POE-Component-Client", // free poker,
etc.<BR>-
"Turing Machine", // <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://www.anonymizer.com" target=_blank>www.anonymizer.com</A>
abuse<BR>-
"WebaltBot", //
spam
harvester<BR>-
"WISEbot", //
spam
harvester<BR>-
"WISEnutbot",
// spam
harvester<BR>-
"Windows NT 4.0;)", // wikispam
bot<BR>-
"Windows NT 5.0;)", // wikispam
bot<BR>-
"Windows NT 5.1;)", // wikispam
bot<BR>-
"Windows XP 5", // spam
harvester<BR>-
"\\\\)", //
spam harvester<BR>-
);<BR>-<BR>- // These are regular
expression matches.<BR>-
$bb2_spambots_regex =
array(<BR>-
"/^[A-Z]{10}$/", // misc
email
spam<BR>-
"/^Mozilla...[05]$/i", // fake user agent/email
spam<BR>-
"/[bcdfghjklmnpqrstvwxz
]{8,}/",<BR>-//
"/(;\){1,2}$/", // misc
spammers/harvesters<BR>-//
"/MSIE.*Windows XP/", // misc comment
spam<BR>-
);<BR>-<BR>- // Do not edit below
this line.<BR>-<BR>- $ua =
$package['headers_mixed']['User-Agent'];<BR>-<BR>-
foreach ($bb2_spambots_0 as $spambot)
{<BR>-
$pos = stripos($ua,
$spambot);<BR>-
if ($pos !== FALSE && $pos == 0)
{<BR>-
return
"17f4e8c8";<BR>-
}<BR>-
}<BR>-<BR>- foreach ($bb2_spambots
as $spambot)
{<BR>-
if (stripos($ua, $spambot) !== FALSE)
{<BR>-
return
"17f4e8c8";<BR>-
}<BR>-
}<BR>-<BR>- foreach
($bb2_spambots_regex as $spambot)
{<BR>-
if (preg_match($spambot, $ua))
{<BR>-
return
"17f4e8c8";<BR>-
}<BR>-
}<BR>-<BR>- return
FALSE;<BR>-}<BR>-<BR>-?><BR>+<?php if (!defined('BB2_CORE'))
die('I said no cheating!');<BR>+<BR>+function bb2_blacklist($package)
{<BR>+<BR>+ // Blacklisted user
agents<BR>+ // These user agent
strings occur at the beginning of the
line.<BR>+ $bb2_spambots_0 =
array(<BR>+
"<sc", //
XSS exploit
attempts<BR>+
"8484 Boston Project", // video poker/porn
spam<BR>+
"adwords", //
referrer
spam<BR>+
"autoemailspider", // spam
harvester<BR>+
"blogsearchbot-martin", // from
honeypot<BR>+
"Digger",
// spam
harvester<BR>+
"ecollector",
// spam
harvester<BR>+
"EmailCollector", // spam
harvester<BR>+
"Email Extractor", // spam
harvester<BR>+
"Email Siphon", // spam
harvester<BR>+
"EmailSiphon", //
spam
harvester<BR>+
"grub crawler", // misc
comment/email
spam<BR>+
"HttpProxy", //
misc comment/email
spam<BR>+
"Internet Explorer", // XMLRPC exploits
seen<BR>+
"Jakarta Commons", // custommised
spambots<BR>+
"Java
1.", //
definitely a
spammer<BR>+
"Java/1.", //
definitely a
spammer<BR>+
"libwww-perl", //
spambot
scripts<BR>+
"LWP", //
spambot
scripts<BR>+
"Microsoft URL", // spam
harvester<BR>+
"Missigua",
// spam
harvester<BR>+
"MJ12bot", //
crawls MUCH too
fast<BR>+
"Movable Type", //
customised
spambots<BR>+
"Mozilla
",
// malicious
software<BR>+
"Mozilla/4.0(", // from
honeypot<BR>+
"Mozilla/4.0+(", //
suspicious
harvester<BR>+
"MSIE",
// malicious
software<BR>+
"NutchCVS",
// unidentified
robots<BR>+
"Nutscrape/",
// misc comment
spam<BR>+
"OmniExplorer", // spam
harvester<BR>+
"psycheclone", //
spam
harvester<BR>+
"PussyCat
", //
misc comment
spam<BR>+
"PycURL",
// misc comment
spam<BR>+
"Shockwave Flash", // spam
harvester<BR>+
"TrackBack/",
// trackback
spam<BR>+
"user",
// suspicious
harvester<BR>+
"User Agent: ", // spam
harvester<BR>+
"User-Agent: ", // spam
harvester<BR>+
"Wordpress", //
malicious
software<BR>+
"\"",
// malicious software<BR>+
);<BR>+<BR>+ // These user agent
strings occur anywhere within the
line.<BR>+ $bb2_spambots =
array(<BR>+
"\r",
// A really dumb
bot<BR>+
"; Widows
", //
