Bad Behavior - Version 2.0.23

Version Description

Download this release

Release Info

Developer error
Plugin Icon wp plugin Bad Behavior
Version 2.0.23
Comparing to
See all releases

Code changes from version 2.0.22 to 2.0.23

Files changed (11) hide show
  1. README.txt +3 -3
  2. bad-behavior-wordpress-admin.php +1 -1
  3. bad-behavior-wordpress.php +1 -1
  4. bad-behavior/blacklist.inc.php +1 -1
  5. bad-behavior/common_tests.inc.php +2 -2
  6. bad-behavior/core.inc.php +2 -2
  7. bad-behavior/functions.inc.php +1 -1
  8. bad-behavior/google.inc.php +1 -1
  9. bad-behavior/msie.inc.php +1 -1
  10. bad-behavior/post.inc.php +1 -1
  11. bad-behavior/version.inc.php +1 -1
README.txt CHANGED
@@ -4,7 +4,7 @@ Contributors: error, MarkJaquith, Firas, skeltoac
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5
  Requires at least: 1.2
6
  Tested up to: 2.7
7
- Stable tag: 2.0.22
8
 
9
  Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
10
  content management system free of link spam. Bad Behavior is a PHP-based
@@ -79,8 +79,8 @@ Behavior's logs, requires version 2.1 or later. Users of older versions should
79
  use phpMyAdmin to browse Bad Behavior's logs, or upgrade WordPress.
80
 
81
  * On WordPress when using WordPress Advanced Cache (WP-Cache) or WP-Super
82
- Cache, Bad Behavior requires a patch to WP-Cache 2 in order to protect
83
- cached pages.
84
 
85
  Edit the wp-content/plugins/wp-cache/wp-cache-phase1.php or
86
  wp-content/plugins/wp-super-cache/wp-cache-phase1.php file and find the
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5
  Requires at least: 1.2
6
  Tested up to: 2.7
7
+ Stable tag: 2.0.23
8
 
9
  Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
10
  content management system free of link spam. Bad Behavior is a PHP-based
79
  use phpMyAdmin to browse Bad Behavior's logs, or upgrade WordPress.
80
 
81
  * On WordPress when using WordPress Advanced Cache (WP-Cache) or WP-Super
82
+ Cache, Bad Behavior requires a patch to WP-Cache or WP-Super Cache in order to
83
+ protect Cached pages. Bad Behavior cannot protect Super Cached pages.
84
 
85
  Edit the wp-content/plugins/wp-cache/wp-cache-phase1.php or
86
  wp-content/plugins/wp-super-cache/wp-cache-phase1.php file and find the
bad-behavior-wordpress-admin.php CHANGED
@@ -269,7 +269,7 @@ function bb2_options()
269
  </table>
270
 
271
  <h3><?php _e('http:BL'); ?></h3>
272
- <p>To use Bad Behavior's http:BL features you must have an <a href="http://www.projecthoneypot.org/httpbl_configure.php">http:BL Access Key</a>.</p>
273
  <table class="form-table">
274
  <tr><td><label><input type="text" size="12" maxlength="12" name="httpbl_key" value="<?php echo $settings['httpbl_key']; ?>" /> http:BL Access Key</label></td></tr>
275
  <tr><td><label><input type="text" size="3" maxlength="3" name="httpbl_threat" value="<?php echo $settings['httpbl_threat']; ?>" /> Minimum Threat Level (25 is recommended)</label></td></tr>
269
  </table>
270
 
