Version Description
Download this release
Release Info
| Developer | error |
| Plugin |  Bad Behavior |
| Version | 2.2.1 |
| Comparing to | |
| See all releases | |
Code changes from version 2.2.0 to 2.2.1
- README.txt +1 -1
- bad-behavior-mysql.php +1 -0
- bad-behavior-wordpress-admin.php +49 -9
- bad-behavior-wordpress.php +31 -6
- bad-behavior/core.inc.php +3 -3
README.txt
CHANGED
|
@@ -4,7 +4,7 @@ Contributors: error, markjaquith, skeltoac
|
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 2.7
|
| 6 |
Tested up to: 3.3.1
|
| 7 |
-
Stable tag: 2.2.
|
| 8 |
|
| 9 |
Bad Behavior prevents spammers from ever delivering their junk, and in many
|
| 10 |
cases, from ever reading your site in the first place.
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 2.7
|
| 6 |
Tested up to: 3.3.1
|
| 7 |
+
Stable tag: 2.2.1
|
| 8 |
|
| 9 |
Bad Behavior prevents spammers from ever delivering their junk, and in many
|
| 10 |
cases, from ever reading your site in the first place.
|
bad-behavior-mysql.php
CHANGED
|
@@ -24,6 +24,7 @@ function bb2_table_structure($name)
|
|
| 24 |
// Insert a new record
|
| 25 |
function bb2_insert($settings, $package, $key)
|
| 26 |
{
|
|
|
|
| 27 |
$ip = bb2_db_escape($package['ip']);
|
| 28 |
$date = bb2_db_date();
|
| 29 |
$request_method = bb2_db_escape($package['request_method']);
|
| 24 |
// Insert a new record
|
| 25 |
function bb2_insert($settings, $package, $key)
|
| 26 |
{
|
| 27 |
+
if (!$settings['logging']) return "";
|
| 28 |
$ip = bb2_db_escape($package['ip']);
|
| 29 |
$date = bb2_db_date();
|
| 30 |
$request_method = bb2_db_escape($package['request_method']);
|
bad-behavior-wordpress-admin.php
CHANGED
|
@@ -21,7 +21,7 @@ function bb2_admin_pages() {
|
|
| 21 |
if ($bb2_is_admin) {
|
| 22 |
add_options_page(__("Bad Behavior"), __("Bad Behavior"), 8, 'bb2_options', 'bb2_options');
|
| 23 |
if ($wp_db_version >= 4772) { // Version 2.1 or later
|
| 24 |
-
add_management_page(__("Bad Behavior"), __("Bad Behavior"), 8, 'bb2_manage', 'bb2_manage');
|
| 25 |
}
|
| 26 |
@session_start();
|
| 27 |
}
|
|
@@ -94,6 +94,41 @@ function bb2_httpbl_lookup($ip) {
|
|
| 94 |
return $d;
|
| 95 |
}
|
| 96 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 97 |
function bb2_manage() {
|
| 98 |
global $wpdb;
|
| 99 |
|
|
@@ -113,12 +148,12 @@ function bb2_manage() {
|
|
| 113 |
if ($_GET['request_method']) $where .= "AND `request_method` = '" . $wpdb->escape($_GET['request_method']) . "' ";
|
| 114 |
|
| 115 |
// Query the DB based on variables selected
|
| 116 |
-
$r = bb2_db_query("SELECT COUNT(
|
| 117 |
$results = bb2_db_rows($r);
|
| 118 |
-
$totalcount = $results[0]["COUNT(
|
| 119 |
-
$r = bb2_db_query("SELECT COUNT(
|
| 120 |
$results = bb2_db_rows($r);
|
| 121 |
-
$count = $results[0]["COUNT(
|
| 122 |
$pages = ceil($count / 100);
|
| 123 |
$r = bb2_db_query("SELECT * FROM `" . $settings['log_table'] . "` WHERE 1=1 " . $where . "ORDER BY `date` DESC LIMIT " . ($paged - 1) * $rows_per_page . "," . $rows_per_page);
|
| 124 |
$results = bb2_db_rows($r);
|
|
@@ -126,11 +161,13 @@ function bb2_manage() {
|
|
| 126 |
// Display rows to the user
|
| 127 |
?>
|
| 128 |
<div class="wrap">
|
| 129 |
-
|
|
|
|
|
|
|
|
|
|
| 130 |
<form method="post" action="<?php echo $request_uri; ?>">
|
| 131 |
<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
|
| 132 |
-
<p>
|
| 133 |
-
|
| 134 |
<div class="tablenav">
|
| 135 |
<?php
|
| 136 |
$page_links = paginate_links(array('base' => add_query_arg("paged", "%#%"), 'format' => '', 'total' => $pages, 'current' => $paged));
|
|
@@ -287,10 +324,13 @@ function bb2_options()
|
|
| 287 |
}
|
| 288 |
?>
|
| 289 |
<div class="wrap">
|
|
|
|
|
|
|
|
|
|
| 290 |
<h2><?php _e("Bad Behavior"); ?></h2>
|
| 291 |
<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
|
| 292 |
<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
|
| 293 |
-
<p>
|
| 294 |
|
| 295 |
<h3><?php _e('Statistics'); ?></h3>
