tomasz.sowa
/
winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Browse Source

add use_antispam_mechanism_for_not_logged_users config option

master
Tomasz Sowa 2 months ago
parent
7d1fb3c04e
commit
01c10bad0e
4 changed files with 32 additions and 23 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      winixd/core/config.cpp
  2. 7
      winixd/core/config.h
  3. 24
      winixd/functions/functions.cpp
  4. 23
      winixd/functions/upload.cpp

1
winixd/core/config.cpp
Unescape View File

@ -341,6 +341,7 @@ void Config::AssignValues()
check_proxy_ip_header = Bool(L"check_proxy_ip_header", false);
proxy_ip_header = Text(L"proxy_ip_header", L"X_Real_IP");
use_antispam_mechanism_for_not_logged_users = Bool(L"use_antispam_mechanism_for_not_logged_users", true);
antispam_list_max_size = Size(L"antispam_list_max_size", 10);
add_header_cache_no_store_in_htmx_request = Bool(L"add_header_cache_no_store_in_htmx_request", true);
}

7
winixd/core/config.h
Unescape View File

@ -934,7 +934,12 @@ public:
// default: X_Real_IP
std::wstring proxy_ip_header;
// antispam mechanizm
// use an antismap mechanism for not logged users
// when they try to add a new item
// default: true
bool use_antispam_mechanism_for_not_logged_users;
// antispam mechanism
// size of an list for map: form_id to counter_id for anonymous users (each session has such an map)
// this value allowes you to open the same or different html form in the browser more than once
// and each form has its own form_id and counter_id

24
winixd/functions/functions.cpp
Unescape View File

@ -499,19 +499,19 @@ void Functions::MakeFunction()
void Functions::CheckGetPostTimes(time_t difference)
{
time_t now = std::time(0);
if( cur->session->puser )
return;
if( cur->request->method != Request::post )
return;
if( !cur->session->puser && config->use_antispam_mechanism_for_not_logged_users )
{
time_t now = std::time(0);
if( now - cur->session->last_time_get >= (time_t)difference )
return;
if( cur->request->method != Request::post )
return;
cur->session->spam_score += 1;
log << log1 << "Functions: spam +1: POST after GET sent too fast" << logend;
if( now - cur->session->last_time_get >= (time_t)difference )
return;
cur->session->spam_score += 1;
log << log1 << "Functions: spam +1: POST after GET sent too fast" << logend;
}
}
@ -519,7 +519,7 @@ void Functions::CheckGetPostTimes(time_t difference)
bool Functions::CheckAntispamCounter()
{
if( !cur->session->puser )
if( !cur->session->puser && config->use_antispam_mechanism_for_not_logged_users )
{
long form_id = Tol(cur->request->PostVar(L"winix_form_id"));
long counter_id = Tol(cur->request->PostVar(L"winix_form_counter"));

23
winixd/functions/upload.cpp
Unescape View File

@ -193,19 +193,22 @@ void Upload::UploadFile(Item & item, const std::wstring & tmp_filename)
bool Upload::FunUploadCheckAbuse()
{
if( !system->rebus.CheckRebus() )
if( config->use_antispam_mechanism_for_not_logged_users )
{
cur->request->status = WINIX_ERR_INCORRECT_REBUS;
return false;
}
if( !system->rebus.CheckRebus() )
{
cur->request->status = WINIX_ERR_INCORRECT_REBUS;
return false;
}
functions->CheckGetPostTimes(4);
functions->CheckGetPostTimes(4);
if( cur->session->spam_score > 0 )
{
cur->request->status = WINIX_ERR_SPAM;
log << log1 << "Content: ignoring due to suspected spamming" << logend;
return false;
if( cur->session->spam_score > 0 )
{
cur->request->status = WINIX_ERR_SPAM;
log << log1 << "Content: ignoring due to suspected spamming" << logend;
return false;
}
}
return true;

Write Preview
Loading…
Cancel
Save