271
  <h3><?php _e('http:BL'); ?></h3>
272
+ <p>To use Bad Behavior's http:BL features you must have an <a href="http://www.projecthoneypot.org/httpbl_configure.php?rf=24694">http:BL Access Key</a>.</p>
273
  <table class="form-table">
274
  <tr><td><label><input type="text" size="12" maxlength="12" name="httpbl_key" value="<?php echo $settings['httpbl_key']; ?>" /> http:BL Access Key</label></td></tr>
275
  <tr><td><label><input type="text" size="3" maxlength="3" name="httpbl_threat" value="<?php echo $settings['httpbl_threat']; ?>" /> Minimum Threat Level (25 is recommended)</label></td></tr>
bad-behavior-wordpress.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
  /*
3
  Plugin Name: Bad Behavior
4
- Version: 2.0.22
5
  Description: Deny automated spambots access to your PHP-based Web site.
6
  Plugin URI: http://www.bad-behavior.ioerror.us/
7
  Author: Michael Hampton
1
  <?php
2
  /*
3
  Plugin Name: Bad Behavior
4
+ Version: 2.0.23
5
  Description: Deny automated spambots access to your PHP-based Web site.
6
  Plugin URI: http://www.bad-behavior.ioerror.us/
7
  Author: Michael Hampton
bad-behavior/blacklist.inc.php CHANGED
@@ -94,7 +94,7 @@ function bb2_blacklist($package) {
94
 
95
  // Do not edit below this line.
96
 
97
- $ua = $package['headers_mixed']['User-Agent'];
98
 
99
  foreach ($bb2_spambots_0 as $spambot) {
100
  $pos = strpos($ua, $spambot);
94
 
95
  // Do not edit below this line.
96
 
97
+ @$ua = $package['headers_mixed']['User-Agent'];
98
 
99
  foreach ($bb2_spambots_0 as $spambot) {
100
  $pos = strpos($ua, $spambot);
bad-behavior/common_tests.inc.php CHANGED
@@ -32,7 +32,7 @@ function bb2_cookies($settings, $package)
32
 
33
  function bb2_misc_headers($settings, $package)
34
  {
35
- $ua = $package['headers_mixed']['User-Agent'];
36
 
37
  if (!strcmp($package['request_method'], "POST") && empty($ua)) {
38
  return "f9f2b8b9";
@@ -51,7 +51,7 @@ function bb2_misc_headers($settings, $package)
51
  // Exceptions: MT (not fixable); LJ (refuses to fix; may be
52
  // blocked again in the future)
53
  if (array_key_exists('Range', $package['headers_mixed']) && strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) {
54
- if (strncmp($ua, "MovableType", 11) && strncmp($ua, "URI::Fetch", 10)) {
55
  return "7ad04a8a";
56
  }
57
  }
32
 
33
  function bb2_misc_headers($settings, $package)
34
  {
35
+ @$ua = $package['headers_mixed']['User-Agent'];
36
 
37
  if (!strcmp($package['request_method'], "POST") && empty($ua)) {
38
  return "f9f2b8b9";
51
  // Exceptions: MT (not fixable); LJ (refuses to fix; may be
52
  // blocked again in the future)
53
  if (array_key_exists('Range', $package['headers_mixed']) && strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) {
54
+ if (strncmp($ua, "MovableType", 11) && strncmp($ua, "URI::Fetch", 10) && strncmp($ua, "php-openid/", 11)) {
55
  return "7ad04a8a";
56
  }
57
  }
bad-behavior/core.inc.php CHANGED
@@ -115,7 +115,7 @@ function bb2_start($settings)
115
  $request_method = $_SERVER['REQUEST_METHOD'];
116
  $request_uri = $_SERVER['REQUEST_URI'];
117
  $server_protocol = $_SERVER['SERVER_PROTOCOL'];
118
- $user_agent = $_SERVER['HTTP_USER_AGENT'];
119
 
120
  // Reconstruct the HTTP entity, if present.
121
  $request_entity = array();
@@ -148,7 +148,7 @@ function bb2_start($settings)
148
  bb2_test($settings, $package, bb2_misc_headers($settings, $package));
149
 
150
  // Specific checks
151
- $ua = $headers_mixed['User-Agent'];
152
  // MSIE checks
153
  if (stripos($ua, "MSIE") !== FALSE) {
154
  $package['is_browser'] = true;
115
  $request_method = $_SERVER['REQUEST_METHOD'];
116
  $request_uri = $_SERVER['REQUEST_URI'];
117
  $server_protocol = $_SERVER['SERVER_PROTOCOL'];
118
+ @$user_agent = $_SERVER['HTTP_USER_AGENT'];
119
 