|
| 296 |
<?php bb2_insert_stats(true); ?>
|
| 21 |
if ($bb2_is_admin) {
|
| 22 |
add_options_page(__("Bad Behavior"), __("Bad Behavior"), 8, 'bb2_options', 'bb2_options');
|
| 23 |
if ($wp_db_version >= 4772) { // Version 2.1 or later
|
| 24 |
+
add_management_page(__("Bad Behavior Log"), __("Bad Behavior Log"), 8, 'bb2_manage', 'bb2_manage');
|
| 25 |
}
|
| 26 |
@session_start();
|
| 27 |
}
|
| 94 |
return $d;
|
| 95 |
}
|
| 96 |
|
| 97 |
+
function bb2_donate_button($thispage) {
|
| 98 |
+
return
|
| 99 |
+
' <div style="float: right; clear: right; width: 200px; border: 1px solid #e6db55; color: #333; background-color: lightYellow; padding: 0 10px">
|
| 100 |
+
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
|
| 101 |
+
<p>Bad Behavior is an important tool in the fight against web spam. Show your support by donating<br/>
|
| 102 |
+
<select name="amount">
|
| 103 |
+
<option value="1.99">$1.99 USD</option>
|
| 104 |
+
<option value="2.99">$2.99 USD</option>
|
| 105 |
+
<option value="3.99">$3.99 USD</option>
|
| 106 |
+
<option value="4.99">$4.99 USD</option>
|
| 107 |
+
<option value="6.99">$6.99 USD</option>
|
| 108 |
+
<option value="9.99">$9.99 USD</option>
|
| 109 |
+
<option value="">Other...</option>
|
| 110 |
+
</select><br/>
|
| 111 |
+
<input type="hidden" name="cmd" value="_donations">
|
| 112 |
+
<input type="hidden" name="business" value="EAZGZZV7RE4QJ">
|
| 113 |
+
<input type="hidden" name="lc" value="US">
|
| 114 |
+
<input type="hidden" name="item_name" value="Bad Behavior '.BB2_VERSION.' (WordPress)">
|
| 115 |
+
<input type="hidden" name="currency_code" value="USD">
|
| 116 |
+
<input type="hidden" name="no_note" value="0">
|
| 117 |
+
<input type="hidden" name="cn" value="Comments about Bad Behavior">
|
| 118 |
+
<input type="hidden" name="no_shipping" value="1">
|
| 119 |
+
<input type="hidden" name="rm" value="1">
|
| 120 |
+
<input type="hidden" name="return" value="'.$thispage.'">
|
| 121 |
+
<input type="hidden" name="cancel_return" value="'.$thispage.'">
|
| 122 |
+
<input type="hidden" name="currency_code" value="USD">
|
| 123 |
+
<input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHosted">
|
| 124 |
+
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
|
| 125 |
+
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
|
| 126 |
+
</p>
|
| 127 |
+
</form>
|
| 128 |
+
</div>
|
| 129 |
+
';
|
| 130 |
+
}
|
| 131 |
+
|
| 132 |
function bb2_manage() {
|
| 133 |
global $wpdb;
|
| 134 |
|
| 148 |
if ($_GET['request_method']) $where .= "AND `request_method` = '" . $wpdb->escape($_GET['request_method']) . "' ";
|
| 149 |
|
| 150 |
// Query the DB based on variables selected
|
| 151 |
+
$r = bb2_db_query("SELECT COUNT(id) FROM `" . $settings['log_table']);
|
| 152 |
$results = bb2_db_rows($r);
|
| 153 |
+
$totalcount = $results[0]["COUNT(id)"];
|
| 154 |
+
$r = bb2_db_query("SELECT COUNT(id) FROM `" . $settings['log_table'] . "` WHERE 1=1 " . $where);
|
| 155 |
$results = bb2_db_rows($r);
|
| 156 |
+
$count = $results[0]["COUNT(id)"];
|
| 157 |
$pages = ceil($count / 100);
|
| 158 |
$r = bb2_db_query("SELECT * FROM `" . $settings['log_table'] . "` WHERE 1=1 " . $where . "ORDER BY `date` DESC LIMIT " . ($paged - 1) * $rows_per_page . "," . $rows_per_page);
|
| 159 |
$results = bb2_db_rows($r);
|
| 161 |
// Display rows to the user
|
| 162 |
?>
|
| 163 |
<div class="wrap">
|
| 164 |
+
<?php
|
| 165 |
+
echo bb2_donate_button(admin_url("tools.php?page=bb2_manage"));
|
| 166 |
+
?>
|
| 167 |
+
<h2><?php _e("Bad Behavior Log"); ?></h2>
|
| 168 |
<form method="post" action="<?php echo $request_uri; ?>">
|
| 169 |
<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
|
| 170 |
+
<p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options") ?>">Settings</a></p>
|
|
|
|
| 171 |
<div class="tablenav">
|
| 172 |
<?php
|
| 173 |
$page_links = paginate_links(array('base' => add_query_arg("paged", "%#%"), 'format' => '', 'total' => $pages, 'current' => $paged));
