This is an automated email from the git hooks/post-receive script. s k u n n y k p u s h e d a c o m m i t t o b r a n c h o l d f o r u m in repository www/forum.xfce.org.
commit 3ac209e486f1d3488b158a32a427fd3b2ca2c0cb Author: Nick Schermer <n...@xfce.org> Date: Mon May 14 15:58:23 2012 +0200 Update bad-behaviour. --- include/bad-behavior/core.inc.php | 4 ++-- include/bad-behavior/post.inc.php | 9 +++++++-- include/bad-behavior/screener.inc.php | 4 +++- include/bad-behavior/whitelist.inc.php | 9 +++++++-- 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/bad-behavior/core.inc.php b/include/bad-behavior/core.inc.php index 6437537..6286a16 100644 --- a/include/bad-behavior/core.inc.php +++ b/include/bad-behavior/core.inc.php @@ -1,5 +1,5 @@ <?php if (!defined('BB2_CWD')) die("I said no cheating!"); -define('BB2_VERSION', "2.2.2"); +define('BB2_VERSION', "2.2.5"); // Bad Behavior entry point is bb2_start() // If you're reading this, you are probably lost. @@ -123,7 +123,7 @@ function bb2_screen($settings, $package) // First check the whitelist require_once(BB2_CORE . "/whitelist.inc.php"); - if (!bb2_whitelist($package)) { + if (!bb2_run_whitelist($package)) { // Now check the blacklist require_once(BB2_CORE . "/blacklist.inc.php"); if ($r = bb2_blacklist($package)) return $r; diff --git a/include/bad-behavior/post.inc.php b/include/bad-behavior/post.inc.php index 39f7d34..88c99ba 100644 --- a/include/bad-behavior/post.inc.php +++ b/include/bad-behavior/post.inc.php @@ -54,8 +54,13 @@ function bb2_post($settings, $package) } // If Referer exists, it should refer to a page on our site - if (!$settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed']) && stripos($package['headers_mixed']['Referer'], $package['headers_mixed']['Host']) === FALSE) { - return "cd361abb"; + if (!$settings['offsite_forms'] && array_key_exists('Referer', $package['headers_mixed'])) { + $url = parse_url($package['headers_mixed']['Referer']); + $url['host'] = preg_replace('|^www\.|', '', $url['host']); + $host = preg_replace('|^www\.|', '', $package['headers_mixed']['Host']); + if (strcasecmp($host, $url['host'])) { + return "cd361abb"; + } } // Screen by cookie/JavaScript form add diff --git a/include/bad-behavior/screener.inc.php b/include/bad-behavior/screener.inc.php index 8f5a624..b50f02f 100644 --- a/include/bad-behavior/screener.inc.php +++ b/include/bad-behavior/screener.inc.php @@ -5,7 +5,9 @@ function bb2_screener_cookie($settings, $package, $cookie_name, $cookie_value) { // FIXME: Set the real cookie - setcookie($cookie_name, $cookie_value, 0, bb2_relative_path()); + if (!$settings['eu_cookie']) { + setcookie($cookie_name, $cookie_value, 0, bb2_relative_path()); + } } function bb2_screener_javascript($settings, $package, $cookie_name, $cookie_value) diff --git a/include/bad-behavior/whitelist.inc.php b/include/bad-behavior/whitelist.inc.php index 6f09e78..0e1e710 100644 --- a/include/bad-behavior/whitelist.inc.php +++ b/include/bad-behavior/whitelist.inc.php @@ -1,8 +1,13 @@ <?php if (!defined('BB2_CORE')) die('I said no cheating!'); -function bb2_whitelist($package) +function bb2_run_whitelist($package) { - $whitelists = @parse_ini_file(dirname(BB2_CORE) . "/whitelist.ini"); + # FIXME: Transitional, until port maintainters implement bb2_read_whitelist + if (function_exists('bb2_read_whitelist')) { + $whitelists = bb2_read_whitelist(); + } else { + $whitelists = @parse_ini_file(dirname(BB2_CORE) . "/whitelist.ini"); + } if (@!empty($whitelists['ip'])) { foreach ($whitelists['ip'] as $range) { -- To stop receiving notification emails like this one, please contact the administrator of this repository. _______________________________________________ Xfce4-commits mailing list Xfce4-commits@xfce.org https://mail.xfce.org/mailman/listinfo/xfce4-commits