misc comment/email
spam<BR>+
"a
href=", //
referrer
spam<BR>+
"Bad Behavior Test", // Add this to your
user-agent to test
BB<BR>+
"compatible ; MSIE", // misc comment/email
spam<BR>+
"compatible-", //
misc comment/email
spam<BR>+
"DTS
Agent", //
misc comment/email
spam<BR>+
"Gecko/25",
// revisit this in 500
years<BR>+
"grub-client", //
search engine ignores
robots.txt<BR>+
"hanzoweb",
// very badly behaved
crawler<BR>+
"Indy Library", // misc
comment/email
spam<BR>+
"larbin@unspecified", // stealth
harvesters<BR>+
"Murzillo compatible", // comment spam
bot<BR>+
".NET CLR
1)", // free
poker,
etc.<BR>+
"POE-Component-Client", // free poker,
etc.<BR>+
"Turing Machine", // <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://www.anonymizer.com" target=_blank>www.anonymizer.com</A>
abuse<BR>+
"WebaltBot", //
spam
harvester<BR>+
"WISEbot", //
spam
harvester<BR>+
"WISEnutbot",
// spam
harvester<BR>+
"Windows NT 4.0;)", // wikispam
bot<BR>+
"Windows NT 5.0;)", // wikispam
bot<BR>+
"Windows NT 5.1;)", // wikispam
bot<BR>+
"Windows XP 5", // spam
harvester<BR>+
"\\\\)", //
spam harvester<BR>+
);<BR>+<BR>+ // These are regular
expression matches.<BR>+
$bb2_spambots_regex =
array(<BR>+
"/^[A-Z]{10}$/", // misc
email
spam<BR>+
"/^Mozilla...[05]$/i", // fake user agent/email
spam<BR>+
"/[bcdfghjklmnpqrstvwxz
]{8,}/",<BR>+//
"/(;\){1,2}$/", // misc
spammers/harvesters<BR>+//
"/MSIE.*Windows XP/", // misc comment
spam<BR>+
);<BR>+<BR>+ // Do not edit below
this line.<BR>+<BR>+ $ua =
$package['headers_mixed']['User-Agent'];<BR>+<BR>+
foreach ($bb2_spambots_0 as $spambot)
{<BR>+
$pos = strpos($ua,
$spambot);<BR>+
if ($pos !== FALSE && $pos == 0)
{<BR>+
return
"17f4e8c8";<BR>+
}<BR>+
}<BR>+<BR>+ foreach ($bb2_spambots
as $spambot)
{<BR>+
if (strpos($ua, $spambot) !== FALSE)
{<BR>+
return
"17f4e8c8";<BR>+
}<BR>+
}<BR>+<BR>+ foreach
($bb2_spambots_regex as $spambot)
{<BR>+
if (preg_match($spambot, $ua))
{<BR>+
return
"17f4e8c8";<BR>+
}<BR>+
}<BR>+<BR>+ return
FALSE;<BR>+}<BR>+<BR>+?><BR><BR>Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php<BR>===================================================================<BR>---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php 2008-02-28
10:54:49 UTC (rev 6191)<BR>+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php 2008-02-29
06:49:43 UTC (rev 6192)<BR>@@ -1,24 +1,25 @@<BR>-<?php if
(!defined('BB2_CORE')) die('I said no cheating!');<BR>-<BR>-// Analyze
user agents claiming to be MSIE<BR>-<BR>-function
bb2_msie($package)<BR>-{<BR>- if
(!array_key_exists('Accept', $package['headers_mixed']))
{<BR>-
return "17566707";<BR>-
}<BR>-<BR>- // MSIE does NOT send
"Windows ME" or "Windows XP" in the user
agent<BR>- if
(strpos($package['headers_mixed']['User-Agent'], "Windows ME") !== FALSE
|| strpos($package['headers_mixed']['User-Agent'], "Windows XP") !==
FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
!== FALSE)
{<BR>-
return "a1084bad";<BR>-
}<BR>-<BR>- // MSIE does NOT send
Connection: TE<BR>- if
(preg_match('/\bTE\b/i', $package['headers_mixed']['Connection']))
{<BR>-
return "2b90f772";<BR>-
}<BR>-<BR>- return
false;<BR>-}<BR>-<BR>-?><BR>+<?php if (!defined('BB2_CORE'))
die('I said no cheating!');<BR>+<BR>+// Analyze user agents claiming to
be MSIE<BR>+<BR>+function
bb2_msie($package)<BR>+{<BR>+ if
(!array_key_exists('Accept', $package['headers_mixed']))
{<BR>+
return "17566707";<BR>+
}<BR>+<BR>+ // MSIE does NOT send