|
| 324 |
}
|
| 325 |
?>
|
| 326 |
<div class="wrap">
|
| 327 |
+
<?php
|
| 328 |
+
echo bb2_donate_button(admin_url("options-general.php?page=bb2_options"));
|
| 329 |
+
?>
|
| 330 |
<h2><?php _e("Bad Behavior"); ?></h2>
|
| 331 |
<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
|
| 332 |
<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
|
| 333 |
+
<p>See also: <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?>">Log</a></p>
|
| 334 |
|
| 335 |
<h3><?php _e('Statistics'); ?></h3>
|
| 336 |
<?php bb2_insert_stats(true); ?>
|
bad-behavior-wordpress.php
CHANGED
|
@@ -1,7 +1,7 @@
|
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
-
Version: 2.2.
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
|
@@ -32,6 +32,8 @@ http://www.bad-behavior.ioerror.us/
|
|
| 32 |
|
| 33 |
if (!defined('ABSPATH')) die("No cheating!");
|
| 34 |
|
|
|
|
|
|
|
| 35 |
$bb2_mtime = explode(" ", microtime());
|
| 36 |
$bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
|
| 37 |
|
|
@@ -127,8 +129,31 @@ function bb2_insert_head() {
|
|
| 127 |
echo $bb2_javascript;
|
| 128 |
}
|
| 129 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 130 |
// Display stats?
|
| 131 |
function bb2_insert_stats($force = false) {
|
|
|
|
|
|
|
| 132 |
$settings = bb2_read_settings();
|
| 133 |
|
| 134 |
if ($force || $settings['display_stats']) {
|
|
@@ -137,9 +162,9 @@ function bb2_insert_stats($force = false) {
|
|
| 137 |
echo sprintf('<p><a href="http://www.bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
|
| 138 |
}
|
| 139 |
}
|
| 140 |
-
if (@!empty($
|
| 141 |
-
echo sprintf("\n<!-- Bad Behavior result was %s! This request would have been blocked. -->\n", $
|
| 142 |
-
unset($
|
| 143 |
}
|
| 144 |
}
|
| 145 |
|
|
@@ -154,6 +179,7 @@ function bb2_relative_path() {
|
|
| 154 |
//add_action('activate_bb2/bad-behavior-wordpress.php', 'bb2_install');
|
| 155 |
add_action('wp_head', 'bb2_insert_head');
|
| 156 |
add_action('wp_footer', 'bb2_insert_stats');
|
|
|
|
| 157 |
|
| 158 |
// Calls inward to Bad Behavor itself.
|
| 159 |
require_once(BB2_CWD . "/bad-behavior/core.inc.php");
|
|
@@ -164,8 +190,7 @@ if (is_admin() || strstr($_SERVER['PHP_SELF'], 'wp-admin/')) { // 1.5 kludge
|
|
| 164 |
require_once(BB2_CWD . "/bad-behavior-wordpress-admin.php");
|
| 165 |
}
|
| 166 |
|
| 167 |
-
|
| 168 |
-
$_SESSION['BB2_RESULT'] = bb2_start(bb2_read_settings());
|
| 169 |
|
| 170 |
$bb2_mtime = explode(" ", microtime());
|
| 171 |
$bb2_timer_stop = $bb2_mtime[1] + $bb2_mtime[0];
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
+
Version: 2.2.1
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
| 32 |
|
| 33 |
if (!defined('ABSPATH')) die("No cheating!");
|
| 34 |
|
| 35 |
+
global $bb2_result;
|
| 36 |
+
|
| 37 |
$bb2_mtime = explode(" ", microtime());
|
| 38 |
$bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0];
|
| 39 |
|
| 129 |
echo $bb2_javascript;
|
| 130 |
}
|
| 131 |
|
| 132 |
+
function bb2_approved_callback($settings, $package) {
|
| 133 |
+
global $bb2_package;
|
| 134 |
+
|
| 135 |
+
// Save package for possible later use
|
| 136 |
+
$bb2_package = $package;
|
| 137 |
+
}
|
| 138 |
+
|
| 139 |
+
// Capture missed spam and log it
|
| 140 |
+
function bb2_capture_spam($id, $comment) {
|
| 141 |
+
global $bb2_package;
|
| 142 |
+
|
| 143 |
+
// Capture only spam
|
| 144 |
+
if ('spam' != $comment->comment_approved) return;
|
| 145 |
+
|
| 146 |
+
// Don't capture if HTTP request no longer active
|
| 147 |
+
if (array_key_exists("request_entity", $bb2_package) && array_key_exists("author", $bb2_package['request_entity']) && $bb2_package['request_entity']['author'] == $comment->comment_author) {
|
| 148 |
+
bb2_db_query(bb2_insert(bb2_read_settings(), $bb2_package, "00000000"));
|
| 149 |
+
}
|
| 150 |
+
trigger_error("Bad Behavior spam capture", E_USER_WARNING);
|
| 151 |
+
}
|
| 152 |
+
|
| 153 |
// Display stats?