120
  // Reconstruct the HTTP entity, if present.
121
  $request_entity = array();
148
  bb2_test($settings, $package, bb2_misc_headers($settings, $package));
149
 
150
  // Specific checks
151
+ @$ua = $headers_mixed['User-Agent'];
152
  // MSIE checks
153
  if (stripos($ua, "MSIE") !== FALSE) {
154
  $package['is_browser'] = true;
bad-behavior/functions.inc.php CHANGED
@@ -44,7 +44,7 @@ function match_cidr($addr, $cidr) {
44
  }
45
  }
46
  } else {
47
- list($ip, $mask) = explode('/', $cidr);
48
  if (!$mask) $mask = 32;
49
  $mask = pow(2,32) - pow(2, (32 - $mask));
50
  $output = ((ip2long($addr) & $mask) == (ip2long($ip) & $mask));
44
  }
45
  }
46
  } else {
47
+ @list($ip, $mask) = explode('/', $cidr);
48
  if (!$mask) $mask = 32;
49
  $mask = pow(2,32) - pow(2, (32 - $mask));
50
  $output = ((ip2long($addr) & $mask) == (ip2long($ip) & $mask));
bad-behavior/google.inc.php CHANGED
@@ -4,7 +4,7 @@
4
 
5
  function bb2_google($package)
6
  {
7
- if (match_cidr($package['ip'], "66.249.64.0/19") === FALSE && match_cidr($package['ip'], "64.233.160.0/19") === FALSE) {
8
  return "f1182195";
9
  }
10
  return false;
4
 
5
  function bb2_google($package)
6
  {
7
+ if (match_cidr($package['ip'], "66.249.64.0/19") === FALSE && match_cidr($package['ip'], "64.233.160.0/19") === FALSE && match_cidr($package['ip'], "72.14.192.0/18") === FALSE) {
8
  return "f1182195";
9
  }
10
  return false;
bad-behavior/msie.inc.php CHANGED
@@ -15,7 +15,7 @@ function bb2_msie($package)
15
 
16
  // MSIE does NOT send Connection: TE but Akamai does
17
  // Bypass this test when Akamai detected
18
- if (!array_key_exists('Akamai-Origin-Hop', $package['headers_mixed']) && preg_match('/\bTE\b/i', $package['headers_mixed']['Connection'])) {
19
  return "2b90f772";
20
  }
21
 
15
 
16
  // MSIE does NOT send Connection: TE but Akamai does
17
  // Bypass this test when Akamai detected
18
+ if (!array_key_exists('Akamai-Origin-Hop', $package['headers_mixed']) && @preg_match('/\bTE\b/i', $package['headers_mixed']['Connection'])) {
19
  return "2b90f772";
20
  }
21
 
bad-behavior/post.inc.php CHANGED
@@ -63,7 +63,7 @@ function bb2_post($settings, $package)
63
  // if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
64
  // return "c1fa729b";
65
 
66
- if ($package['headers_mixed']['X-Forwarded-For']) {
67
  $ip = $package['headers_mixed']['X-Forwarded-For'];
68
  }
69
  // Screen for user agent changes
63
  // if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
64
  // return "c1fa729b";
65
 
66
+ if (!empty($package['headers_mixed']['X-Forwarded-For'])) {
67
  $ip = $package['headers_mixed']['X-Forwarded-For'];
68
  }
69
  // Screen for user agent changes
bad-behavior/version.inc.php CHANGED
@@ -1,3 +1,3 @@
1
  <?php if (!defined('BB2_CWD')) die("I said no cheating!");
2
- define('BB2_VERSION', "2.0.22");
3
  ?>
1
  <?php if (!defined('BB2_CWD')) die("I said no cheating!");
2
+ define('BB2_VERSION', "2.0.23");
3
  ?>