Bad Behavior - Version 2.2.15

Version Description

Download this release

Release Info

Developer error
Plugin Icon wp plugin Bad Behavior
Version 2.2.15
Comparing to
See all releases

Code changes from version 2.2.14 to 2.2.15

Files changed (7) hide show
  1. README.txt +2 -2
  2. bad-behavior-wordpress-admin.php +1 -1
  3. bad-behavior-wordpress.php +2 -4
  4. bad-behavior/blacklist.inc.php +1 -0
  5. bad-behavior/core.inc.php +1 -1
  6. bad-behavior/post.inc.php +1 -1
  7. bad-behavior/screener.inc.php +5 -2
README.txt CHANGED
@@ -3,8 +3,8 @@ Tags: comment,trackback,referrer,spam,robot,antispam
3
  Contributors: error
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5
  Requires at least: 3.1
6
- Tested up to: 3.5.1
7
- Stable tag: 2.2.14
8
 
9
  Bad Behavior prevents spammers from ever delivering their junk, and in many
10
  cases, from ever reading your site in the first place.
3
  Contributors: error
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5
  Requires at least: 3.1
6
+ Tested up to: 4.0
7
+ Stable tag: 2.2.15
8
 
9
  Bad Behavior prevents spammers from ever delivering their junk, and in many
10
  cases, from ever reading your site in the first place.
bad-behavior-wordpress-admin.php CHANGED
@@ -423,7 +423,7 @@ function bb2_options()
423
  </table>
424
 
425
  <h3><?php _e('European Union Cookie'); ?></h3>
426
- <p>Select this option if you believe Bad Behavior's site security cookie is not exempt from the 2012 EU cookie regulation. <a href="http://bad-behavior.ioerror.us/2012/05/03/bad-behavior-2-2-4/">More info</a></p>
427
  <table class="form-table">
428
  <tr><td><label><input type="checkbox" name="eu_cookie" value="true" <?php if ($settings['eu_cookie']) { ?>checked="checked" <?php } ?>/> <?php _e('EU cookie handling'); ?></label></td></tr>
429
  </table>
423
  </table>
424
 
425
  <h3><?php _e('European Union Cookie'); ?></h3>
426
+ <p>Select this option if you believe Bad Behavior's site security cookie is not exempt from the 2012 EU cookie regulation. <a href="http://bad-behavior.ioerror.us/2012/05/04/eu-cookie-requirement-disclosure/">More info</a></p>
427
  <table class="form-table">
428
  <tr><td><label><input type="checkbox" name="eu_cookie" value="true" <?php if ($settings['eu_cookie']) { ?>checked="checked" <?php } ?>/> <?php _e('EU cookie handling'); ?></label></td></tr>
429
  </table>
bad-behavior-wordpress.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
  /*
3
  Plugin Name: Bad Behavior
4
- Version: 2.2.14
5
  Description: Deny automated spambots access to your PHP-based Web site.
6
  Plugin URI: http://bad-behavior.ioerror.us/
7
  Author: Michael Hampton
@@ -56,9 +56,7 @@ function bb2_db_affected_rows() {
56
 
57
  // Escape a string for database usage
58
  function bb2_db_escape($string) {
59
- global $wpdb;
60
-
61
- return $wpdb->escape($string);
62
  }
63
 
64
  // Return the number of rows in a particular query.
1
  <?php
2
  /*
3
  Plugin Name: Bad Behavior
4
+ Version: 2.2.15
5
  Description: Deny automated spambots access to your PHP-based Web site.
6
  Plugin URI: http://bad-behavior.ioerror.us/
7
  Author: Michael Hampton
56
 
57
  // Escape a string for database usage
58
  function bb2_db_escape($string) {
59
+ return esc_sql($string);
 
 
60
  }
61
 
62
  // Return the number of rows in a particular query.
bad-behavior/blacklist.inc.php CHANGED
@@ -93,6 +93,7 @@ function bb2_blacklist($package) {
93
  "Murzillo compatible", // comment spam bot
94
  ".NET CLR 1)", // free poker, etc.
95
  ".NET CLR1", // spam harvester
 
96
  "Nikto/", // vulnerability scanner
97
  "Perman Surfer", // old and very broken harvester
98
  "POE-Component-Client", // free poker, etc.
93
  "Murzillo compatible", // comment spam bot
94
  ".NET CLR 1)", // free poker, etc.
95
  ".NET CLR1", // spam harvester
96
+ "Netsparker", // vulnerability scanner
97
  "Nikto/", // vulnerability scanner
98
  "Perman Surfer", // old and very broken harvester
99
  "POE-Component-Client", // free poker, etc.
bad-behavior/core.inc.php CHANGED
@@ -1,5 +1,5 @@
1
  <?php if (!defined('BB2_CWD')) die("I said no cheating!");
2
- define('BB2_VERSION', "2.2.14");
3
 
4
  // Bad Behavior entry point is bb2_start()
5
  // If you're reading this, you are probably lost.
1
  <?php if (!defined('BB2_CWD')) die("I said no cheating!");
2
+ define('BB2_VERSION', "2.2.15");
3
 
4
  // Bad Behavior entry point is bb2_start()
5
  // If you're reading this, you are probably lost.
bad-behavior/post.inc.php CHANGED
@@ -64,7 +64,7 @@ function bb2_post($settings, $package)
64
  }
65
 
66
  // Screen by cookie/JavaScript form add
67
- if (isset($_COOKIE[BB2_COOKIE])) {
68
  $screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
69
  } else {
70
  $screener1 = array(0);
64
  }
65
 
66
  // Screen by cookie/JavaScript form add
67
+ if (isset($_COOKIE[BB2_COOKIE]) && !$settings['eu_cookie']) {
68
  $screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
69
  } else {
70
  $screener1 = array(0);
bad-behavior/screener.inc.php CHANGED
@@ -4,8 +4,11 @@
4
 
5
  function bb2_screener_cookie($settings, $package, $cookie_name, $cookie_value)
6
  {
7
- // FIXME: Set the real cookie
8
- if (!$settings['eu_cookie']) {
 
 
 
9
  setcookie($cookie_name, $cookie_value, 0, bb2_relative_path());
10
  }
11
  }
4
 
5
  function bb2_screener_cookie($settings, $package, $cookie_name, $cookie_value)
6
  {
7
+ if ($settings['eu_cookie']) {
8
+ // Delete existing cookie, if any
9
+ setcookie($cookie_name, $cookie_value, 1, bb2_relative_path());
10
+ } else {
11
+ // Set session cookie
12
  setcookie($cookie_name, $cookie_value, 0, bb2_relative_path());
13
  }
14
  }