Version Description
Download this release
Release Info
| Developer | error |
| Plugin |  Bad Behavior |
| Version | 2.0.32 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0.31 to 2.0.32
- README.txt +2 -2
- bad-behavior-wordpress-admin.php +28 -2
- bad-behavior-wordpress.php +1 -1
- bad-behavior/blackhole.inc.php +1 -1
- bad-behavior/common_tests.inc.php +4 -0
- bad-behavior/core.inc.php +1 -1
- bad-behavior/version.inc.php +1 -1
- bad-behavior/whitelist.inc.php +5 -1
README.txt
CHANGED
|
@@ -3,8 +3,8 @@ Tags: comment,trackback,referrer,spam,robot,antispam
|
|
| 3 |
Contributors: error, MarkJaquith, Firas, skeltoac
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 1.2
|
| 6 |
-
Tested up to: 2.8.
|
| 7 |
-
Stable tag: 2.0.
|
| 8 |
|
| 9 |
Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
|
| 10 |
content management system free of link spam. Bad Behavior is a PHP-based
|
| 3 |
Contributors: error, MarkJaquith, Firas, skeltoac
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 1.2
|
| 6 |
+
Tested up to: 2.8.5
|
| 7 |
+
Stable tag: 2.0.32
|
| 8 |
|
| 9 |
Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
|
| 10 |
content management system free of link spam. Bad Behavior is a PHP-based
|
bad-behavior-wordpress-admin.php
CHANGED
|
@@ -35,11 +35,20 @@ function bb2_clean_log_link($uri) {
|
|
| 35 |
}
|
| 36 |
|
| 37 |
function bb2_httpbl_lookup($ip) {
|
|
|
|
| 38 |
$engines = array(
|
| 39 |
-
|
|
|
|
|
|
|
|
|
|
| 40 |
5 => "Googlebot",
|
|
|
|
|
|
|
| 41 |
8 => "msnbot",
|
| 42 |
9 => "Yahoo! Slurp",
|
|
|
|
|
|
|
|
|
|
| 43 |
);
|
| 44 |
$settings = bb2_read_settings();
|
| 45 |
$httpbl_key = $settings['httpbl_key'];
|
|
@@ -162,7 +171,13 @@ Displaying all <strong><?php echo $totalcount; ?></strong> records<br/>
|
|
| 162 |
}
|
| 163 |
echo "<th scope=\"row\" class=\"check-column\"><input type=\"checkbox\" name=\"submit[]\" value=\"" . $result["id"] . "\" /></th>\n";
|
| 164 |
$httpbl = bb2_httpbl_lookup($result["ip"]);
|
| 165 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 166 |
if ($httpbl) echo "<br/><br/>http:BL:<br/>$httpbl\n";
|
| 167 |
echo "</td>\n";
|
| 168 |
$headers = str_replace("\n", "<br/>\n", htmlspecialchars($result['http_headers']));
|
|
@@ -290,4 +305,15 @@ function bb2_options()
|
|
| 290 |
|
| 291 |
add_action('admin_menu', 'bb2_admin_pages');
|
| 292 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 293 |
?>
|
| 35 |
}
|
| 36 |
|
| 37 |
function bb2_httpbl_lookup($ip) {
|
| 38 |
+
// NB: Many of these are defunct
|
| 39 |
$engines = array(
|
| 40 |
+
1 => "AltaVista",
|
| 41 |
+
2 => "Teoma/Ask Crawler",
|
| 42 |
+
3 => "Baidu Spide",
|
| 43 |
+
4 => "Excite",
|
| 44 |
5 => "Googlebot",
|
| 45 |
+
6 => "Looksmart",
|
| 46 |
+
7 => "Lycos",
|
| 47 |
8 => "msnbot",
|
| 48 |
9 => "Yahoo! Slurp",
|
| 49 |
+
10 => "Twiceler",
|
| 50 |
+
11 => "Infoseek",
|
| 51 |
+
12 => "Minor Search Engine",
|
| 52 |
);
|
| 53 |
$settings = bb2_read_settings();
|
| 54 |
$httpbl_key = $settings['httpbl_key'];
|
| 171 |
}
|
| 172 |
echo "<th scope=\"row\" class=\"check-column\"><input type=\"checkbox\" name=\"submit[]\" value=\"" . $result["id"] . "\" /></th>\n";
|
| 173 |
$httpbl = bb2_httpbl_lookup($result["ip"]);
|
| 174 |
+
$host = gethostbyaddr($result["ip"]);
|
| 175 |
+
if (!strcmp($host, $result["ip"])) {
|
| 176 |
+
$host = "";
|
| 177 |
+
} else {
|
| 178 |
+
$host .= "<br/>\n";
|
| 179 |
+
}
|
| 180 |
+
echo "<td><a href=\"" . add_query_arg("ip", $result["ip"], remove_query_arg("paged", $request_uri)) . "\">" . $result["ip"] . "</a><br/>$host<br/>\n" . $result["date"] . "<br/><br/><a href=\"" . add_query_arg("key", $result["key"], remove_query_arg(array("paged", "blocked"), $request_uri)) . "\">" . $key["log"] . "</a>\n";
|
| 181 |
if ($httpbl) echo "<br/><br/>http:BL:<br/>$httpbl\n";
|
| 182 |
echo "</td>\n";
|
| 183 |
$headers = str_replace("\n", "<br/>\n", htmlspecialchars($result['http_headers']));
|
| 305 |
|
| 306 |
add_action('admin_menu', 'bb2_admin_pages');
|
| 307 |
|
| 308 |
+
function bb2_plugin_action_links($links, $file) {
|
| 309 |
+
if ($file == "bad-behavior/bad-behavior-wordpress.php" && function_exists("admin_url")) {
|
| 310 |
+
$log_link = '<a href="' . admin_url("tools.php?page=bb2_manage") . '">Log</a>';
|
| 311 |
+
$settings_link = '<a href="' . admin_url("options-general.php?page=bb2_options") . '">Settings</a>';
|
| 312 |
+
array_unshift($links, $settings_link, $log_link);
|
| 313 |
+
}
|
| 314 |
+
return $links;
|
| 315 |
+
}
|
| 316 |
+
add_filter("plugin_action_links", "bb2_plugin_action_links", 10, 2);
|
| 317 |
+
|
| 318 |
+
|
| 319 |
?>
|
bad-behavior-wordpress.php
CHANGED
|
@@ -1,7 +1,7 @@
|
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
-
Version: 2.0.