"Windows ME" or "Windows XP" in the user
agent<BR>+ if
(strpos($package['headers_mixed']['User-Agent'], "Windows ME") !== FALSE
|| strpos($package['headers_mixed']['User-Agent'], "Windows XP") !==
FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32")
!== FALSE)
{<BR>+
return "a1084bad";<BR>+
}<BR>+<BR>+ // MSIE does NOT send
Connection: TE but Akamai does<BR>+
// Bypass this test when Akamai
detected<BR>+ if
(!array_key_exists('Akamai-Origin-Hop', $package['headers_mixed'])
&& preg_match('/\bTE\b/i',
$package['headers_mixed']['Connection']))
{<BR>+
return "2b90f772";<BR>+
}<BR>+<BR>+ return
false;<BR>+}<BR>+<BR>+?><BR><BR>Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php<BR>===================================================================<BR>---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
2008-02-28 10:54:49 UTC (rev 6191)<BR>+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
2008-02-29 06:49:43 UTC (rev 6192)<BR>@@ -1,3 +1,3 @@<BR>-<?php if
(!defined('BB2_CWD')) die("I said no
cheating!");<BR>-define('BB2_VERSION', "2.0.11");<BR>-?><BR>+<?php
if (!defined('BB2_CWD')) die("I said no
cheating!");<BR>+define('BB2_VERSION',
"2.0.13");<BR>+?><BR><BR>Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php<BR>===================================================================<BR>---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php
2008-02-28 10:54:49 UTC (rev 6191)<BR>+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.php
2008-02-29 06:49:43 UTC (rev 6192)<BR>@@ -1,56 +1,58 @@<BR>-<?php if
(!defined('BB2_CORE')) die('I said no cheating!');<BR>-<BR>-function
bb2_whitelist($package)<BR>-{<BR>-
// DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>-<BR>- // Inappropriate
whitelisting WILL expose you to spam, or cause
Bad<BR>- // Behavior to stop
functioning entirely! DO NOT WHITELIST unless
you<BR>- // are 100% CERTAIN that
you should.<BR>-<BR>- // IP address
ranges use the CIDR
format.<BR>-<BR>- // Includes four
examples of whitelisting by IP address and
netblock.<BR>-
$bb2_whitelist_ip_ranges =
array(<BR>-
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://10.0.0.0/8"
target=_blank>10.0.0.0/8</A>",<BR>-
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://172.16.0.0/12"
target=_blank>172.16.0.0/12</A>",<BR>-
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.0.0/16"
target=_blank>192.168.0.0/16</A>",<BR>-//
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://127.0.0.1"
target=_blank>127.0.0.1</A>",<BR>-
);<BR>-<BR>- // DANGER! DANGER!
DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>-<BR>- // Inappropriate
whitelisting WILL expose you to spam, or cause
Bad<BR>- // Behavior to stop
functioning entirely! DO NOT WHITELIST unless
you<BR>- // are 100% CERTAIN that
you should.<BR>-<BR>- // You should
not whitelist search engines by user agent. Use the
IP<BR>- // netblock for the search
engine instead. See <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://whois.arin.net/"
target=_blank>http://whois.arin.net/</A><BR>-
// to locate the netblocks for an
IP.<BR>-<BR>- // User agents are
matched by exact match
only.<BR>-<BR>- // Includes one
example of whitelisting by user
agent.<BR>- // All are commented
out.<BR>- $bb2_whitelist_user_agents
= array(<BR>-
// "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; SV1) It's me, let me
in",<BR>-
);<BR>-<BR>- // DANGER! DANGER!
DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>-<BR>- // Do not edit
below this line<BR>-<BR>- if
(!empty($bb2_whitelist_ip_ranges))
{<BR>-
foreach ($bb2_whitelist_ip_ranges as $range)
{<BR>-
if (match_cidr($package['ip'], $range)) return
true;<BR>-
}<BR>-
}<BR>- if
(!empty($bb2_whitelist_user_agents))
{<BR>-
foreach ($bb2_whitelist_user_agents as $user_agent)
{<BR>-
if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent))
return
true;<BR>-
}<BR>-
}<BR>- return
false;<BR>-}<BR>-<BR>-?><BR>+<?php if (!defined('BB2_CORE'))
die('I said no cheating!');<BR>+<BR>+function
bb2_whitelist($package)<BR>+{<BR>+
// DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>+<BR>+ // Inappropriate
whitelisting WILL expose you to spam, or cause
Bad<BR>+ // Behavior to stop
functioning entirely! DO NOT WHITELIST unless
you<BR>+ // are 100% CERTAIN that
you should.<BR>+<BR>+ // IP address
ranges use the CIDR
format.<BR>+<BR>+ // Includes four
examples of whitelisting by IP address and
netblock.<BR>+
$bb2_whitelist_ip_ranges =
array(<BR>+
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://64.191.203.34/32"
target=_blank>64.191.203.34/32</A>", // Digg
whitelisted as of
2.0.12<BR>+
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://208.67.217.130/32"
target=_blank>208.67.217.130/32</A>", // Digg
whitelisted as of
2.0.12<BR>+
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://10.0.0.0/8"
target=_blank>10.0.0.0/8</A>",<BR>+
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://172.16.0.0/12"
target=_blank>172.16.0.0/12</A>",<BR>+
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://192.168.0.0/16"
target=_blank>192.168.0.0/16</A>",<BR>+//
"<A onclick="return top.js.OpenExtLink(window,event,this)"
href="http://127.0.0.1"
target=_blank>127.0.0.1</A>",<BR>+
);<BR>+<BR>+ // DANGER! DANGER!
DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>+<BR>+ // Inappropriate
whitelisting WILL expose you to spam, or cause
Bad<BR>+ // Behavior to stop
functioning entirely! DO NOT WHITELIST unless
you<BR>+ // are 100% CERTAIN that
you should.<BR>+<BR>+ // You should
not whitelist search engines by user agent. Use the
IP<BR>+ // netblock for the search
engine instead. See <A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://whois.arin.net/"
target=_blank>http://whois.arin.net/</A><BR>+
// to locate the netblocks for an
IP.<BR>+<BR>+ // User agents are
matched by exact match
only.<BR>+<BR>+ // Includes one
example of whitelisting by user
agent.<BR>+ // All are commented
out.<BR>+ $bb2_whitelist_user_agents
= array(<BR>+
// "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; SV1) It's me, let me
in",<BR>+
);<BR>+<BR>+ // DANGER! DANGER!
DANGER! DANGER! DANGER! DANGER! DANGER!
DANGER!<BR>+<BR>+ // Do not edit
below this line<BR>+<BR>+ if
(!empty($bb2_whitelist_ip_ranges))
{<BR>+
foreach ($bb2_whitelist_ip_ranges as $range)
{<BR>+
if (match_cidr($package['ip'], $range)) return
true;<BR>+
}<BR>+
}<BR>+ if
(!empty($bb2_whitelist_user_agents))
{<BR>+
foreach ($bb2_whitelist_user_agents as $user_agent)
{<BR>+
if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent))
return
true;<BR>+
}<BR>+
}<BR>+ return
false;<BR>+}<BR>+<BR>+?><BR><BR>Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php<BR>===================================================================<BR>---
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php 2008-02-28
10:54:49 UTC (rev 6191)<BR>+++
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php 2008-02-29
06:49:43 UTC (rev 6192)<BR>@@ -20,7 +20,7
@@<BR> $this->desc
= "Bad Behavior for
LifeType";<BR> $this->author
= "The Lifetype
Project";<BR> $this->db
=&
Db::getDb();<BR>- $this->version
=
"20071205";<BR>+
$this->version =
"20080228";<BR><BR> $config
=&
Config::getConfig();<BR> $prefix
=
Db::getPrefix();<BR><BR>_______________________________________________<BR>pLog-svn
mailing list<BR><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:pLog-svn@devel.lifetype.net"
target=_blank>pLog-svn@devel.lifetype.net</A><BR><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://limedaley.com/mailman/listinfo/plog-svn"
target=_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR></BLOCKQUOTE></DIV><BR></SPAN></DIV></BLOCKQUOTE></DIV><BR>_______________________________________________<BR>pLog-svn
mailing list<BR><A onclick="return top.js.OpenExtLink(window,event,this)"
href="mailto:pLog-svn@devel.lifetype.net">pLog-svn@devel.lifetype.net</A><BR><A
onclick="return top.js.OpenExtLink(window,event,this)"
href="http://limedaley.com/mailman/listinfo/plog-svn"
target=_blank>http://limedaley.com/mailman/listinfo/plog-svn</A><BR></BLOCKQUOTE></DIV><BR></BLOCKQUOTE></BODY></HTML>