|
| 154 |
function bb2_insert_stats($force = false) {
|
| 155 |
+
global $bb2_result;
|
| 156 |
+
|
| 157 |
$settings = bb2_read_settings();
|
| 158 |
|
| 159 |
if ($force || $settings['display_stats']) {
|
| 162 |
echo sprintf('<p><a href="http://www.bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
|
| 163 |
}
|
| 164 |
}
|
| 165 |
+
if (@!empty($bb2_result)) {
|
| 166 |
+
echo sprintf("\n<!-- Bad Behavior result was %s! This request would have been blocked. -->\n", $bb2_result);
|
| 167 |
+
unset($bb2_result);
|
| 168 |
}
|
| 169 |
}
|
| 170 |
|
| 179 |
//add_action('activate_bb2/bad-behavior-wordpress.php', 'bb2_install');
|
| 180 |
add_action('wp_head', 'bb2_insert_head');
|
| 181 |
add_action('wp_footer', 'bb2_insert_stats');
|
| 182 |
+
add_action('wp_insert_comment', 'bb2_capture_spam', 99, 2);
|
| 183 |
|
| 184 |
// Calls inward to Bad Behavor itself.
|
| 185 |
require_once(BB2_CWD . "/bad-behavior/core.inc.php");
|
| 190 |
require_once(BB2_CWD . "/bad-behavior-wordpress-admin.php");
|
| 191 |
}
|
| 192 |
|
| 193 |
+
$bb2_result = bb2_start(bb2_read_settings());
|
|
|
|
| 194 |
|
| 195 |
$bb2_mtime = explode(" ", microtime());
|
| 196 |
$bb2_timer_stop = $bb2_mtime[1] + $bb2_mtime[0];
|
bad-behavior/core.inc.php
CHANGED
|
@@ -1,5 +1,5 @@
|
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
-
define('BB2_VERSION', "2.2.
|
| 3 |
|
| 4 |
// Bad Behavior entry point is bb2_start()
|
| 5 |
// If you're reading this, you are probably lost.
|
|
@@ -43,9 +43,9 @@ function bb2_approved($settings, $package)
|
|
| 43 |
// If this is reverse-proxied or load balanced, obtain the actual client IP
|
| 44 |
function bb2_reverse_proxy($settings, $headers_mixed)
|
| 45 |
{
|
| 46 |
-
$addrs = array_reverse(preg_split("/[\s,]+/", $headers_mixed[$settings['reverse_proxy_header']]));
|
| 47 |
if (empty($addrs)) {
|
| 48 |
-
|
| 49 |
} else if (!empty($settings['reverse_proxy_addresses'])) {
|
| 50 |
foreach ($addrs as $addr) {
|
| 51 |
if (!match_cidr($addr, $settings['reverse_proxy_addresses'])) {
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
+
define('BB2_VERSION', "2.2.1");
|
| 3 |
|
| 4 |
// Bad Behavior entry point is bb2_start()
|
| 5 |
// If you're reading this, you are probably lost.
|
| 43 |
// If this is reverse-proxied or load balanced, obtain the actual client IP
|
| 44 |
function bb2_reverse_proxy($settings, $headers_mixed)
|
| 45 |
{
|
| 46 |
+
$addrs = @array_reverse(preg_split("/[\s,]+/", $headers_mixed[$settings['reverse_proxy_header']]));
|
| 47 |
if (empty($addrs)) {
|
| 48 |
+
return $_SERVER['REMOTE_ADDR'];
|
| 49 |
} else if (!empty($settings['reverse_proxy_addresses'])) {
|
| 50 |
foreach ($addrs as $addr) {
|
| 51 |
if (!match_cidr($addr, $settings['reverse_proxy_addresses'])) {
|