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
+
Version: 2.0.32
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
bad-behavior/blackhole.inc.php
CHANGED
|
@@ -45,7 +45,7 @@ function bb2_blackhole($package) {
|
|
| 45 |
|
| 46 |
function bb2_httpbl($settings, $package) {
|
| 47 |
// Can't use IPv6 addresses yet
|
| 48 |
-
if (@is_ipv6($package['ip'])) return;
|
| 49 |
|
| 50 |
if (@!$settings['httpbl_key']) return false;
|
| 51 |
|
| 45 |
|
| 46 |
function bb2_httpbl($settings, $package) {
|
| 47 |
// Can't use IPv6 addresses yet
|
| 48 |
+
if (@is_ipv6($package['ip'])) return false;
|
| 49 |
|
| 50 |
if (@!$settings['httpbl_key']) return false;
|
| 51 |
|
bad-behavior/common_tests.inc.php
CHANGED
|
@@ -45,6 +45,10 @@ function bb2_misc_headers($settings, $package)
|
|
| 45 |
if (strpos($package['request_uri'], "#") !== FALSE) {
|
| 46 |
return "dfd9b1ad";
|
| 47 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 48 |
|
| 49 |
// Range: field exists and begins with 0
|
| 50 |
// Real user-agents do not start ranges at 0
|
| 45 |
if (strpos($package['request_uri'], "#") !== FALSE) {
|
| 46 |
return "dfd9b1ad";
|
| 47 |
}
|
| 48 |
+
// A pretty nasty SQL injection attack on IIS servers
|
| 49 |
+
if (strpos($package['request_uri'], ";DECLARE%20@") !== FALSE) {
|
| 50 |
+
return "dfd9b1ad";
|
| 51 |
+
}
|
| 52 |
|
| 53 |
// Range: field exists and begins with 0
|
| 54 |
// Real user-agents do not start ranges at 0
|
bad-behavior/core.inc.php
CHANGED
|
@@ -183,7 +183,7 @@ function bb2_start($settings)
|
|
| 183 |
} elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
|
| 184 |
require_once(BB2_CORE . "/msnbot.inc.php");
|
| 185 |
bb2_test($settings, $package, bb2_msnbot($package));
|
| 186 |
-
} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE) {
|
| 187 |
require_once(BB2_CORE . "/google.inc.php");
|
| 188 |
bb2_test($settings, $package, bb2_google($package));
|
| 189 |
} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
|
| 183 |
} elseif (stripos($ua, "msnbot") !== FALSE || stripos($ua, "MS Search") !== FALSE) {
|
| 184 |
require_once(BB2_CORE . "/msnbot.inc.php");
|
| 185 |
bb2_test($settings, $package, bb2_msnbot($package));
|
| 186 |
+
} elseif (stripos($ua, "Googlebot") !== FALSE || stripos($ua, "Mediapartners-Google") !== FALSE || stripos($ua, "Google Wireless") !== FALSE) {
|
| 187 |
require_once(BB2_CORE . "/google.inc.php");
|
| 188 |
bb2_test($settings, $package, bb2_google($package));
|
| 189 |
} elseif (stripos($ua, "Mozilla") !== FALSE && stripos($ua, "Mozilla") == 0) {
|
bad-behavior/version.inc.php
CHANGED
|
@@ -1,3 +1,3 @@
|
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
-
define('BB2_VERSION', "2.0.
|
| 3 |
?>
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
+
define('BB2_VERSION', "2.0.32");
|
| 3 |
?>
|
bad-behavior/whitelist.inc.php
CHANGED
|
@@ -68,7 +68,11 @@ function bb2_whitelist($package)
|
|
| 68 |
}
|
| 69 |
}
|
| 70 |
if (!empty($bb2_whitelist_urls)) {
|
| 71 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 72 |
foreach ($bb2_whitelist_urls as $url) {
|
| 73 |
if (!strcmp($request_uri, $url)) return true;
|
| 74 |
}
|
| 68 |
}
|
| 69 |
}
|
| 70 |
if (!empty($bb2_whitelist_urls)) {
|
| 71 |
+
if (strpos($package['request_uri'], "?") === FALSE) {
|
| 72 |
+
$request_uri = $package['request_uri'];
|
| 73 |
+
} else {
|
| 74 |
+
$request_uri = substr($package['request_uri'], 0, strpos($settings['request_uri'], "?"));
|
| 75 |
+
}
|
| 76 |
foreach ($bb2_whitelist_urls as $url) {
|
| 77 |
if (!strcmp($request_uri, $url)) return true;
|
| 78 |
}
|
